jenkins: using build_user and sshagent for sync-ing yocto downloads

our AD user 'build_user' was adapted for having an SSH key. Jenkins was configured to have this user with its key under Credentials so that the sshagent could be used. This way seems to be the most secure way performing ssh connections. BugzID: 71491 Signed-off-by: Marc Mattmueller <marc.mattmueller@netmodule.com>
2021-05-06 12:00:52 +02:00 · 2021-05-06 12:00:52 +02:00 · 69eec3c790
parent 9a3028afaa
commit 69eec3c790
1 changed files with 6 additions and 4 deletions
--- a/10
+++ b/10
@ -27,7 +27,7 @@ pipeline {
    SUBMODULE_VERION_FILE = "submodule_revisions"
    AUTOREV_VERSION_FILE = "autorev_revisions.inc"

-    BINARY_STORAGE_URL = "http://nmrepo.netmodule.intranet/src/yocto-downloads/"
+    BINARY_STORAGE_URL = "http://nmrepo.netmodule.intranet/src/yocto-downloads"
  }

  options {
@ -173,14 +173,13 @@ def cleanupDistroVersion() {

 def syncSources(src, dst) {
  def hasSrcUrl = (src.contains("http"))
-  def syncCmd = "rsync -avz -e \"ssh\""
  def from = src
  def to = dst

  // convert the URL into ssh syntax:
  def url = (hasSrcUrl) ? src : dst
  String[] repoParts = url.split("//")[1].split("/")
-  repoParts[0] = "jenkins@" + repoParts[0] + ":/repo/repo"
+  repoParts[0] = "build_user@" + repoParts[0] + ":/repo/repo"
  sshSrc = repoParts.join("/")

  if(hasSrcUrl) {
@ -191,7 +190,10 @@ def syncSources(src, dst) {
    println "putting data to server..."
    to = sshSrc
  }
-  sh(script: "${syncCmd} ${from}/ ${to}")
+
+  sshagent (credentials: ['7767e711-08a4-4c71-b080-197253dd7392']) {
+    sh "rsync -auvz --ignore-existing -e \"ssh\" ${from}/* ${to}"
+  }
 }