particle-os/debian-forge-composer
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
debian-forge-composer/schutzbot/deploy.sh
Ondřej Budai 3ec917062f ci: upload rpms built in RHEL 8 CDN buildroot into rhel-8-cdn directory 
Let's explain how RPMs for RHEL are built:

We use a subscribed RHEL 8.x machine and mock build these on it. Mock
initializes its own buildroot based on the latest RHEL 8 CDN content, see[1].
This means that the minor version of the buildroot is independent of the minor
version of the host.

However, we currently upload RPMs to a directory whose name consists also of
the minor version of the host. Our hosts are currently running RHEL 8.3 so
the RPMs are uploaded into rhel-8.3 directory despite them being built in the
RHEL 8.4 buildroot (RHEL 8 CDN buildroot specifically). This means that
we cannot guarantee that they are installable on RHEL 8.3 which is weird.

This commit adds a special case for hosts that run on subscribed RHEL and
thus build RPMs in a buildroot constructed from RHEL CDN. These RPMs are
now uploaded into rhel-8-cdn directory. This change more accurately reflects
the way we build our RPMs and removes some confusion.

Also, we need to bump osbuild commit so we have a version that already has
the rhel-8-cdn change in it.

[1]: https://github.com/rpm-software-management/mock/blob/main/mock-core-configs/etc/mock/templates/rhel-8.tpl#L37

Signed-off-by: Ondřej Budai <ondrej@budai.cz>
2021-07-21 20:02:03 +02:00

121 lines
3.8 KiB
Bash
Executable file
Raw Blame History

#!/bin/bash
set -euxo pipefail
# The project whose -tests package is installed.
#
# If it is osbuild-composer (the default), it is pulled from the same
# repository as the osbuild-composer under test. For all other projects, the
# "dependants" key in Schutzfile is consulted to determine the repository to
# pull the -test package from.
PROJECT=${1:-osbuild-composer}
# Colorful output.
function greenprint {
echo -e "\033[1;32m${1}\033[0m"
}
function retry {
local count=0
local retries=5
until "$@"; do
exit=$?
count=$((count + 1))
if [[ $count -lt $retries ]]; then
echo "Retrying command..."
sleep 1
else
echo "Command failed after ${retries} retries. Giving up."
return $exit
fi
done
return 0
}
function setup_repo {
local project=$1
local commit=$2
local priority=${3:-10}
greenprint "Setting up dnf repository for ${project} ${commit}"
sudo tee "/etc/yum.repos.d/${project}.repo" << EOF
[${project}]
name=${project} ${commit}
baseurl=http://osbuild-composer-repos.s3-website.us-east-2.amazonaws.com/${project}/${DISTRO_VERSION}/${ARCH}/${commit}
enabled=1
gpgcheck=0
priority=${priority}
EOF
}
# Get OS details.
source /etc/os-release
ARCH=$(uname -m)
if [[ $ID == "rhel" && $VERSION_ID == "8.3" && -n "${RHN_REGISTRATION_SCRIPT:-}" ]] && ! sudo subscription-manager status; then
greenprint "Registering RHEL"
sudo chmod +x "$RHN_REGISTRATION_SCRIPT"
sudo "$RHN_REGISTRATION_SCRIPT"
fi
# Distro version that this script is running on.
DISTRO_VERSION=${ID}-${VERSION_ID}
if [[ "$ID" == rhel ]] && sudo subscription-manager status; then
# If this script runs on subscribed RHEL, install content built using CDN
# repositories.
DISTRO_VERSION=rhel-${VERSION_ID%.*}-cdn
fi
greenprint "Enabling fastestmirror to speed up dnf 🏎️"
echo -e "fastestmirror=1" | sudo tee -a /etc/dnf/dnf.conf
greenprint "Adding osbuild team ssh keys"
cat schutzbot/team_ssh_keys.txt | tee -a ~/.ssh/authorized_keys > /dev/null
# TODO: include this in the jenkins runner (and split test/target machines out)
sudo dnf -y install jq
# fallback for gitlab
GIT_COMMIT="${GIT_COMMIT:-${CI_COMMIT_SHA}}"
setup_repo osbuild-composer "${GIT_COMMIT}" 5
OSBUILD_GIT_COMMIT=$(cat Schutzfile | jq -r '.["'"${ID}-${VERSION_ID}"'"].dependencies.osbuild.commit')
if [[ "${OSBUILD_GIT_COMMIT}" != "null" ]]; then
setup_repo osbuild "${OSBUILD_GIT_COMMIT}" 10
fi
if [[ "$PROJECT" != "osbuild-composer" ]]; then
PROJECT_COMMIT=$(jq -r ".[\"${ID}-${VERSION_ID}\"].dependants[\"${PROJECT}\"].commit" Schutzfile)
setup_repo "${PROJECT}" "${PROJECT_COMMIT}" 10
# Get a list of packages needed to be preinstalled before "${PROJECT}-tests".
# Useful mainly for EPEL.
PRE_INSTALL_PACKAGES=$(jq -r ".[\"${ID}-${VERSION_ID}\"].dependants[\"${PROJECT}\"].pre_install_packages[]?" Schutzfile)
if [ "${PRE_INSTALL_PACKAGES}" ]; then
# shellcheck disable=SC2086 # We need to pass multiple arguments here.
sudo dnf -y install ${PRE_INSTALL_PACKAGES}
fi
fi
if [ -f "rhel8internal.repo" ]; then
greenprint "Preparing repos for internal build testing"
sudo mv rhel8internal.repo /etc/yum.repos.d/
# Use osbuild from schutzfile if desired for testing custom osbuild-composer packages
# specified by $REPO_URL in ENV and used in prepare-rhel-internal.sh
if [ "$SCHUTZ_OSBUILD" == 1 ]; then
sudo rm -f /etc/yum.repos.d/osbuild-composer.repo
else
sudo rm -f /etc/yum.repos.d/osbuild*.repo
fi
fi
greenprint "Installing test packages for ${PROJECT}"
# Note: installing only -tests to catch missing dependencies
retry sudo dnf -y install "${PROJECT}-tests"
if [ -n "${CI}" ]; then
# copy repo files b/c GitLab can't upload artifacts
# which are outside the build directory
cp /etc/yum.repos.d/*.repo "$(pwd)"
fi
Reference in a new issue View git blame Copy permalink