Index: /issm/trunk-jpl/packagers/mac/package-issm-mac-binaries-matlab.sh =================================================================== --- /issm/trunk-jpl/packagers/mac/package-issm-mac-binaries-matlab.sh (revision 25874) +++ /issm/trunk-jpl/packagers/mac/package-issm-mac-binaries-matlab.sh (revision 25875) @@ -16,6 +16,4 @@ # # Options: -# -c/--cleanup Remove lock file from signed package repository (use if -# build is aborted to allow for subsequent fresh build) # -n/--notarizeonly Sign/notarize only (use if signing/notarization fails # to skip tests/packaging) @@ -25,4 +23,6 @@ # transfer fails for some reason to skip testing and # signing) +# -u/--unlock Remove lock file from signed package repository (use if +# build is aborted to allow for subsequent fresh build) # # Debugging: @@ -92,52 +92,21 @@ ## Functions # -validate_signed_repo_copy(){ - # Check out copy of repository for signed binaries if it does not exist - # (e.g. 'Check-out Strategy' was set to 'Use 'svn update' as much as - # possible'; initial checkout failed) - if [ ! -d ${SIGNED_REPO_COPY} && ! -d ${SIGNED_REPO_COPY}/.svn ]; then - # Check out copy of SVN repository for signed packages - # - # NOTE: Get empty copy because we do not want to have to check out package from - # previous signing. - # - echo "Checking out copy of repository for signed packages" - svn checkout \ - --trust-server-cert \ - --non-interactive \ - --depth empty \ - --username ${USERNAME} \ - --password ${PASSWORD} \ - ${SIGNED_REPO_URL} \ - ${SIGNED_REPO_COPY} > /dev/null 2>&1 - fi +checkout_signed_repo_copy(){ + echo "Checking out copy of repository for signed packages" + + # NOTE: Get empty copy because we do not want to have to check out package + # from previous signing. + # + svn checkout \ + --trust-server-cert \ + --non-interactive \ + --depth empty \ + --username ${USERNAME} \ + --password ${PASSWORD} \ + ${SIGNED_REPO_URL} \ + ${SIGNED_REPO_COPY} } - -## Parse options -# -if [ $# -gt 1 ]; then - echo "Can use only one option at a time" - exit 1 -fi - -cleanup=0 -notarize_only=0 -skip_tests=0 -transfer_only=0 -while [ $# -gt 0 ]; do - case $1 in - -c|--cleanup) cleanup=1; shift ;; - -n|--notarizeonly) notarize_only=1; shift ;; - -s|--skiptests) skip_tests=1; shift ;; - -t|--transferonly) transfer_only=1; shift ;; - *) echo "Unknown parameter passed: $1"; exit 1 ;; - esac - shift -done - -if [ ${cleanup} -eq 1 ]; then - # Remove signing lock file from signed package repository so that a new - # build can run - echo "Removing lock file from repository for signed packages" +checkout_unsigned_repo_copy(){ + echo "Checking out copy of repository for unsigned packages" svn checkout \ --trust-server-cert \ @@ -145,8 +114,45 @@ --username ${USERNAME} \ --password ${PASSWORD} \ - --depth empty \ - ${SIGNED_REPO_URL} \ - ${SIGNED_REPO_COPY} > /dev/null 2>&1 - svn up ${SIGNED_REPO_COPY}/${SIGNING_LOCK_FILE} > /dev/null 2>&1 + ${UNSIGNED_REPO_URL} \ + ${UNSIGNED_REPO_COPY} +} +validate_signed_repo_copy(){ + # Validate copy of repository for signed binaries (e.g. + # 'Check-out Strategy' was set to 'Use 'svn update' as much as possible'; + # initial checkout failed) + if [[ ! -d ${SIGNED_REPO_COPY} || ! -d ${SIGNED_REPO_COPY}/.svn ]]; then + rm -rf ${SIGNED_REPO_COPY} + checkout_signed_repo_copy + fi +} + +## Parse options +# +if [ $# -gt 1 ]; then + echo "Can use only one option at a time" + exit 1 +fi + +notarize_only=0 +skip_tests=0 +transfer_only=0 +unlock=0 +while [ $# -gt 0 ]; do + case $1 in + -n|--notarizeonly) notarize_only=1; shift ;; + -s|--skiptests) skip_tests=1; shift ;; + -t|--transferonly) transfer_only=1; shift ;; + -u|--unlock) unlock=1; shift ;; + *) echo "Unknown parameter passed: $1"; exit 1 ;; + esac + shift +done + +if [ ${unlock} -eq 1 ]; then + # Remove signing lock file from signed package repository so that a new + # build can run + echo "Removing lock file from repository for signed packages" + checkout_signed_repo_copy + svn up ${SIGNED_REPO_COPY}/${SIGNING_LOCK_FILE} svn delete ${SIGNED_REPO_COPY}/${SIGNING_LOCK_FILE} > /dev/null 2>&1 svn commit \ @@ -155,10 +161,21 @@ --username ${USERNAME} \ --password ${PASSWORD} \ - --message "DEL: Removing lock file after failed build" ${SIGNED_REPO_COPY} > /dev/null 2>&1 - svn cleanup ${SIGNED_REPO_COPY} > /dev/null 2>&1 + --message "DEL: Removing lock file after failed build" ${SIGNED_REPO_COPY} + svn cleanup ${SIGNED_REPO_COPY} exit 1 fi if [ ${transfer_only} -eq 0 ]; then + rm -rf ${SIGNED_REPO_COPY} + + checkout_signed_repo_copy + + # If lock file exists, a signing build is still in process by JPL Cybersecurity + svn up ${SIGNED_REPO_COPY}/${SIGNING_LOCK_FILE} + if [ -f ${SIGNED_REPO_COPY}/${SIGNING_LOCK_FILE} ]; then + echo "Previous signing job still in process by JPL Cybersecurity. Please try again later." + exit 1 + fi + if [ ${notarize_only} -eq 0 ]; then # Check if MATLAB exists @@ -171,28 +188,6 @@ echo "Cleaning up existing assets" cd ${ISSM_DIR} - rm -rf ${PKG} ${COMPRESSED_PKG} ${SIGNED_REPO_COPY} ${UNSIGNED_REPO_COPY} + rm -rf ${PKG} ${COMPRESSED_PKG} ${UNSIGNED_REPO_COPY} mkdir ${PKG} - - # Check out copy of SVN repository for signed packages - # - # NOTE: Get empty copy because we do not want to have to check out package from - # previous signing. - # - echo "Checking out copy of repository for signed packages" - svn checkout \ - --trust-server-cert \ - --non-interactive \ - --username ${USERNAME} \ - --password ${PASSWORD} \ - --depth empty \ - ${SIGNED_REPO_URL} \ - ${SIGNED_REPO_COPY} > /dev/null 2>&1 - - # If lock file exists, a signing build is still in process by JPL Cybersecurity - svn up ${SIGNED_REPO_COPY}/${SIGNING_LOCK_FILE} > /dev/null 2>&1 - if [ -f ${SIGNED_REPO_COPY}/${SIGNING_LOCK_FILE} ]; then - echo "Previous signing job still in process by JPL Cybersecurity. Please try again later." - exit 1 - fi # Add required binaries and libraries to package and modify them where needed @@ -297,7 +292,5 @@ # failed. # - - # Make sure copy of repository for signed packages exists - validate_signed_repo_copy + echo "Notarizing only" fi @@ -311,19 +304,12 @@ --username ${USERNAME} \ --password ${PASSWORD} \ - --message "ADD: New lock file" ${SIGNED_REPO_COPY} > /dev/null 2>&1 + --message "ADD: New lock file" ${SIGNED_REPO_COPY} # Save current working copy revision number - svn up ${SIGNED_REPO_COPY} > /dev/null 2>&1 + svn up ${SIGNED_REPO_COPY} CURRENT_REV=$(svn info --show-item last-changed-revision ${SIGNED_REPO_COPY}) # Check out copy of SVN repository for unsigned packages - echo "Checking out copy of repository for unsigned packages" - svn checkout \ - --trust-server-cert \ - --non-interactive \ - --username ${USERNAME} \ - --password ${PASSWORD} \ - ${UNSIGNED_REPO_URL} \ - ${UNSIGNED_REPO_COPY} > /dev/null 2>&1 + checkout_unsigned_repo_copy if [ ${notarize_only} -eq 0 ]; then @@ -341,5 +327,5 @@ --username ${USERNAME} \ --password ${PASSWORD} \ - --message "CHG: New unsigned package" ${UNSIGNED_REPO_COPY} > /dev/null 2>&1 + --message "CHG: New unsigned package" ${UNSIGNED_REPO_COPY} else # NOTE: If notarize_only == 1, we commit a dummy file as the signing @@ -348,5 +334,5 @@ # echo "Attempting to sign existing package again" - touch ${UNSIGNED_REPO_COPY}/${RETRIGGER_SIGNING_FILE} + echo $(date +'%Y-%m-%d-%H-%M-%S') > ${UNSIGNED_REPO_COPY}/${RETRIGGER_SIGNING_FILE} # Write datetime stamp to file to ensure modification is made svn add ${UNSIGNED_REPO_COPY}/${RETRIGGER_SIGNING_FILE} > /dev/null 2>&1 svn commit \ @@ -355,5 +341,5 @@ --username ${USERNAME} \ --password ${PASSWORD} \ - --message "ADD: Retriggering signing with same package (previous attempt failed)" ${UNSIGNED_REPO_COPY} > /dev/null 2>&1 + --message "ADD: Retriggering signing with same package (previous attempt failed)" ${UNSIGNED_REPO_COPY} fi @@ -366,5 +352,5 @@ echo "...in progress still; checking again in ${SIGNING_CHECK_PERIOD} seconds" sleep ${SIGNING_CHECK_PERIOD} - svn up ${SIGNED_REPO_COPY} > /dev/null 2>&1 + svn up ${SIGNED_REPO_COPY} NEW_REV=$(svn info --show-item last-changed-revision ${SIGNED_REPO_COPY}) @@ -372,6 +358,6 @@ IN_PROCESS=0 - svn up ${SIGNED_REPO_COPY}/${NOTARIZATION_LOGFILE} > /dev/null 2>&1 - svn up ${SIGNED_REPO_COPY}/${COMPRESSED_PKG} > /dev/null 2>&1 + svn up ${SIGNED_REPO_COPY}/${NOTARIZATION_LOGFILE} + svn up ${SIGNED_REPO_COPY}/${COMPRESSED_PKG} # No error, so check status Index: /issm/trunk-jpl/packagers/mac/package-issm-mac-binaries-python.sh =================================================================== --- /issm/trunk-jpl/packagers/mac/package-issm-mac-binaries-python.sh (revision 25874) +++ /issm/trunk-jpl/packagers/mac/package-issm-mac-binaries-python.sh (revision 25875) @@ -4,5 +4,5 @@ # To be used after running, # -# ${ISSM_DIR}/jenkins/jenkins.sh ${ISSM_DIR}/jenkins/pine_island-mac-binaries-python +# ${ISSM_DIR}/jenkins/jenkins.sh ${ISSM_DIR}/jenkins/pine_island-mac-binaries-matlab # # in the context of a Jenkins project. @@ -16,6 +16,4 @@ # # Options: -# -c/--cleanup Remove lock file from signed package repository (use if -# build is aborted to allow for subsequent fresh build) # -n/--notarizeonly Sign/notarize only (use if signing/notarization