Skip to content
[Jenkins]Jenkins
log in

Configure

General

Description
Notarize dmg files on the download server that were previously promoted with <a href="https://ci.eclipse.org/packaging/job/promote-a-build/">https://ci.eclipse.org/packaging/job/promote-a-build/</a> 
or just the ones currently in <a href="https://download.eclipse.org/justj/?file=technology/epp/staging">https://download.eclipse.org/technology/epp/staging/</a>.
Inheritance Strategy
This item will inherit its parent item's permissions (in addition to any permissions granted here). If this item is at the top level in Jenkins, it will inherit the global security security settings.
User/groupCredentialsJobRunJob Config HistoryPromotionSCM
CreateDeleteManageDomainsUpdateViewBuildCancelConfigureDeleteDiscoverExtendedReadMoveReadWorkspaceDeleteReplayUpdateDeleteEntryPromoteTag
Anonymous
Authenticated Users
mikael.barbero@eclipse-foundation.org
mknauer@eclipsesource.com
?
Strategy
Days to keep builds
if not empty, build records are only kept up to this number of days
N/A
Max # of builds to keep
if not empty, only up to this number of build records are kept
10
Edited
Days to keep artifacts
if not empty, artifacts from builds older than this number of days will be deleted, but the logs, history, reports, etc for the build will be kept
N/A
Max # of builds to keep with artifacts
if not empty, only up to this number of builds have their artifacts retained
4
Project url?
N/A
Edited
Display name?
N/A
GitLab Connection
Credential :
?
Promotion process
Name
N/A
Visible?
N/A
Icon
Label Expression?
If not set, the label of the promoted build will be used.
N/A
Criteria
?
Groovy Script
N/A
?
Additional classpath?
Classpath entry
JAR file path or URL?
N/A
Edited
Display label when condition not met
N/A
Display label when condition met
N/A
?
Approvers
N/A
Boolean Parameter ?
Choice Parameter ?
Credentials Parameter ?
File Parameter ?
Git Parameter ?
Multi-line String Parameter
Password Parameter ?
Promoted Build Parameter ?
Run Parameter ?
String Parameter ?
?
?
Parameter Name
N/A
Parameter Value
N/A
?
Job names
N/A
?
Promotion names
N/A
Promotion environment
Edited
Patterns for files to be deleted?
N/A
Apply pattern also on directories?
Check parameter?
N/A
External Deletion Command?
N/A
Disable deferred wipeout?
?
Bindings
Certificate ?
Docker client certificate
Git Username and Password
SSH User Private Key ?
Secret ZIP file ?
Secret file ?
Secret text ?
Username and password (conjoined) ?
Username and password (separated) ?
?
Managed Files
File?
Target?
N/A
Variable?
N/A
File?
Target?
N/A
Variable?
N/A
?
Server authentication token
SonarQube authentication token. Mandatory when anonymous access is disabled. Will default to the one defined in the SonarQube installation.
?
?
Credentials
N/A
N/A
?
Only post commit status of parent matrix job?
Commit Status Context?
N/A
Commit Status URL?
N/A
Commit Status Build Triggered?
N/A
Commit Status Build Started?
N/A
Add test result one liner
Commit Status Build Result?
Build Result?
Message?
N/A
?
Kubernetes server endpoint?
N/A
Certificate of certificate authority ?
N/A
Credentials
Time-out strategy ?
Time-out variable
Set a build timeout environment variable
N/A
Time-out actions?
Abort the build ?
Fail the build ?
Writing the build description ?
?
Ant Version
JDK
Actions
Execute SonarQube Scanner
Execute Windows batch command ?
Execute shell ?
Invoke Ant ?
Invoke top-level Maven targets ?
Provide Configuration files ?
Run with timeout
Set build status to "pending" on GitHub commit
SonarScanner for MSBuild - Begin Analysis ?
SonarScanner for MSBuild - End Analysis ?
Trigger/call builds on other projects
Aggregate downstream test results ?
Archive the artifacts ?
Build other projects ?
Deploy artifacts to Maven repository ?
Discover reference build
Mine SCM repository
Publish JUnit test result report ?
Publish Javadoc
Record compiler warnings and static analysis results
Record fingerprints of files to track usage ?
Git Publisher ?
Github Pull Request Merger
SonarQube analysis with Maven ?
Accept GitLab merge request on success
Add note with build status on GitLab merge requests ?
Add vote for build status on GitLab merge requests
E-mail Notification ?
Editable Email Notification ?
Keep Build Forever ?
Publish build status to GitLab ?
Set GitHub commit status (universal) ?
