blob: 6811191cd4974d322f7f6ed6da248e20cdefb06e (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
|
#!/bin/sh
# vim: ft=sh
. "$(dirname "$(readlink -f "$0")")/../job.common"
# Lock for execution
if [ "$1" != "--locked" ]; then
exec flock --exclusive "$WORKSPACE/root.lock" "$0" --locked "$@"
fi
shift # Shift --locked
if [ -n "$CLEAN_ROOT" ]; then
echo_stage "Remove root"
uroot rm -rf "$WORKSPACE/root"
fi
if [ -n "$CLEAN" ]; then
echo_stage "Remove packages"
uroot rm -rf "$WORKSPACE/packages"
echo_stage "Remove distfiles"
uroot rm -rf "$WORKSPACE/distfiles"
fi
[ -n "$ARCH" ] || echo_fail "Variable ARCH has to be defined in configuration for job."
export ROOT="$WORKSPACE/root"
export MOUNT="$TWORKSPACE/distfiles:/var/cache/distfiles
$WORKSPACE/packages:/build/packages"
mkdir -p "$TWORKSPACE/distfiles" "$WORKSPACE/packages"
if [ ! -d "$ROOT" ]; then
# Prepare new root if there is none
rootfs="$(curl "http://dl-cdn.alpinelinux.org/alpine/edge/releases/$ARCH/latest-releases.yaml" | \
yq -r 'map(select(.flavor == "alpine-minirootfs")) | .[0].file')"
echo_stage "Setting up new root"
wget "http://dl-cdn.alpinelinux.org/alpine/edge/releases/$ARCH/$rootfs" -O alpine.tar.gz
# TODO verify signature
mkdir "$ROOT"
uroot tar -xzf alpine.tar.gz -C "$ROOT"
chmod 755 "$ROOT" # This is intentional, tar changes access rights
MOUNT="" uchroot root <<EOF
set -e
apk update
apk add alpine-sdk lua-aports
adduser -s /bin/sh -D -h /build build
addgroup build abuild
su -l build -c 'mkdir .abuild aports packages'
su -l build -c 'echo "PACKAGER_PRIVKEY=\"/build/.abuild/cynerd@email.cz-5b8aeb6d.rsa\"" > .abuild/abuild.conf'
EOF
uroot cp ~/keys/alpinelinux.rsa.key "$ROOT/build/.abuild/cynerd@email.cz-5b8aeb6d.rsa"
uroot cp ~/keys/alpinelinux.rsa.key.pub "$ROOT/etc/apk/keys/cynerd@email.cz-5b8aeb6d.rsa.pub"
uchroot root <<EOF
set -e
chmod 644 /etc/apk/keys/cynerd@email.cz-5b8aeb6d.rsa.pub
chgrp abuild /var/cache/distfiles
chmod g+w /var/cache/distfiles
chown build:build /build/packages
chown build:build "/build/.abuild/cynerd@email.cz-5b8aeb6d.rsa"
EOF
fi
echo_stage "Update system"
uchroot root 'apk update && apk upgrade'
echo_stage "Get packages source"
git_clone "git@cynerd.cz:alpine-personal-pkgs" "$ROOT/pkgs"
uchroot root "rm -rf /build/aports/personal && chown -R build:build /pkgs && mv /pkgs /build/aports/personal"
echo_stage "Build packages"
uroot cp "$FILES/alpine/abuild.conf" "$ROOT/etc/abuild.conf"
uchroot build 'buildrepo --purge --keep-going personal'
echo_stage "Deploy"
ssh upload rm -rf "deploy-alpine"
sftp -b - upload <<EOF
put -R "$WORKSPACE/packages/personal/$ARCH" "deploy-alpine-$ARCH"
EOF
ssh upload /bin/sh -se "$ARCH" <<"EOF"
rm -rf "/var/www/repo/alpine/$1"
mv "deploy-alpine-$1" "/var/www/repo/alpine/$1"
EOF
sftp -b - upload:/var/www/repo/alpine/ <<EOF
put "$FILES/alpine/setup.sh"
put "$FILES/alpine/setup.sh.gpg"
EOF
|