Added RPM update step to Drone CI pipeline.

Closes: #316.
This commit is contained in:
Fabio Manganiello 2023-09-23 16:21:00 +02:00
parent 2b981f6b68
commit f6dea0b4d4
Signed by: blacklight
GPG key ID: D90FBA7F76362774

View file

@ -574,6 +574,202 @@ steps:
cat "$file" | gpg -q --default-key "$PGP_KEYID" -abs --clearsign > "$dirname/InRelease" cat "$file" | gpg -q --default-key "$PGP_KEYID" -abs --clearsign > "$dirname/InRelease"
done done
###
### Update the RPM (stable) packages
###
- name: update-rpm-repo
image: fedora
privileged: true # Required to use the FUSE module for s3fs
environment:
RPM_VERSION: stable
WORKDIR: /tmp/workdir
PKG_NAME: platypush
S3_BUCKET: platypush-pkg
BUCKET_MNT: /mnt/s3
AWS_ENDPOINT_URL: https://s3.nl-ams.scw.cloud
AWS_DEFAULT_REGION: nl-ams
AWS_ACCESS_KEY_ID:
from_secret: aws_access_key_id
AWS_SECRET_ACCESS_KEY:
from_secret: aws_secret_access_key
PGP_PUBKEY:
from_secret: rpm_pgp_pub_key
PGP_PRIVKEY:
from_secret: rpm_pgp_priv_key
when:
branch:
- master
event:
- push
depends_on:
- build-ui
commands:
- echo "-- Installing dependencies"
- yum install -y createrepo rpm-build rpm-sign gpg wget yum-utils git python python-pip s3fs-fuse
- echo "-- Copying source directory"
- mkdir -p "$WORKDIR"
- export SRCDIR="$WORKDIR/src"
- cp -r "$PWD" "$SRCDIR"
- cd "$SRCDIR"
- echo "-- Mounting the S3 bucket"
- mkdir -p "$BUCKET_MNT"
- s3fs "$S3_BUCKET" "$BUCKET_MNT" -o url="$AWS_ENDPOINT_URL"
- export RPM_ROOT="$BUCKET_MNT/rpm"
- mkdir -p "$RPM_ROOT"
- echo "--- Parsing metadata"
- git config --global --add safe.directory $PWD
- git pull --rebase origin master --tags
- export VERSION=$(python3 setup.py --version)
- export RELNUM=$(git log --pretty=oneline HEAD...v$VERSION | wc -l)
- export SPECFILE="$WORKDIR/$PKG_NAME.spec"
- export BUILD_DIR="$WORKDIR/build"
- export TMP_RPM_ROOT="$WORKDIR/repo"
- export SRC_URL="https://git.platypush.tech/platypush/platypush/archive/master.tar.gz"
- echo "--- Creating git package spec"
- |
cat <<EOF > $SPECFILE
Summary: Universal command executor and automation hub.
Name: $PKG_NAME-git
Version: $VERSION
Release: $RELNUM
URL: https://platypush.tech
Group: System
License: MIT
Packager: Fabio Manganiello <fabio@platypush.tech>
Source: $SRC_URL
Requires: $(cat platypush/install/requirements/fedora.txt | tr '\n' ' ')
Conflicts: $PKG_NAME
Prefix: %{_prefix}
BuildRoot: %{_tmppath}/%{name}-root
%description
Universal command executor and automation hub.
%install
mkdir -p %{buildroot}/
cp -r "$BUILD_DIR"/* %{buildroot}/
%clean
%files
/usr/bin/*
/usr/lib/python$(python3 --version | awk '{print $2}' | cut -d. -f 1,2)/site-packages/platypush
/usr/lib/python$(python3 --version | awk '{print $2}' | cut -d. -f 1,2)/site-packages/platypush-$VERSION.dist-info
%changelog
* $(date +'%a %b %d %Y') admin <admin@platypush.tech>
- [Automatic] Release $VERSION-$RELNUM
EOF
- echo "--- Building git package"
- mkdir -p "$BUILD_DIR"
- pip install --prefix="$BUILD_DIR/usr" --no-cache --no-deps .
- rpmbuild --target "noarch" -bb "$SPECFILE"
- echo "--- Copying the new RPM package"
- mkdir -p "$TMP_RPM_ROOT"
