X-Git-Url: https://gerrit.linuxfoundation.org/infra/gitweb?a=blobdiff_plain;f=shell%2Fsigul-sign-dir.sh;h=d3995ace0672d807f3add3a88541fa7bf42b40b8;hb=a6dbbcc122ad46e11936a13f8816daa5278726e4;hp=92380cc0a93b92e616b352a98167059074ec5261;hpb=d9c45a1ea0568d277e352dba1b74b46914880e0c;p=releng%2Fglobal-jjb.git

diff --git a/shell/sigul-sign-dir.sh b/shell/sigul-sign-dir.sh
index 92380cc0..d3995ace 100644
--- a/shell/sigul-sign-dir.sh
+++ b/shell/sigul-sign-dir.sh
@@ -13,18 +13,25 @@ echo "---> sigul-sign-dir.sh"
 # Ensure we fail the job if any steps fail.
 set -e -o pipefail
 
+# shellcheck disable=SC1090
+. ~/lf-env.sh
+
+lf-activate-venv --python python3 lftools
+
 OS=$(facter operatingsystem | tr '[:upper:]' '[:lower:]')
 OS_RELEASE=$(facter lsbdistrelease | tr '[:upper:]' '[:lower:]')
 if [[ "$OS_RELEASE" == "8" && "$OS" == 'centos' ]]; then
     # Get Dockerfile and the enterpoint to build the docker image.
+    # shellcheck disable=SC2140
     wget -O "${WORKSPACE}/sigul-sign.sh" "https://raw.githubusercontent.com/"\
-    "lfit/releng-global-jjb/master/shell/sigul-sign.sh"
+"lfit/releng-global-jjb/master/shell/sigul-sign.sh"
+    # shellcheck disable=SC2140
     wget -O "${WORKSPACE}/Dockerfile" "https://raw.githubusercontent.com/"\
-    "lfit/releng-global-jjb/master/docker/Dockerfile"
+"lfit/releng-global-jjb/master/docker/Dockerfile"
 
     # Setup the docker environment for jenkins user
-    docker build -f ${WORKSPACE}/Dockerfile \
-        --build-arg SIGN_DIR=${SIGN_DIR} \
+    docker build -f "${WORKSPACE}/Dockerfile" \
+        --build-arg SIGN_DIR="${SIGN_DIR}" \
         -t sigul-sign .
 
     docker volume create --driver local \
@@ -35,16 +42,20 @@ if [[ "$OS_RELEASE" == "8" && "$OS" == 'centos' ]]; then
 
     docker volume inspect wrkspc_vol
 
+    # shellcheck disable=SC2140
     docker run -e SIGUL_KEY="${SIGUL_KEY}" \
         -e SIGUL_PASSWORD="${SIGUL_PASSWORD}" \
-        -e SIGUL_CONFIG=${SIGUL_CONFIG} \
-        -e SIGN_DIR=${SIGN_DIR} \
-        -e WORKSPACE=${WORKSPACE} \
+        -e SIGUL_CONFIG="${SIGUL_CONFIG}" \
+        -e SIGN_DIR="${SIGN_DIR}" \
+        -e WORKSPACE="${WORKSPACE}" \
         --name sigul-sign \
         --security-opt label:disable \
         --mount type=bind,source="/w/workspace",target="/w/workspace" \
         --mount type=bind,source="/home/jenkins",target="/home/jenkins" \
-        -u root:root -w $(pwd) sigul-sign
+        -u root:root -w "$(pwd)" sigul-sign
+
+    # change the .asc files owner permissions back to jenkins
+    sudo chown -R jenkins:jenkins "${SIGN_DIR}"
 else
     lftools sign sigul -m "${SIGN_MODE}" "${SIGN_DIR}"
 fi