Set build status on GitHub commit [deprecated] ?
Trigger parameterized build on other projects ?
Delete workspace when build is done
Promotion process
Name
N/A
Visible?
N/A
Icon
Label Expression?
If not set, the label of the promoted build will be used.
N/A
Criteria
?
Groovy Script
N/A
?
Additional classpath?
Classpath entry
JAR file path or URL?
N/A
Edited
Display label when condition not met
N/A
Display label when condition met
N/A
?
Approvers
N/A
Boolean Parameter ?
Choice Parameter ?
Credentials Parameter ?
File Parameter ?
Git Parameter ?
Multi-line String Parameter
Password Parameter ?
Promoted Build Parameter ?
Run Parameter ?
String Parameter ?
?
?
Parameter Name
N/A
Parameter Value
N/A
?
Job names
N/A
?
Promotion names
N/A
Promotion environment
Edited
Patterns for files to be deleted?
N/A
Apply pattern also on directories?
Check parameter?
N/A
External Deletion Command?
N/A
Disable deferred wipeout?
?
Bindings
Certificate ?
Docker client certificate
Git Username and Password
SSH User Private Key ?
Secret ZIP file ?
Secret file ?
Secret text ?
Username and password (conjoined) ?
Username and password (separated) ?
?
Managed Files
File?
Target?
N/A
Variable?
N/A
File?
Target?
N/A
Variable?
N/A
?
Server authentication token
SonarQube authentication token. Mandatory when anonymous access is disabled. Will default to the one defined in the SonarQube installation.
?
?
Credentials
N/A
N/A
?
Only post commit status of parent matrix job?
Commit Status Context?
N/A
Commit Status URL?
N/A
Commit Status Build Triggered?
N/A
Commit Status Build Started?
N/A
Add test result one liner
Commit Status Build Result?
Build Result?
Message?
N/A
?
Kubernetes server endpoint?
N/A
Certificate of certificate authority ?
N/A
Credentials
Time-out strategy ?
Time-out variable
Set a build timeout environment variable
N/A
Time-out actions?
Abort the build ?
Fail the build ?
Writing the build description ?
?
Ant Version
JDK
Actions
Execute SonarQube Scanner
Execute Windows batch command ?
Execute shell ?
Invoke Ant ?
Invoke top-level Maven targets ?
Provide Configuration files ?
Run with timeout
Set build status to "pending" on GitHub commit
SonarScanner for MSBuild - Begin Analysis ?
SonarScanner for MSBuild - End Analysis ?
Trigger/call builds on other projects
Aggregate downstream test results ?
Archive the artifacts ?
Build other projects ?
Deploy artifacts to Maven repository ?
Discover reference build
Mine SCM repository
Publish JUnit test result report ?
Publish Javadoc
Record compiler warnings and static analysis results
Record fingerprints of files to track usage ?
Git Publisher ?
Github Pull Request Merger
SonarQube analysis with Maven ?
Accept GitLab merge request on success
Add note with build status on GitLab merge requests ?
Add vote for build status on GitLab merge requests
E-mail Notification ?
Editable Email Notification ?
Keep Build Forever ?
Publish build status to GitLab ?
Set GitHub commit status (universal) ?
Set build status on GitHub commit [deprecated] ?
Trigger parameterized build on other projects ?
Delete workspace when build is done
Rebuild options:?
Resources?
N/A
Label?
N/A
?
Groovy Script
N/A
?
Additional classpath?
Classpath entry
JAR file path or URL?
N/A
Reserved resources variable name?
N/A
Number of resources to request?
N/A
?
String Parameter ?
Name?
RELEASES_DIR
Default Value?
/home/data/httpd/download.eclipse.org/technology/epp/staging
Description?
Directory to search for *.dmg-tonotarize files to notarize (do NOT use a final slash!)
?
Boolean Parameter ?
Choice Parameter ?
Credentials Parameter ?
File Parameter ?
Git Parameter ?
Multi-line String Parameter
Password Parameter ?
Promoted Build Parameter ?
Run Parameter ?
String Parameter ?
?
Number of builds?
1
Time period?
?
?
JDK
JDK to be used for this project
?
Label Expression?
N/A
Edited
?
Quiet period
Number of seconds
5
?
SCM checkout retry count
2
?
?
?
Directory
N/A
Display Name?
N/A
?
Source Code Management
?
Repositories?
Repository URL?
N/A
Credentials?
Edited
Name?
N/A
Refspec?
N/A
Repository URL?
https://github.com/eclipse-packaging/packages.git
Credentials?
Edited
Name?
origin
Refspec?
+refs/heads/*:refs/remotes/origin/*
Branches to build?
Branch Specifier (blank for 'any')?
*/master
Branch Specifier (blank for 'any')?
master
Repository browser ?
Additional Behaviours
Check out to a sub-directory
