Changeset 25874

Timestamp:

12/15/20 14:39:49 (4 years ago)

Author:

jdquinn

Message:

CHG: Refinement of macOS packaging and signing scripts

Location:

issm/trunk-jpl/packagers/mac

Files:

• package-issm-mac-binaries-matlab.sh (modified) (5 diffs)
• package-issm-mac-binaries-python.sh (modified) (5 diffs)
• sign-issm-mac-binaries-matlab.sh (modified) (2 diffs)
• sign-issm-mac-binaries-python.sh (modified) (2 diffs)

issm/trunk-jpl/packagers/mac/package-issm-mac-binaries-matlab.sh

@@ -89 +89 @@
 #
 export PATH="${ISSM_DIR}/bin:$(getconf PATH)" # Ensure that we pick up binaries from 'bin' directory rather than 'externalpackages'
-AGU
+
+## Functions
+#
+validate_signed_repo_copy(){
+        # Check out copy of repository for signed binaries if it does not exist 
+        # (e.g. 'Check-out Strategy' was set to 'Use 'svn update' as much as 
+        # possible'; initial checkout failed)
+        if [ ! -d ${SIGNED_REPO_COPY} && ! -d ${SIGNED_REPO_COPY}/.svn ]; then
+                # Check out copy of SVN repository for signed packages
+                #
+                # NOTE: Get empty copy because we do not want to have to check out package from 
+                #               previous signing.
+                #
+                echo "Checking out copy of repository for signed packages"
+                svn checkout \
+                        --trust-server-cert \
+                        --non-interactive \
+                        --depth empty \
+                        --username ${USERNAME} \
+                        --password ${PASSWORD} \
+                        ${SIGNED_REPO_URL} \
+                        ${SIGNED_REPO_COPY} > /dev/null 2>&1
+        fi
+}
+
 ## Parse options
 #
@@ -167 +191 @@
                 # If lock file exists, a signing build is still in process by JPL Cybersecurity
                 svn up ${SIGNED_REPO_COPY}/${SIGNING_LOCK_FILE} > /dev/null 2>&1
-                if [[ -f ${SIGNED_REPO_COPY}/${SIGNING_LOCK_FILE} ]]; then
+                if [ -f ${SIGNED_REPO_COPY}/${SIGNING_LOCK_FILE} ]; then
                         echo "Previous signing job still in process by JPL Cybersecurity. Please try again later."
                         exit 1
@@ -243 +267 @@
                         numTestsFailed=`cat matlab.log | grep -c -e "FAILED|ERROR"`
 
-                        if [[ ${numTestsFailed} -ne 0 ]]; then
+                        if [ ${numTestsFailed} -ne 0 ]; then
                                 echo "One or more tests FAILED"
                                 exit 1
@@ -269 +293 @@
                 echo "Compressing package"
                 ditto -ck --sequesterRsrc --keepParent ${PKG} ${COMPRESSED_PKG}
+        else
+                # Assume that previous build was successful, but signing/notarization 
+                # failed.
+                #
+
+                # Make sure copy of repository for signed packages exists
+                validate_signed_repo_copy
         fi
 
@@ -360 +391 @@
         # that transfer to ISSM Web site failed and user built this project again 
         # with -t/--transferonly option.
+        #
+
+        # Make sure copy of repository for signed packages exists
+        validate_signed_repo_copy
+
         SUCCESS=1
 fi

issm/trunk-jpl/packagers/mac/package-issm-mac-binaries-python.sh

@@ -88 +88 @@
 #
 export PATH="${ISSM_DIR}/bin:$(getconf PATH)" # Ensure that we pick up binaries from 'bin' directory rather than 'externalpackages'
+
+## Functions
+#
+validate_signed_repo_copy(){
+        # Check out copy of repository for signed binaries if it does not exist 
+        # (e.g. 'Check-out Strategy' was set to 'Use 'svn update' as much as 
+        # possible'; initial checkout failed)
+        if [ ! -d ${SIGNED_REPO_COPY} && ! -d ${SIGNED_REPO_COPY}/.svn ]; then
+                # Check out copy of SVN repository for signed packages
+                #
+                # NOTE: Get empty copy because we do not want to have to check out package from 
+                #               previous signing.
+                #
+                echo "Checking out copy of repository for signed packages"
+                svn checkout \
+                        --trust-server-cert \
+                        --non-interactive \
+                        --depth empty \
+                        --username ${USERNAME} \
+                        --password ${PASSWORD} \
+                        ${SIGNED_REPO_URL} \
+                        ${SIGNED_REPO_COPY} > /dev/null 2>&1
+        fi
+}
 
