[RCP][mac] add Jenkins stage for notarization
This stage is only executed if the Jenkins parameter "NOTARIZE_MAC_RCP",
that we introduce in this patch, is set to true. The default value is
false, and needs to be overridden in specific Jenkins jobs that really
require it (notarization is a limited resource).
Also, enhanced the notarization script to permit more than one package
being notarized at the same time and separately log the output of each
notarization for eventual troubleshooting.
Note: Notatization requires that mac .dmg packages be first generated
for the rcp product. The necessary is already in place, in the main
trace compass repo, and can be triggered in Jenkins jobs by adding the
maven argument "-Prcp-DMG-package-mac" in the appropriate field for
parameter "MAVEN_ARGS".
Signed-off-by: Marc Dumais <marc.dumais@ericsson.com>
Change-Id: I9356718c1e2d1a8551f36e751f806ebff50dc706
diff --git a/jenkins/pipelines/tracecompass-jdk11.Jenkinsfile b/jenkins/pipelines/tracecompass-jdk11.Jenkinsfile
index e5624b0..49b708e 100644
--- a/jenkins/pipelines/tracecompass-jdk11.Jenkinsfile
+++ b/jenkins/pipelines/tracecompass-jdk11.Jenkinsfile
@@ -1,3 +1,4 @@
+/* groovylint-disable GStringExpressionWithinString, LineLength, NestedBlockDepth, UnnecessaryGString */
/*******************************************************************************
* Copyright (c) 2019, 2023 Ericsson.
*
@@ -35,6 +36,9 @@
JAVADOC_PATH="target/site/apidocs"
GIT_SHA_FILE="tc-git-sha"
}
+ parameters {
+ booleanParam(name: 'NOTARIZE_MAC_RCP', defaultValue: false, description: "whether to notarize mac RCP packages")
+ }
stages {
stage('Checkout') {
steps {
@@ -44,12 +48,14 @@
sh 'cp scripts/deploy-update-site.sh ${MAVEN_WORKSPACE_SCRIPTS}'
sh 'cp scripts/deploy-doc.sh ${MAVEN_WORKSPACE_SCRIPTS}'
sh 'cp scripts/deploy-javadoc.sh ${MAVEN_WORKSPACE_SCRIPTS}'
+ sh 'cp scripts/macosx-notarize.sh ${MAVEN_WORKSPACE_SCRIPTS}'
checkout([$class: 'GitSCM', branches: [[name: '$GERRIT_BRANCH_NAME']], doGenerateSubmoduleConfigurations: false, extensions: [[$class: 'BuildChooserSetting', buildChooser: [$class: 'GerritTriggerBuildChooser']]], submoduleCfg: [], userRemoteConfigs: [[refspec: '$GERRIT_REFSPEC', url: '$GERRIT_REPOSITORY_URL']]])
sh 'mkdir -p ${WORKSPACE_SCRIPTS}'
sh 'cp ${MAVEN_WORKSPACE_SCRIPTS}/deploy-rcp.sh ${WORKSPACE_SCRIPTS}'
sh 'cp ${MAVEN_WORKSPACE_SCRIPTS}/deploy-update-site.sh ${WORKSPACE_SCRIPTS}'
sh 'cp ${MAVEN_WORKSPACE_SCRIPTS}/deploy-doc.sh ${WORKSPACE_SCRIPTS}'
sh 'cp ${MAVEN_WORKSPACE_SCRIPTS}/deploy-javadoc.sh ${WORKSPACE_SCRIPTS}'
+ sh 'cp ${MAVEN_WORKSPACE_SCRIPTS}/macosx-notarize.sh ${WORKSPACE_SCRIPTS}'
}
}
}
@@ -138,6 +144,21 @@
}
}
}
+ stage('Notarize macos RCP packages') {
+ when {
+ expression { return params.NOTARIZE_MAC_RCP }
+ }
+ steps {
+ sshagent (['projects-storage.eclipse.org-bot-ssh']) {
+ sh '${WORKSPACE_SCRIPTS}/macosx-notarize.sh ${RCP_DESTINATION}'
+ }
+ }
+ post {
+ always {
+ archiveArtifacts artifacts: '*.log', allowEmptyArchive: true
+ }
+ }
+ }
}
post {
failure {
diff --git a/jenkins/pipelines/tracecompass-jdk17.Jenkinsfile b/jenkins/pipelines/tracecompass-jdk17.Jenkinsfile
index 84d6863..1cb06af 100644
--- a/jenkins/pipelines/tracecompass-jdk17.Jenkinsfile
+++ b/jenkins/pipelines/tracecompass-jdk17.Jenkinsfile
@@ -1,3 +1,4 @@
+/* groovylint-disable GStringExpressionWithinString, LineLength, NestedBlockDepth, UnnecessaryGString */
/*******************************************************************************
* Copyright (c) 2019, 2023 Ericsson.