Local subdirectory for repo?
org.eclipse.epp.packages
Advanced checkout behaviours
Advanced clone behaviours
Advanced sub-modules behaviours
Build single revision only ?
Calculate changelog against a specific branch ?
Check out to a sub-directory
Check out to specific local branch ?
Clean after checkout ?
Clean before checkout ?
Create a tag for every build ?
Custom SCM name ?
Custom user name/e-mail address
Don't trigger a build on commit notifications ?
Force polling using workspace ?
Git LFS pull after checkout ?
Merge before build ?
Polling ignores commits from certain users
Polling ignores commits in certain paths ?
Polling ignores commits with certain messages
Prune stale remote-tracking branches ?
Prune stale tags
Sparse Checkout paths ?
Strategy for choosing what to build ?
Use commit author in changelog ?
Wipe out repository & force clone ?
Build Triggers
?
Authentication Token
N/A Use the following URL to trigger build remotely: JENKINS_URL/job/notarize-downloads/build?token=TOKEN_NAME or /buildWithParameters?token=TOKEN_NAME
Optionally append &cause=Cause+Text to provide text that will be included in the recorded build cause.
?
Projects to watch
N/A
?
Schedule?
N/A
?
Enabled GitLab triggers
Push Events?
Push Events in case of branch delete?
Opened Merge Request Events?
Build only if new commits were pushed to Merge Request?
Accepted Merge Request Events?
Closed Merge Request Events?
Rebuild open Merge Requests?
Approved Merge Requests (EE-only)?
Comments?
Comment (regex) for triggering a build?
Jenkins please retry a build
Edited
Enable [ci-skip]?
Ignore WIP Merge Requests?
Labels that launch a build if they are added (comma-separated)?
N/A
Set build description to build cause (eg. Merge request or Git Push)?
Build on successful pipeline events
Pending build name for pipeline?
N/A
Cancel pending merge request builds on update?
Allowed branches
?
?
Include
N/A
Exclude
N/A
?
Source Branch Regex
N/A
Target Branch Regex
N/A
Include
N/A
Exclude
N/A
Secret token?
Job Name
N/A
Promotion
GitHub API credentials
Admin list
N/A
Use github hooks for build triggering?
Edited
Trigger phrase?
N/A
Only use trigger phrase for build triggering?
Close failed pull request automatically?
Skip build phrase?
.*\[skip\W+ci\].*
Display build errors on downstream builds?
Crontab line?
H/5 * * * *
White list
N/A
List of organizations. Their members will be whitelisted.
N/A
List of GitHub labels for which the build should not be triggered.
N/A
List of GitHub labels for which the build should only be triggered. (Leave blank for 'any')
N/A
Allow members of whitelisted organizations as admins?
Build every pull request automatically without asking (Dangerous!).?
Build description template?
N/A
Blacklist commit authors?
N/A
Whitelist Target Branches:?
N/A
N/A
Blacklist Target Branches:?
N/A
N/A
Included regions?
N/A
Excluded regions?
N/A
Edited
Trigger Setup
Build Status Messages
Cancel build on update
Comment File
Do not update commit status
Update commit status during build
?
?
Schedule?
N/A
?
Build Environment
Edited
Patterns for files to be deleted?
N/A
Apply pattern also on directories?
Check parameter?
N/A
External Deletion Command?
N/A
Disable deferred wipeout?
?
Bindings
Certificate ?
Docker client certificate
Git Username and Password
SSH User Private Key ?
Secret ZIP file ?
Secret file ?
Secret text ?
Username and password (conjoined) ?
Username and password (separated) ?
?
Managed Files
File?
Target?
N/A
Variable?
N/A
File?
Target?
N/A
Variable?
N/A
?
Server authentication token
SonarQube authentication token. Mandatory when anonymous access is disabled. Will default to the one defined in the SonarQube installation.
?
?
Credentials
N/A
N/A
?
Only post commit status of parent matrix job?
Commit Status Context?
N/A
Commit Status URL?
N/A
Commit Status Build Triggered?
N/A
Commit Status Build Started?
N/A
Add test result one liner
Commit Status Build Result?
Build Result?
Message?
N/A
?
Kubernetes server endpoint?
N/A
Certificate of certificate authority ?
N/A
Credentials
Time-out strategy ?
?
Timeout minutes?
420
Time-out variable
Set a build timeout environment variable
N/A
Time-out actions?
Abort the build ?
Abort the build ?
Fail the build ?
Writing the build description ?
?
Ant Version
JDK
Build Steps
Execute shell ?
Command
See the list of available environment variables
#!/bin/bash

