summaryrefslogtreecommitdiff
path: root/templates/alpine.run
blob: 6811191cd4974d322f7f6ed6da248e20cdefb06e (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
#!/bin/sh
# vim: ft=sh
. "$(dirname "$(readlink -f "$0")")/../job.common"

# Lock for execution
if [ "$1" != "--locked" ]; then
	exec flock --exclusive "$WORKSPACE/root.lock" "$0" --locked "$@"
fi
shift # Shift --locked

if [ -n "$CLEAN_ROOT" ]; then
	echo_stage "Remove root"
	uroot rm -rf "$WORKSPACE/root"
fi
if [ -n "$CLEAN" ]; then
	echo_stage "Remove packages"
	uroot rm -rf "$WORKSPACE/packages"
	echo_stage "Remove distfiles"
	uroot rm -rf "$WORKSPACE/distfiles"
fi

[ -n "$ARCH" ] || echo_fail "Variable ARCH has to be defined in configuration for job."
export ROOT="$WORKSPACE/root"
export MOUNT="$TWORKSPACE/distfiles:/var/cache/distfiles
$WORKSPACE/packages:/build/packages"
mkdir -p "$TWORKSPACE/distfiles" "$WORKSPACE/packages"

if [ ! -d "$ROOT" ]; then
	# Prepare new root if there is none
	rootfs="$(curl "http://dl-cdn.alpinelinux.org/alpine/edge/releases/$ARCH/latest-releases.yaml" | \
		yq -r 'map(select(.flavor == "alpine-minirootfs")) | .[0].file')"
	echo_stage "Setting up new root"
	wget "http://dl-cdn.alpinelinux.org/alpine/edge/releases/$ARCH/$rootfs" -O alpine.tar.gz
	# TODO verify signature
	mkdir "$ROOT"
	uroot tar -xzf alpine.tar.gz -C "$ROOT"
	chmod 755 "$ROOT" # This is intentional, tar changes access rights
	MOUNT="" uchroot root <<EOF
		set -e
		apk update
		apk add alpine-sdk lua-aports
		adduser -s /bin/sh -D -h /build build
		addgroup build abuild
		su -l build -c 'mkdir .abuild aports packages'
		su -l build -c 'echo "PACKAGER_PRIVKEY=\"/build/.abuild/cynerd@email.cz-5b8aeb6d.rsa\"" > .abuild/abuild.conf'
EOF
	uroot cp ~/keys/alpinelinux.rsa.key "$ROOT/build/.abuild/cynerd@email.cz-5b8aeb6d.rsa"
	uroot cp ~/keys/alpinelinux.rsa.key.pub "$ROOT/etc/apk/keys/cynerd@email.cz-5b8aeb6d.rsa.pub"
	uchroot root <<EOF
		set -e
		chmod 644 /etc/apk/keys/cynerd@email.cz-5b8aeb6d.rsa.pub
		chgrp abuild /var/cache/distfiles
		chmod g+w /var/cache/distfiles
		chown build:build /build/packages
		chown build:build "/build/.abuild/cynerd@email.cz-5b8aeb6d.rsa"
EOF
fi

echo_stage "Update system"
uchroot root 'apk update && apk upgrade'

echo_stage "Get packages source"
git_clone "git@cynerd.cz:alpine-personal-pkgs" "$ROOT/pkgs"
uchroot root "rm -rf /build/aports/personal && chown -R build:build /pkgs && mv /pkgs /build/aports/personal"

echo_stage "Build packages"
uroot cp "$FILES/alpine/abuild.conf" "$ROOT/etc/abuild.conf"
uchroot build 'buildrepo --purge --keep-going personal'

echo_stage "Deploy"
ssh upload rm -rf "deploy-alpine"
sftp -b - upload <<EOF
	put -R "$WORKSPACE/packages/personal/$ARCH" "deploy-alpine-$ARCH"
EOF
ssh upload /bin/sh -se "$ARCH" <<"EOF"
	rm -rf  "/var/www/repo/alpine/$1"
	mv "deploy-alpine-$1" "/var/www/repo/alpine/$1"
EOF
sftp -b - upload:/var/www/repo/alpine/ <<EOF
	put "$FILES/alpine/setup.sh"
	put "$FILES/alpine/setup.sh.gpg"
EOF