Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
branch: master
Fetching contributors…

Cannot retrieve contributors at this time

executable file 194 lines (172 sloc) 5.906 kb
#!/bin/sh
### Yet another build script.
###
### Chrooted binary RPM builder script.
### Builds binary RPM packages for OpenSuse Linux distribution
### in clean chrooted environment.
###
### Author: Aleksey Morarash <aleksey.morarash@gmail.com>
### Created: 12 Sep 2012
###
## ---------------------------------------------
## functions
error(){
set +x
echo "$1" 1>&2
exit 1
}
cleanfs(){
umount "$ROOTFS"/proc || :
umount "$ROOTFS"/sys || :
rm --recursive --force "$ROOTFS"/*
}
## ---------------------------------------------
## user interface section
[ `id --user` = "0" ] || \
error "$0: must be run with superuser privileges"
SPEC="$1"
ROOTFS="$2"
DSTDIR="$3"
REPO_LIST="$4"
[ -z "$SPEC" -o -z "$ROOTFS" -o -z "$DSTDIR" -o -z "$REPO_LIST" ] && \
error "Usage: $0 <filename.spec> <rootfs.dir> <destination.repo.dir> <repo.list.file>"
[ -d "$DSTDIR" -a -w "$DSTDIR" ] || \
error "$0: directory '$DSTDIR' is not exists or not writable"
DSTDIR=`readlink --canonicalize-existing "$DSTDIR"`
[ -f "$REPO_LIST" ] || \
error "$0: repository list file '$REPO_LIST' is missing"
set -e
mkdir --parents "$DSTDIR"/RPMS "$DSTDIR"/SRPMS
set -x
## ---------------------------------------------
## initialize rootfs...
mkdir --parents "$ROOTFS"
LOCK=`dirname "$ROOTFS"`/`basename "$ROOTFS"`.lock
exec 3>"$LOCK"
echo "Waiting until lock will be released..."
flock --exclusive 3 || exit 1
SOURCESDIR="$ROOTFS"/usr/src/packages/SOURCES
SPECSDIR="$ROOTFS"/usr/src/packages/SPECS
cleanfs
mkdir --parents "$ROOTFS"/dev "$SOURCESDIR" "$SPECSDIR"
mknod --mode=666 "$ROOTFS"/dev/null c 1 3
mknod --mode=666 "$ROOTFS"/dev/random c 1 8
mknod --mode=666 "$ROOTFS"/dev/urandom c 1 9
cp --verbose "$SPEC" "$SPECSDIR"
SPEC="$SPECSDIR"/`basename "$SPEC"`
## ---------------------------------------------
## fetch build requirements...
DEPS=`cat "$SPEC" | \
grep --extended-regexp '^BuildRequires:' | \
sed --regexp-extended 's/^BuildRequires:\s*//'`
## ---------------------------------------------
## fetch metainfo from spec...
TMPSPEC="$SPEC".tmp
( echo -e '%{echo:YABSINFO=%name|%url|%SOURCEURL0\n}'; cat "$SPEC"; ) \
> "$TMPSPEC"
SPECINFO=`rpmbuild --nodeps --nobuild -bp "$TMPSPEC" 2>&1 | \
grep --extended-regexp '^YABSINFO=' | \
tail --lines=1 | \
sed --regexp-extended 's/^YABSINFO=//'`
PKGNAME=`echo "$SPECINFO" | \
sed --regexp-extended 's/^(.*)\|.*\|.*$/\1/'`
[ "$PKGNAME" == "%name" ] && \
error "Failed to fetch source package name. Hint: check BuildArch is defined."
PKGURL=`echo "$SPECINFO" | \
sed --regexp-extended 's/^.*\|(.*)\|.*$/\1/'`
[ "$PKGURL" == "%url" ] && \
error "Failed to fetch tarball URL"
PKGTAR=`echo "$SPECINFO" | \
sed --regexp-extended 's/^.*\|.*\|(.*)$/\1/'`
[ "$PKGTAR" == "%SOURCEURL0" ] && \
error "Failed to fetch tarball name"
## ---------------------------------------------
## download tarball...
export HTTP_USERNAME=""
export HTTP_PASSWORD=""
export PKGURL SOURCESDIR PKGTAR
(
set -e
# honor global 'set -x' settings, but there
# we probably will set our own
set -x
AUTH_OPTS=""
if echo "$PKGURL" | grep --quiet --extended-regexp 'github.com/(strikead|hmmr)' && \
echo "$PKGURL" | grep --quiet --extended-regexp '^https://'; then
# use username and password only for StrikeAd repos,
# and only via HTTPS.
# do not dump them to log
set +x
. /etc/yabs/http-auth.conf
AUTH_OPTS="--user $HTTP_USERNAME:$HTTP_PASSWORD"
echo "Downloading tarball from private repo at $PKGURL..."
fi
curl --location $AUTH_OPTS \
"$PKGURL" --output "$SOURCESDIR"/"$PKGTAR"
)
tar tf "$SOURCESDIR"/"$PKGTAR" || \
unzip -t "$SOURCESDIR"/"$PKGTAR"
## ---------------------------------------------
## register package repos...
for URL in `cat "$REPO_LIST"` "$DSTDIR"/RPMS; do
zypper \
--root "$ROOTFS" \
--non-interactive \
addrepo \
--refresh \
"$URL" "$URL"
if echo "$URL" | grep --quiet strikead || [ -d "$URL" ]; then
zypper \
--root "$ROOTFS" \
--non-interactive \
modifyrepo \
--priority 1 \
"$URL"
fi
done
## ---------------------------------------------
## install base packages...
zypper \
--root "$ROOTFS" \
--gpg-auto-import-keys \
--no-gpg-checks \
--non-interactive \
install \
--name \
--download-in-advance \
--auto-agree-with-licenses \
--no-recommends \
-- \
pwdutils rpm-build gzip tar findutils gawk \
$DEPS
## ---------------------------------------------
## initialize users and groups...
grep --quiet --extended-regexp '^root:' "$ROOTFS"/etc/passwd ||
chroot "$ROOTFS" sh -c "echo root::0:0::/root:/bin/bash > /etc/passwd"
chroot "$ROOTFS" touch /etc/group
grep --quiet --extended-regexp '^root:' "$ROOTFS"/etc/group ||
chroot "$ROOTFS" /usr/sbin/groupadd --gid 0 root
chroot "$ROOTFS" /usr/sbin/groupadd builder
chroot "$ROOTFS" /usr/sbin/useradd --home /usr/src/packages/ --password "" --gid builder builder
## ---------------------------------------------
## disabling DNS resolving...
> "$ROOTFS"/etc/resolv.conf
## ---------------------------------------------
## deploy and build package...
chroot "$ROOTFS" chown --recursive builder:builder /usr/src/packages
SPECBASENAME=`basename "$SPEC"`
chroot "$ROOTFS" su --login \
--command="rpmbuild -ba /usr/src/packages/SPECS/\"$SPECBASENAME\"" builder
## ---------------------------------------------
## deliver packages to destination directory...
RUNDIR=`pwd`
cd "$ROOTFS"/usr/src/packages/RPMS
cp --recursive --parents --force . "$DSTDIR"/RPMS/
cd "$ROOTFS"/usr/src/packages/SRPMS
cp --recursive --parents --force . "$DSTDIR"/SRPMS/
cd "$RUNDIR"
## ---------------------------------------------
## clean filesystem...
cleanfs
set +x
echo "Success"
Jump to Line
Something went wrong with that request. Please try again.