diff --git a/tools/release/Dockerfile b/tools/release/Dockerfile index e76e9e357a..2eebbc0418 100644 --- a/tools/release/Dockerfile +++ b/tools/release/Dockerfile @@ -54,6 +54,12 @@ RUN rpm -Uvh https://packages.microsoft.com/config/centos/7/packages-microsoft-p # Trigger first run experience by running arbitrary cmd RUN dotnet --info +# Openssl 1.1 +RUN yum -y update \ +&& yum -y install epel-release \ +&& yum repolist \ +&& yum -y install openssl11 + ENV TZ=America/Los_Angeles RUN ln -snf /usr/share/zoneinfo/$TZ /etc/localtime && echo $TZ > /etc/timezone diff --git a/tools/release/build_delivery_linux.sh b/tools/release/build_delivery_linux.sh index 0c7cea121e..058aaf9780 100755 --- a/tools/release/build_delivery_linux.sh +++ b/tools/release/build_delivery_linux.sh @@ -84,7 +84,12 @@ function build_dotnet() { # Install .Net SNK echo -n "Install .Net SNK..." | tee -a build.log - openssl aes-256-cbc -iter 42 -pass pass:"$ORTOOLS_TOKEN" \ + local OPENSSL_PRG=openssl + if [ -x "$(command -v openssl11)" ]; then + OPENSSL_PRG=openssl11 + fi + + $OPENSSL_PRG aes-256-cbc -iter 42 -pass pass:"$ORTOOLS_TOKEN" \ -in "${RELEASE_DIR}"/or-tools.snk.enc \ -out "${ROOT_DIR}"/export/or-tools.snk -d DOTNET_SNK=export/or-tools.snk @@ -125,21 +130,24 @@ function build_java() { command -v mvn | xargs echo "mvn: " | tee -a build.log fi # Maven central need gpg sign and we store the release key encoded using openssl - command -v openssl - command -v openssl | xargs echo "openssl: " | tee -a build.log + local OPENSSL_PRG=openssl + if [ -x "$(command -v openssl11)" ]; then + OPENSSL_PRG=openssl11 + fi + command -v $OPENSSL_PRG | xargs echo "openssl: " | tee -a build.log command -v gpg command -v gpg | xargs echo "gpg: " | tee -a build.log # Install Java GPG echo -n "Install Java GPG..." | tee -a build.log - openssl aes-256-cbc -iter 42 -pass pass:"$ORTOOLS_TOKEN" -in tools/release/private-key.gpg.enc -out private-key.gpg -d + $OPENSSL_PRG aes-256-cbc -iter 42 -pass pass:"$ORTOOLS_TOKEN" -in tools/release/private-key.gpg.enc -out private-key.gpg -d gpg --batch --import private-key.gpg # Don't need to trust the key #expect -c "spawn gpg --edit-key "corentinl@google.com" trust quit; send \"5\ry\r\"; expect eof" # Install the maven settings.xml having the GPG passphrase mkdir -p ~/.m2 - openssl aes-256-cbc -iter 42 -pass pass:"$ORTOOLS_TOKEN" -in tools/release/settings.xml.enc -out ~/.m2/settings.xml -d + $OPENSSL_PRG aes-256-cbc -iter 42 -pass pass:"$ORTOOLS_TOKEN" -in tools/release/settings.xml.enc -out ~/.m2/settings.xml -d echo "DONE" | tee -a build.log # Clean java diff --git a/tools/release/publish_delivery_linux.sh b/tools/release/publish_delivery_linux.sh index 6b0322808e..63d487afd6 100755 --- a/tools/release/publish_delivery_linux.sh +++ b/tools/release/publish_delivery_linux.sh @@ -59,10 +59,13 @@ function publish_java() { java -version 2>&1 | head -n 1 | grep -q "1.8" fi # Maven central need gpg sign and we store the release key encoded using openssl - command -v openssl - command -v openssl | xargs echo "openssl: " | tee -a publish.log + local OPENSSL_PRG=openssl + if [ -x "$(command -v openssl11)" ]; then + OPENSSL_PRG=openssl11 + fi + command -v $OPENSSL_PRG | xargs echo "openssl: " | tee -a build.log command -v gpg - command -v gpg | xargs echo "gpg: " | tee -a publish.log + command -v gpg | xargs echo "gpg: " | tee -a build.log echo -n "Publish Java..." | tee -a publish.log make publish_java_runtime -l 4 UNIX_PYTHON_VER=3.9