signald/infrastructure
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Add aarch64 build

Browse source
This commit is contained in:
finn 2020-12-02 03:00:46 -08:00
parent 4a3302f35f
commit c9da9ace26
5 changed files with 152 additions and 10 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

33
.gitlab-ci.yml
View file

@ -1,4 +1,14 @@
build:signal-server: .build: &build
image: docker:latest
stage: build
script:
- docker login -u gitlab-ci-token -p "${CI_JOB_TOKEN}" "${CI_REGISTRY}"
- docker build -f "${DOCKERFILE}" -t "${CI_REGISTRY_IMAGE}/${NAME}:${CI_COMMIT_SHA:0:8}" .
- docker tag "${CI_REGISTRY_IMAGE}/${NAME}:${CI_COMMIT_SHA:0:8}" "${CI_REGISTRY_IMAGE}/${NAME}:${CI_COMMIT_REF_SLUG}"
- docker push "${CI_REGISTRY_IMAGE}/${NAME}:${CI_COMMIT_SHA:0:8}"
- docker push "${CI_REGISTRY_IMAGE}/${NAME}:${CI_COMMIT_REF_SLUG}"
signal-server:
image: docker:latest image: docker:latest
stage: build stage: build
script: script:
@ -12,12 +22,15 @@ build:signal-server:
- docker push ${CI_REGISTRY_IMAGE}/signal-server:${VERSION} - docker push ${CI_REGISTRY_IMAGE}/signal-server:${VERSION}
- echo "docker pull ${CI_REGISTRY_IMAGE}/signal-server:${VERSION}" - echo "docker pull ${CI_REGISTRY_IMAGE}/signal-server:${VERSION}"
build:testhelper: testhelper:
image: docker:latest <<: *build
stage: build variables:
script: DOCKERFILE: "testhelper.Dockerfile"
- docker login -u gitlab-ci-token -p ${CI_JOB_TOKEN} ${CI_REGISTRY} NAME: "testhelper"
- docker build -f testhelper.Dockerfile -t ${CI_REGISTRY_IMAGE}/testhelper:${CI_COMMIT_SHA:0:8} .
- docker tag ${CI_REGISTRY_IMAGE}/testhelper:${CI_COMMIT_SHA:0:8} ${CI_REGISTRY_IMAGE}/testhelper:${CI_COMMIT_REF_SLUG} builder-image:aarch64:
- docker push ${CI_REGISTRY_IMAGE}/testhelper:${CI_COMMIT_SHA:0:8} <<: *build
- docker push ${CI_REGISTRY_IMAGE}/testhelper:${CI_COMMIT_REF_SLUG} tags: [arm-docker-builder]
variables:
DOCKERFILE: "signald-builder.Dockerfile"
NAME: "signald-builder-arm"

16
deb-scripts/get-component.sh Normal file
View file

@ -0,0 +1,16 @@
#!/bin/bash
set -euo pipefail
if [[ "${COMPONENT:-}" == "" ]]; then # no component specified, we can guess
if [[ "${CI_BUILD_TAG:-}" == "" ]]; then # Not building a tag
if [[ "${CI_COMMIT_REF_SLUG:-}" != "" ]]; then
COMPONENT="${CI_COMMIT_REF_SLUG}"
fi
else
COMPONENT="stable"
fi
fi
COMPONENT="${COMPONENT:-experimental}"
echo $COMPONENT

