Merge pull request #16 from NethServer/buildah-migration

Migration from Travis CI/Docker to Github Actions/Buildah

NethServer/dev#6700

.github/workflows/build-container.yml

@@ -0,0 +1,55 @@
+name: Build and Push Container
+on:
+  push:
+  schedule:
+    - cron: "0 4 * * 1"
+env:
+  registry: docker.io
+  image: nethserver/makerpms
+  platforms: "linux/amd64"
+  registry_user: ${{ secrets.registry_user }}
+  registry_password: ${{ secrets.registry_password }}
+jobs:
+  build:
+    runs-on: ubuntu-22.04
+    strategy:
+      matrix:
+        target:
+          - makerpms
+          - buildsys
+          - devtoolset
+    steps:
+      - uses: actions/checkout@v3
+      - name: Outputting correct prefix/suffix for each target
+        id: prefix
+        run: |
+          if [[ "${{ matrix.target }}" != "makerpms" ]]; then
+            echo "::set-output name=prefix::-${{ matrix.target }}"
+          fi
+      - uses: docker/metadata-action@v4
+        id: meta
+        with:
+          images: |
+            ${{ env.registry }}/${{ env.image }}
+          tags: |
+            type=ref,event=branch,suffix=-7${{ steps.prefix.outputs.prefix }},enable=${{ github.ref != format('refs/heads/{0}', 'master') }}
+            type=raw,value=7,prefix=${{ steps.prefix.outputs.prefix }},enable=${{ github.ref == format('refs/heads/{0}', 'master') }}
+          flavor: |
+            latest=false
+      - uses: redhat-actions/buildah-build@v2
+        with:
+          containerfiles: |
+            container/Containerfile
+          tags: ${{ steps.meta.outputs.tags }}
+          labels: ${{ steps.meta.outputs.labels }}
+          layers: true
+          context: container
+          platforms: ${{ env.platforms }}
+          extra-args:
+            --target ${{ matrix.target }}
+      - uses: redhat-actions/push-to-registry@v2
+        if: ${{ env.registry_user != '' && env.registry_password != '' }}
+        with:
+          tags: ${{ steps.meta.outputs.tags }}
+          username: ${{ env.registry_user }}
+          password: ${{ env.registry_password }}

README.rst

@@ -5,13 +5,13 @@ nethserver-makerpms
 
 RPM builds by Linux containers
 
-.. image:: https://travis-ci.com/NethServer/nethserver-makerpms.svg?branch=master
-    :target: https://travis-ci.com/NethServer/nethserver-makerpms
+.. |Build| image:: https://github.com/NethServer/nethserver-makerpms/actions/workflows/build-container.yml/badge.svg
+    :target: https://github.com/NethServer/nethserver-makerpms/actions
 
 
 This is a simple RPM build environment based on the official CentOS Docker image.
 
-It can build RPMs in the travis-ci.com environment, or on your local
+It can build RPMs in the github actions environment, or on your local
 Fedora 31+/CentOS 8 machine.
 
 Installation/upgrade
@@ -54,10 +54,6 @@ Run without any argument to get a **brief help** ::
 
   $ makerpms
 
-To build a NethServer 6 RPM pass the ``NSVER`` environment variable to ``makerpms`` ::
-
-  $ NSVER=6 makerpms *.spec
-
 To build a package for another distribution pass the ``DIST`` environment variable ::
 
   $ DIST=.el7 makerpms *.spec
@@ -244,10 +240,9 @@ This is an example of ``.github/workflows/make-rpms.yml`` contents: ::
     pull_request:
   jobs:
     make-rpm:
-      runs-on: ubuntu-latest
+      runs-on: ubuntu-22.04
       env:
         dest_id: core
-        nsver: 7
         docker_image: nethserver/makerpms:7
       steps:
         - uses: actions/checkout@v3
@@ -258,7 +253,7 @@ This is an example of ``.github/workflows/make-rpms.yml`` contents: ::
           run: |
             cat > .env <<EOF
               DEST_ID=${{ env.dest_id }}
-              NSVER=${{ env.nsver }}
+              NSVER=7
               DOCKER_IMAGE=${{ env.docker_image }}
               GITHUB_ACTIONS=1
               GITHUB_HEAD_REF=${{ github.head_ref }}
@@ -280,11 +275,11 @@ This is an example of ``.github/workflows/make-rpms.yml`` contents: ::
               --env-file .env \
               --hostname $GITHUB_RUN_ID-$GITHUB_RUN_NUMBER.nethserver.org \
               --volume $PWD:/srv/makerpms/src:ro \
-               ${{ env.docker_image }} \
+              ${{ env.docker_image }} \
               makerpms-github -s *.spec
             echo "Build succesful."
             if [[ "${{ secrets.endpoints_pack }}" && "${{ secrets.secret }}" ]]; then
-              echo "Publish configuration exists, pushing package to repo..."
+              echo "Publish configuration exists, pushing package to repo."
               docker commit makerpms nethserver/build
               docker run \
                 --env-file .env \
@@ -299,13 +294,13 @@ Usage
 