fails # to skip tests/packaging) @@ -25,4 +23,6 @@ # transfer fails for some reason to skip testing and # signing) +# -u/--unlock Remove lock file from signed package repository (use if +# build is aborted to allow for subsequent fresh build) # # Debugging: @@ -30,5 +30,5 @@ # Jenkins server. Debugging may be perfomed locally by running, # -# packagers/mac/sign-issm-mac-binaries-python.sh +# packagers/mac/sign-issm-mac-binaries-matlab.sh # # with Apple Developer credentials. @@ -91,52 +91,21 @@ ## Functions # -validate_signed_repo_copy(){ - # Check out copy of repository for signed binaries if it does not exist - # (e.g. 'Check-out Strategy' was set to 'Use 'svn update' as much as - # possible'; initial checkout failed) - if [ ! -d ${SIGNED_REPO_COPY} && ! -d ${SIGNED_REPO_COPY}/.svn ]; then - # Check out copy of SVN repository for signed packages - # - # NOTE: Get empty copy because we do not want to have to check out package from - # previous signing. - # - echo "Checking out copy of repository for signed packages" - svn checkout \ - --trust-server-cert \ - --non-interactive \ - --depth empty \ - --username ${USERNAME} \ - --password ${PASSWORD} \ - ${SIGNED_REPO_URL} \ - ${SIGNED_REPO_COPY} > /dev/null 2>&1 - fi +checkout_signed_repo_copy(){ + echo "Checking out copy of repository for signed packages" + + # NOTE: Get empty copy because we do not want to have to check out package + # from previous signing. + # + svn checkout \ + --trust-server-cert \ + --non-interactive \ + --depth empty \ + --username ${USERNAME} \ + --password ${PASSWORD} \ + ${SIGNED_REPO_URL} \ + ${SIGNED_REPO_COPY} } - -## Parse options -# -if [ $# -gt 1 ]; then - echo "Can use only one option at a time" - exit 1 -fi - -cleanup=0 -notarize_only=0 -skip_tests=0 -transfer_only=0 -while [ $# -gt 0 ]; do - case $1 in - -c|--cleanup) cleanup=1; shift ;; - -n|--notarizeonly) notarize_only=1; shift ;; - -s|--skiptests) skip_tests=1; shift ;; - -t|--transferonly) transfer_only=1; shift ;; - *) echo "Unknown parameter passed: $1"; exit 1 ;; - esac - shift -done - -if [ ${cleanup} -eq 1 ]; then - # Remove signing lock file from signed package repository so that a new - # build can run - echo "Removing lock file from repository for signed packages" +checkout_unsigned_repo_copy(){ + echo "Checking out copy of repository for unsigned packages" svn checkout \ --trust-server-cert \ @@ -144,9 +113,46 @@ --username ${USERNAME} \ --password ${PASSWORD} \ - --depth empty \ - ${SIGNED_REPO_URL} \ - ${SIGNED_REPO_COPY} > /dev/null 2>&1 - svn up ${SIGNED_REPO_COPY}/${SIGNING_LOCK_FILE} > /dev/null 2>&1 - svn delete ${SIGNED_REPO_COPY}/${SIGNING_LOCK_FILE} > /dev/null 2>&1 + ${UNSIGNED_REPO_URL} \ + ${UNSIGNED_REPO_COPY} +} +validate_signed_repo_copy(){ + # Validate copy of repository for signed binaries (e.g. + # 'Check-out Strategy' was set to 'Use 'svn update' as much as possible'; + # initial checkout failed) + if [[ ! -d ${SIGNED_REPO_COPY} || ! -d ${SIGNED_REPO_COPY}/.svn ]]; then + rm -rf ${SIGNED_REPO_COPY} + checkout_signed_repo_copy + fi +} + +## Parse options +# +if [ $# -gt 1 ]; then + echo "Can use only one option at a time" + exit 1 +fi + +notarize_only=0 +skip_tests=0 +transfer_only=0 +unlock=0 +while [ $# -gt 0 ]; do + case $1 in + -n|--notarizeonly) notarize_only=1; shift ;; + -s|--skiptests) skip_tests=1; shift ;; + -t|--transferonly) transfer_only=1; shift ;; + -u|--unlock) unlock=1; shift ;; + *) echo "Unknown parameter passed: $1"; exit 1 ;; + esac + shift +done + +if [ ${unlock} -eq 1 ]; then + # Remove signing lock file from signed package repository so that a new + # build can run + echo "Removing lock file from repository for signed packages" + checkout_signed_repo_copy + svn up ${SIGNED_REPO_COPY}/${SIGNING_LOCK_FILE} + svn delete ${SIGNED_REPO_COPY}/${SIGNING_LOCK_FILE} svn commit \ --trust-server-cert \ @@ -154,15 +160,26 @@ --username ${USERNAME} \ --password ${PASSWORD} \ - --message "DEL: Removing lock file after failed build" ${SIGNED_REPO_COPY} > /dev/null 2>&1 - svn cleanup ${SIGNED_REPO_COPY} > /dev/null 2>&1 + --message "DEL: Removing lock file after failed build" ${SIGNED_REPO_COPY} + svn cleanup ${SIGNED_REPO_COPY} exit 1 fi if [ ${transfer_only} -eq 0 ]; then + rm -rf ${SIGNED_REPO_COPY} + + checkout_signed_repo_copy + + # If lock file exists, a signing build is still in process by JPL Cybersecurity + svn up ${SIGNED_REPO_COPY}/${SIGNING_LOCK_FILE} + if [ -f ${SIGNED_REPO_COPY}/${SIGNING_LOCK_FILE} ]; then + echo "Previous signing job still in process by JPL Cybersecurity. Please try again later." + exit 1 + fi + if [ ${notarize_only} -eq 0 ]; then # Clean up from previous packaging echo "Cleaning up existing assets" cd ${ISSM_DIR} - rm -rf ${PKG} ${COMPRESSED_PKG} ${SIGNED_REPO_COPY} ${UNSIGNED_REPO_COPY} + rm -rf ${PKG} ${COMPRESSED_PKG} ${UNSIGNED_REPO_COPY} mkdir ${PKG} @@ -180,8 +197,8 @@ --depth empty \ ${SIGNED_REPO_URL} \ - ${SIGNED_REPO_COPY} > /dev/null 2>&1 + ${SIGNED_REPO_COPY} # If lock file exists, a signing build is still in process by JPL Cybersecurity - svn up ${SIGNED_REPO_COPY}/${SIGNING_LOCK_FILE} > /dev/null 2>&1 + svn up ${SIGNED_REPO_COPY}/${SIGNING_LOCK_FILE} if [ -f ${SIGNED_REPO_COPY}/${SIGNING_LOCK_FILE} ]; then echo "Previous signing job still in process by JPL Cybersecurity. Please try again later." @@ -298,7 +315,5 @@ # failed. # - - # Make sure copy of repository for signed packages exists - validate_signed_repo_copy + echo "Notarizing only" fi @@ -306,5 +321,5 @@ echo "Committing lock file to repository for signed packages" touch ${SIGNED_REPO_COPY}/${SIGNING_LOCK_FILE} - svn add ${SIGNED_REPO_COPY}/${SIGNING_LOCK_FILE} > /dev/null 2>&1 + svn add ${SIGNED_REPO_COPY}/${SIGNING_LOCK_FILE} svn commit \ --trust-server-cert \ @@ -312,19 +327,12 @@ --username ${USERNAME} \ --password ${PASSWORD} \ - --message "ADD: New lock file" ${SIGNED_REPO_COPY} > /dev/null 2>&1 + --message "ADD: New lock file" ${SIGNED_REPO_COPY} # Save current working copy revision number - svn up ${SIGNED_REPO_COPY} > /dev/null 2>&1 + svn up ${SIGNED_REPO_COPY} CURRENT_REV=$(svn info --show-item last-changed-revision ${SIGNED_REPO_COPY}) # Check out copy of SVN repository for unsigned packages - echo "Checking out copy of repository for unsigned packages" - svn checkout \ - --trust-server-cert \ - --non-interactive \ - --username ${USERNAME} \ - --password ${PASSWORD} \ - ${UNSIGNED_REPO_URL} \ - ${UNSIGNED_REPO_COPY} > /dev/null 2>&1 + checkout_unsigned_repo_copy if [ ${notarize_only} -eq 0 ]; then @@ -336,5 +344,5 @@ echo "Committing package to repository for unsigned packages" cp ${COMPRESSED_PKG} ${UNSIGNED_REPO_COPY} - svn add ${UNSIGNED_REPO_COPY}/${COMPRESSED_PKG} > /dev/null 2>&1 + svn add ${UNSIGNED_REPO_COPY}/${COMPRESSED_PKG} svn commit \ --trust-server-cert \ @@ -342,5 +350,5 @@ --username ${USERNAME} \ --password ${PASSWORD} \ - --message "CHG: New unsigned package" ${UNSIGNED_REPO_COPY} > /dev/null 2>&1 + --message "CHG: New unsigned package" ${UNSIGNED_REPO_COPY} else # NOTE: If notarize_only == 1, we commit a dummy file as the signing @@ -349,6 +357,6 @@ # echo "Attempting to sign existing package again" - touch ${UNSIGNED_REPO_COPY}/${RETRIGGER_SIGNING_FILE} - svn add ${UNSIGNED_REPO_COPY}/${RETRIGGER_SIGNING_FILE} > /dev/null 2>&1 + echo $(date +'%Y-%m-%d-%H-%M-%S') > ${UNSIGNED_REPO_COPY}/${RETRIGGER_SIGNING_FILE} # Write datetime stamp to file to ensure modification is made + svn add ${UNSIGNED_REPO_COPY}/${RETRIGGER_SIGNING_FILE} svn commit \ --trust-server-cert \ @@ -356,5 +364,5 @@ --username ${USERNAME} \ --password ${PASSWORD} \ - --message "ADD: Retriggering signing with same package (previous attempt failed)" ${UNSIGNED_REPO_COPY} > /dev/null 2>&1 + --message "ADD: Retriggering signing with same package (previous attempt failed)" ${UNSIGNED_REPO_COPY} fi @@ -367,5 +375,5 @@ echo "...in progress still; checking again in ${SIGNING_CHECK_PERIOD} seconds" sleep ${SIGNING_CHECK_PERIOD} - svn up ${SIGNED_REPO_COPY} > /dev/null 2>&1 + svn up ${SIGNED_REPO_COPY} NEW_REV=$(svn info --show-item last-changed-revision ${SIGNED_REPO_COPY}) @@ -373,6 +381,6 @@ IN_PROCESS=0 - svn up ${SIGNED_REPO_COPY}/${NOTARIZATION_LOGFILE} > /dev/null 2>&1 - svn up ${SIGNED_REPO_COPY}/${COMPRESSED_PKG} > /dev/null 2>&1 + svn up ${SIGNED_REPO_COPY}/${NOTARIZATION_LOGFILE} + svn up ${SIGNED_REPO_COPY}/${COMPRESSED_PKG} # No error, so check status Index: /issm/trunk-jpl/packagers/mac/sign-issm-mac-binaries-matlab.sh =================================================================== --- /issm/trunk-jpl/packagers/mac/sign-issm-mac-binaries-matlab.sh (revision 25874) +++ /issm/trunk-jpl/packagers/mac/sign-issm-mac-binaries-matlab.sh (revision 25875) @@ -42,5 +42,5 @@ # # NOTE: -# - Assumes that 'issm-binaries-user' and 'issm-binaries-pass' are set up in +# - Assumes that "ISSM_BINARIES_USER" and "ISSM_BINARIES_PASS" are set up in # the 'Bindings' section under a 'Username and password (separated)' binding # (requires 'Credentials Binding Plugin'). @@ -86,6 +86,5 @@ PASSWORD=${ISSM_BINARIES_PASS} PKG="ISSM-macOS-MATLAB" -PRIMARY_BUNDLE_ID="**********.issm.matlab" # Should be "gov.nasa.jpl.issm.matlab" -RETRIGGER_SIGNING_FILE="retrigger.txt" +PRIMARY_BUNDLE_ID="gov.nasa.jpl.issm.matlab" SIGNED_REPO_COPY="./signed" SIGNED_REPO_URL="https://issm.ess.uci.edu/svn/issm-binaries/mac/matlab/signed" @@ -99,14 +98,14 @@ EXE_ENTITLEMENTS_PLIST="${PKG}/bin/entitlements.plist" -# Clean up from previous packaging (not necessary for single builds on Jenkins, -# but useful when testing packaging locally) -echo "Cleaning up existing assets" -rm -rf ${PKG} ${COMPRESSED_PKG} ${NOTARIZATION_LOGFILE_PATH}/${NOTARIZATION_LOGFILE} ${SIGNED_REPO_COPY} ${UNSIGNED_REPO_COPY} -mkdir ${PKG} - # NOTE: Uncomment the following for local testing (Jenkins checks out copy of # repository for unsigned packages to working directory) # -# Check out copy of repository for unsigned packages + +# # Clean up from previous packaging (not necessary for single builds on Jenkins, +# # but useful when testing packaging locally) +# echo "Cleaning up existing assets" +# rm -rf ${COMPRESSED_PKG} ${NOTARIZATION_LOGFILE_PATH}/${NOTARIZATION_LOGFILE} ${UNSIGNED_REPO_COPY} + +# # Check out copy of repository for unsigned packages # echo "Checking out copy of respository for unsigned packages" # svn checkout \ @@ -116,5 +115,7 @@ # --password ${PASSWORD} \ # ${UNSIGNED_REPO_URL} \ -# ${UNSIGNED_REPO_COPY} > /dev/null 2>&1 +# ${UNSIGNED_REPO_COPY} + +rm -rf ${PKG} ${SIGNED_REPO_COPY} # Extract package contents @@ -246,13 +247,4 @@ fi -# Remove dummy file for retriggering signing/notarization (if it exists) -svn delete ${UNSIGNED_REPO_COPY}/${RETRIGGER_SIGNING_FILE} > /dev/null 2>&1 -svn commit \ - --trust-server-cert \ - --non-interactive \ - --username ${USERNAME} \ - --password ${PASSWORD} \ - --message "DEL: Removing dummy file for retriggering signing of same package" ${UNSIGNED_REPO_COPY} > /dev/null 2>&1 - # Check out copy of repository for signed packages echo "Checking out copy of respository for signed packages" @@ -263,5 +255,5 @@ --password ${PASSWORD} \ ${SIGNED_REPO_URL} \ - ${SIGNED_REPO_COPY} > /dev/null 2>&1 + ${SIGNED_REPO_COPY} # Copy notarization file to repository for signed packages @@ -284,5 +276,5 @@ --username ${USERNAME} \ --password ${PASSWORD} \ - --message "CHG: New signed package (success)" ${SIGNED_REPO_COPY} > /dev/null 2>&1 + --message "CHG: New signed package (success)" ${SIGNED_REPO_COPY} else # Commit changes @@ -293,5 +285,5 @@ --username ${USERNAME} \ --password ${PASSWORD} \ - --message "CHG: New signed package (failure)" ${SIGNED_REPO_COPY} > /dev/null 2>&1 + --message "CHG: New signed package (failure)" ${SIGNED_REPO_COPY} exit 1 Index: /issm/trunk-jpl/packagers/mac/sign-issm-mac-binaries-python.sh =================================================================== --- /issm/trunk-jpl/packagers/mac/sign-issm-mac-binaries-python.sh (revision 25874) +++ /issm/trunk-jpl/packagers/mac/sign-issm-mac-binaries-python.sh (revision 25875) @@ -42,5 +42,5 @@ # # NOTE: -# - Assumes that 'issm-binaries-user' and 'issm-binaries-pass' are set up in +# - Assumes that "ISSM_BINARIES_USER" and "ISSM_BINARIES_PASS" are set up in # the 