From ff69449171594e52cc4ec732ecb8b48e6f11adb2 Mon Sep 17 00:00:00 2001 From: Sayali Gaikawad Date: Thu, 14 Jul 2022 18:06:34 -0700 Subject: [PATCH 1/2] Add jenkins prefix to signer credentials Signed-off-by: Sayali Gaikawad --- .../release-data-prepper-all-artifacts.jenkinsfile.txt | 4 ++-- .../maven-sign-release/maven-sign-release.jenkinsfile.txt | 2 +- .../sign-standalone-artifacts.jenkinsfile.txt | 2 +- .../jobs/PromoteArtifactsQualifier_actions_Jenkinsfile.txt | 4 ++-- ...sQualifier_actions_OpenSearch_Dashboards_Jenkinsfile.txt | 4 ++-- tests/jenkins/jobs/PromoteArtifacts_actions_Jenkinsfile.txt | 6 +++--- ...eArtifacts_actions_OpenSearch_Dashboards_Jenkinsfile.txt | 4 ++-- tests/jenkins/jobs/PromoteYumRepos_Jenkinsfile.txt | 2 +- tests/jenkins/jobs/SignArtifacts_Jenkinsfile.txt | 4 ++-- vars/signArtifacts.groovy | 2 +- 10 files changed, 17 insertions(+), 17 deletions(-) diff --git a/tests/jenkins/jenkinsjob-regression-files/data-prepper/release-data-prepper-all-artifacts.jenkinsfile.txt b/tests/jenkins/jenkinsjob-regression-files/data-prepper/release-data-prepper-all-artifacts.jenkinsfile.txt index 51b480c6ad..d6e327fccc 100644 --- a/tests/jenkins/jenkinsjob-regression-files/data-prepper/release-data-prepper-all-artifacts.jenkinsfile.txt +++ b/tests/jenkins/jenkinsjob-regression-files/data-prepper/release-data-prepper-all-artifacts.jenkinsfile.txt @@ -22,7 +22,7 @@ signArtifacts.git({url=https://github.com/opensearch-project/opensearch-build.git, branch=main}) signArtifacts.sh(curl -sSL https://artifacts.opensearch.org/publickeys/opensearch.pgp | gpg --import -) signArtifacts.usernamePassword({credentialsId=github_bot_token_name, usernameVariable=GITHUB_USER, passwordVariable=GITHUB_TOKEN}) - signArtifacts.string({credentialsId=signer-pgp-config, variable=configs}) + signArtifacts.string({credentialsId=jenkins-signer-pgp-config, variable=configs}) signArtifacts.withCredentials([[GITHUB_USER, GITHUB_TOKEN], configs], groovy.lang.Closure) signArtifacts.readJSON({text=configs}) signArtifacts.sh( @@ -98,7 +98,7 @@ signArtifacts.git({url=https://github.com/opensearch-project/opensearch-build.git, branch=main}) signArtifacts.sh(curl -sSL https://artifacts.opensearch.org/publickeys/opensearch.pgp | gpg --import -) signArtifacts.usernamePassword({credentialsId=github_bot_token_name, usernameVariable=GITHUB_USER, passwordVariable=GITHUB_TOKEN}) - signArtifacts.string({credentialsId=signer-pgp-config, variable=configs}) + signArtifacts.string({credentialsId=jenkins-signer-pgp-config, variable=configs}) signArtifacts.withCredentials([[GITHUB_USER, GITHUB_TOKEN], configs], groovy.lang.Closure) signArtifacts.readJSON({text=configs}) signArtifacts.sh( diff --git a/tests/jenkins/jenkinsjob-regression-files/maven-sign-release/maven-sign-release.jenkinsfile.txt b/tests/jenkins/jenkinsjob-regression-files/maven-sign-release/maven-sign-release.jenkinsfile.txt index 830516da81..dd9bbeefd5 100644 --- a/tests/jenkins/jenkinsjob-regression-files/maven-sign-release/maven-sign-release.jenkinsfile.txt +++ b/tests/jenkins/jenkinsjob-regression-files/maven-sign-release/maven-sign-release.jenkinsfile.txt @@ -19,7 +19,7 @@ signArtifacts.git({url=https://github.com/opensearch-project/opensearch-build.git, branch=main}) signArtifacts.sh(curl -sSL https://artifacts.opensearch.org/publickeys/opensearch.pgp | gpg --import -) signArtifacts.usernamePassword({credentialsId=github_bot_token_name, usernameVariable=GITHUB_USER, passwordVariable=GITHUB_TOKEN}) - signArtifacts.string({credentialsId=signer-pgp-config, variable=configs}) + signArtifacts.string({credentialsId=jenkins-signer-pgp-config, variable=configs}) signArtifacts.withCredentials([[GITHUB_USER, GITHUB_TOKEN], configs], groovy.lang.Closure) signArtifacts.readJSON({text=configs}) signArtifacts.sh( diff --git a/tests/jenkins/jenkinsjob-regression-files/sign-standalone-artifacts/sign-standalone-artifacts.jenkinsfile.txt