Add aarch64 build
This commit is contained in:
parent
4a3302f35f
commit
c9da9ace26
5 changed files with 152 additions and 10 deletions
|
|
@ -1,4 +1,14 @@
|
|||
build:signal-server:
|
||||
.build: &build
|
||||
image: docker:latest
|
||||
stage: build
|
||||
script:
|
||||
- docker login -u gitlab-ci-token -p "${CI_JOB_TOKEN}" "${CI_REGISTRY}"
|
||||
- docker build -f "${DOCKERFILE}" -t "${CI_REGISTRY_IMAGE}/${NAME}:${CI_COMMIT_SHA:0:8}" .
|
||||
- docker tag "${CI_REGISTRY_IMAGE}/${NAME}:${CI_COMMIT_SHA:0:8}" "${CI_REGISTRY_IMAGE}/${NAME}:${CI_COMMIT_REF_SLUG}"
|
||||
- docker push "${CI_REGISTRY_IMAGE}/${NAME}:${CI_COMMIT_SHA:0:8}"
|
||||
- docker push "${CI_REGISTRY_IMAGE}/${NAME}:${CI_COMMIT_REF_SLUG}"
|
||||
|
||||
signal-server:
|
||||
image: docker:latest
|
||||
stage: build
|
||||
script:
|
||||
|
|
@ -12,12 +22,15 @@ build:signal-server:
|
|||
- docker push ${CI_REGISTRY_IMAGE}/signal-server:${VERSION}
|
||||
- echo "docker pull ${CI_REGISTRY_IMAGE}/signal-server:${VERSION}"
|
||||
|
||||
build:testhelper:
|
||||
image: docker:latest
|
||||
stage: build
|
||||
script:
|
||||
- docker login -u gitlab-ci-token -p ${CI_JOB_TOKEN} ${CI_REGISTRY}
|
||||
- docker build -f testhelper.Dockerfile -t ${CI_REGISTRY_IMAGE}/testhelper:${CI_COMMIT_SHA:0:8} .
|
||||
- docker tag ${CI_REGISTRY_IMAGE}/testhelper:${CI_COMMIT_SHA:0:8} ${CI_REGISTRY_IMAGE}/testhelper:${CI_COMMIT_REF_SLUG}
|
||||
- docker push ${CI_REGISTRY_IMAGE}/testhelper:${CI_COMMIT_SHA:0:8}
|
||||
- docker push ${CI_REGISTRY_IMAGE}/testhelper:${CI_COMMIT_REF_SLUG}
|
||||
testhelper:
|
||||
<<: *build
|
||||
variables:
|
||||
DOCKERFILE: "testhelper.Dockerfile"
|
||||
NAME: "testhelper"
|
||||
|
||||
builder-image:aarch64:
|
||||
<<: *build
|
||||
tags: [arm-docker-builder]
|
||||
variables:
|
||||
DOCKERFILE: "signald-builder.Dockerfile"
|
||||
NAME: "signald-builder-arm"
|
||||
16
deb-scripts/get-component.sh
Normal file
16
deb-scripts/get-component.sh
Normal file
|
|
@ -0,0 +1,16 @@
|
|||
#!/bin/bash
|
||||
set -euo pipefail
|
||||
|
||||
if [[ "${COMPONENT:-}" == "" ]]; then # no component specified, we can guess
|
||||
if [[ "${CI_BUILD_TAG:-}" == "" ]]; then # Not building a tag
|
||||
if [[ "${CI_COMMIT_REF_SLUG:-}" != "" ]]; then
|
||||
COMPONENT="${CI_COMMIT_REF_SLUG}"
|
||||
fi
|
||||
else
|
||||
COMPONENT="stable"
|
||||
fi
|
||||
fi
|
||||
|
||||
COMPONENT="${COMPONENT:-experimental}"
|
||||
|
||||
echo $COMPONENT
|
||||
65
deb-scripts/release-deb.sh
Normal file
65
deb-scripts/release-deb.sh
Normal file
|
|
@ -0,0 +1,65 @@
|
|||
#!/bin/bash
|
||||
set -exuo pipefail
|
||||
|
||||
## -----------
|
||||
## Custom repository
|
||||
## -----------------
|
||||
|
||||
## - https://wiki.debian.org/DebianRepository
|
||||
## - https://debian-handbook.info/browse/stable/sect.setup-apt-package-repository.html
|
||||
## - https://lists.debian.org/debian-mentors/2006/04/msg00294.html
|
||||
|
||||
## -----
|
||||
|
||||
COMPONENT=$(get-component)
|
||||
CODENAME=${CODENAME:-$(lsb_release -sc)}
|
||||
|
||||
mkdir -p dists/$CODENAME/$COMPONENT/binary-amd64
|
||||
# mkdir -p dists/$CODENAME/$COMPONENT/source
|
||||
find $1 -maxdepth 1 -name "*.deb" -type f -exec cp -a {} dists/$CODENAME/$COMPONENT/binary-amd64 \;
|
||||
# find $OLDPWD -maxdepth 1 -name "*gradle*xy" -type f -exec cp -a {} dists/$CODENAME/$COMPONENT/source \;
|
||||
|
||||
while read; do
|
||||
cat > dists/$CODENAME/$COMPONENT/binary-amd64/Release <<-EOF
|
||||
Origin: Debian
|
||||
Label: Debian
|
||||
Suite: $COMPONENT
|
||||
Codename: $CODENAME
|
||||
Valid-Until: $(date --rfc-2822 --utc --date="${REPO_VALID_UNTIL:-1year}")
|
||||
Architectures: amd64
|
||||
