diff options
author | Jeremiah Snapp <jeremiah@chef.io> | 2019-04-05 14:54:03 -0400 |
---|---|---|
committer | Jeremiah Snapp <jeremiah@chef.io> | 2019-04-05 14:54:03 -0400 |
commit | 67162eec87355c96638ea48fa964b30860c879ff (patch) | |
tree | 5e4bd3a7b98af43df88b33ae5ee3f562656d51af /omnibus | |
parent | 68aee212e9006f1b36b900ef83cacf6272dc2c89 (diff) | |
download | chef-67162eec87355c96638ea48fa964b30860c879ff.tar.gz |
Create omnibus buildkite pipelines
Signed-off-by: Jeremiah Snapp <jeremiah@chef.io>
Diffstat (limited to 'omnibus')
-rw-r--r-- | omnibus/omnibus-test.ps1 | 36 | ||||
-rw-r--r-- | omnibus/omnibus-test.sh | 32 |
2 files changed, 68 insertions, 0 deletions
diff --git a/omnibus/omnibus-test.ps1 b/omnibus/omnibus-test.ps1 new file mode 100644 index 0000000000..15f522c480 --- /dev/null +++ b/omnibus/omnibus-test.ps1 @@ -0,0 +1,36 @@ +# Stop script execution when a non-terminating error occurs +$ErrorActionPreference = "Stop" + +$channel = "$Env:CHANNEL" +If ([string]::IsNullOrEmpty($channel)) { $channel = "unstable" } + +$product = "$Env:PRODUCT" +If ([string]::IsNullOrEmpty($product)) { $product = "chef" } + +$version = "$Env:VERSION" +If ([string]::IsNullOrEmpty($version)) { $version = "latest" } + +Write-Output "--- Downloading $channel $product $version" +$download_url = C:\opscode\omnibus-toolchain\embedded\bin\mixlib-install.bat download --url --channel "$channel" "$product" --version "$version" +$package_file = "$Env:Temp\$(Split-Path -Path $download_url -Leaf)" +Invoke-WebRequest -OutFile "$package_file" -Uri "$download_url" + +Write-Output "--- Checking that $package_file has been signed." +If ((Get-AuthenticodeSignature "$package_file").Status -eq 'Valid') { + Write-Output "Verified $package_file has been signed." +} +Else { + Write-Output "Exiting with an error because $package_file has not been signed. Check your omnibus project config." + exit 1 +} + +Write-Output "--- Installing $channel $product $version" +Start-Process "$package_file" /quiet -Wait + +Write-Output "--- Testing $channel $product $version" + +$Env:PATH = "C:\opscode\chef\bin;${Env:PATH}" + +Write-Output "Running verification for $product" + +ci/verify-chef.bat diff --git a/omnibus/omnibus-test.sh b/omnibus/omnibus-test.sh new file mode 100644 index 0000000000..981dc808f0 --- /dev/null +++ b/omnibus/omnibus-test.sh @@ -0,0 +1,32 @@ +#!/bin/bash +set -ueo pipefail + +channel="${CHANNEL:-unstable}" +product="${PRODUCT:-chef}" +version="${VERSION:-latest}" + +echo "--- Installing $channel $product $version" +package_file="$(install-omnibus-product -c "$channel" -P "$product" -v "$version" | tail -n 1)" + +echo "--- Verifying omnibus package is signed" +check-omnibus-package-signed "$package_file" + +echo "--- Testing $channel $product $version" + +export INSTALL_DIR=/opt/chef +export PATH="/opt/chef/bin:$PATH" + +echo "Verifying ownership of package files" + +NONROOT_FILES="$(find "$INSTALL_DIR" ! -uid 0 -print)" +if [[ "$NONROOT_FILES" == "" ]]; then + echo "Packages files are owned by root. Continuing verification." +else + echo "Exiting with an error because the following files are not owned by root:" + echo "$NONROOT_FILES" + exit 1 +fi + +echo "Running verification for $product" + +sh ci/verify-chef.sh |