65
deb-scripts/release-deb.sh Normal file
View file

@ -0,0 +1,65 @@
#!/bin/bash
set -exuo pipefail
## -----------
## Custom repository
## -----------------
## - https://wiki.debian.org/DebianRepository
## - https://debian-handbook.info/browse/stable/sect.setup-apt-package-repository.html
## - https://lists.debian.org/debian-mentors/2006/04/msg00294.html
## -----
COMPONENT=$(get-component)
CODENAME=${CODENAME:-$(lsb_release -sc)}
mkdir -p dists/$CODENAME/$COMPONENT/binary-amd64
# mkdir -p dists/$CODENAME/$COMPONENT/source
find $1 -maxdepth 1 -name "*.deb" -type f -exec cp -a {} dists/$CODENAME/$COMPONENT/binary-amd64 \;
# find $OLDPWD -maxdepth 1 -name "*gradle*xy" -type f -exec cp -a {} dists/$CODENAME/$COMPONENT/source \;
while read; do
cat > dists/$CODENAME/$COMPONENT/binary-amd64/Release <<-EOF
Origin: Debian
Label: Debian
Suite: $COMPONENT
Codename: $CODENAME
Valid-Until: $(date --rfc-2822 --utc --date="${REPO_VALID_UNTIL:-1year}")
Architectures: amd64
Components: $COMPONENT
Description: Debian x.y Unstable - Not Released
EOF
done <<ARCH
binary-amd64
source
ARCH
dpkg-scanpackages -m dists/$CODENAME/$COMPONENT/binary-amd64/ > dists/$CODENAME/$COMPONENT/binary-amd64/Packages
#dpkg-scansources dists/$CODENAME/$COMPONENT/source/ > dists/$CODENAME/$COMPONENT/source/Sources
> dists/$CODENAME/Release apt-ftparchive release dists/$COMPONENT \
-o APT::FTPArchive::Release::Architectures="amd64 source" \
-o APT::FTPArchive::Release::Codename="$CODENAME" \
-o APT::FTPArchive::Release::Components="$COMPONENT" \
-o APT::FTPArchive::Release::Description="Description: Experimental packages - not released use at your own risk." \
-o APT::FTPArchive::Release::Label="Debian" \
-o APT::FTPArchive::Release::Origin="Debian" \
-o APT::FTPArchive::Release::Suite="$COMPONENT" \
# sign files
gpg --homedir /opt/signing-keys/.gnupg --yes -u $2 --no-tty --passphrase-fd 0 -abs -o dists/$CODENAME/Release.gpg dists/$CODENAME/Release
gpg --homedir /opt/signing-keys/.gnupg --yes -u $2 --no-tty --passphrase-fd 0 --clearsign -o dists/$CODENAME/InRelease dists/$CODENAME/Release
## import signatures on client
# gpg --recv-key --keyserver localhost 0123456789abcdef
# gpg --list-sigs
# gpg --export 0123456789abcdef > /usr/share/keyrings/archive-keyring.gpg
#
# cat >> /etc/apt/sources.list <<apt
# deb [signed-by=/usr/share/keyrings/archive-keyring.gpg] ftp://localhost/debian $(lsb_release -sc) $COMPONENT
# deb-src [signed-by=/usr/share/keyrings/archive-keyring.gpg] ftp://localhost/debian $(lsb_release -sc) $COMPONENT
# apt
## -----

27
deb-scripts/repo-cron.sh Normal file
View file

@ -0,0 +1,27 @@
#!/bin/bash
set -euo pipefail
STORAGE_TIME="${STORAGE_TIME:-604800}" # Default to 1 week (604800 seconds)
seconds_since() {
echo $(($(date --utc +%s)-$(date --date="$1" --utc +%s)))
}
prettyexec() {
echo '\x1b[32;1m$ $@\x1b[0;m'
$@
}
# Delete .debs that are older than $STORAGE_TIME and in a non-stable branch
for codename in $(mc ls --json -q "$1/dists/" | jq -r .key | grep -v -E "^stable$"); do
for file in $(mc ls --recursive --json "$1/dists/$codename" | jq -c .); do
LAST_MODIFIED=$(echo "$file" | jq -r .lastModified)
FILENAME="$1/dists/$codename$(echo "$file" | jq -r .key)"
SECONDS_SINCE=$(seconds_since "${LAST_MODIFIED}")
if [[ "${SECONDS_SINCE}" -gt "${STORAGE_TIME}" ]]; then
echo "Deleting ${FILENAME}"
prettyexec mc rm "${FILENAME}"
fi
done
done

21
signald-builder.Dockerfile Normal file
View file

@ -0,0 +1,21 @@
FROM debian:latest
RUN apt-get update && apt-get install -y \
gpg \
dpkg-dev \
apt-utils \
wget \
dh-make \
debhelper \
javahelper \
gradle \
default-jdk-headless \
git-buildpackage \
gradle-debian-helper \
jq \
&& rm -rf /var/lib/apt/lists/*
RUN adduser signald
RUN mkdir /home/signald && chown signald:signald /home/signald
COPY deb-scripts/release-deb.sh /usr/bin/release-deb
COPY deb-scripts/get-component.sh /usr/bin/get-component
COPY deb-scripts/repo-cron.sh /usr/bin/repo-cron
USER signald