Is Jenkins not enough to build RPMs automatically? No, it isn't.
- If you need build RPMs on a koji that jenkins cannot login in.
- If you need build yum repos for these packages.
Install and Configure CI-RPM-Building
You should think about carefully about the following questions.
-
The koji command need source RPMs/SCM URLs to build RPMs. So you need first make a descion how to prepare source RPMs or SCM URLs, and how koji can get the source RPMs and SCM URLs.
-
To login in the koji building server need authentication and authorization.
-
Where, when and who issue an event that triger RPMs building process.
Our solutions
-
We use fedpkg and rpmbuild tools to build SCMs and source RPMs.
-
We use a koji system that uses Kerberos authentication. It's OK if we just exec koji commands locally, just kinit is OK. If we need delegate koji job to a remote server, we use ssh to forward a forwardable ticket to the remote server. Then use sftp to upload our scripts to the remote server, and use ssh to exec the script. Surely the remote server runs ssh daemon and the ssh daemon uses Kerberos authentication.
-
We could use cron to run scheduled jobs or git hooks to issue the events.
How setup CI-RPM-Building
-
Setting up ssh daemon that use Kerberos authentication.
-
Installing and configuring koji on the server.
-
Packages that we need
yum -y install krb5-workstation perl-Authen-Krb5
How to use CI-RPM-Building?
-
Prepare source RPM or scm url
-
Issue the event that will triger the building job.
Now in the following functions, the argurment valid_time all could be replaced by time literals that GNU date could accept.
For example, you can check whether the tgt is valid in future hours like this
is_tgt_valid_after '+2 hour'
Or just simply
is_tgt_valid_after '-2 hour'
Now these functions only work on Bash.
Functions to control Kerberos authentication
tgt_config [valid_time [user [krb5_realm]]]]
This should be the first functions that you should exec before the following functions
is_krb5_full_principal [string]
get_krb5_default_realm
get_krb5_cache_file_name [user_name or kerb principal]
is_tgt_forwardable [user_name or kerb principal]
is_tgt_valid_after [valid_time [user_name or kerb principal]]
is_tgt_ok [valid_time [user_name or kerb principal]]
Functions to work with ssh/sftp
ssh_config [[host] [[user] [worddir [hash_known_host]]]]
This should be the first functions that you should exec before the following functions.
is_ssh_ok
ssh_upload [file_path1 [file_path2 [...]]]
ssh_download [file_path1 [file_path2 [...]]]
ssh_exec [command1 [command2 [...]]]
koji_config [build_tag [result_tag [get_raw_data [how_new_RPMs_we_want]]]]
You should exec koji_config first before the following functions
have_koji_to_login
get_pkgs_owned_by [user_name [pkg]]
get_rpm_from_pkg pkg
get_rpm_info_idx rpm
get_pkgs_info_idx pkg1 [pkg2 [...]]
About GNU date
We need UTC time in koji functions.
# Get current UTC time
date +%s
# Covert UTC time to local time
date -d @1403083279
# A funny one
date -d @$(date +%s)
# second, minute, day, week, month and year.
date -d '-1 day' +%s
date -d '-1 week' +%s
date -d '-1 month' +%s