- cp "$HOME/rpmbuild/RPMS/noarch/$PKG_NAME-git-$VERSION-$RELNUM.noarch.rpm" "$TMP_RPM_ROOT"
- echo "--- Checking the latest released stable version"
- export LATEST_STABLE_PKG=$(ls -rt "$RPM_ROOT/$PKG_NAME"*.rpm 2>/dev/null | grep -v "$PKG_NAME-git" | tail -1)
- |
if [ -z "$LATEST_STABLE_PKG" ]; then
# If not stable release is available, then create one
export UPDATE_STABLE_PKG=1
else
# Otherwise, create a new release if the reported version on the repo is different
# from the latest released version.
export LATEST_STABLE_VERSION=$(basename $LATEST_STABLE_PKG | cut -d- -f 2)
if [ "$VERSION" != "$LATEST_STABLE_VERSION" ]; then
export UPDATE_STABLE_PKG=1
else
# If the version has remained the same, then simply copy the existing RPM to the
# new repository directory.
echo "Copying the existing release $LATEST_STABLE_VERSION to the new repository"
cp "$LATEST_STABLE_PKG" "$TMP_RPM_ROOT"
fi
fi
# If a new stable release is required, build another RPM
- |
if [ -n "$UPDATE_STABLE_PKG" ]; then
export RELNUM=1
export SRC_URL="https://git.platypush.tech/platypush/platypush/archive/v$VERSION.tar.gz"
cat <<EOF > $SPECFILE
Summary: Universal command executor and automation hub.
Name: $PKG_NAME
Version: $VERSION
Release: $RELNUM
URL: https://platypush.tech
Group: System
License: MIT
Packager: Fabio Manganiello <fabio@platypush.tech>
Source: $SRC_URL
Requires: $(cat platypush/install/requirements/fedora.txt | tr '\n' ' ')
Conflicts: $PKG_NAME-git
Prefix: %{_prefix}
BuildRoot: %{_tmppath}/%{name}-root
%description
Universal command executor and automation hub.
%install
mkdir -p %{buildroot}/
cp -r "$BUILD_DIR"/* %{buildroot}/
%clean
%files
/usr/bin/*
/usr/lib/python$(python3 --version | awk '{print $2}' | cut -d. -f 1,2)/site-packages/platypush
/usr/lib/python$(python3 --version | awk '{print $2}' | cut -d. -f 1,2)/site-packages/platypush-$VERSION.dist-info
%changelog
* $(date +'%a %b %d %Y') admin <admin@platypush.tech>
- [Automatic] Release $VERSION-$RELNUM
EOF
echo "--- Building package for stable release $VERSION"
rpmbuild --target "noarch" -bb "$SPECFILE"
cp "$HOME/rpmbuild/RPMS/noarch/$PKG_NAME-$VERSION-$RELNUM.noarch.rpm" "$TMP_RPM_ROOT"
fi
- echo "--- Importing the repository keys"
- |
cat <<EOF | gpg --import --armor
$PGP_PRIVKEY
EOF
- export PGP_KEYID=$(echo "$PGP_PUBKEY" | gpg --with-colons --import-options show-only --import --fingerprint | grep -e '^fpr:' | head -1 | awk -F ':' '{print $(NF - 1)}')
- cat <<EOF > $HOME/.rpmmacros
%signature gpg
%_gpg_name $PGP_KEYID
EOF
- echo "--- Signing the new RPM packages"
- rpm --addsign "$TMP_RPM_ROOT"/*.rpm
- echo "--- Creating a new copy of the RPM repository"
- createrepo "$TMP_RPM_ROOT"
- gpg --detach-sign --armor "$TMP_RPM_ROOT/repodata/repomd.xml"
- echo "--- Updating the S3 bucket"
- export NEW_RPM_ROOT="$BUCKET_MNT/rpm_new"
- export OLD_RPM_ROOT="$BUCKET_MNT/rpm_old"
- mv "$TMP_RPM_ROOT" "$NEW_RPM_ROOT"
- mv "$RPM_ROOT" "$OLD_TMP_ROOT"
- mv "$NEW_RPM_ROOT" "$RPM_ROOT"
- rm -rf "$OLD_TMP_ROOT"
### ###
### Updates the pip package upon new releases ### Updates the pip package upon new releases
### ###