summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorHolger Levsen <holger@layer-acht.org>2015-10-16 15:07:21 +0200
committerHolger Levsen <holger@layer-acht.org>2015-10-16 15:07:21 +0200
commite31e919e1acbab7f4f3cfe8a970edcfbf43da19f (patch)
tree4228d5b88ef733bfa5477e654f527498a5bd0b9b
parent01f43b9f93b2d19e4dd1ab34d3126be9bcab224d (diff)
downloadjenkins.debian.net-e31e919e1acbab7f4f3cfe8a970edcfbf43da19f.tar.xz
reproducible: first stab at setting up an archlinux build schroot
-rw-r--r--TODO29
-rwxr-xr-xbin/jenkins_node_wrapper.sh2
-rwxr-xr-xbin/reproducible_arch_schroot_setup.sh64
-rw-r--r--job-cfg/reproducible.yaml10
4 files changed, 84 insertions, 21 deletions
diff --git a/TODO b/TODO
index 548aa368..7f0da5ac 100644
--- a/TODO
+++ b/TODO
@@ -293,28 +293,20 @@ properties:
==== reproducible Arch Linux
* create a job, to bootstrap an arch schroot:
+* use regular maintenace job to update the arch schroot
+* create another job, to build a single package and a webpage for it…
----
- curl -O https://mirrors.kernel.org/archlinux/iso/2015.08.01/archlinux-bootstrap-2015.08.01-x86_64.tar.gz
- tar xzf archlinux-bootstrap-2015.08.01-x86_64.tar.gz
- mv /srv/workspace/arch/root.x86_64/ /schroots/reproducible-arch
- sudo vi /etc/schroot/chroot.d/jenkins-reproducible-arch
- as jenkins:
- schroot --directory /tmp -c source:jenkins-reproducible-arch -u root bash
- pacman-key --init
- pacman-key --populate archlinux
- echo 'Server = http://mirror.one.com/archlinux/$repo/os/$arch' >> /etc/pacman.d/mirrorlist
- schroot --directory /tmp -c source:jenkins-reproducible-arch -u root -- pacman -Syu --noconfirm
- schroot --directory /tmp -c source:jenkins-reproducible-arch -u root -- pacman -S --noconfirm devtools abs base-devel
- schroot --directory /tmp -c source:jenkins-reproducible-arch -u root -- abs
- schroot --directory /tmp -c source:jenkins-reproducible-arch mkdir /var/lib/jenkins
- schroot --directory /tmp -c source:jenkins-reproducible-arch chown jenkins:jenkins /var/lib/jenkins
- schroot --directory /tmp -c source:jenkins-reproducible-arch -- gpg --recv-keys 0x091AB856069AAA1C
PKG=sudo
schroot --directory /tmp -c source:jenkins-reproducible-arch -- cp -r /var/abs/core/$PKG /tmp
schroot --directory /tmp -c source:jenkins-reproducible-arch -- grep ^validpgpkeys= $PKG/PKGBUILD|cut -d "'" -f2|xargs schroot --directory /tmp -c source:jenkins-reproducible-arch -- gpg --recv-keys
schroot --directory /tmp/$PKG -c source:jenkins-reproducible-arch -- makepkg --skippgpcheck # YOLO
-
+----
+* create a simple scheduler and build a few more packages…
+** schroot, find packages in /var/abs/core/, schedule those
+*** idea: reschedule reverse build depends too
+* more random notes:
+----
# todo:
use -source schroot
download bootstrap.tar.gz sig and verify
@@ -329,11 +321,6 @@ properties:
echo 'keyserver-options auto-key-retrieve' >> ~/.gnupg/gpg.conf
patch pacman to create .buildinfo files - or better: wait
----
-* use regular maintenace job to update the arch schroot
-* create another job, to build a single package and a webpage for it…
-* create a simple scheduler and build a few more packages…
-** schroot, find packages in /var/abs/core/, schedule those
-*** idea: reschedule reverse build depends too
==== reproducible...
