Code Review / releng / global-jjb.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | review | tree
raw | patch | inline | side by side (parent: 8dcb264)
Import the pubkey and check the tag 10/16410/2
authorAric Gardner <agardner@linuxfoundation.org>
Fri, 2 Aug 2019 01:27:18 +0000 (21:27 -0400)
committerJessica Wagantall <jwagantall@linuxfoundation.org>
Fri, 2 Aug 2019 01:34:15 +0000 (18:34 -0700)
with git tag -v $VERSION

Signed-off-by: Aric Gardner <agardner@linuxfoundation.org>
Change-Id: I954dfa1c8ca09f64ff8a35c138290565de8de4b9

jjb/lf-release-jobs.yaml patch | blob | history
releasenotes/notes/release-job-verify-sign-68e910725aa379ec.yaml [new file with mode: 0644] patch | blob
shell/release-job.sh patch | blob | history

diff --git a/jjb/lf-release-jobs.yaml b/jjb/lf-release-jobs.yaml
index 908881e..02111ef 100644 (file)
--- a/jjb/lf-release-jobs.yaml
+++ b/jjb/lf-release-jobs.yaml
@@ -91,6 +91,8 @@
               variable: SIGUL_PASSWORD
             - file-id: sigul-pki
               variable: SIGUL_PKI
+            - file-id: onap-pubkey
+              target: "/tmp/onap-pubkey"
       - shell: !include-raw-escape: ../shell/sigul-configuration.sh
       - shell: !include-raw-escape: ../shell/sigul-install.sh
       - lf-release
@@ -169,6 +171,8 @@
               variable: SIGUL_PASSWORD
             - file-id: sigul-pki
               variable: SIGUL_PKI
+            - file-id: onap-pubkey
+              target: "/tmp/onap-pubkey"
       - shell: !include-raw-escape: ../shell/sigul-configuration.sh
       - shell: !include-raw-escape: ../shell/sigul-install.sh
       - lf-release
diff --git a/releasenotes/notes/release-job-verify-sign-68e910725aa379ec.yaml b/releasenotes/notes/release-job-verify-sign-68e910725aa379ec.yaml
new file mode 100644 (file)
index 0000000..3efcc86
--- /dev/null
+++ b/releasenotes/notes/release-job-verify-sign-68e910725aa379ec.yaml
@@ -0,0 +1,4 @@
+---
+fixes:
+  - |
+    Allow lf_release_verify and lf_release_merge to verify tag signature.
diff --git a/shell/release-job.sh b/shell/release-job.sh
index 783979a..5b163c8 100644 (file)
--- a/shell/release-job.sh
+++ b/shell/release-job.sh
@@ -98,8 +98,11 @@ for release_file in $release_files; do
     git merge --ff-only FETCH_HEAD
     git tag -am "$PROJECT $VERSION" "$VERSION"
     sigul --batch -c "$SIGUL_CONFIG" sign-git-tag "$SIGUL_KEY" "$VERSION" < "$SIGUL_PASSWORD"
+
     echo "Showing latest signature for $PROJECT:"
-    git log --show-signature -n1
+    gpg --import /tmp/onap-pubkey
+    echo "git tag -v "$VERSION""
+    git tag -v "$VERSION"
 
 
     ########## Merge Part ##############
Global Jenkins Job Builder templates