b/tests/jenkins/jenkinsjob-regression-files/sign-standalone-artifacts/sign-standalone-artifacts.jenkinsfile.txt index 8bac43d2d3..2073c540de 100644 --- a/tests/jenkins/jenkinsjob-regression-files/sign-standalone-artifacts/sign-standalone-artifacts.jenkinsfile.txt +++ b/tests/jenkins/jenkinsjob-regression-files/sign-standalone-artifacts/sign-standalone-artifacts.jenkinsfile.txt @@ -15,7 +15,7 @@ signArtifacts.git({url=https://github.com/opensearch-project/opensearch-build.git, branch=main}) signArtifacts.sh(curl -sSL https://artifacts.opensearch.org/publickeys/opensearch.pgp | gpg --import -) signArtifacts.usernamePassword({credentialsId=github_bot_token_name, usernameVariable=GITHUB_USER, passwordVariable=GITHUB_TOKEN}) - signArtifacts.string({credentialsId=signer-pgp-config, variable=configs}) + signArtifacts.string({credentialsId=jenkins-signer-pgp-config, variable=configs}) signArtifacts.withCredentials([[GITHUB_USER, GITHUB_TOKEN], configs], groovy.lang.Closure) signArtifacts.readJSON({text=configs}) signArtifacts.sh( diff --git a/tests/jenkins/jobs/PromoteArtifactsQualifier_actions_Jenkinsfile.txt b/tests/jenkins/jobs/PromoteArtifactsQualifier_actions_Jenkinsfile.txt index e032a78a52..fd39d89fb2 100644 --- a/tests/jenkins/jobs/PromoteArtifactsQualifier_actions_Jenkinsfile.txt +++ b/tests/jenkins/jobs/PromoteArtifactsQualifier_actions_Jenkinsfile.txt @@ -38,7 +38,7 @@ signArtifacts.git({url=https://github.com/opensearch-project/opensearch-build.git, branch=main}) signArtifacts.sh(curl -sSL https://artifacts.opensearch.org/publickeys/opensearch.pgp | gpg --import -) signArtifacts.usernamePassword({credentialsId=github_bot_token_name, usernameVariable=GITHUB_USER, passwordVariable=GITHUB_TOKEN}) - signArtifacts.string({credentialsId=signer-pgp-config, variable=configs}) + signArtifacts.string({credentialsId=jenkins-signer-pgp-config, variable=configs}) signArtifacts.withCredentials([[GITHUB_USER, GITHUB_TOKEN], configs], groovy.lang.Closure) signArtifacts.readJSON({text=configs}) signArtifacts.sh( @@ -76,7 +76,7 @@ signArtifacts.git({url=https://github.com/opensearch-project/opensearch-build.git, branch=main}) signArtifacts.sh(curl -sSL https://artifacts.opensearch.org/publickeys/opensearch.pgp | gpg --import -) signArtifacts.usernamePassword({credentialsId=github_bot_token_name, usernameVariable=GITHUB_USER, passwordVariable=GITHUB_TOKEN}) - signArtifacts.string({credentialsId=signer-pgp-config, variable=configs}) + signArtifacts.string({credentialsId=jenkins-signer-pgp-config, variable=configs}) signArtifacts.withCredentials([[GITHUB_USER, GITHUB_TOKEN], configs], groovy.lang.Closure) signArtifacts.readJSON({text=configs}) signArtifacts.sh( diff --git a/tests/jenkins/jobs/PromoteArtifactsQualifier_actions_OpenSearch_Dashboards_Jenkinsfile.txt b/tests/jenkins/jobs/PromoteArtifactsQualifier_actions_OpenSearch_Dashboards_Jenkinsfile.txt index 0af3a178bb..040a26cb29 100644 --- a/tests/jenkins/jobs/PromoteArtifactsQualifier_actions_OpenSearch_Dashboards_Jenkinsfile.txt +++ b/tests/jenkins/jobs/PromoteArtifactsQualifier_actions_OpenSearch_Dashboards_Jenkinsfile.txt @@ -38,7 +38,7 @@ signArtifacts.git({url=https://github.com/opensearch-project/opensearch-build.git, branch=main}) signArtifacts.sh(curl -sSL https://artifacts.opensearch.org/publickeys/opensearch.pgp | gpg --import -) signArtifacts.usernamePassword({credentialsId=github_bot_token_name, usernameVariable=GITHUB_USER, passwordVariable=GITHUB_TOKEN}) - signArtifacts.string({credentialsId=signer-pgp-config, variable=configs}) + signArtifacts.string({credentialsId=jenkins-signer-pgp-config, variable=configs}) signArtifacts.withCredentials([[GITHUB_USER, GITHUB_TOKEN], configs], groovy.lang.Closure) signArtifacts.readJSON({text=configs}) signArtifacts.sh( @@ -76,7 +76,7 @@ signArtifacts.git({url=https://github.com/opensearch-project/opensearch-build.git, branch=main}) signArtifacts.sh(curl -sSL https://artifacts.opensearch.org/publickeys/opensearch.pgp | gpg --import -) signArtifacts.usernamePassword({credentialsId=github_bot_token_name, usernameVariable=GITHUB_USER, passwordVariable=GITHUB_TOKEN}) - signArtifacts.string({credentialsId=signer-pgp-config, variable=configs}) + signArtifacts.string({credentialsId=jenkins-signer-pgp-config, variable=configs}) signArtifacts.withCredentials([[GITHUB_USER, GITHUB_TOKEN], configs], groovy.lang.Closure) signArtifacts.readJSON({text=configs}) signArtifacts.sh( diff --git a/tests/jenkins/jobs/PromoteArtifacts_actions_Jenkinsfile.txt b/tests/jenkins/jobs/PromoteArtifacts_actions_Jenkinsfile.txt index 5a8c7420f8..089fc8cdef 100644 --- a/tests/jenkins/jobs/PromoteArtifacts_actions_Jenkinsfile.txt +++ b/tests/jenkins/jobs/PromoteArtifacts_actions_Jenkinsfile.txt @@ -41,7 +41,7 @@ signArtifacts.git({url=https://github.com/opensearch-project/opensearch-build.git, branch=main}) signArtifacts.sh(curl -sSL https://artifacts.opensearch.org/publickeys/opensearch.pgp | gpg --import -) signArtifacts.usernamePassword({credentialsId=github_bot_token_name, usernameVariable=GITHUB_USER, passwordVariable=GITHUB_TOKEN}) - signArtifacts.string({credentialsId=signer-pgp-config, variable=configs}) + signArtifacts.string({credentialsId=jenkins-signer-pgp-config, variable=configs}) signArtifacts.withCredentials([[GITHUB_USER, GITHUB_TOKEN], configs], groovy.lang.Closure) signArtifacts.readJSON({text=configs}) signArtifacts.sh( @@ -70,7 +70,7 @@ signArtifacts.git({url=https://github.com/opensearch-project/opensearch-build.git, branch=main}) signArtifacts.sh(curl -sSL https://artifacts.opensearch.org/publickeys/opensearch.pgp | gpg --import -) signArtifacts.usernamePassword({credentialsId=github_bot_token_name, usernameVariable=GITHUB_USER, passwordVariable=GITHUB_TOKEN}) - signArtifacts.string({credentialsId=signer-pgp-config, variable=configs}) + signArtifacts.string({credentialsId=jenkins-signer-pgp-config, variable=configs}) signArtifacts.withCredentials([[GITHUB_USER, GITHUB_TOKEN], configs], groovy.lang.Closure) signArtifacts.readJSON({text=configs}) signArtifacts.sh( @@ -128,7 +128,7 @@ signArtifacts.git({url=https://github.com/opensearch-project/opensearch-build.git, branch=main}) signArtifacts.sh(curl -sSL https://artifacts.opensearch.org/publickeys/opensearch.pgp | gpg --import -) signArtifacts.usernamePassword({credentialsId=github_bot_token_name, usernameVariable=GITHUB_USER, passwordVariable=GITHUB_TOKEN}) - signArtifacts.string({credentialsId=signer-pgp-config, variable=configs}) + signArtifacts.string({credentialsId=jenkins-signer-pgp-config, variable=configs}) signArtifacts.withCredentials([[GITHUB_USER, GITHUB_TOKEN], configs], groovy.lang.Closure) signArtifacts.readJSON({text=configs}) signArtifacts.sh( diff --git a/tests/jenkins/jobs/PromoteArtifacts_actions_OpenSearch_Dashboards_Jenkinsfile.txt b/tests/jenkins/jobs/PromoteArtifacts_actions_OpenSearch_Dashboards_Jenkinsfile.txt index 67219dffcd..bdc4a5c65b 100644 --- a/tests/jenkins/jobs/PromoteArtifacts_actions_OpenSearch_Dashboards_Jenkinsfile.txt +++ b/tests/jenkins/jobs/PromoteArtifacts_actions_OpenSearch_Dashboards_Jenkinsfile.txt @@ -38,7 +38,7 @@ signArtifacts.git({url=https://github.com/opensearch-project/opensearch-build.git, branch=main}) signArtifacts.sh(curl -sSL https://artifacts.opensearch.org/publickeys/opensearch.pgp | gpg --import -) signArtifacts.usernamePassword({credentialsId=github_bot_token_name, usernameVariable=GITHUB_USER, passwordVariable=GITHUB_TOKEN}) - signArtifacts.string({credentialsId=signer-pgp-config, variable=configs}) + signArtifacts.string({credentialsId=jenkins-signer-pgp-config, variable=configs}) signArtifacts.withCredentials([[GITHUB_USER, GITHUB_TOKEN], configs], groovy.lang.Closure) signArtifacts.readJSON({text=configs}) signArtifacts.sh( @@ -76,7 +76,7 @@ signArtifacts.git({url=https://github.com/opensearch-project/opensearch-build.git, branch=main}) signArtifacts.sh(curl -sSL https://artifacts.opensearch.org/publickeys/opensearch.pgp | gpg --import -) signArtifacts.usernamePassword({credentialsId=github_bot_token_name, usernameVariable=GITHUB_USER, passwordVariable=GITHUB_TOKEN}) - signArtifacts.string({credentialsId=signer-pgp-config, variable=configs}) + signArtifacts.string({credentialsId=jenkins-signer-pgp-config, variable=configs}) signArtifacts.withCredentials([[GITHUB_USER, GITHUB_TOKEN], configs], groovy.lang.Closure) signArtifacts.readJSON({text=configs}) signArtifacts.sh( diff --git a/tests/jenkins/jobs/PromoteYumRepos_Jenkinsfile.txt b/tests/jenkins/jobs/PromoteYumRepos_Jenkinsfile.txt index 8e8d36939c..fd0390fa13 100644 --- a/tests/jenkins/jobs/PromoteYumRepos_Jenkinsfile.txt +++ b/tests/jenkins/jobs/PromoteYumRepos_Jenkinsfile.txt @@ -49,7 +49,7 @@ signArtifacts.git({url=https://github.com/opensearch-project/opensearch-build.git, branch=main}) signArtifacts.sh(curl -sSL https://artifacts.opensearch.org/publickeys/opensearch.pgp | gpg --import -) signArtifacts.usernamePassword({credentialsId=github_bot_token_name, usernameVariable=GITHUB_USER, passwordVariable=GITHUB_TOKEN}) - signArtifacts.string({credentialsId=signer-pgp-config, variable=configs}) + signArtifacts.string({credentialsId=jenkins-signer-pgp-config, variable=configs}) signArtifacts.withCredentials([[GITHUB_USER, GITHUB_TOKEN], configs], groovy.lang.Closure) signArtifacts.readJSON({text=configs}) signArtifacts.sh( diff --git a/tests/jenkins/jobs/SignArtifacts_Jenkinsfile.txt b/tests/jenkins/jobs/SignArtifacts_Jenkinsfile.txt index e492e627fa..e8fff4c4c2 100644 --- a/tests/jenkins/jobs/SignArtifacts_Jenkinsfile.txt +++ b/tests/jenkins/jobs/SignArtifacts_Jenkinsfile.txt @@ -9,7 +9,7 @@ signArtifacts.git({url=https://github.com/opensearch-project/opensearch-build.git, branch=main}) signArtifacts.sh(curl -sSL https://artifacts.opensearch.org/publickeys/opensearch.pgp | gpg --import -) signArtifacts.usernamePassword({credentialsId=github_bot_token_name, usernameVariable=GITHUB_USER, passwordVariable=GITHUB_TOKEN}) - signArtifacts.string({credentialsId=signer-pgp-config, variable=configs}) + signArtifacts.string({credentialsId=jenkins-signer-pgp-config, variable=configs}) signArtifacts.withCredentials([[GITHUB_USER, GITHUB_TOKEN], configs], groovy.lang.Closure) signArtifacts.readJSON({text=configs}) signArtifacts.sh( @@ -108,7 +108,7 @@ signArtifacts.git({url=https://github.com/opensearch-project/opensearch-build.git, branch=main}) signArtifacts.sh(curl -sSL https://artifacts.opensearch.org/publickeys/opensearch.pgp | gpg --import -) signArtifacts.usernamePassword({credentialsId=github_bot_token_name, usernameVariable=GITHUB_USER, passwordVariable=GITHUB_TOKEN}) - signArtifacts.string({credentialsId=signer-pgp-config, variable=configs}) + signArtifacts.string({credentialsId=jenkins-signer-pgp-config, variable=configs}) signArtifacts.withCredentials([[GITHUB_USER, GITHUB_TOKEN], configs], groovy.lang.Closure) signArtifacts.readJSON({text=configs}) signArtifacts.sh( diff --git a/vars/signArtifacts.groovy b/vars/signArtifacts.groovy index 440b746ee8..18756dba02 100644 --- a/vars/signArtifacts.groovy +++ b/vars/signArtifacts.groovy @@ -111,7 +111,7 @@ void call(Map args = [:]) { String arguments = generateArguments(args) // Sign artifacts - def configSecret = args.platform == "windows" ? "signer-windows-config" : "signer-pgp-config" + def configSecret = args.platform == "windows" ? "jenkins-signer-windows-config" : "jenkins-signer-pgp-config" withCredentials([usernamePassword(credentialsId: "${GITHUB_BOT_TOKEN_NAME}", usernameVariable: 'GITHUB_USER', passwordVariable: 'GITHUB_TOKEN'), string(credentialsId: configSecret, variable: 'configs')]) { def creds = readJSON(text: configs) From 0d59f923ec8517d8ccfbed096294824f355b8346 Mon Sep 17 00:00:00 2001 From: