diff --git a/Jenkinsfile b/Jenkinsfile index 0d14a1258b..d3628e5eb3 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -7,7 +7,6 @@ all_status = [:] commit_id = '' git_fork = 'ripple' git_repo = 'rippled' -collab_found = false; // // this is not the actual token, but an ID/key into the jenkins // credential store which httpRequest can access. @@ -43,6 +42,7 @@ try { } if (env.CHANGE_AUTHOR) { + def collab_found = false; // // this means we have some sort of PR , so verify the author // @@ -276,49 +276,41 @@ try { } //for variants // Also add a single build job for doing the RPM build - // on a docker node, but only for collaborators (approved committers) - if (collab_found) { - builds['rpm'] = { - node('docker') { - def bldlabel = 'rpm' - configFileProvider ( - [configFile( - fileId: 'rippled-commit-signer-public-keys.txt', - variable: 'SIGNER_PUBLIC_KEYS')]) - { - def remote = - (git_fork == 'ripple') ? 'origin' : git_fork + // on a docker node + builds['rpm'] = { + node('docker') { + def bldlabel = 'rpm' + def remote = + (git_fork == 'ripple') ? 'origin' : git_fork - withCredentials( - [string( - credentialsId: 'RIPPLED_RPM_ROLE_ID', - variable: 'ROLE_ID')]) - { - withEnv([ - 'docker_image=artifactory.ops.ripple.com:6555/rippled-rpm-builder:latest', - "git_commit=${commit_id}", - "git_remote=${remote}", - "rpm_release=${env.BUILD_ID}"]) - { - try { - sh "rm -fv ${bldlabel}.txt" - sh "if [ -d rpm-out ]; then rm -rf rpm-out; fi" - sh rpmBuildCmd(bldlabel) - } - finally { - def st = reportStatus(bldlabel, bldlabel, env.BUILD_URL) - lock('rippled_dev_status') { - all_status[bldlabel] = st - } - archiveArtifacts( - artifacts: 'rpm-out/*.rpm', - allowEmptyArchive: true) - } - } //withEnv - } //withCredentials - } //configFile - } //node - } + withCredentials( + [string( + credentialsId: 'RIPPLED_RPM_ROLE_ID', + variable: 'ROLE_ID')]) + { + withEnv([ + 'docker_image=artifactory.ops.ripple.com:6555/rippled-rpm-builder:latest', + "git_commit=${commit_id}", + "git_remote=${remote}", + "rpm_release=${env.BUILD_ID}"]) + { + try { + sh "rm -fv ${bldlabel}.txt" + sh "if [ -d rpm-out ]; then rm -rf rpm-out; fi" + sh rpmBuildCmd(bldlabel) + } + finally { + def st = reportStatus(bldlabel, bldlabel, env.BUILD_URL) + lock('rippled_dev_status') { + all_status[bldlabel] = st + } + archiveArtifacts( + artifacts: 'rpm-out/*.rpm', + allowEmptyArchive: true) + } + } //withEnv + } //withCredentials + } //node } // this actually executes all the builds we just defined @@ -631,8 +623,6 @@ SECRET_ID=$(cat /.vault/rippled-build-role/secret-id) export VAULT_TOKEN=$(/usr/local/ripple/ops-toolbox/vault/vault_approle_auth -r ${ROLE_ID} -s ${SECRET_ID} -t) /usr/local/ripple/ops-toolbox/vault/vault_get_sts_token.py -r rippled-build-role -head $SIGNER_PUBLIC_KEYS - mkdir -p rpm-out docker pull "${docker_image}" @@ -641,7 +631,6 @@ echo "Running build container" docker run --rm \ -v $PWD/rpm-out:/opt/rippled-rpm/out \ --v $SIGNER_PUBLIC_KEYS:/opt/rippled-rpm/public-keys.txt \ -e "GIT_COMMIT=$git_commit" \ -e "GIT_REMOTE=$git_remote" \ -e "RPM_RELEASE=$rpm_release" \