From 33d56465c94d362a6e55eb69896ec79882ef3f77 Mon Sep 17 00:00:00 2001 From: Gustavo Yokoyama Ribeiro Date: Mon, 4 Dec 2023 09:19:02 -0300 Subject: [PATCH] Packaging release and pkglistgen services (slsa-build-service) --- Makefile | 5 +++ Makefile.common | 1 + config/logrotate | 10 +++++ config/sysusers | 2 + dist/package/openSUSE-release-tools.spec | 55 ++++++++++++++++++++++++ 5 files changed, 73 insertions(+) create mode 100644 config/logrotate create mode 100644 config/sysusers diff --git a/Makefile b/Makefile index 905f9837..2375172d 100644 --- a/Makefile +++ b/Makefile @@ -10,6 +10,9 @@ VERSION = "build-$(shell date +%F)" all: +build: + %sysusers_generate_pre config/sysusers $(package_name) $(package_name).conf + install: install -d -m 755 $(DESTDIR)$(bindir) $(DESTDIR)$(pkgdatadir) $(DESTDIR)$(unitdir) $(DESTDIR)$(oscplugindir) $(DESTDIR)$(sysconfdir)/$(package_name) $(DESTDIR)$(grafana_provisioning_dir)/dashboards $(DESTDIR)$(grafana_provisioning_dir)/datasources $(DESTDIR)$(logdir)/$(package_name) $(DESTDIR)$(varlibdir)/osrt-slsa/pkglistgen $(DESTDIR)$(varlibdir)/osrt-slsa/relpkggen for i in $(pkgdata_SCRIPTS); do install -m 755 $$i $(DESTDIR)$(pkgdatadir); done @@ -24,6 +27,8 @@ install: ln -s $(pkgdatadir)/metrics/access/aggregate.php $(DESTDIR)$(bindir)/osrt-metrics-access-aggregate ln -s $(pkgdatadir)/metrics/access/ingest.php $(DESTDIR)$(bindir)/osrt-metrics-access-ingest cp -R config/* $(DESTDIR)$(sysconfdir)/$(package_name) + install -Dpm0644 config/logrotate $(DESTDIR)$(sysconfdir)/logrotate.d/$(package_name) + install -Dpm0644 config/$(package_name).conf $(DESTDIR)$(sysusersdir)/$(package_name).conf for dir in dashboards datasources ; do ln -s $(pkgdatadir)/metrics/grafana/provisioning/$$dir.yaml \ $(DESTDIR)$(grafana_provisioning_dir)/$$dir/$(package_name).yaml ; done sed -i "s|OSRT_DATA_DIR|$(pkgdatadir)|" \ diff --git a/Makefile.common b/Makefile.common index 4f2758a5..4b04ec4c 100644 --- a/Makefile.common +++ b/Makefile.common @@ -11,3 +11,4 @@ apachevhostsdir=$(sysconfdir)/apache2/vhosts.d tmpfilesdir=$(prefix)/lib/tmpfiles.d logdir=/var/log varlibdir=/var/lib +sysusersdir=$(prefixi)/lib/sysusers.d diff --git a/config/logrotate b/config/logrotate new file mode 100644 index 00000000..a5563c9b --- /dev/null +++ b/config/logrotate @@ -0,0 +1,10 @@ +/var/log/openSUSE-release-tools/*/*.log { + compress + dateext + maxage 365 + rotate 99 + size=+4096k + missingok + notifempty + delaycompress +} diff --git a/config/sysusers b/config/sysusers new file mode 100644 index 00000000..41be4f0f --- /dev/null +++ b/config/sysusers @@ -0,0 +1,2 @@ +# Type Name ID GECOS [HOME] +u osrt-slsa - "User for openSUSE SLSA release tool" /var/lib/osrt-slsa diff --git a/dist/package/openSUSE-release-tools.spec b/dist/package/openSUSE-release-tools.spec index 6ffef65a..b5f4db19 100644 --- a/dist/package/openSUSE-release-tools.spec +++ b/dist/package/openSUSE-release-tools.spec @@ -19,6 +19,7 @@ %global __provides_exclude ^perl.