Sayali Gaikawad Date: Thu, 14 Jul 2022 18:52:22 -0700 Subject: [PATCH 2/2] Remove duplicate Signed-off-by: Sayali Gaikawad --- .../release-data-prepper-all-artifacts.jenkinsfile.txt | 4 ++-- .../maven-sign-release/maven-sign-release.jenkinsfile.txt | 2 +- .../sign-standalone-artifacts.jenkinsfile.txt | 2 +- .../jobs/PromoteArtifactsQualifier_actions_Jenkinsfile.txt | 4 ++-- ...sQualifier_actions_OpenSearch_Dashboards_Jenkinsfile.txt | 4 ++-- tests/jenkins/jobs/PromoteArtifacts_actions_Jenkinsfile.txt | 6 +++--- ...eArtifacts_actions_OpenSearch_Dashboards_Jenkinsfile.txt | 4 ++-- tests/jenkins/jobs/PromoteYumRepos_Jenkinsfile.txt | 2 +- tests/jenkins/jobs/SignArtifacts_Jenkinsfile.txt | 4 ++-- vars/signArtifacts.groovy | 2 +- 10 files changed, 17 insertions(+), 17 deletions(-) diff --git a/tests/jenkins/jenkinsjob-regression-files/data-prepper/release-data-prepper-all-artifacts.jenkinsfile.txt b/tests/jenkins/jenkinsjob-regression-files/data-prepper/release-data-prepper-all-artifacts.jenkinsfile.txt index d6e327fccc..9f145a8c14 100644 --- a/tests/jenkins/jenkinsjob-regression-files/data-prepper/release-data-prepper-all-artifacts.jenkinsfile.txt +++ b/tests/jenkins/jenkinsjob-regression-files/data-prepper/release-data-prepper-all-artifacts.jenkinsfile.txt @@ -22,7 +22,7 @@ signArtifacts.git({url=https://github.com/opensearch-project/opensearch-build.git, branch=main}) signArtifacts.sh(curl -sSL https://artifacts.opensearch.org/publickeys/opensearch.pgp | gpg --import -) signArtifacts.usernamePassword({credentialsId=github_bot_token_name, usernameVariable=GITHUB_USER, passwordVariable=GITHUB_TOKEN}) - signArtifacts.string({credentialsId=jenkins-signer-pgp-config, variable=configs}) + signArtifacts.string({credentialsId=jenkins-signer-client-creds, variable=configs}) signArtifacts.withCredentials([[GITHUB_USER, GITHUB_TOKEN], configs], groovy.lang.Closure) signArtifacts.readJSON({text=configs}) signArtifacts.sh( @@ -98,7 +98,7 @@ signArtifacts.git({url=https://github.com/opensearch-project/opensearch-build.git, branch=main}) signArtifacts.sh(curl -sSL https://artifacts.opensearch.org/publickeys/opensearch.pgp | gpg --import -) signArtifacts.usernamePassword({credentialsId=github_bot_token_name, usernameVariable=GITHUB_USER, passwordVariable=GITHUB_TOKEN}) - signArtifacts.string({credentialsId=jenkins-signer-pgp-config, variable=configs}) + signArtifacts.string({credentialsId=jenkins-signer-client-creds, variable=configs}) signArtifacts.withCredentials([[GITHUB_USER, GITHUB_TOKEN], configs], groovy.lang.Closure) signArtifacts.readJSON({text=configs}) signArtifacts.sh( diff --git a/tests/jenkins/jenkinsjob-regression-files/maven-sign-release/maven-sign-release.jenkinsfile.txt b/tests/jenkins/jenkinsjob-regression-files/maven-sign-release/maven-sign-release.jenkinsfile.txt index dd9bbeefd5..69317dea4e 100644 --- a/tests/jenkins/jenkinsjob-regression-files/maven-sign-release/maven-sign-release.jenkinsfile.txt +++ b/tests/jenkins/jenkinsjob-regression-files/maven-sign-release/maven-sign-release.jenkinsfile.txt @@ -19,7 +19,7 @@ signArtifacts.git({url=https://github.com/opensearch-project/opensearch-build.git, branch=main}) signArtifacts.sh(curl -sSL https://artifacts.opensearch.org/publickeys/opensearch.pgp | gpg --import -) signArtifacts.usernamePassword({credentialsId=github_bot_token_name, usernameVariable=GITHUB_USER, passwordVariable=GITHUB_TOKEN}) - signArtifacts.string({credentialsId=jenkins-signer-pgp-config, variable=configs}) + signArtifacts.string({credentialsId=jenkins-signer-client-creds, variable=configs}) signArtifacts.withCredentials([[GITHUB_USER, GITHUB_TOKEN], configs], groovy.lang.Closure) signArtifacts.readJSON({text=configs}) signArtifacts.sh( diff --git a/tests/jenkins/jenkinsjob-regression-files/sign-standalone-artifacts/sign-standalone-artifacts.jenkinsfile.txt b/tests/jenkins/jenkinsjob-regression-files/sign-standalone-artifacts/sign-standalone-artifacts.jenkinsfile.txt