Build rpm with Jenkins project

bgstack15 — Tue, 04 Feb 2020 13:34:21 GMT

Here is how I build rpm files in Jenkins.

Prerequisites

Add a Fedora node to the cluster. I am running Jenkins on Devuan, which obviously is not ideal for building rpms. I added a few labels, which are space-delimited which I found unusual. But whatever. I used a service account, and set up an ssh key for passwordless authentication. Add a user and grant them some specific sudo permissions:

useradd jenkins

cat <<EOF >/etc/sudoers.d/70_jenkins
User_Alias JENKINS = jenkins
Defaults:JENKINS !requiretty
JENKINS fc30x-01a=(root)    NOPASSWD: /usr/bin/dnf -y builddep *
EOF

Install some build tools:

sudo dnf -y install rpm-build rpmdevtools

My rpmbuild workflow in Jenkins

Add a new project. Restrict it to run on label "fedora." Like last time, I am checking out my git repo to a local subdirectory. All the build steps for this project are shell commands. The first command uses some tooling I learned about for this project: spectool. The dnf installs the build dependencies, and spectool downloads all the source files that are not already present in the directory.

pwd ; ls -altr ; mkdir -p rpmbuild ; cd rpmbuild ;
cp -p ../work/veracrypt/* . || :;
sudo dnf -y builddep *.spec ;
spectool -g *.spec ;

The actual build command happens in the second step. I am using a few macro definitions to keep everything happening in the present working directory.

cd rpmbuild ; rpmbuild --define "_topdir %(pwd)" --define "_builddir %{_topdir}" --define "_rpmdir %{_topdir}" --define "_sourcedir %{_topdir}" --define "_srcrpmdir %{_topdir}" --define "_rpmfilename %%{NAME}-%%{VERSION}-%%{RELEASE}.%%{ARCH}.rpm" -ba *.spec

And the final step deploys the files to my nfs share for manual curation.

mkdir -p /mnt/public/Public/${JOB_NAME} ;
cp -p *.rpm */*.rpm /mnt/public/Public/${JOB_NAME}/ || :

References

Weblinks

Build dpkg with Jenkins project

bgstack15 — Fri, 31 Jan 2020 13:31:02 GMT

Here is how I build dpkgs in Jenkins. I have not yet tried the jenkinsfile syntax, but I'm sure that's a better way to do it.

Prerequisites

Install the Debian Package Builder plugin. It adds a nice option for a build step which simplifies the debuild process. Now, I use a single repository to store my rpm specs and dpkg debian/ directories. It's not ideal, I realize, but it was based on the architecture I understood at the time, as well as it was modeled after a few upstream places I ~~rip off~~ follow. So I had to set up the Gitlab plugins:

My debuild workflow in Jenkins

Make a new item, of type Freestyle project. To load my repository with its specs and debian/ directories, I pointed to my public gitlab repo which is configured elsewhere in Jenkins. I am pulling down the updates branch, of my main git repo, and saving to a local subdirectory. I'm behind a NAT, so I don't expect to easily set up a webhook. But I really wish I would bother to get it hooked up so any repo changes would do this. I'll have to check that out in the future. For the build steps, I have some shell running before and after the main "Build debian package" section. I had to revamp the debian/watch file in my veracrypt sources, because I wasn't smart enough to get it to reliably download from sourceforge (oh how the might have fallen). But uscan is a wonderful tool that downloads the source tarball for a package. My first full shell step:

uscan -v -ddd --destdir ../../ --symlink work/veracrypt ; mkdir -p dpkg ; tar -zx -C dpkg --strip-components 1 -f $( find . -maxdepth 1 -iregex '.*\/veracrypt_[0-9]+.*orig.*tar.*z.?' | head -n1 ) ; cp -pr work/veracrypt/debian dpkg/

The syntax got a little weird when I was switching between the bzip2 and the gzip file. Also, I don't always know the filename, ergo the find command. And then, the Build debian package step. The source tarball was extracted to the dpkg/ location, and the debian dir copied there. I really appreciate the ability to specify where the debian/ directory is. And the final shell step deploys the files to my nfs share for final processing by hand. I hand-curate what's in my own repo. I don't have a proper pool/ setup like the real Devuan repos, so I curate it myself, plus my volume is low enough I can do it all myself.

mkdir -p /mnt/public/Public/${JOB_NAME} ;
cp -p *.build *.buildinfo *.changes *.deb *.debian.tar* *.dsc /mnt/public/Public/${JOB_NAME}/

And that's it! For now I will trigger these builds manually.

Knowledge Base (Posts about jenkins)

Build rpm with Jenkins project

Prerequisites

My rpmbuild workflow in Jenkins

References

Weblinks

Build dpkg with Jenkins project

Prerequisites

My debuild workflow in Jenkins