Adds simple jobs for building the the Engine for Debian 10. Pre-built docker images containing Sequoia will be pulled down and used to build the Engine. Currently the Sequoia version is just the latest from the `pep-engine` branch. We should make this selectable in the near future. Upon successful compilation an image containing the build output will be pushed to an internal docker registry.ENGINE-883
@ -0,0 +1,34 @@ | |||
.ensure_docker: &ensure_docker | |||
# Check for docker and install if missing | |||
- 'which docker || ( sudo apt-get update -y && sudo apt-get install docker.io -y )' | |||
.ensure_rsync: &ensure_rsync | |||
# Install rsync and deps if missing | |||
- 'which ssh-agent || ( sudo apt-get update -y && sudo apt-get install openssh-client -y )' | |||
- 'which rsync || ( sudo apt-get update -y && sudo apt-get install rsync -y )' | |||
- 'which make || ( sudo apt-get update -y && sudo apt-get install make -y )' | |||
.enable_insecure_docker_registries: &enable_insecure_docker_registries | |||
# Enable "insecure" docker registries | |||
- | | |||
cat <<EOD > /tmp/docker-daemon.json | |||
{ | |||
"insecure-registries" : ["${DOCKER_REGISTRY_HOST}"] | |||
} | |||
EOD | |||
- sudo cp /tmp/docker-daemon.json /etc/docker/daemon.json | |||
- sudo systemctl restart docker.service | |||
.standard_job: | |||
tags: [kvm] | |||
before_script: | |||
- *ensure_docker | |||
- *ensure_rsync | |||
- *enable_insecure_docker_registries | |||
.make_in_docker: | |||
extends: .standard_job | |||
script: | |||
- docker login -u ${DOCKER_REGISTRY_USER} -p ${DOCKER_REGISTRY_PASS} ${DOCKER_REGISTRY_HOST} | |||
- cd scripts/${CI_DISTRO_TARGET} | |||
- make |
@ -0,0 +1,27 @@ | |||
include: | |||
- '.gitlab-ci-files/common-prepare.yml' | |||
stages: | |||
- build | |||
# Debian | |||
debian10:build: | |||
extends: .make_in_docker | |||
stage: build | |||
variables: | |||
CI_DISTRO_TARGET: "debian10" | |||
DEBIAN_FRONTEND: "noninteractive" | |||
rules: | |||
- if: '$CI_COMMIT_TAG !~ /^Release_[0-9]+\.[0-9]+\.[0-9]+$/' | |||
debian10:tagged-build: | |||
extends: .make_in_docker | |||
stage: build | |||
variables: | |||
CI_DISTRO_TARGET: "debian10" | |||
DEBIAN_FRONTEND: "noninteractive" | |||
TAGGED_BUILD: "true" | |||
rules: | |||
- if: '$CI_COMMIT_TAG =~ /^Release_[0-9]+\.[0-9]+\.[0-9]+$/' |
@ -0,0 +1,4 @@ | |||
# 1st Party Dependencies | |||
## Prefer git tags instead of SHA hashes when possible. | |||
sequoia=365d00a08bec6a5a48d48a7c7893d78c27092b59 |
@ -0,0 +1,27 @@ | |||
include ../../DEPENDENCIES | |||
export | |||
PEP_MACHINE_DIR= $(PKG_INSTALL_PATH)/share/pEp | |||
SEQUOIA_VERSION=${sequoia} | |||
CURRENT_DISTRO=$(shell basename $(shell pwd)) | |||
IMAGE_NAME=${DOCKER_REGISTRY_HOST}/pep-$(CURRENT_DISTRO)-engine | |||
DOCKERFILE=pEpEngine.$(CURRENT_DISTRO).Dockerfile | |||
IS_TAGGED=${TAGGED_BUILD} | |||
ifeq ($(IS_TAGGED), true) | |||
# $CI_COMMIT_TAG is a predefined environment variable from Gitlab | |||
PEPENGINE_VERSION=${CI_COMMIT_TAG} | |||
else | |||
PEPENGINE_VERSION=$(shell git rev-parse --short=8 HEAD) | |||
endif | |||
all: | |||
-docker pull $(IMAGE_NAME):latest | |||
cd ../../ && docker build --build-arg CURRENT_DISTRO=$(CURRENT_DISTRO) \ | |||
--build-arg DOCKER_REGISTRY_HOST=${DOCKER_REGISTRY_HOST} \ | |||
--build-arg PEPENGINE_VERSION=$(PEPENGINE_VERSION) \ | |||
--build-arg SEQUOIA_VERSION=$(SEQUOIA_VERSION) \ | |||