index 2073c540de..1786b63b84 100644 --- a/tests/jenkins/jenkinsjob-regression-files/sign-standalone-artifacts/sign-standalone-artifacts.jenkinsfile.txt +++ b/tests/jenkins/jenkinsjob-regression-files/sign-standalone-artifacts/sign-standalone-artifacts.jenkinsfile.txt @@ -15,7 +15,7 @@ signArtifacts.git({url=https://github.com/opensearch-project/opensearch-build.git, branch=main}) signArtifacts.sh(curl -sSL https://artifacts.opensearch.org/publickeys/opensearch.pgp | gpg --import -) signArtifacts.usernamePassword({credentialsId=github_bot_token_name, usernameVariable=GITHUB_USER, passwordVariable=GITHUB_TOKEN}) - signArtifacts.string({credentialsId=jenkins-signer-pgp-config, variable=configs}) + signArtifacts.string({credentialsId=jenkins-signer-client-creds, variable=configs}) signArtifacts.withCredentials([[GITHUB_USER, GITHUB_TOKEN], configs], groovy.lang.Closure) signArtifacts.readJSON({text=configs}) signArtifacts.sh( diff --git a/tests/jenkins/jobs/PromoteArtifactsQualifier_actions_Jenkinsfile.txt b/tests/jenkins/jobs/PromoteArtifactsQualifier_actions_Jenkinsfile.txt index fd39d89fb2..a0225a6b39 100644 --- a/tests/jenkins/jobs/PromoteArtifactsQualifier_actions_Jenkinsfile.txt +++ b/tests/jenkins/jobs/PromoteArtifactsQualifier_actions_Jenkinsfile.txt @@ -38,7 +38,7 @@ signArtifacts.git({url=https://github.com/opensearch-project/opensearch-build.git, branch=main}) signArtifacts.sh(curl -sSL https://artifacts.opensearch.org/publickeys/opensearch.pgp | gpg --import -) signArtifacts.usernamePassword({credentialsId=github_bot_token_name, usernameVariable=GITHUB_USER, passwordVariable=GITHUB_TOKEN}) - signArtifacts.string({credentialsId=jenkins-signer-pgp-config, variable=configs}) + signArtifacts.string({credentialsId=jenkins-signer-client-creds, variable=configs}) signArtifacts.withCredentials([[GITHUB_USER, GITHUB_TOKEN], configs], groovy.lang.Closure) signArtifacts.readJSON({text=configs}) signArtifacts.sh( @@ -76,7 +76,7 @@ signArtifacts.git({url=https://github.com/opensearch-project/opensearch-build.git, branch=main}) signArtifacts.sh(curl -sSL https://artifacts.opensearch.org/publickeys/opensearch.pgp | gpg --import -) signArtifacts.usernamePassword({credentialsId=github_bot_token_name, usernameVariable=GITHUB_USER, passwordVariable=GITHUB_TOKEN}) - signArtifacts.string({credentialsId=jenkins-signer-pgp-config, variable=configs}) + signArtifacts.string({credentialsId=jenkins-signer-client-creds, variable=configs}) signArtifacts.withCredentials([[GITHUB_USER, GITHUB_TOKEN], configs], groovy.lang.Closure) signArtifacts.readJSON({text=configs}) signArtifacts.sh( diff --git a/tests/jenkins/jobs/PromoteArtifactsQualifier_actions_OpenSearch_Dashboards_Jenkinsfile.txt b/tests/jenkins/jobs/PromoteArtifactsQualifier_actions_OpenSearch_Dashboards_Jenkinsfile.txt index 040a26cb29..69d8395a15 100644 --- a/tests/jenkins/jobs/PromoteArtifactsQualifier_actions_OpenSearch_Dashboards_Jenkinsfile.txt +++ b/tests/jenkins/jobs/PromoteArtifactsQualifier_actions_OpenSearch_Dashboards_Jenkinsfile.txt @@ -38,7 +38,7 @@ signArtifacts.git({url=https://github.com/opensearch-project/opensearch-build.git, branch=main}) signArtifacts.sh(curl -sSL https://artifacts.opensearch.org/publickeys/opensearch.pgp | gpg --import -) signArtifacts.usernamePassword({credentialsId=github_bot_token_name, usernameVariable=GITHUB_USER, passwordVariable=GITHUB_TOKEN}) - signArtifacts.string({credentialsId=jenkins-signer-pgp-config, variable=configs}) + signArtifacts.string({credentialsId=jenkins-signer-client-creds, variable=configs}) signArtifacts.withCredentials([[GITHUB_USER, GITHUB_TOKEN], configs], groovy.lang.Closure) signArtifacts.readJSON({text=configs}) signArtifacts.sh( @@ -76,7 +76,7 @@ signArtifacts.git({url=https://github.com/opensearch-project/opensearch-build.git, branch=main}) signArtifacts.sh(curl -sSL