Components: $COMPONENT
|
||||
Description: Debian x.y Unstable - Not Released
|
||||
EOF
|
||||
done <<ARCH
|
||||
binary-amd64
|
||||
source
|
||||
ARCH
|
||||
|
||||
dpkg-scanpackages -m dists/$CODENAME/$COMPONENT/binary-amd64/ > dists/$CODENAME/$COMPONENT/binary-amd64/Packages
|
||||
#dpkg-scansources dists/$CODENAME/$COMPONENT/source/ > dists/$CODENAME/$COMPONENT/source/Sources
|
||||
|
||||
> dists/$CODENAME/Release apt-ftparchive release dists/$COMPONENT \
|
||||
-o APT::FTPArchive::Release::Architectures="amd64 source" \
|
||||
-o APT::FTPArchive::Release::Codename="$CODENAME" \
|
||||
-o APT::FTPArchive::Release::Components="$COMPONENT" \
|
||||
-o APT::FTPArchive::Release::Description="Description: Experimental packages - not released use at your own risk." \
|
||||
-o APT::FTPArchive::Release::Label="Debian" \
|
||||
-o APT::FTPArchive::Release::Origin="Debian" \
|
||||
-o APT::FTPArchive::Release::Suite="$COMPONENT" \
|
||||
|
||||
|
||||
# sign files
|
||||
gpg --homedir /opt/signing-keys/.gnupg --yes -u $2 --no-tty --passphrase-fd 0 -abs -o dists/$CODENAME/Release.gpg dists/$CODENAME/Release
|
||||
gpg --homedir /opt/signing-keys/.gnupg --yes -u $2 --no-tty --passphrase-fd 0 --clearsign -o dists/$CODENAME/InRelease dists/$CODENAME/Release
|
||||
|
||||
|
||||
## import signatures on client
|
||||
# gpg --recv-key --keyserver localhost 0123456789abcdef
|
||||
# gpg --list-sigs
|
||||
# gpg --export 0123456789abcdef > /usr/share/keyrings/archive-keyring.gpg
|
||||
#
|
||||
# cat >> /etc/apt/sources.list <<apt
|
||||
# deb [signed-by=/usr/share/keyrings/archive-keyring.gpg] ftp://localhost/debian $(lsb_release -sc) $COMPONENT
|
||||
# deb-src [signed-by=/usr/share/keyrings/archive-keyring.gpg] ftp://localhost/debian $(lsb_release -sc) $COMPONENT
|
||||
# apt
|
||||
## -----
|
||||
27
deb-scripts/repo-cron.sh
Normal file
27
deb-scripts/repo-cron.sh
Normal file
|
|
@ -0,0 +1,27 @@
|
|||
#!/bin/bash
|
||||
set -euo pipefail
|
||||
|
||||
STORAGE_TIME="${STORAGE_TIME:-604800}" # Default to 1 week (604800 seconds)
|
||||
|
||||
seconds_since() {
|
||||
echo $(($(date --utc +%s)-$(date --date="$1" --utc +%s)))
|
||||
}
|
||||
|
||||
|
||||
prettyexec() {
|
||||
echo '\x1b[32;1m$ $@\x1b[0;m'
|
||||
$@
|
||||
}
|
||||
|
||||
# Delete .debs that are older than $STORAGE_TIME and in a non-stable branch
|
||||
for codename in $(mc ls --json -q "$1/dists/" | jq -r .key | grep -v -E "^stable$"); do
|
||||
for file in $(mc ls --recursive --json "$1/dists/$codename" | jq -c .); do
|
||||
LAST_MODIFIED=$(echo "$file" | jq -r .lastModified)
|
||||
FILENAME="$1/dists/$codename$(echo "$file" | jq -r .key)"
|
||||
SECONDS_SINCE=$(seconds_since "${LAST_MODIFIED}")
|
||||
if [[ "${SECONDS_SINCE}" -gt "${STORAGE_TIME}" ]]; then
|
||||
echo "Deleting ${FILENAME}"
|
||||
prettyexec mc rm "${FILENAME}"
|
||||
fi
|
||||
done
|
||||
done
|
||||
21
signald-builder.Dockerfile
Normal file
21
signald-builder.Dockerfile
Normal file
|
|
@ -0,0 +1,21 @@
|
|||
FROM debian:latest
|
||||
RUN apt-get update && apt-get install -y \
|
||||
gpg \
|
||||
dpkg-dev \
|
||||
apt-utils \
|
||||
wget \
|
||||
dh-make \
|
||||
debhelper \
|
||||
javahelper \
|
||||
gradle \
|
||||
default-jdk-headless \
|
||||
git-buildpackage \
|
||||
gradle-debian-helper \
|
||||
jq \
|
||||
&& rm -rf /var/lib/apt/lists/*
|
||||
RUN adduser signald
|
||||
RUN mkdir /home/signald && chown signald:signald /home/signald
|
||||
COPY deb-scripts/release-deb.sh /usr/bin/release-deb
|
||||
COPY deb-scripts/get-component.sh /usr/bin/get-component
|
||||
COPY deb-scripts/repo-cron.sh /usr/bin/repo-cron
|
||||
USER signald
|
||||
Loading…
Reference in a new issue