'Bindings' section under a 'Username and password (separated)' binding # (requires 'Credentials Binding Plugin'). @@ -86,6 +86,5 @@ PASSWORD=${ISSM_BINARIES_PASS} PKG="ISSM-macOS-Python" -PRIMARY_BUNDLE_ID="**********.issm.python" # Should be "gov.nasa.jpl.issm.python" -RETRIGGER_SIGNING_FILE="retrigger.txt" +PRIMARY_BUNDLE_ID="gov.nasa.jpl.issm.python" SIGNED_REPO_COPY="./signed" SIGNED_REPO_URL="https://issm.ess.uci.edu/svn/issm-binaries/mac/python/signed" @@ -99,14 +98,14 @@ EXE_ENTITLEMENTS_PLIST="${PKG}/bin/entitlements.plist" -# Clean up from previous packaging (not necessary for single builds on Jenkins, -# but useful when testing packaging locally) -echo "Cleaning up existing assets" -rm -rf ${PKG} ${COMPRESSED_PKG} ${NOTARIZATION_LOGFILE_PATH}/${NOTARIZATION_LOGFILE} ${SIGNED_REPO_COPY} ${UNSIGNED_REPO_COPY} -mkdir ${PKG} - # NOTE: Uncomment the following for local testing (Jenkins checks out copy of # repository for unsigned packages to working directory) # -# Check out copy of repository for unsigned packages + +# # Clean up from previous packaging (not necessary for single builds on Jenkins, +# # but useful when testing packaging locally) +# echo "Cleaning up existing assets" +# rm -rf ${COMPRESSED_PKG} ${NOTARIZATION_LOGFILE_PATH}/${NOTARIZATION_LOGFILE} ${UNSIGNED_REPO_COPY} + +# # Check out copy of repository for unsigned packages # echo "Checking out copy of respository for unsigned packages" # svn checkout \ @@ -116,5 +115,8 @@ # --password ${PASSWORD} \ # ${UNSIGNED_REPO_URL} \ -# ${UNSIGNED_REPO_COPY} > /dev/null 2>&1 +# ${UNSIGNED_REPO_COPY} + +rm -rf ${PKG} ${SIGNED_REPO_COPY} + # Extract package contents @@ -255,13 +257,4 @@ fi -# Remove dummy file for retriggering signing/notarization (if it exists) -svn delete ${UNSIGNED_REPO_COPY}/${RETRIGGER_SIGNING_FILE} > /dev/null 2>&1 -svn commit \ - --trust-server-cert \ - --non-interactive \ - --username ${USERNAME} \ - --password ${PASSWORD} \ - --message "DEL: Removing dummy file for retriggering signing of same package" ${UNSIGNED_REPO_COPY} > /dev/null 2>&1 - # Check out copy of repository for signed packages echo "Checking out copy of respository for signed packages" @@ -272,5 +265,5 @@ --password ${PASSWORD} \ ${SIGNED_REPO_URL} \ - ${SIGNED_REPO_COPY} > /dev/null 2>&1 + ${SIGNED_REPO_COPY} # Copy notarization file to repository for signed packages @@ -279,5 +272,5 @@ # Remove lock file from repository for signed packages -svn delete ${SIGNED_REPO_COPY}/${SIGNING_LOCK_FILE} > /dev/null 2>&1 +svn delete ${SIGNED_REPO_COPY}/${SIGNING_LOCK_FILE} if [ ${SUCCESS} -eq 1 ]; then @@ -293,5 +286,5 @@ --username ${USERNAME} \ --password ${PASSWORD} \ - --message "CHG: New signed package (success)" ${SIGNED_REPO_COPY} > /dev/null 2>&1 + --message "CHG: New signed package (success)" ${SIGNED_REPO_COPY} else # Commit changes @@ -302,5 +295,5 @@ --username ${USERNAME} \ --password ${PASSWORD} \ - --message "CHG: New signed package (failure)" ${SIGNED_REPO_COPY} > /dev/null 2>&1 + --message "CHG: New signed package (failure)" ${SIGNED_REPO_COPY} exit 1