Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

ci: Add Jenkins pipeline #1899

Closed
wants to merge 1 commit into from
Closed

ci: Add Jenkins pipeline #1899

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
113 changes: 113 additions & 0 deletions .cci.jenkinsfile
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,113 @@
@Library('github.com/coreos/coreos-ci-lib@master') _

stage("Build") {
parallel rpms: {
coreos.pod(image: 'registry.svc.ci.openshift.org/coreos/cosa-buildroot:latest', runAsUser: 0) {
checkout scm
sh """
set -euo pipefail
ci/installdeps.sh
git submodule update --init

# We lose sanitizers (all the *san) here by building straight to RPMs, but we can
# restore those through a build opt later on. Being able to stash RPMs directly is
# super nice (and archiving later on will make it easy for anyone to download
# binaries from PRs in the future) and meshes well with the following stages.
export PATH="/root/.cargo/bin:\$PATH"
cargo install cbindgen
cbindgen -c rust/cbindgen.toml -o rpmostree-rust.h rust

cd packaging
make -f Makefile.dist-packaging rpm
"""
stash includes: 'packaging/**/*.rpm', name: 'rpms'
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is an interesting approach. Worth contrasting with e.g. #1893 where what I was trying to do was get closer to a model where we build a derived container. You could imagine e.g. that we generate a FROM coreos-assembler container and then test that potentially multiple ways.

That said, we need RPMs for composes, so I'm OK with this approach too.

Copy link
Member Author

@jlebon jlebon Sep 12, 2019
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hmm, I think if we want to drop privs even more, we'll need a mix of the two. E.g. an initial derived container build which builds the RPMs and installs them on top of cosa-buildroot:latest, and then using that as part of Jenkins pipeline. I'm not sure if there's an easy way to do this though. We could use the OpenShift Jenkins pipeline plugin and use the openshiftBuild() step, though that'd require creating a buildconfig first, which really wants e.g. a throwaway namespace like Prow gives us.

Or we could mix Prow and Jenkins. E.g. have the pipeline wait until the Prow build is done? Prow can natively trigger Jenkins jobs, though I'm not sure if we'd still be able to leverage the native integration into GitHub like we do now.

Edit: this isn't a direct reply to your specific comment here really, just some brainstorming.

}
},
codestyle: {
coreos.pod(image: 'quay.io/coreos-assembler/coreos-assembler:latest') {
def change = checkout scm
sh """
set -euo pipefail
# Jenkins by default only fetches the branch it's testing. Explicitly fetch master
# for ci-commitmessage-submodules.sh
git fetch origin +refs/heads/master:refs/remotes/origin/master
ci/ci-commitmessage-submodules.sh ${change.GIT_COMMIT}
ci/codestyle.sh
"""
}
},
msrv: {
coreos.pod(image: 'registry.svc.ci.openshift.org/coreos/cosa-buildroot:latest', runAsUser: 0) {
checkout scm

// this corresponds to the latest Rust module available in el8
def MINIMUM_SUPPORTED_RUST_VERSION = "1.31.0"

sh """
set -euo pipefail
ci/installdeps.sh
curl https://sh.rustup.rs -sSf | sh -s -- --default-toolchain ${MINIMUM_SUPPORTED_RUST_VERSION} -y
PATH="\$HOME/.cargo/bin:\$PATH" ci/build.sh |& tee out.txt
grep ${MINIMUM_SUPPORTED_RUST_VERSION} out.txt
grep "checking for cargo... \$HOME/.cargo/bin/cargo" out.txt
grep "checking for rustc... \$HOME/.cargo/bin/rustc" out.txt
"""
}
}}

stage("Build FCOS") {
coreos.pod(image: 'quay.io/coreos-assembler/coreos-assembler:latest', runAsUser: 0, kvm: true) {
unstash 'rpms'
sh """
set -euo pipefail

# install our built rpm-ostree
find packaging/ ! -name '*.src.rpm' -name '*.rpm' | xargs dnf install -y
rm -rf packaging

# and build FCOS
coreos-assembler init --force https://github.com/coreos/fedora-coreos-config
coreos-assembler build
"""
stash includes: 'builds/latest/*/*.qcow2', name: 'fcos'
}
}

/*
stage("Test") {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is a no-op right now right? Maybe best to comment out the whole section?

parallel vmcheck: {
coreos.pod(image: 'quay.io/coreos-assembler/coreos-assembler:latest', runAsUser: 0, kvm: true) {
checkout scm
unstash 'rpms'
sh """
set -euo pipefail

# install our built rpm-ostree
find packaging/ ! -name '*.src.rpm' -name '*.rpm' | xargs dnf install -y
rm -rf packaging
"""
unstash 'fcos'
sh """
set -euo pipefail

echo "standing up VMs"
find builds/ -name '*.qcow2'
"""
}
},
compose: {
coreos.pod(image: 'quay.io/coreos-assembler/coreos-assembler:latest', runAsUser: 0, kvm: true) {
checkout scm
unstash 'rpms'
sh """
set -euo pipefail

# install our built rpm-ostree
find packaging/ ! -name '*.src.rpm' -name '*.rpm' | xargs dnf install -y
rm -rf packaging

echo "starting compose tests in supermin"
"""
}
}}
*/
6 changes: 4 additions & 2 deletions ci/ci-commitmessage-submodules.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -30,8 +30,10 @@ cleanup_tmp() {
}
trap cleanup_tmp EXIT

pkg_upgrade
pkg_install git
if ! [ -x /usr/bin/git ]; then
pkg_upgrade
pkg_install git
fi

gitdir=$(realpath $(pwd))
# Create a temporary copy of this (using cp not git clone) so git doesn't
Expand Down