particle-os/debian-koji-osbuild
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
debian-koji-osbuild/schutzbot/deploy.sh
Christian Kellner 00cffce22f schutzbot: use predictable dnf repo 
Now that osbuild and osbuild-composer use predictable destinations
for their dnf repositories, those can be used and auto-generated
from the environment and a specific git commit (identified by
the hash).
This will make updating easier, because the only thing we need to
change is the commit hash.
For osbuild-composer the latest release is used, for osbuild the
predictable repos were introduced after the latest release, so
the commit that introduced the feature is used.
2020-11-16 19:43:26 +01:00

92 lines
3.1 KiB
Bash
Executable file
Raw Blame History

#!/bin/bash
set -euxo pipefail
function retry {
local count=0
local retries=5
until "$@"; do
exit=$?
count=$(($count + 1))
if [[ $count -lt $retries ]]; then
echo "Retrying command..."
sleep 1
else
echo "Command failed after ${retries} retries. Giving up."
return $exit
fi
done
return 0
}
# Variables for where to find osbuild-composer RPMs to test against
DNF_REPO_BASEURL=http://osbuild-composer-repos.s3-website.us-east-2.amazonaws.com
OSBUILD_COMMIT=f5bfb22355befeddfc4f313b753f81fe919b8e98 # main as of Sun Nov 15 11:10:09 2020
OSBUILD_COMPOSER_COMMIT=692a8076bb4bf38dae05ce99631ebcdd3f0ab054 # release 24
# Get OS details.
source /etc/os-release
ARCH=$(uname -m)
# Koji is only available in EPEL for RHEL.
if [[ $ID == rhel ]] && ! rpm -q epel-release; then
curl -Ls --retry 5 --output /tmp/epel.rpm \
https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm
sudo rpm -Uvh /tmp/epel.rpm
fi
# Register RHEL if we are provided with a registration script.
if [[ -n "${RHN_REGISTRATION_SCRIPT:-}" ]] && ! sudo subscription-manager status; then
sudo chmod +x $RHN_REGISTRATION_SCRIPT
sudo $RHN_REGISTRATION_SCRIPT
fi
# Restart systemd to work around some Fedora issues in cloud images.
sudo systemctl restart systemd-journald
# Remove Fedora's modular repositories to speed up dnf.
sudo rm -f /etc/yum.repos.d/fedora*modular*
# Enable fastestmirror and disable weak dependency installation to speed up
# dnf operations.
echo -e "fastestmirror=1\ninstall_weak_deps=0" | sudo tee -a /etc/dnf/dnf.conf
# Ensure we are using the latest dnf since early revisions of Fedora 31 had
# some dnf repo priority bugs like BZ 1733582.
# NOTE(mhayden): We can exclude kernel updates here to save time with dracut
# and module updates. The system will not be rebooted in CI anyway, so a
# kernel update is not needed.
if [[ $ID == fedora ]]; then
sudo dnf -y upgrade --exclude kernel --exclude kernel-core
fi
# Add osbuild team ssh keys.
cat schutzbot/team_ssh_keys.txt | tee -a ~/.ssh/authorized_keys > /dev/null
# Set up a dnf repository for the RPMs we built via mock.
sudo cp mock.repo /etc/yum.repos.d/
# Set up dnf repositories with the RPMs we want to test
sudo tee /etc/yum.repos.d/osbuild.repo << EOF
[osbuild]
name=osbuild ${GIT_COMMIT}
baseurl=${DNF_REPO_BASEURL}/osbuild/${ID}-${VERSION_ID}/${ARCH}/${OSBUILD_COMMIT}
enabled=1
gpgcheck=0
# Default dnf repo priority is 99. Lower number means higher priority.
priority=5
[osbuild-composer]
name=osbuild-composer ${OSBUILD_COMPOSER_COMMIT}
baseurl=${DNF_REPO_BASEURL}/osbuild-composer/${ID}-${VERSION_ID}/${ARCH}/${OSBUILD_COMPOSER_COMMIT}
enabled=1
gpgcheck=0
# Give this a slightly lower priority, because we used to have osbuild in this repo as well.
priority=10
EOF
# Install the Image Builder packages and the koji cli plugin.
retry sudo dnf -y install osbuild-composer koji-osbuild-cli
# Start services.
sudo systemctl enable --now osbuild-composer.socket
sudo systemctl enable --now osbuild-composer-api.socket
Reference in a new issue View git blame Copy permalink