 GitHub Actions builds are triggered automatically when:
 
-* one or more commits are pushed to the `master` branch of the NethServer repository, as
+* one or more commits are pushed to the `master` or `main` branch of the NethServer repository, as
   stated in the ``.github/workflows/make-rpms.yml`` file inside the ``on.push.branches`` key
 
 * A *pull request* is opened from a NethServer repository fork or it is updated
   by submitting new commits
 
-After a successful build, the RPM is uploaded to ``packages.nethserver.org``,
+After a successful build, (if secrets are available) the RPM is uploaded to ``packages.nethserver.org``,
 according to the ``DEST_ID`` variable value. Supported values are ``core`` for
 NethServer core packages, and ``forge`` for NethForge packages.
 
@@ -322,16 +317,9 @@ Also issues are commented by ``nethbot`` if the following rules are respected in
 
 The build environment supports the following variables:
 
-- ``NSVER``
 - ``DOCKER_IMAGE``
 - ``DEST_ID``
 
-NSVER
-~~~~~
-
-``NSVER`` selects the target NethServer version for the build system. Currently
-the supported version values are ``7`` and ``6``.
-
 DOCKER_IMAGE
 ~~~~~~~~~~~~
 

build.sh

@@ -0,0 +1,34 @@
+#!/bin/env bash
+
+function build_image()
+{
+    echo "Building $1 image..."
+    if [[ "$1" != "makerpms" ]]; then
+        tag="$1"
+    fi
+    tag+=7
+    buildah build \
+        --layers \
+        --force-rm \
+        --tag "$image:$tag" \
+        --file container/Containerfile \
+        --target "$1" \
+        container
+}
+
+image=${IMAGE_REPO:-nethserver/makerpms}
+if ! command -v buildah &> /dev/null; then
+    echo "buildah could not be found, is needed for the script to run."
+    exit 1
+fi
+
+declare -a targets=()
+if [[ $# -gt 0 ]]; then
+    targets+=("$@")
+else
+    targets+=("makerpms" "buildsys" "devtoolset")
+fi
+
+for var in "${targets[@]}"; do
+    build_image "$var"
+done

container/.ssh/config

@@ -0,0 +1,2 @@
+UserKnownHostsFile=/dev/null
+StrictHostKeyChecking=no

container/.ssh/id_rsa

@@ -0,0 +1 @@
+# File should be empty.

container/Containerfile

@@ -0,0 +1,40 @@
+FROM centos:7 as makerpms
+RUN yum -y install \
+        http://packages.nethserver.org/nethserver/nethserver-release-7.rpm \
+        centos-release-scl \
+        epel-release \
+        expect \
+        git \
+        nethserver-devtools \
+        openssl \
+        perl \
+        rpmdevtools \
+        sed \
+        sudo \
+        yum-utils \
+    && yum clean all \
+    && rm -rf /var/cache/yum/*
+
+COPY bin /usr/local/bin
+COPY sudoers.d /etc/sudoers.d
+RUN chmod 755 /usr/local/bin/{make*,upload*} \
+    && chmod 440 /etc/sudoers.d/10_makerpms \
+    && useradd -m -d /srv/makerpms -r makerpms
+
+USER makerpms
+COPY --chown=makerpms:makerpms .ssh /srv/makerpms/.ssh
+RUN chmod 700 /srv/makerpms/.ssh \
+    && chmod 600 \
+        /srv/makerpms/.ssh/config \
+        /srv/makerpms/.ssh/id_rsa \
+    && rpmdev-setuptree -d \
+    && echo '%url_prefix http://github.com/NethServer' >> /srv/makerpms/.rpmmacros \
+    && mkdir /srv/makerpms/src
+
+WORKDIR /srv/makerpms/src
+
+FROM makerpms as buildsys
+RUN sudo yum -y install @buildsys-build
+
+FROM buildsys as devtoolset
+RUN sudo yum -y install --enablerepo=ce-sclo-rh devtoolset-9-\*

buildimage/makerpms → container/bin/makerpms

@@ -1,7 +1,7 @@
 #!/bin/bash
 
 #
-# Copyright (C) 2017 Nethesis S.r.l.
+# Copyright (C) 2022 Nethesis S.r.l.
 # http://www.nethesis.it - nethserver@nethesis.it
 #
 # This script is part of NethServer.