 ## Parse options
@@ -160 +184 @@
                 # If lock file exists, a signing build is still in process by JPL Cybersecurity
                 svn up ${SIGNED_REPO_COPY}/${SIGNING_LOCK_FILE} > /dev/null 2>&1
-                if [[ -f ${SIGNED_REPO_COPY}/${SIGNING_LOCK_FILE} ]]; then
+                if [ -f ${SIGNED_REPO_COPY}/${SIGNING_LOCK_FILE} ]; then
                         echo "Previous signing job still in process by JPL Cybersecurity. Please try again later."
                         exit 1
@@ -242 +266 @@
                         numTestsFailed=`cat python.log | grep -c -e "FAILED|ERROR"`
 
-                        if [[ ${numTestsFailed} -ne 0 ]]; then
+                        if [ ${numTestsFailed} -ne 0 ]; then
                                 echo "One or more tests FAILED"
                                 exit 1
@@ -270 +294 @@
                 echo "Compressing package"
                 ditto -ck --sequesterRsrc --keepParent ${PKG} ${COMPRESSED_PKG}
+        else
+                # Assume that previous build was successful, but signing/notarization 
+                # failed.
+                #
+
+                # Make sure copy of repository for signed packages exists
+                validate_signed_repo_copy
         fi
 
@@ -361 +392 @@
         # that transfer to ISSM Web site failed and user built this project again 
         # with -t/--transferonly option.
+        #
+
+        # Make sure copy of repository for signed packages exists
+        validate_signed_repo_copy
+
         SUCCESS=1
 fi

issm/trunk-jpl/packagers/mac/sign-issm-mac-binaries-matlab.sh

@@ -167 +167 @@
 # Check if UUID exists in response
 HAS_UUID=$(grep 'RequestUUID = ' ${NOTARIZATION_LOGFILE_PATH}/${NOTARIZATION_LOGFILE}) # NOTE: Checking for "RequestUUID = " because "RequestUUID" shows up in some error messages
-if [[ -z "${HAS_UUID}" ]]; then
+if [ -z "${HAS_UUID}" ]; then
         echo "Notarization failed!"
         echo "----------------------- Contents of notarization logfile -----------------------"
@@ -199 +199 @@
                 # First, check if there is an error
                 ERROR_CHECK=$(grep 'Error' ${NOTARIZATION_LOGFILE_PATH}/${NOTARIZATION_LOGFILE})
-                if [[ ! -z "${ERROR_CHECK}" ]]; then
+                if [ ! -z "${ERROR_CHECK}" ]; then
                         break
                 fi

issm/trunk-jpl/packagers/mac/sign-issm-mac-binaries-python.sh

@@ -176 +176 @@
 # Check if UUID exists in response
 HAS_UUID=$(grep 'RequestUUID = ' ${NOTARIZATION_LOGFILE_PATH}/${NOTARIZATION_LOGFILE}) # NOTE: Checking for "RequestUUID = " because "RequestUUID" shows up in some error messages
-if [[ -z "${HAS_UUID}" ]]; then
+if [ -z "${HAS_UUID}" ]; then
         echo "Notarization failed!"
         echo "----------------------- Contents of notarization logfile -----------------------"
@@ -208 +208 @@
                 # First, check if there is an error
                 ERROR_CHECK=$(grep 'Error' ${NOTARIZATION_LOGFILE_PATH}/${NOTARIZATION_LOGFILE})
-                if [[ ! -z "${ERROR_CHECK}" ]]; then
+                if [ ! -z "${ERROR_CHECK}" ]; then
                         break
                 fi