X-Git-Url: https://gerrit.linuxfoundation.org/infra/gitweb?a=blobdiff_plain;f=shell%2Fsigul-sign-dir.sh;h=d3995ace0672d807f3add3a88541fa7bf42b40b8;hb=refs%2Fchanges%2F50%2F72650%2F2;hp=2bcf58945c9cbdfca8705434965aaafac416479b;hpb=40874c69cc5fc00dcc73327af2a1a85bcff7d4d9;p=releng%2Fglobal-jjb.git

diff --git a/shell/sigul-sign-dir.sh b/shell/sigul-sign-dir.sh
index 2bcf5894..d3995ace 100644
--- a/shell/sigul-sign-dir.sh
+++ b/shell/sigul-sign-dir.sh
@@ -13,4 +13,49 @@ echo "---> sigul-sign-dir.sh"
 # Ensure we fail the job if any steps fail.
 set -e -o pipefail
 
-lftools sign sigul -m "${SIGN_MODE}" "${SIGN_DIR}"
+# shellcheck disable=SC1090
+. ~/lf-env.sh
+
+lf-activate-venv --python python3 lftools
+
+OS=$(facter operatingsystem | tr '[:upper:]' '[:lower:]')
+OS_RELEASE=$(facter lsbdistrelease | tr '[:upper:]' '[:lower:]')
+if [[ "$OS_RELEASE" == "8" && "$OS" == 'centos' ]]; then
+    # Get Dockerfile and the enterpoint to build the docker image.
+    # shellcheck disable=SC2140
+    wget -O "${WORKSPACE}/sigul-sign.sh" "https://raw.githubusercontent.com/"\
+"lfit/releng-global-jjb/master/shell/sigul-sign.sh"
+    # shellcheck disable=SC2140
+    wget -O "${WORKSPACE}/Dockerfile" "https://raw.githubusercontent.com/"\
+"lfit/releng-global-jjb/master/docker/Dockerfile"
+
+    # Setup the docker environment for jenkins user
+    docker build -f "${WORKSPACE}/Dockerfile" \
+        --build-arg SIGN_DIR="${SIGN_DIR}" \
+        -t sigul-sign .
+
+    docker volume create --driver local \
+        --opt type=none \
+        --opt device=/w/workspace \
+        --opt o=bind \
+        wrkspc_vol
+
+    docker volume inspect wrkspc_vol
+
+    # shellcheck disable=SC2140
+    docker run -e SIGUL_KEY="${SIGUL_KEY}" \
+        -e SIGUL_PASSWORD="${SIGUL_PASSWORD}" \
+        -e SIGUL_CONFIG="${SIGUL_CONFIG}" \
+        -e SIGN_DIR="${SIGN_DIR}" \
+        -e WORKSPACE="${WORKSPACE}" \
+        --name sigul-sign \
+        --security-opt label:disable \
+        --mount type=bind,source="/w/workspace",target="/w/workspace" \
+        --mount type=bind,source="/home/jenkins",target="/home/jenkins" \
+        -u root:root -w "$(pwd)" sigul-sign
+
+    # change the .asc files owner permissions back to jenkins
+    sudo chown -R jenkins:jenkins "${SIGN_DIR}"
+else
+    lftools sign sigul -m "${SIGN_MODE}" "${SIGN_DIR}"
+fi