summaryrefslogtreecommitdiff
path: root/omnibus
diff options
context:
space:
mode:
authorJeremiah Snapp <jeremiah@chef.io>2019-04-05 14:54:03 -0400
committerJeremiah Snapp <jeremiah@chef.io>2019-04-05 14:54:03 -0400
commit67162eec87355c96638ea48fa964b30860c879ff (patch)
tree5e4bd3a7b98af43df88b33ae5ee3f562656d51af /omnibus
parent68aee212e9006f1b36b900ef83cacf6272dc2c89 (diff)
downloadchef-67162eec87355c96638ea48fa964b30860c879ff.tar.gz
Create omnibus buildkite pipelines
Signed-off-by: Jeremiah Snapp <jeremiah@chef.io>
Diffstat (limited to 'omnibus')
-rw-r--r--omnibus/omnibus-test.ps136
-rw-r--r--omnibus/omnibus-test.sh32
2 files changed, 68 insertions, 0 deletions
diff --git a/omnibus/omnibus-test.ps1 b/omnibus/omnibus-test.ps1
new file mode 100644
index 0000000000..15f522c480
--- /dev/null
+++ b/omnibus/omnibus-test.ps1
@@ -0,0 +1,36 @@
+# Stop script execution when a non-terminating error occurs
+$ErrorActionPreference = "Stop"
+
+$channel = "$Env:CHANNEL"
+If ([string]::IsNullOrEmpty($channel)) { $channel = "unstable" }
+
+$product = "$Env:PRODUCT"
+If ([string]::IsNullOrEmpty($product)) { $product = "chef" }
+
+$version = "$Env:VERSION"
+If ([string]::IsNullOrEmpty($version)) { $version = "latest" }
+
+Write-Output "--- Downloading $channel $product $version"
+$download_url = C:\opscode\omnibus-toolchain\embedded\bin\mixlib-install.bat download --url --channel "$channel" "$product" --version "$version"
+$package_file = "$Env:Temp\$(Split-Path -Path $download_url -Leaf)"
+Invoke-WebRequest -OutFile "$package_file" -Uri "$download_url"
+
+Write-Output "--- Checking that $package_file has been signed."
+If ((Get-AuthenticodeSignature "$package_file").Status -eq 'Valid') {
+ Write-Output "Verified $package_file has been signed."
+}
+Else {
+ Write-Output "Exiting with an error because $package_file has not been signed. Check your omnibus project config."
+ exit 1
+}
+
+Write-Output "--- Installing $channel $product $version"
+Start-Process "$package_file" /quiet -Wait
+
+Write-Output "--- Testing $channel $product $version"
+
+$Env:PATH = "C:\opscode\chef\bin;${Env:PATH}"
+
+Write-Output "Running verification for $product"
+
+ci/verify-chef.bat
diff --git a/omnibus/omnibus-test.sh b/omnibus/omnibus-test.sh
new file mode 100644
index 0000000000..981dc808f0
--- /dev/null
+++ b/omnibus/omnibus-test.sh
@@ -0,0 +1,32 @@
+#!/bin/bash
+set -ueo pipefail
+
+channel="${CHANNEL:-unstable}"
+product="${PRODUCT:-chef}"
+version="${VERSION:-latest}"
+
+echo "--- Installing $channel $product $version"
+package_file="$(install-omnibus-product -c "$channel" -P "$product" -v "$version" | tail -n 1)"
+
+echo "--- Verifying omnibus package is signed"
+check-omnibus-package-signed "$package_file"
+
+echo "--- Testing $channel $product $version"
+
+export INSTALL_DIR=/opt/chef
+export PATH="/opt/chef/bin:$PATH"
+
+echo "Verifying ownership of package files"
+
+NONROOT_FILES="$(find "$INSTALL_DIR" ! -uid 0 -print)"
+if [[ "$NONROOT_FILES" == "" ]]; then
+ echo "Packages files are owned by root. Continuing verification."
+else
+ echo "Exiting with an error because the following files are not owned by root:"
+ echo "$NONROOT_FILES"
+ exit 1
+fi
+
+echo "Running verification for $product"
+
+sh ci/verify-chef.sh