From e31e919e1acbab7f4f3cfe8a970edcfbf43da19f Mon Sep 17 00:00:00 2001 From: Holger Levsen Date: Fri, 16 Oct 2015 15:07:21 +0200 Subject: reproducible: first stab at setting up an archlinux build schroot --- TODO | 29 +++++---------- bin/jenkins_node_wrapper.sh | 2 ++ bin/reproducible_arch_schroot_setup.sh | 64 ++++++++++++++++++++++++++++++++++ job-cfg/reproducible.yaml | 10 ++++++ 4 files changed, 84 insertions(+), 21 deletions(-) create mode 100755 bin/reproducible_arch_schroot_setup.sh diff --git a/TODO b/TODO index 548aa368..7f0da5ac 100644 --- a/TODO +++ b/TODO @@ -293,28 +293,20 @@ properties: ==== reproducible Arch Linux * create a job, to bootstrap an arch schroot: +* use regular maintenace job to update the arch schroot +* create another job, to build a single package and a webpage for it… ---- - curl -O https://mirrors.kernel.org/archlinux/iso/2015.08.01/archlinux-bootstrap-2015.08.01-x86_64.tar.gz - tar xzf archlinux-bootstrap-2015.08.01-x86_64.tar.gz - mv /srv/workspace/arch/root.x86_64/ /schroots/reproducible-arch - sudo vi /etc/schroot/chroot.d/jenkins-reproducible-arch - as jenkins: - schroot --directory /tmp -c source:jenkins-reproducible-arch -u root bash - pacman-key --init - pacman-key --populate archlinux - echo 'Server = http://mirror.one.com/archlinux/$repo/os/$arch' >> /etc/pacman.d/mirrorlist - schroot --directory /tmp -c source:jenkins-reproducible-arch -u root -- pacman -Syu --noconfirm - schroot --directory /tmp -c source:jenkins-reproducible-arch -u root -- pacman -S --noconfirm devtools abs base-devel - schroot --directory /tmp -c source:jenkins-reproducible-arch -u root -- abs - schroot --directory /tmp -c source:jenkins-reproducible-arch mkdir /var/lib/jenkins - schroot --directory /tmp -c source:jenkins-reproducible-arch chown jenkins:jenkins /var/lib/jenkins - schroot --directory /tmp -c source:jenkins-reproducible-arch -- gpg --recv-keys 0x091AB856069AAA1C PKG=sudo schroot --directory /tmp -c source:jenkins-reproducible-arch -- cp -r /var/abs/core/$PKG /tmp schroot --directory /tmp -c source:jenkins-reproducible-arch -- grep ^validpgpkeys= $PKG/PKGBUILD|cut -d "'" -f2|xargs schroot --directory /tmp -c source:jenkins-reproducible-arch -- gpg --recv-keys schroot --directory /tmp/$PKG -c source:jenkins-reproducible-arch -- makepkg --skippgpcheck # YOLO - +---- +* create a simple scheduler and build a few more packages… +** schroot, find packages in /var/abs/core/, schedule those +*** idea: reschedule reverse build depends too +* more random notes: +---- # todo: use -source schroot download bootstrap.tar.gz sig and verify @@ -329,11 +321,6 @@ properties: echo 'keyserver-options auto-key-retrieve' >> ~/.gnupg/gpg.conf patch pacman to create .buildinfo files - or better: wait ---- -* use regular maintenace job to update the arch schroot -* create another job, to build a single package and a webpage for it… -* create a simple scheduler and build a few more packages… -** schroot, find packages in /var/abs/core/, schedule those -*** idea: reschedule reverse build depends too ==== reproducible... diff --git a/bin/jenkins_node_wrapper.sh b/bin/jenkins_node_wrapper.sh index 54acbe03..623981ce 100755 --- a/bin/jenkins_node_wrapper.sh +++ b/bin/jenkins_node_wrapper.sh @@ -99,6 +99,8 @@ elif [[ "$*" =~ reproducible_netbsd ]] ; then exec /srv/jenkins/bin/reproducible_netbsd.sh ; croak "Exec failed"; elif [[ "$*" =~ reproducible_freebsd ]] ; then exec /srv/jenkins/bin/reproducible_freebsd.sh ; croak "Exec failed"; +elif [[ "$*" =~ reproducible_arch_schroot_setup ]] ; then + exec /srv/jenkins/bin/reproducible_arch_schroot_setup.sh ; croak "Exec failed"; elif [ "$*" = "some_jenkins_job_name" ] ; then exec echo run any commands here ; croak "Exec failed"; fi diff --git a/bin/reproducible_arch_schroot_setup.sh b/bin/reproducible_arch_schroot_setup.sh new file mode 100755 index 00000000..023c8a1d --- /dev/null +++ b/bin/reproducible_arch_schroot_setup.sh @@ -0,0 +1,64 @@ +#!