https://artifacts.opensearch.org/publickeys/opensearch.pgp | gpg --import -) signArtifacts.usernamePassword({credentialsId=github_bot_token_name, usernameVariable=GITHUB_USER, passwordVariable=GITHUB_TOKEN}) - signArtifacts.string({credentialsId=jenkins-signer-pgp-config, variable=configs}) + signArtifacts.string({credentialsId=jenkins-signer-client-creds, variable=configs}) signArtifacts.withCredentials([[GITHUB_USER, GITHUB_TOKEN], configs], groovy.lang.Closure) signArtifacts.readJSON({text=configs}) signArtifacts.sh( diff --git a/tests/jenkins/jobs/PromoteArtifacts_actions_Jenkinsfile.txt b/tests/jenkins/jobs/PromoteArtifacts_actions_Jenkinsfile.txt index 089fc8cdef..0041f2d35b 100644 --- a/tests/jenkins/jobs/PromoteArtifacts_actions_Jenkinsfile.txt +++ b/tests/jenkins/jobs/PromoteArtifacts_actions_Jenkinsfile.txt @@ -41,7 +41,7 @@ signArtifacts.git({url=https://github.com/opensearch-project/opensearch-build.git, branch=main}) signArtifacts.sh(curl -sSL https://artifacts.opensearch.org/publickeys/opensearch.pgp | gpg --import -) signArtifacts.usernamePassword({credentialsId=github_bot_token_name, usernameVariable=GITHUB_USER, passwordVariable=GITHUB_TOKEN}) - signArtifacts.string({credentialsId=jenkins-signer-pgp-config, variable=configs}) + signArtifacts.string({credentialsId=jenkins-signer-client-creds, variable=configs}) signArtifacts.withCredentials([[GITHUB_USER, GITHUB_TOKEN], configs], groovy.lang.Closure) signArtifacts.readJSON({text=configs}) signArtifacts.sh( @@ -70,7 +70,7 @@ signArtifacts.git({url=https://github.com/opensearch-project/opensearch-build.git, branch=main}) signArtifacts.sh(curl -sSL https://artifacts.opensearch.org/publickeys/opensearch.pgp | gpg --import -) signArtifacts.usernamePassword({credentialsId=github_bot_token_name, usernameVariable=GITHUB_USER, passwordVariable=GITHUB_TOKEN}) - signArtifacts.string({credentialsId=jenkins-signer-pgp-config, variable=configs}) + signArtifacts.string({credentialsId=jenkins-signer-client-creds, variable=configs}) signArtifacts.withCredentials([[GITHUB_USER, GITHUB_TOKEN], configs], groovy.lang.Closure) signArtifacts.readJSON({text=configs}) signArtifacts.sh( @@ -128,7 +128,7 @@ signArtifacts.git({url=https://github.com/opensearch-project/opensearch-build.git, branch=main}) signArtifacts.sh(curl -sSL https://artifacts.opensearch.org/publickeys/opensearch.pgp | gpg --import -) signArtifacts.usernamePassword({credentialsId=github_bot_token_name, usernameVariable=GITHUB_USER, passwordVariable=GITHUB_TOKEN}) - signArtifacts.string({credentialsId=jenkins-signer-pgp-config, variable=configs}) + signArtifacts.string({credentialsId=jenkins-signer-client-creds, variable=configs}) signArtifacts.withCredentials([[GITHUB_USER, GITHUB_TOKEN], configs], groovy.lang.Closure) signArtifacts.readJSON({text=configs}) signArtifacts.sh( diff --git a/tests/jenkins/jobs/PromoteArtifacts_actions_OpenSearch_Dashboards_Jenkinsfile.txt b/tests/jenkins/jobs/PromoteArtifacts_actions_OpenSearch_Dashboards_Jenkinsfile.txt index bdc4a5c65b..312e8e8d4b 100644 --- a/tests/jenkins/jobs/PromoteArtifacts_actions_OpenSearch_Dashboards_Jenkinsfile.txt +++ b/tests/jenkins/jobs/PromoteArtifacts_actions_OpenSearch_Dashboards_Jenkinsfile.txt @@ -38,7 +38,7 @@ signArtifacts.git({url=https://github.com/opensearch-project/opensearch-build.git, branch=main}) signArtifacts.sh(curl -sSL https://artifacts.opensearch.org/publickeys/opensearch.pgp | gpg --import -) signArtifacts.usernamePassword({credentialsId=github_bot_token_name, usernameVariable=GITHUB_USER, passwordVariable=GITHUB_TOKEN}) - signArtifacts.string({credentialsId=jenkins-signer-pgp-config, variable=configs}) + signArtifacts.string({credentialsId=jenkins-signer-client-creds, variable=configs}) signArtifacts.withCredentials([[GITHUB_USER, GITHUB_TOKEN], configs], groovy.lang.Closure) signArtifacts.readJSON({text=configs}) signArtifacts.sh( @@ -76,7 +76,7 @@ signArtifacts.git({url=https://github.com/opensearch-project/opensearch-build.git, branch=main}) signArtifacts.sh(curl -sSL https://artifacts.opensearch.org/publickeys/opensearch.pgp | gpg --import -) signArtifacts.usernamePassword({credentialsId=github_bot_token_name, usernameVariable=GITHUB_USER, passwordVariable=GITHUB_TOKEN}) - signArtifacts.string({credentialsId=jenkins-signer-pgp-config, variable=configs}) + signArtifacts.string({credentialsId=jenkins-signer-client-creds, variable=configs}) signArtifacts.withCredentials([[GITHUB_USER, GITHUB_TOKEN], configs], groovy.lang.Closure) signArtifacts.readJSON({text=configs}) signArtifacts.sh( diff --git a/tests/jenkins/jobs/PromoteYumRepos_Jenkinsfile.txt b/tests/jenkins/jobs/PromoteYumRepos_Jenkinsfile.txt index fd0390fa13..21175d5bb4 100644 --- a/tests/jenkins/jobs/PromoteYumRepos_Jenkinsfile.txt +++ b/tests/jenkins/jobs/PromoteYumRepos_Jenkinsfile.txt @@ -49,7 +49,7 @@ signArtifacts.git({url=https://github.com/opensearch-project/opensearch-build.git, branch=main}) signArtifacts.sh(curl -sSL https://artifacts.opensearch.org/publickeys/opensearch.pgp | gpg --import -) signArtifacts.usernamePassword({credentialsId=github_bot_token_name, usernameVariable=GITHUB_USER, passwordVariable=GITHUB_TOKEN}) - signArtifacts.string({credentialsId=jenkins-signer-pgp-config, variable=configs}) + signArtifacts.string({credentialsId=jenkins-signer-client-creds, variable=configs}) signArtifacts.withCredentials([[GITHUB_USER, GITHUB_TOKEN], configs], groovy.lang.Closure) signArtifacts.readJSON({text=configs}) signArtifacts.sh( diff --git a/tests/jenkins/jobs/SignArtifacts_Jenkinsfile.txt b/tests/jenkins/jobs/SignArtifacts_Jenkinsfile.txt index e8fff4c4c2..78b1a68878 100644 --- a/tests/jenkins/jobs/SignArtifacts_Jenkinsfile.txt +++ b/tests/jenkins/jobs/SignArtifacts_Jenkinsfile.txt @@ -9,7 +9,7 @@ signArtifacts.git({url=https://github.com/opensearch-project/opensearch-build.git, branch=main}) signArtifacts.sh(curl -sSL https://artifacts.opensearch.org/publickeys/opensearch.pgp | gpg --import -) signArtifacts.usernamePassword({credentialsId=github_bot_token_name, usernameVariable=GITHUB_USER, passwordVariable=GITHUB_TOKEN}) - signArtifacts.string({credentialsId=jenkins-signer-pgp-config, variable=configs}) + signArtifacts.string({credentialsId=jenkins-signer-client-creds, variable=configs}) signArtifacts.withCredentials([[GITHUB_USER, GITHUB_TOKEN], configs], groovy.lang.Closure) signArtifacts.readJSON({text=configs}) signArtifacts.sh( @@ -108,7 +108,7 @@ signArtifacts.git({url=https://github.com/opensearch-project/opensearch-build.git, branch=main}) signArtifacts.sh(curl -sSL https://artifacts.opensearch.org/publickeys/opensearch.pgp | gpg --import -) signArtifacts.usernamePassword({credentialsId=github_bot_token_name, usernameVariable=GITHUB_USER, passwordVariable=GITHUB_TOKEN}) - signArtifacts.string({credentialsId=jenkins-signer-pgp-config, variable=configs}) + signArtifacts.string({credentialsId=jenkins-signer-client-creds, variable=configs}) signArtifacts.withCredentials([[GITHUB_USER, GITHUB_TOKEN], configs], groovy.lang.Closure) signArtifacts.readJSON({text=configs}) signArtifacts.sh( diff --git a/vars/signArtifacts.groovy b/vars/signArtifacts.groovy index 18756dba02..5f1379fc74 100644 --- a/vars/signArtifacts.groovy +++ b/vars/signArtifacts.groovy @@ -111,7 +111,7 @@ void call(Map args = [:]) { String arguments = generateArguments(args) // Sign artifacts - def configSecret = args.platform == "windows" ? "jenkins-signer-windows-config" : "jenkins-signer-pgp-config" + def configSecret = args.platform == "windows" ? "jenkins-signer-windows-config" : "jenkins-signer-client-creds" withCredentials([usernamePassword(credentialsId: "${GITHUB_BOT_TOKEN_NAME}", usernameVariable: 'GITHUB_USER', passwordVariable: 'GITHUB_TOKEN'), string(credentialsId: configSecret, variable: 'configs')]) { def creds = readJSON(text: configs)