You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@bigtop.apache.org by of...@apache.org on 2018/06/06 20:25:45 UTC
bigtop git commit: BIGTOP-3037: Download maven securely
Repository: bigtop
Updated Branches:
refs/heads/master 08af48ece -> 980e1883a
BIGTOP-3037: Download maven securely
Signed-off-by: Olaf Flebbe <of...@oflebbe.de>
Project: http://git-wip-us.apache.org/repos/asf/bigtop/repo
Commit: http://git-wip-us.apache.org/repos/asf/bigtop/commit/980e1883
Tree: http://git-wip-us.apache.org/repos/asf/bigtop/tree/980e1883
Diff: http://git-wip-us.apache.org/repos/asf/bigtop/diff/980e1883
Branch: refs/heads/master
Commit: 980e1883a66256b904cdcd11419f5745880ec55a
Parents: 08af48e
Author: Olaf Flebbe <of...@oflebbe.de>
Authored: Thu May 31 23:16:09 2018 +0200
Committer: Olaf Flebbe <of...@oflebbe.de>
Committed: Wed Jun 6 22:25:26 2018 +0200
----------------------------------------------------------------------
bigtop_toolchain/manifests/ant.pp | 26 +++++++----------------
bigtop_toolchain/manifests/gnupg.pp | 36 ++++++++++++++++++++++++++++++++
bigtop_toolchain/manifests/maven.pp | 22 +++++++++++++------
3 files changed, 59 insertions(+), 25 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/bigtop/blob/980e1883/bigtop_toolchain/manifests/ant.pp
----------------------------------------------------------------------
diff --git a/bigtop_toolchain/manifests/ant.pp b/bigtop_toolchain/manifests/ant.pp
index 16471e5..c378d74 100644
--- a/bigtop_toolchain/manifests/ant.pp
+++ b/bigtop_toolchain/manifests/ant.pp
@@ -14,22 +14,13 @@
# limitations under the License.
class bigtop_toolchain::ant {
+
+ require bigtop_toolchain::gnupg
+
# Ant version restricted to 1.9 because 1.10 supports Java>=8 only.
$ant = latest_ant_binary("1.9.[0-9]*")
$apache_prefix = nearest_apache_mirror()
- case $operatingsystem{
- /(?i:(centos|fedora))/: {
- $pkg = "gnupg2"
- }
- /(?i:(SLES|opensuse))/: {
- $pkg = "gpg2"
- }
- /(Ubuntu|Debian)/: {
- $pkg = "gnupg"
- }
- }
-
exec {"/usr/bin/wget $apache_prefix/ant/binaries/$ant-bin.tar.gz":
cwd => "/usr/src",
unless => "/usr/bin/test -f /usr/src/$ant-bin.tar.gz",
@@ -40,16 +31,13 @@ class bigtop_toolchain::ant {
unless => "/usr/bin/test -f /usr/src/$ant-bin.tar.gz.asc",
} ~>
- package { $pkg:
- } ->
-
- exec {"/usr/bin/gpg -v --verify --auto-key-retrieve --keyserver hkp://keyserver.ubuntu.com:80 $ant-bin.tar.gz.asc":
- cwd => "/usr/src"
+ exec {"/usr/bin/$bigtop_toolchain::gnupg::cmd -v --verify --auto-key-retrieve --keyserver hkp://keyserver.ubuntu.com:80 $ant-bin.tar.gz.asc":
+ cwd => "/usr/src",
} ->
exec {"/bin/tar xvzf /usr/src/$ant-bin.tar.gz":
- cwd => '/usr/local',
- creates => "/usr/local/$ant",
+ cwd => '/usr/local',
+ creates => "/usr/local/$ant",
} ->
file {'/usr/local/ant':
http://git-wip-us.apache.org/repos/asf/bigtop/blob/980e1883/bigtop_toolchain/manifests/gnupg.pp
----------------------------------------------------------------------
diff --git a/bigtop_toolchain/manifests/gnupg.pp b/bigtop_toolchain/manifests/gnupg.pp
new file mode 100644
index 0000000..be76f05
--- /dev/null
+++ b/bigtop_toolchain/manifests/gnupg.pp
@@ -0,0 +1,36 @@
+# Licensed to the Apache Software Foundation (ASF) under one or more
+# contributor license agreements. See the NOTICE file distributed with
+# this work for additional information regarding copyright ownership.
+# The ASF licenses this file to You under the Apache License, Version 2.0
+# (the "License"); you may not use this file except in compliance with
+# the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+class bigtop_toolchain::gnupg {
+
+ case $operatingsystem {
+ /(?i:(centos|fedora))/: {
+ $pkg = "gnupg2"
+ $cmd = "gpg2"
+ }
+ /(?i:(SLES|opensuse))/: {
+ $pkg = "gpg2"
+ $cmd = "gpg"
+ }
+ /(Ubuntu|Debian)/: {
+ $pkg = "gnupg"
+ $cmd = "gpg"
+ }
+ }
+
+ package { $pkg:
+ ensure => installed
+ }
+}
http://git-wip-us.apache.org/repos/asf/bigtop/blob/980e1883/bigtop_toolchain/manifests/maven.pp
----------------------------------------------------------------------
diff --git a/bigtop_toolchain/manifests/maven.pp b/bigtop_toolchain/manifests/maven.pp
index adbb0c8..09c6853 100644
--- a/bigtop_toolchain/manifests/maven.pp
+++ b/bigtop_toolchain/manifests/maven.pp
@@ -14,6 +14,9 @@
# limitations under the License.
class bigtop_toolchain::maven {
+
+ require bigtop_toolchain::gnupg
+
$mvnversion = latest_maven_binary("3.5.[0-9]*")
$mvn = "apache-maven-$mvnversion"
@@ -22,17 +25,24 @@ class bigtop_toolchain::maven {
exec {"/usr/bin/wget $apache_prefix/maven/maven-3/$mvnversion/binaries/$mvn-bin.tar.gz":
cwd => "/usr/src",
unless => "/usr/bin/test -f /usr/src/$mvn-bin.tar.gz",
- }
+ } ~>
+
+ exec {"/usr/bin/wget https://www.apache.org/dist/maven/maven-3/3.5.3/binaries/$mvn-bin.tar.gz.asc":
+ cwd => "/usr/src",
+ unless => "/usr/bin/test -f /usr/src/$mvn-bin.tar.gz.asc",
+ } ~>
+
+ exec {"/usr/bin/$bigtop_toolchain::gnupg::cmd -v --verify --auto-key-retrieve --keyserver hkp://keyserver.ubuntu.com:80 $mvn-bin.tar.gz.asc":
+ cwd => "/usr/src",
+ } ->
exec {"/bin/tar xvzf /usr/src/$mvn-bin.tar.gz":
- cwd => '/usr/local',
- creates => "/usr/local/$mvn",
- require => Exec["/usr/bin/wget $apache_prefix/maven/maven-3/$mvnversion/binaries/$mvn-bin.tar.gz"],
- }
+ cwd => '/usr/local',
+ creates => "/usr/local/$mvn",
+ } ->
file {'/usr/local/maven':
ensure => link,
target => "/usr/local/$mvn",
- require => Exec["/bin/tar xvzf /usr/src/$mvn-bin.tar.gz"],
}
}