/bin/bash + +# Copyright 2015 Holger Levsen +# released under the GPLv=2 + +# +# downloads an arch bootstrap chroot archive, then turns it into an schroot, +# then configures pacman and abs +# + +DEBUG=true +. /srv/jenkins/bin/common-functions.sh +common_init "$@" + +bootstrap() { + echo "$(date -u) - downloading Archlinux bootstrap.tar.gz." + curl -O https://mirrors.kernel.org/archlinux/iso/2015.08.01/archlinux-bootstrap-2015.08.01-x86_64.tar.gz + tar xzf archlinux-bootstrap-2015.08.01-x86_64.tar.gz + mv root.x86_64/ $SCHROOT_TARGET + # write the schroot config + echo "$(date -u ) - writing schroot configuration for $TARGET." + sudo tee /etc/schroot/chroot.d/jenkins-"$TARGET" <<-__END__ + [jenkins-$TARGET] + description=Jenkins schroot $TARGET + directory=$SCHROOT_BASE/$TARGET + type=directory + root-users=jenkins + source-root-users=jenkins + union-type=aufs + __END__ + # finally, put it in place + mv $SCHROOT_TARGET $SCHROOT_BASE/$TARGET +} + +cleanup() { + if [ -d $SCHROOT_TARGET ]; then + sudo rm -rf --one-file-system $SCHROOT_TARGET || ( echo "Warning: $SCHROOT_TARGET could not be fully removed on forced cleanup." ; ls $SCHROOT_TARGET -la ) + fi + rm -f $TMPLOG +} + +SCHROOT_TARGET=$(mktemp -d -p $SCHROOT_BASE/ schroot-install-$TARGET-XXXX) +trap cleanup INT TERM EXIT +TARGET=reproducible-arch +bootstrap +trap - INT TERM EXIT + +ROOTCMD="schroot --directory /tmp -c source:jenkins-reproducible-arch -u root --" +USERCMD="schroot --directory /tmp -c source:jenkins-reproducible-arch -u jenkins --" + +# configure pacman + abs +$ROOTCMD pacman-key --init +$ROOTCMD pacman-key --populate archlinux +echo 'Server = http://mirror.one.com/archlinux/$repo/os/$arch' | sudo tee -a $SCHROOT_BASE/$TARGET/etc/pacman.d/mirrorlist +$ROOTCMD pacman -Syu --noconfirm +$ROOTCMD pacman -S --noconfirm base-devel devtools abs +$ROOTCMD abs + +# configure jenkins user +$USERCMD mkdir /var/lib/jenkins +$USERCMD chown jenkins:jenkins /var/lib/jenkins +$USERCMD gpg --recv-keys 0x091AB856069AAA1C + +echo "schroot $TARGET set up successfully in $SCHROOT_BASE/$TARGET - exiting now." diff --git a/job-cfg/reproducible.yaml b/job-cfg/reproducible.yaml index 2a16623f..37a02222 100644 --- a/job-cfg/reproducible.yaml +++ b/job-cfg/reproducible.yaml @@ -600,6 +600,10 @@ defaults: reproducible_other_projects name: '{name}_freebsd' +- job-template: + defaults: reproducible_other_projects + name: '{name}_arch_schroot_setup' + - project: name: reproducible jobs: @@ -1248,4 +1252,10 @@ my_shell: '/srv/jenkins/bin/reproducible_freebsd.sh' my_recipients: 'qa-jenkins-scm@lists.alioth.debian.org' my_node: '' + - '{name}_arch_schroot_setup': + my_description: 'Setup an Archlinux schroot to test Archlinux packages for reproducibility.' # FIXME: this aint idempotent, so it's only run once a year for now + my_timed: '42 23 1 1 *' + my_shell: '/srv/jenkins/bin/reproducible_arch_schroot_setup.sh' + my_recipients: 'qa-jenkins-scm@lists.alioth.debian.org' + my_node: 'profitbricks3' -- cgit v1.2.3-70-g09d2