particle-os/debian-forge
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
debian-forge/schutzbot/deploy.sh
Ondřej Budai 8396e73372 ci: upload rpms built in RHEL 8 CDN buildroot into rhel-8-cdn directory 
Let's explain how RPMs for RHEL are built:

We use a subscribed RHEL 8.x machine and mock build these on it. Mock
initializes its own buildroot based on the latest RHEL 8 CDN content, see[1].
This means that the minor version of the buildroot is independent of the minor
version of the host.

However, we currently upload RPMs to a directory whose name consists also of
the minor version of the host. Our hosts are currently running RHEL 8.3 so
the RPMs are uploaded into rhel-8.3 directory despite them being built in the
RHEL 8.4 buildroot (RHEL 8 CDN buildroot specifically). This means that
we cannot guarantee that they are installable on RHEL 8.3 which is weird.

This commit adds a special case for hosts that run on subscribed RHEL and
thus build RPMs in a buildroot constructed from RHEL CDN. These RPMs are
now uploaded into rhel-8-cdn directory. This change more accurately reflects
the way we build our RPMs and removes some confusion.

[1]: https://github.com/rpm-software-management/mock/blob/main/mock-core-configs/etc/mock/templates/rhel-8.tpl#L37
2021-07-12 19:02:21 +02:00

63 lines
2.1 KiB
Bash
Executable file
Raw Blame History

#!/bin/bash
set -euxo pipefail
DNF_REPO_BASEURL=http://osbuild-composer-repos.s3.amazonaws.com
# The osbuild-composer commit to run reverse-dependency test against.
# Currently: ci: remove EXTRA_REPO_PATH_SEGMENT
OSBUILD_COMPOSER_COMMIT=cca5c9fd4002a02ae509416a6cbc3e60e697e6dd
# Get OS details.
source /etc/os-release
ARCH=$(uname -m)
# Register RHEL if we are provided with a registration script and intend to do that.
REGISTER="${REGISTER:-'false'}"
if [[ $REGISTER == "true" && -n "${RHN_REGISTRATION_SCRIPT:-}" ]] && ! sudo subscription-manager status; then
sudo chmod +x $RHN_REGISTRATION_SCRIPT
sudo $RHN_REGISTRATION_SCRIPT
fi
# Add osbuild team ssh keys.
cat schutzbot/team_ssh_keys.txt | tee -a ~/.ssh/authorized_keys > /dev/null
# Distro version that this script is running on.
DISTRO_VERSION=${ID}-${VERSION_ID}
if [[ "$ID" == rhel ]] && sudo subscription-manager status; then
# If this script runs on subscribed RHEL, install content built using CDN
# repositories.
DISTRO_VERSION=rhel-${VERSION_ID%.*}-cdn
fi
# Set up dnf repositories with the RPMs we want to test
# TODO: use DISTRO_VERSION also for osbuild-composer (not yet supported though)
sudo tee /etc/yum.repos.d/osbuild.repo << EOF
[osbuild]
name=osbuild ${CI_COMMIT_SHA}
baseurl=${DNF_REPO_BASEURL}/osbuild/${DISTRO_VERSION}/${ARCH}/${CI_COMMIT_SHA}
enabled=1
gpgcheck=0
# Default dnf repo priority is 99. Lower number means higher priority.
priority=5
[osbuild-composer]
name=osbuild-composer ${OSBUILD_COMPOSER_COMMIT}
baseurl=${DNF_REPO_BASEURL}/osbuild-composer/${ID}-${VERSION_ID}/${ARCH}/${OSBUILD_COMPOSER_COMMIT}
enabled=1
gpgcheck=0
# Give this a slightly lower priority, because we used to have osbuild in this repo as well.
priority=10
EOF
if [[ $ID == rhel ]]; then
# Set up EPEL repository (for ansible and koji)
sudo dnf install -y https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm
fi
# Install the Image Builder packages.
# Note: installing only -tests to catch missing dependencies
sudo dnf -y install osbuild-composer-tests
# Set up a directory to hold repository overrides.
sudo mkdir -p /etc/osbuild-composer/repositories
Reference in a new issue View git blame Copy permalink