*
@@ -35,6 +36,9 @@
JAVADOC_PATH="target/site/apidocs"
GIT_SHA_FILE="tc-git-sha"
}
+ parameters {
+ booleanParam(name: 'NOTARIZE_MAC_RCP', defaultValue: false, description: "whether to notarize mac RCP packages")
+ }
stages {
stage('Checkout') {
steps {
@@ -44,12 +48,14 @@
sh 'cp scripts/deploy-update-site.sh ${MAVEN_WORKSPACE_SCRIPTS}'
sh 'cp scripts/deploy-doc.sh ${MAVEN_WORKSPACE_SCRIPTS}'
sh 'cp scripts/deploy-javadoc.sh ${MAVEN_WORKSPACE_SCRIPTS}'
+ sh 'cp scripts/macosx-notarize.sh ${MAVEN_WORKSPACE_SCRIPTS}'
checkout([$class: 'GitSCM', branches: [[name: '$GERRIT_BRANCH_NAME']], doGenerateSubmoduleConfigurations: false, extensions: [[$class: 'BuildChooserSetting', buildChooser: [$class: 'GerritTriggerBuildChooser']]], submoduleCfg: [], userRemoteConfigs: [[refspec: '$GERRIT_REFSPEC', url: '$GERRIT_REPOSITORY_URL']]])
sh 'mkdir -p ${WORKSPACE_SCRIPTS}'
sh 'cp ${MAVEN_WORKSPACE_SCRIPTS}/deploy-rcp.sh ${WORKSPACE_SCRIPTS}'
sh 'cp ${MAVEN_WORKSPACE_SCRIPTS}/deploy-update-site.sh ${WORKSPACE_SCRIPTS}'
sh 'cp ${MAVEN_WORKSPACE_SCRIPTS}/deploy-doc.sh ${WORKSPACE_SCRIPTS}'
sh 'cp ${MAVEN_WORKSPACE_SCRIPTS}/deploy-javadoc.sh ${WORKSPACE_SCRIPTS}'
+ sh 'cp ${MAVEN_WORKSPACE_SCRIPTS}/macosx-notarize.sh ${WORKSPACE_SCRIPTS}'
}
}
}
@@ -138,6 +144,21 @@
}
}
}
+ stage('Notarize macos RCP packages') {
+ when {
+ expression { return params.NOTARIZE_MAC_RCP }
+ }
+ steps {
+ sshagent (['projects-storage.eclipse.org-bot-ssh']) {
+ sh '${WORKSPACE_SCRIPTS}/macosx-notarize.sh ${RCP_DESTINATION}'
+ }
+ }
+ post {
+ always {
+ archiveArtifacts artifacts: '*.log', allowEmptyArchive: true
+ }
+ }
+ }
}
post {
failure {
diff --git a/jenkins/pipelines/tracecompass-test.Jenkinsfile b/jenkins/pipelines/tracecompass-test.Jenkinsfile
index 8181641..bf0b881 100644
--- a/jenkins/pipelines/tracecompass-test.Jenkinsfile
+++ b/jenkins/pipelines/tracecompass-test.Jenkinsfile
@@ -37,7 +37,7 @@
GIT_SHA_FILE="tc-git-sha"
}
parameters {
- booleanParam(name: 'NOTARIZE_MAC_RCP', defaultValue: true, description: "whether to notarize mac RCP packages")
+ booleanParam(name: 'NOTARIZE_MAC_RCP', defaultValue: false, description: "whether to notarize mac RCP packages")
}
stages {
stage('Checkout') {
@@ -89,7 +89,7 @@
always {
container('tracecompass') {
junit '*/*/target/surefire-reports/*.xml'
- archiveArtifacts artifacts: '*/*tests/screenshots/*.jpeg,*/*tests/target/work/data/.metadata/.log,rcp/org.eclipse.tracecompass.rcp.product/target/products/*.dmg,rcp/org.eclipse.tracecompass.rcp.product/target/products/*.tar.gz, rcp/org.eclipse.tracecompass.rcp.product/target/products/*.zip', excludes: '**/org.eclipse.tracecompass.common.core.log', allowEmptyArchive: true
+ archiveArtifacts artifacts: '*/*tests/screenshots/*.jpeg,*/*tests/target/work/data/.metadata/.log', excludes: '**/org.eclipse.tracecompass.common.core.log', allowEmptyArchive: true
}
}
}
diff --git a/scripts/macosx-notarize.sh b/scripts/macosx-notarize.sh
index 4c97ef2..7b63803 100755
--- a/scripts/macosx-notarize.sh
+++ b/scripts/macosx-notarize.sh
@@ -30,6 +30,7 @@
# Notatize a single "DMG" file passed as an argument. Uses current directory as a temporary directory
function notarize_single_dmg() {
+ export PS4='+$$+ ' # add PID to output so that parallel bash process output is easier to follow
DMG_FILE="$1"
DMG="$(basename "${DMG_FILE}")"
# keep a copy of the original dmg
@@ -96,7 +97,7 @@
for i in $(find ./temp -name '*.dmg'); do
LOG=$(basename ${i}).log
echo "Starting ${i}" >>${LOG}
- notarize_single_dmg ${i}
+ notarize_single_dmg ${i} |& tee --append ${LOG} &
sleep 18s # start jobs at a small interval from each other
done