set -u # run with unset flag error so that missing parameters cause build failure
set -e # error out on any failed commands
set -x # echo all commands used for debugging purposes
export PS4='+$$+ ' # add PID to output so that parallel bash process output is easier to follow

SSHUSER="genie.packaging@projects-storage.eclipse.org"
SSH="ssh ${SSHUSER}"
SCP="scp"

#RELEASES_DIR="/home/data/httpd/download.eclipse.org/technology/epp/downloads/release"

# download dmg-tonotarize files
mkdir temp
pushd temp
for path in $( ${SSH} find ${RELEASES_DIR}  -maxdepth 1 -name '*.dmg-tonotarize' )
do
  ${SCP} ${SSHUSER}:${path} .
done
popd

# notarize dmg-tonotarize files
for i in $(find ${WORKSPACE} -name '*.dmg-tonotarize')
do
  DMG_FILE=${i/-tonotarize/}
  LOG=$(basename ${i}).log
  echo "Starting ${DMG_FILE}" >> ${LOG}
  ${WORKSPACE}/org.eclipse.epp.packages/releng/org.eclipse.epp.config/tools/macosx-notarization-single.sh ${DMG_FILE}  |& tee --append ${LOG} &
  sleep 18s # start jobs at a small interval from each other
done

jobs -p
wait < <(jobs -p)

# upload notarized dmg files to their respective folders
pushd temp
for i in $( find * -name '*.dmg' )
do
  ${SCP} ${i}* ${SSHUSER}:${RELEASES_DIR}
  # Save the signed, but unnotarized files. See Bug 575677
  ${SSH} mv ${RELEASES_DIR}/${i}-tonotarize ${RELEASES_DIR}/${i}-signed
  ${SSH} rm ${RELEASES_DIR}/${i}-tonotarize'*'
done
popd 

if [[ -n `find ${WORKSPACE} -name '*.dmg-tonotarize'` ]]; then
  echo "Failed to notarize the following"
  find ${WORKSPACE} -name '*.dmg-tonotarize'
  exit 1
fi
Edited
Exit code to set build unstable?
N/A
Environment filters
Only Keep Specified Environment Variables ?
Conditional step (single) ?
Conditional steps (multiple)
Execute SonarQube Scanner
Execute Windows batch command ?
Execute shell ?
Invoke Ant ?
Invoke top-level Maven targets ?
Provide Configuration files ?
Run with timeout
Set build status to "pending" on GitHub commit
SonarScanner for MSBuild - Begin Analysis ?
SonarScanner for MSBuild - End Analysis ?
Trigger/call builds on other projects
Post-build Actions
Archive the artifacts ?
Files to archive?
*.log
Edited
Excludes?
N/A
?
?
?
?
E-mail Notification ?
Recipients
Whitespace-separated list of recipient addresses. May reference build parameters like $PARAM. E-mail will be sent when a build fails, becomes unstable or returns to stable.
 jonah@kichwacoders.com
?
Aggregate downstream test results ?
Archive the artifacts ?
Build other projects ?
Discover reference build
Mine SCM repository
Publish JUnit test result report ?
Publish Javadoc
Record compiler warnings and static analysis results
Record fingerprints of files to track usage ?
Git Publisher ?
Github Pull Request Merger
SonarQube analysis with Maven ?
Accept GitLab merge request on success
Add note with build status on GitLab merge requests ?
Add vote for build status on GitLab merge requests
E-mail Notification ?
Editable Email Notification ?
Publish build status to GitLab ?
Set GitHub commit status (universal) ?
Set build status on GitHub commit [deprecated] ?
Trigger parameterized build on other projects ?
Delete workspace when build is done