--build-arg PEP_MACHINE_DIR=$(PEP_MACHINE_DIR) \ | |||
--cache-from $(IMAGE_NAME):latest \ | |||
--tag=$(IMAGE_NAME):$(PEPENGINE_VERSION) \ | |||
--tag=$(IMAGE_NAME):latest \ | |||
-f scripts/${CURRENT_DISTRO}/$(DOCKERFILE) . | |||
docker push $(IMAGE_NAME):$(PEPENGINE_VERSION) | |||
docker push $(IMAGE_NAME):latest |
@ -0,0 +1,25 @@ | |||
#!/usr/bin/env sh | |||
set -exo | |||
export LC_ALL=en_US.UTF-8 | |||
cat >local.conf <<__LOCAL__ | |||
PREFIX=${INSTPREFIX} | |||
SQLITE3_FROM_OS="" | |||
PER_MACHINE_DIRECTORY=${PEP_MACHINE_DIR} | |||
YML2_PATH=${BUILDROOT}/yml2 | |||
YML2_PROC=${BUILDROOT}/yml2/yml2proc | |||
ETPAN_LIB=-L${INSTPREFIX}/libetpan/lib | |||
ETPAN_INC=-I${INSTPREFIX}/libetpan/include | |||
ASN1C=${INSTPREFIX}/asn1c/bin/asn1c | |||
ASN1C_INC=-I${INSTPREFIX}/asn1c/share/asn1c | |||
OPENPGP=SEQUOIA | |||
SEQUOIA_LIB=-L${INSTPREFIX}/lib | |||
SEQUOIA_INC=-I${INSTPREFIX}/include | |||
LDFLAGS += -L${INSTPREFIX}/lib -L${INSTPREFIX}/libetpan/lib -L${INSTPREFIX}/pep/lib -nostartfiles | |||
__LOCAL__ | |||
cat local.conf | |||
export PKG_CONFIG_PATH=$INSTPREFIX/share/pkgconfig/ | |||
make all && make db && make install |
@ -0,0 +1,31 @@ | |||
#!/usr/bin/env sh | |||
set -exo | |||
### YML2 | |||
cd $BUILDROOT | |||
wget https://fdik.org/yml2.tar.bz2 | |||
tar -xf yml2.tar.bz2 | |||
rm yml2.tar.bz2 | |||
### libetpan | |||
git clone https://github.com/fdik/libetpan $BUILDROOT/libetpan | |||
cd $BUILDROOT/libetpan | |||
test -f configure || NOCONFIGURE=absolutely ./autogen.sh | |||
./configure --prefix=${INSTPREFIX}/libetpan \ | |||
--without-openssl --without-gnutls --without-sasl \ | |||
--without-curl --without-expat --without-zlib \ | |||
--disable-dependency-tracking | |||
make -j$(nproc) | |||
make install | |||
echo "${libetpan_ver}">${INSTPREFIX}/libetpan.ver | |||
### ASN1c | |||
git clone https://github.com/vlm/asn1c.git $BUILDROOT/asn1c | |||
cd $BUILDROOT/asn1c | |||
git checkout tags/v0.9.28 -b pep-engine | |||
test -f configure || autoreconf -iv | |||
./configure --prefix=${INSTPREFIX}/asn1c | |||
make -j$(nproc) && make install | |||
echo "${asn1c_ver}">${INSTPREFIX}/asn1c.ver |
@ -0,0 +1,9 @@ | |||
#!/usr/bin/env sh | |||
set -exo | |||
# Install systemdb (need to be root depending on the path) | |||
cd $BUILDROOT/pEpEngine | |||
export LC_ALL=en_US.UTF-8 | |||
export PKG_CONFIG_PATH=$INSTPREFIX/share/pkgconfig/ | |||
echo "Setup DB" | |||
make -C db install |
@ -0,0 +1,38 @@ | |||
ARG DOCKER_REGISTRY_HOST | |||
ARG CURRENT_DISTRO | |||
ARG PEPENGINE_VERSION | |||
FROM ${DOCKER_REGISTRY_HOST}/pep-${CURRENT_DISTRO}-sequoia:latest | |||
ENV BUILDROOT /build | |||
ENV INSTPREFIX /install | |||
ENV OUTDIR /out | |||
ARG PEP_MACHINE_DIR | |||
### Setup working directory | |||
RUN mkdir ${BUILDROOT}/pEpEngine | |||
COPY . ${BUILDROOT}/pEpEngine | |||
USER root | |||
RUN chown -R pep-builder:pep-builder ${BUILDROOT}/pEpEngine | |||
WORKDIR ${BUILDROOT}/pEpEngine | |||
ARG ENGINE_VERSION | |||
ARG CURRENT_DISTRO | |||
RUN apt-get update && apt-get install -y wget bzip2 && \ | |||
rm -rf /var/lib/apt/lists/* | |||
### Build pEpEngine dependencies | |||
USER pep-builder | |||
RUN sh ./scripts/${CURRENT_DISTRO}/build_pEpEngine_deps.sh | |||
### Build pEpEngine | |||
RUN sh ./scripts/${CURRENT_DISTRO}/build_pEpEngine.sh | |||
### Install Systemdb | |||
USER root | |||
RUN sh ./scripts/${CURRENT_DISTRO}/install_pEpEngine_systemdb.sh && \ | |||
rm -rf ${BUILDROOT}/* |