From 2b82cf8ef11496021660f3b4a66413b7e749fe95 Mon Sep 17 00:00:00 2001 From: Andrew Leonard Date: Tue, 3 Oct 2023 15:31:55 +0100 Subject: [PATCH] Add JMOD signing retry and check curl rc Signed-off-by: Andrew Leonard --- .../common/openjdk_build_pipeline.groovy | 44 ++++++++++++++++++- 1 file changed, 42 insertions(+), 2 deletions(-) diff --git a/pipelines/build/common/openjdk_build_pipeline.groovy b/pipelines/build/common/openjdk_build_pipeline.groovy index c0eb0c74f..dc6f00a77 100644 --- a/pipelines/build/common/openjdk_build_pipeline.groovy +++ b/pipelines/build/common/openjdk_build_pipeline.groovy @@ -1531,10 +1531,50 @@ class Build { dir=$(dirname "$f") file=$(basename "$f") mv "$f" "${dir}/unsigned_${file}" + success=false if [ "${base_os}" == "mac" ]; then - curl --fail --silent --show-error -o "$f" -F file="@${dir}/unsigned_${file}" -F entitlements="@$ENTITLEMENTS" https://cbi.eclipse.org/macos/codesign/sign + if ! curl --fail --silent --show-error -o "$f" -F file="@${dir}/unsigned_${file}" -F entitlements="@$ENTITLEMENTS" https://cbi.eclipse.org/macos/codesign/sign; then + echo "curl command failed, sign of $f failed" + else + success=true + fi else - curl --fail --silent --show-error -o "$f" -F file="@${dir}/unsigned_${file}" https://cbi.eclipse.org/authenticode/sign + if ! curl --fail --silent --show-error -o "$f" -F file="@${dir}/unsigned_${file}" https://cbi.eclipse.org/authenticode/sign; then + echo "curl command failed, sign of $f failed" + else + success=true + fi + fi + if [ $success == false ]; then + # Retry up to 20 times + max_iterations=20 + iteration=1 + echo "Code Not Signed For File $f" + while [ $iteration -le $max_iterations ] && [ $success = false ]; do + echo $iteration Of $max_iterations + sleep 1 + if [ "${base_os}" == "mac" ]; then + if curl --fail --silent --show-error -o "$f" -F file="@${dir}/unsigned_${file}" -F entitlements="@$ENTITLEMENTS" https://cbi.eclipse.org/macos/codesign/sign; then + success=true + fi + else + if curl --fail --silent --show-error -o "$f" -F file="@${dir}/unsigned_${file}" https://cbi.eclipse.org/authenticode/sign; then + success=true + fi + fi + + if [ $success = false ]; then + echo "curl command failed, $f Failed Signing On Attempt $iteration" + iteration=$((iteration+1)) + if [ $iteration -gt $max_iterations ] + then + echo "Errors Encountered During Signing" + exit 1 + fi + else + echo "$f Signed OK On Attempt $iteration" + fi + done fi chmod --reference="${dir}/unsigned_${file}" "$f" rm -rf "${dir}/unsigned_${file}"