diff --git a/bin/jenkins_node_wrapper.sh b/bin/jenkins_node_wrapper.sh
index 54acbe03..623981ce 100755
--- a/bin/jenkins_node_wrapper.sh
+++ b/bin/jenkins_node_wrapper.sh
@@ -99,6 +99,8 @@ elif [[ "$*" =~ reproducible_netbsd ]] ; then
exec /srv/jenkins/bin/reproducible_netbsd.sh ; croak "Exec failed";
elif [[ "$*" =~ reproducible_freebsd ]] ; then
exec /srv/jenkins/bin/reproducible_freebsd.sh ; croak "Exec failed";
+elif [[ "$*" =~ reproducible_arch_schroot_setup ]] ; then
+ exec /srv/jenkins/bin/reproducible_arch_schroot_setup.sh ; croak "Exec failed";
elif [ "$*" = "some_jenkins_job_name" ] ; then
exec echo run any commands here ; croak "Exec failed";
fi
diff --git a/bin/reproducible_arch_schroot_setup.sh b/bin/reproducible_arch_schroot_setup.sh
new file mode 100755
index 00000000..023c8a1d
--- /dev/null
+++ b/bin/reproducible_arch_schroot_setup.sh
@@ -0,0 +1,64 @@
+#!/bin/bash
+
+# Copyright 2015 Holger Levsen <holger@layer-acht.org>
+# released under the GPLv=2
+
+#
+# downloads an arch bootstrap chroot archive, then turns it into an schroot,
+# then configures pacman and abs
+#
+
+DEBUG=true
+. /srv/jenkins/bin/common-functions.sh
+common_init "$@"
+
+bootstrap() {
+ echo "$(date -u) - downloading Archlinux bootstrap.tar.gz."
+ curl -O https://mirrors.kernel.org/archlinux/iso/2015.08.01/archlinux-bootstrap-2015.08.01-x86_64.tar.gz
+ tar xzf archlinux-bootstrap-2015.08.01-x86_64.tar.gz
+ mv root.x86_64/ $SCHROOT_TARGET
+ # write the schroot config
+ echo "$(date -u ) - writing schroot configuration for $TARGET."
+ sudo tee /etc/schroot/chroot.d/jenkins-"$TARGET" <<-__END__
+ [jenkins-$TARGET]
+ description=Jenkins schroot $TARGET
+ directory=$SCHROOT_BASE/$TARGET
+ type=directory
+ root-users=jenkins
+ source-root-users=jenkins
+ union-type=aufs
+ __END__
+ # finally, put it in place
+ mv $SCHROOT_TARGET $SCHROOT_BASE/$TARGET
+}
+
+cleanup() {
+ if [ -d $SCHROOT_TARGET ]; then
+ sudo rm -rf --one-file-system $SCHROOT_TARGET || ( echo "Warning: $SCHROOT_TARGET could not be fully removed on forced cleanup." ; ls $SCHROOT_TARGET -la )
+ fi
+ rm -f $TMPLOG
+}
+
+SCHROOT_TARGET=$(mktemp -d -p $SCHROOT_BASE/ schroot-install-$TARGET-XXXX)
+trap cleanup INT TERM EXIT
+TARGET=reproducible-arch
+bootstrap
+trap - INT TERM EXIT
+
+ROOTCMD="schroot --directory /tmp -c source:jenkins-reproducible-arch -u root --"
+USERCMD="schroot --directory /tmp -c source:jenkins-reproducible-arch -u jenkins --"
+
+# configure pacman + abs
+$ROOTCMD pacman-key --init
+$ROOTCMD pacman-key --populate archlinux
+echo 'Server = http://mirror.one.com/archlinux/$repo/os/$arch' | sudo tee -a $SCHROOT_BASE/$TARGET/etc/pacman.d/mirrorlist
+$ROOTCMD pacman -Syu --noconfirm
+$ROOTCMD pacman -S --noconfirm base-devel devtools abs
+$ROOTCMD abs
+
+# configure jenkins user
+$USERCMD mkdir /var/lib/jenkins
+$USERCMD chown jenkins:jenkins /var/lib/jenkins
+$USERCMD gpg --recv-keys 0x091AB856069AAA1C
+
+echo "schroot $TARGET set up successfully in $SCHROOT_BASE/$TARGET - exiting now."
diff --git a/job-cfg/reproducible.yaml b/job-cfg/reproducible.yaml
index 2a16623f..37a02222 100644
--- a/job-cfg/reproducible.yaml
+++ b/job-cfg/reproducible.yaml
@@ -600,6 +600,10 @@
defaults: reproducible_other_projects
name: '{name}_freebsd'
+- job-template:
+ defaults: reproducible_other_projects
+ name: '{name}_arch_schroot_setup'
+
- project:
name: reproducible
jobs:
@@ -1248,4 +1252,10 @@
my_shell: '/srv/jenkins/bin/reproducible_freebsd.sh'
my_recipients: 'qa-jenkins-scm@lists.alioth.debian.org'
my_node: ''
+ - '{name}_arch_schroot_setup':
+ my_description: 'Setup an Archlinux schroot to test Archlinux packages for reproducibility.' # FIXME: this aint idempotent, so it's only run once a year for now
+ my_timed: '42 23 1 1 *'
+ my_shell: '/srv/jenkins/bin/reproducible_arch_schroot_setup.sh'
+ my_recipients: 'qa-jenkins-scm@lists.alioth.debian.org'
+ my_node: 'profitbricks3'