* %define source_dir openSUSE-release-tools %define announcer_filename factory-package-news +%define services osrt-slsa.target osrt-relpkggen@.timer osrt-relpkggen@.service osrt-pkglistgen@.timer osrt-pkglistgen@.service Name: openSUSE-release-tools Version: 0 Release: 0 @@ -49,6 +50,9 @@ BuildRequires: apache2-devel BuildRequires: rsyslog BuildRequires: systemd-rpm-macros +BuildRequires: sysuser-shadow +BuildRequires: sysuser-tools + Requires: python3-PyYAML Requires: python3-cmdln Requires: python3-colorama @@ -242,6 +246,19 @@ BuildArch: noarch Generates package lists based on 000package-groups and puts them in 000product, resp 000release-packages +%package slsa-build-service +Summary: Build service +Group: Development/Tools/Other +# TODO Update requirements, but for now base deps. +Requires: %{name} = %{version} +Requires: openSUSE-release-tools-pkglistgen +%sysusers_requires +Recommends: logrotate +BuildArch: noarch + +%description slsa-build-service +Service to run repo-checker and pkglistgen. + %package -n osclib Summary: Supplemental osc libraries Group: Development/Tools/Other @@ -309,6 +326,9 @@ OSC plugin for the staging workflow, see `osc staging --help`. oscplugindir="%{osc_plugin_dir}" \ VERSION="%{version}" +%pre -f %{name}.pre +%service_add_pre %{name}.service + %pre announcer getent passwd osrt-announcer > /dev/null || \ useradd -r -m -s /sbin/nologin -c "user for openSUSE-release-tools-announcer" osrt-announcer @@ -351,6 +371,18 @@ getent passwd osrt-repo-checker > /dev/null || \ useradd -r -m -s /sbin/nologin -c "user for openSUSE-release-tools-repo-checker" osrt-repo-checker exit 0 +%pre slsa-build-service +%service_add_pre %{services} + +%post slsa-build-service +%service_add_post %{services} + +%preun slsa-build-service +%service_del_preun %{services} + +%postun slsa-build-service +%service_del_postun_with_restart %{services} + %pre staging-bot getent passwd osrt-staging-bot > /dev/null || \ useradd -r -m -s /sbin/nologin -c "user for openSUSE-release-tools-staging-bot" osrt-staging-bot @@ -400,6 +432,9 @@ exit 0 %exclude %{_datadir}/%{source_dir}/osc-staging.py %exclude %{_datadir}/%{source_dir}/publish_distro %exclude %{_datadir}/%{source_dir}/findfileconflicts +%exclude %{_datadir}/%{source_dir}/generate-release-packages +%exclude %{_datadir}/%{source_dir}/verify-build-and-generatelists +%exclude %{_datadir}/%{source_dir}/verify-repo-built-successful.py %exclude %{_datadir}/%{source_dir}/write_repo_susetags_file.pl %dir %{_sysconfdir}/openSUSE-release-tools @@ -427,6 +462,26 @@ exit 0 %{_unitdir}/osrt-docker-publisher.service %{_unitdir}/osrt-docker-publisher.timer +%files slsa-build-service +%{_bindir}/osrt-generate-release-packages +%{_bindir}/osrt-verify-build-and-generatelists +%{_datadir}/%{source_dir}/generate-release-packages +%{_datadir}/%{source_dir}/verify-build-and-generatelists +%{_datadir}/%{source_dir}/verify-repo-built-successful.py +%{_sysconfdir}/openSUSE-release-tools/ibsapi +%{_sysusersdir}/%{name}.conf +%{_unitdir}/osrt-pkglistgen@.service +%{_unitdir}/osrt-pkglistgen@.timer +%{_unitdir}/osrt-relpkggen@.service +%{_unitdir}/osrt-relpkggen@.timer +%{_unitdir}/osrt-slsa.target +%config(noreplace) %attr(0640,osrt-slsa,osrt-slsa) %{_sysconfdir}/openSUSE-release-tools/oscrc +%config(noreplace) %{_sysconfdir}/logrotate.d/%{name} +%dir %attr(755,osrt-slsa,osrt-slsa) %{_localstatedir}/log/openSUSE-release-tools/ +%dir %attr(750,osrt-slsa,osrt-slsa) %{_sharedstatedir}/osrt-slsa +%dir %attr(750,osrt-slsa,osrt-slsa) %{_sharedstatedir}/osrt-slsa/pkglistgen +%dir %attr(750,osrt-slsa,osrt-slsa) %{_sharedstatedir}/osrt-slsa/relpkggen + %files maintenance %{_bindir}/osrt-check_maintenance_incidents %{_datadir}/%{source_dir}/check_maintenance_incidents.py