release: consume .gitcookies from secret file
Update `gerrit-release.sh` to consume `.gitcookies` from the location
defined in `$GITCOOKIES` instead of assuming it is mounted at
`$HOME/.gitcookies`.
Previously, the file had to be manually mounted as a Docker volume,
which is incompatible with a fully automated release pipeline. With
this change, `.gitcookies` can be provided securely through Jenkins
vault as a secret file, making the release process non-interactive
and more automation-friendly.
Change-Id: I2a4ee480f25015b6df40c3dc6c159f144da11946
diff --git a/jenkins-docker/agent-release/gerrit-release.sh b/jenkins-docker/agent-release/gerrit-release.sh
index 6863d73..edebcb2 100755
--- a/jenkins-docker/agent-release/gerrit-release.sh
+++ b/jenkins-docker/agent-release/gerrit-release.sh
@@ -14,6 +14,8 @@
echo "Example: $0 stable-3.10 3.10.2 3.10.3-SNAPSHOT 3.9.6"
echo ""
echo "Environment variables:"
+ echo "* GITCOOKIES:"
+ echo " Path to a .gitcookies file that will be installed to \$HOME/.gitcookies enabling git authentication"
echo "* GPG_KEY:"
echo " Path to private GPG key to be imported for signing"
echo "* GPG_PASSPHRASE_FILE:"
@@ -48,9 +50,10 @@
cp $HOME/.gitconfig.template $HOME/.gitconfig
fi
-if [ -f $HOME/.gitcookies ]
+if [ -f "$GITCOOKIES" ]
then
echo "Configuring cookiefile..."
+ install -m 600 "$GITCOOKIES" "$HOME/.gitcookies"
git config --global http.cookiefile $HOME/.gitcookies
fi
