From 46ef5d309cef8bdccd6c26668570430f36a932ff Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Laurent=20P=C3=A9tr=C3=A9?= <laurent.petre@cern.ch>
Date: Mon, 19 Jul 2021 17:39:42 +0200
Subject: [PATCH] Add manual deployment job

---
 .gitlab-ci.yml      | 22 ++++++++++++++++++++++
 .gitlab-ci/utils.sh | 20 ++++++++++++++++++++
 2 files changed, 42 insertions(+)
 create mode 100644 .gitlab-ci/utils.sh

diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index 8e91f3d..d2d4bff 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -1,5 +1,6 @@
 stages:
   - build
+  - deploy
 
 variables:
   GIT_DEPTH: 1
@@ -16,3 +17,24 @@ build:
     expire_in: 1w
     paths:
       - site/
+
+deploy:
+  variables:
+    HOME: /root
+  stage: deploy
+  when: manual
+  only:
+    - /^master$/
+  needs:
+    - build
+  before_script:
+    - source .gitlab-ci/utils.sh
+    - authenticate_krb
+  script:
+    - >
+      rsync -av --delete
+      site/
+      ${SERVICE_ACCOUNT_USERNAME}@lxplus.cern.ch:${EOS_SITE_PATH}/
+  after_script:
+    - source .gitlab-ci/utils.sh
+    - unauthenticate_krb
diff --git a/.gitlab-ci/utils.sh b/.gitlab-ci/utils.sh
new file mode 100644
index 0000000..3980027
--- /dev/null
+++ b/.gitlab-ci/utils.sh
@@ -0,0 +1,20 @@
+authenticate_krb () {
+    local SERVICE_ACCOUNT_PASSWORD=$(echo ${SERVICE_ACCOUNT_PASSWORD} | base64 -d)
+    echo ${SERVICE_ACCOUNT_PASSWORD} | kinit -A -f ${SERVICE_ACCOUNT_USERNAME}@CERN.CH
+
+    mkdir -p ${HOME}/.ssh
+    chmod go-rwx -R ${HOME}/.ssh
+    touch ${HOME}/.ssh/config
+    chmod go-rw ${HOME}/.ssh/config
+    cat<<EOF>${HOME}/.ssh/config
+HashKnownHosts            yes
+StrictHostKeyChecking     no
+GSSAPIAuthentication      yes
+GSSAPITrustDNS            yes
+GSSAPIDelegateCredentials yes
+EOF
+}
+
+unauthenticate_krb () {
+    kdestroy
+}
-- 
GitLab