From: romeroalx Date: Fri, 7 Mar 2025 07:00:19 +0000 (+0100) Subject: gh actions: upload packages to an additional repository X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=refs%2Fpull%2F15267%2Fhead;p=thirdparty%2Fpdns.git gh actions: upload packages to an additional repository --- diff --git a/.github/workflows/build-packages-daily-master.yml b/.github/workflows/build-packages-daily-master.yml index 3fdbbcc63..87cc9b648 100644 --- a/.github/workflows/build-packages-daily-master.yml +++ b/.github/workflows/build-packages-daily-master.yml @@ -31,6 +31,13 @@ jobs: DOWNLOADS_AUTOBUILT_SECRET: ${{ secrets.DOWNLOADS_AUTOBUILT_SECRET }} DOWNLOADS_AUTOBUILT_RSYNCTARGET: ${{ secrets.DOWNLOADS_AUTOBUILT_RSYNCTARGET }} DOWNLOADS_AUTOBUILT_HOSTKEY: ${{ secrets.DOWNLOADS_AUTOBUILT_HOSTKEY }} + PULP_FILE_REPO_NAME: ${{ secrets.PULP_FILE_REPO_NAME }} + PULP_URL: ${{ secrets.PULP_URL }} + PULP_CONTENT_URL: ${{ secrets.PULP_CONTENT_URL }} + PULP_CI_USERNAME: ${{ secrets.PULP_CI_USERNAME }} + PULP_CI_PASSWORD: ${{ secrets.PULP_CI_PASSWORD }} + PULP_PDNS_GPG_PUBKEY_MASTER: ${{ secrets.PULP_PDNS_GPG_PUBKEY_MASTER }} + PULP_PDNS_GPG_PUBKEY: ${{ secrets.PULP_PDNS_GPG_PUBKEY }} call-build-packages-dnsdist: if: ${{ vars.SCHEDULED_PACKAGES_DAILY }} @@ -52,6 +59,13 @@ jobs: DOWNLOADS_AUTOBUILT_SECRET: ${{ secrets.DOWNLOADS_AUTOBUILT_SECRET }} DOWNLOADS_AUTOBUILT_RSYNCTARGET: ${{ secrets.DOWNLOADS_AUTOBUILT_RSYNCTARGET }} DOWNLOADS_AUTOBUILT_HOSTKEY: ${{ secrets.DOWNLOADS_AUTOBUILT_HOSTKEY }} + PULP_FILE_REPO_NAME: ${{ secrets.PULP_FILE_REPO_NAME }} + PULP_URL: ${{ secrets.PULP_URL }} + PULP_CONTENT_URL: ${{ secrets.PULP_CONTENT_URL }} + PULP_CI_USERNAME: ${{ secrets.PULP_CI_USERNAME }} + PULP_CI_PASSWORD: ${{ secrets.PULP_CI_PASSWORD }} + PULP_PDNS_GPG_PUBKEY_MASTER: ${{ secrets.PULP_PDNS_GPG_PUBKEY_MASTER }} + PULP_PDNS_GPG_PUBKEY: ${{ secrets.PULP_PDNS_GPG_PUBKEY }} call-build-packages-rec: if: ${{ vars.SCHEDULED_PACKAGES_DAILY }} @@ -73,3 +87,10 @@ jobs: DOWNLOADS_AUTOBUILT_SECRET: ${{ secrets.DOWNLOADS_AUTOBUILT_SECRET }} DOWNLOADS_AUTOBUILT_RSYNCTARGET: ${{ secrets.DOWNLOADS_AUTOBUILT_RSYNCTARGET }} DOWNLOADS_AUTOBUILT_HOSTKEY: ${{ secrets.DOWNLOADS_AUTOBUILT_HOSTKEY }} + PULP_FILE_REPO_NAME: ${{ secrets.PULP_FILE_REPO_NAME }} + PULP_URL: ${{ secrets.PULP_URL }} + PULP_CONTENT_URL: ${{ secrets.PULP_CONTENT_URL }} + PULP_CI_USERNAME: ${{ secrets.PULP_CI_USERNAME }} + PULP_CI_PASSWORD: ${{ secrets.PULP_CI_PASSWORD }} + PULP_PDNS_GPG_PUBKEY_MASTER: ${{ secrets.PULP_PDNS_GPG_PUBKEY_MASTER }} + PULP_PDNS_GPG_PUBKEY: ${{ secrets.PULP_PDNS_GPG_PUBKEY }} diff --git a/.github/workflows/build-packages-daily-releases.yml b/.github/workflows/build-packages-daily-releases.yml index e4c36afb9..b99558413 100644 --- a/.github/workflows/build-packages-daily-releases.yml +++ b/.github/workflows/build-packages-daily-releases.yml @@ -22,6 +22,13 @@ jobs: DOWNLOADS_AUTOBUILT_SECRET: ${{ secrets.DOWNLOADS_AUTOBUILT_SECRET }} DOWNLOADS_AUTOBUILT_RSYNCTARGET: ${{ secrets.DOWNLOADS_AUTOBUILT_RSYNCTARGET }} DOWNLOADS_AUTOBUILT_HOSTKEY: ${{ secrets.DOWNLOADS_AUTOBUILT_HOSTKEY }} + PULP_FILE_REPO_NAME: ${{ secrets.PULP_FILE_REPO_NAME }} + PULP_URL: ${{ secrets.PULP_URL }} + PULP_CONTENT_URL: ${{ secrets.PULP_CONTENT_URL }} + PULP_CI_USERNAME: ${{ secrets.PULP_CI_USERNAME }} + PULP_CI_PASSWORD: ${{ secrets.PULP_CI_PASSWORD }} + PULP_PDNS_GPG_PUBKEY_MASTER: ${{ secrets.PULP_PDNS_GPG_PUBKEY_MASTER }} + PULP_PDNS_GPG_PUBKEY: ${{ secrets.PULP_PDNS_GPG_PUBKEY }} call-build-packages-auth-49: if: ${{ vars.SCHEDULED_PACKAGES_DAILY }} @@ -34,6 +41,13 @@ jobs: DOWNLOADS_AUTOBUILT_SECRET: ${{ secrets.DOWNLOADS_AUTOBUILT_SECRET }} DOWNLOADS_AUTOBUILT_RSYNCTARGET: ${{ secrets.DOWNLOADS_AUTOBUILT_RSYNCTARGET }} DOWNLOADS_AUTOBUILT_HOSTKEY: ${{ secrets.DOWNLOADS_AUTOBUILT_HOSTKEY }} + PULP_FILE_REPO_NAME: ${{ secrets.PULP_FILE_REPO_NAME }} + PULP_URL: ${{ secrets.PULP_URL }} + PULP_CONTENT_URL: ${{ secrets.PULP_CONTENT_URL }} + PULP_CI_USERNAME: ${{ secrets.PULP_CI_USERNAME }} + PULP_CI_PASSWORD: ${{ secrets.PULP_CI_PASSWORD }} + PULP_PDNS_GPG_PUBKEY_MASTER: ${{ secrets.PULP_PDNS_GPG_PUBKEY_MASTER }} + PULP_PDNS_GPG_PUBKEY: ${{ secrets.PULP_PDNS_GPG_PUBKEY }} call-build-packages-auth-48: if: ${{ vars.SCHEDULED_PACKAGES_DAILY }} @@ -46,6 +60,13 @@ jobs: DOWNLOADS_AUTOBUILT_SECRET: ${{ secrets.DOWNLOADS_AUTOBUILT_SECRET }} DOWNLOADS_AUTOBUILT_RSYNCTARGET: ${{ secrets.DOWNLOADS_AUTOBUILT_RSYNCTARGET }} DOWNLOADS_AUTOBUILT_HOSTKEY: ${{ secrets.DOWNLOADS_AUTOBUILT_HOSTKEY }} + PULP_FILE_REPO_NAME: ${{ secrets.PULP_FILE_REPO_NAME }} + PULP_URL: ${{ secrets.PULP_URL }} + PULP_CONTENT_URL: ${{ secrets.PULP_CONTENT_URL }} + PULP_CI_USERNAME: ${{ secrets.PULP_CI_USERNAME }} + PULP_CI_PASSWORD: ${{ secrets.PULP_CI_PASSWORD }} + PULP_PDNS_GPG_PUBKEY_MASTER: ${{ secrets.PULP_PDNS_GPG_PUBKEY_MASTER }} + PULP_PDNS_GPG_PUBKEY: ${{ secrets.PULP_PDNS_GPG_PUBKEY }} call-build-packages-rec-53: if: ${{ vars.SCHEDULED_PACKAGES_DAILY }} @@ -58,6 +79,13 @@ jobs: DOWNLOADS_AUTOBUILT_SECRET: ${{ secrets.DOWNLOADS_AUTOBUILT_SECRET }} DOWNLOADS_AUTOBUILT_RSYNCTARGET: ${{ secrets.DOWNLOADS_AUTOBUILT_RSYNCTARGET }} DOWNLOADS_AUTOBUILT_HOSTKEY: ${{ secrets.DOWNLOADS_AUTOBUILT_HOSTKEY }} + PULP_FILE_REPO_NAME: ${{ secrets.PULP_FILE_REPO_NAME }} + PULP_URL: ${{ secrets.PULP_URL }} + PULP_CONTENT_URL: ${{ secrets.PULP_CONTENT_URL }} + PULP_CI_USERNAME: ${{ secrets.PULP_CI_USERNAME }} + PULP_CI_PASSWORD: ${{ secrets.PULP_CI_PASSWORD }} + PULP_PDNS_GPG_PUBKEY_MASTER: ${{ secrets.PULP_PDNS_GPG_PUBKEY_MASTER }} + PULP_PDNS_GPG_PUBKEY: ${{ secrets.PULP_PDNS_GPG_PUBKEY }} call-build-packages-rec-52: if: ${{ vars.SCHEDULED_PACKAGES_DAILY }} @@ -70,6 +98,13 @@ jobs: DOWNLOADS_AUTOBUILT_SECRET: ${{ secrets.DOWNLOADS_AUTOBUILT_SECRET }} DOWNLOADS_AUTOBUILT_RSYNCTARGET: ${{ secrets.DOWNLOADS_AUTOBUILT_RSYNCTARGET }} DOWNLOADS_AUTOBUILT_HOSTKEY: ${{ secrets.DOWNLOADS_AUTOBUILT_HOSTKEY }} + PULP_FILE_REPO_NAME: ${{ secrets.PULP_FILE_REPO_NAME }} + PULP_URL: ${{ secrets.PULP_URL }} + PULP_CONTENT_URL: ${{ secrets.PULP_CONTENT_URL }} + PULP_CI_USERNAME: ${{ secrets.PULP_CI_USERNAME }} + PULP_CI_PASSWORD: ${{ secrets.PULP_CI_PASSWORD }} + PULP_PDNS_GPG_PUBKEY_MASTER: ${{ secrets.PULP_PDNS_GPG_PUBKEY_MASTER }} + PULP_PDNS_GPG_PUBKEY: ${{ secrets.PULP_PDNS_GPG_PUBKEY }} call-build-packages-rec-51: if: ${{ vars.SCHEDULED_PACKAGES_DAILY }} @@ -82,6 +117,13 @@ jobs: DOWNLOADS_AUTOBUILT_SECRET: ${{ secrets.DOWNLOADS_AUTOBUILT_SECRET }} DOWNLOADS_AUTOBUILT_RSYNCTARGET: ${{ secrets.DOWNLOADS_AUTOBUILT_RSYNCTARGET }} DOWNLOADS_AUTOBUILT_HOSTKEY: ${{ secrets.DOWNLOADS_AUTOBUILT_HOSTKEY }} + PULP_FILE_REPO_NAME: ${{ secrets.PULP_FILE_REPO_NAME }} + PULP_URL: ${{ secrets.PULP_URL }} + PULP_CONTENT_URL: ${{ secrets.PULP_CONTENT_URL }} + PULP_CI_USERNAME: ${{ secrets.PULP_CI_USERNAME }} + PULP_CI_PASSWORD: ${{ secrets.PULP_CI_PASSWORD }} + PULP_PDNS_GPG_PUBKEY_MASTER: ${{ secrets.PULP_PDNS_GPG_PUBKEY_MASTER }} + PULP_PDNS_GPG_PUBKEY: ${{ secrets.PULP_PDNS_GPG_PUBKEY }} call-build-packages-dnsdist-20: if: ${{ vars.SCHEDULED_PACKAGES_DAILY }} @@ -94,6 +136,13 @@ jobs: DOWNLOADS_AUTOBUILT_SECRET: ${{ secrets.DOWNLOADS_AUTOBUILT_SECRET }} DOWNLOADS_AUTOBUILT_RSYNCTARGET: ${{ secrets.DOWNLOADS_AUTOBUILT_RSYNCTARGET }} DOWNLOADS_AUTOBUILT_HOSTKEY: ${{ secrets.DOWNLOADS_AUTOBUILT_HOSTKEY }} + PULP_FILE_REPO_NAME: ${{ secrets.PULP_FILE_REPO_NAME }} + PULP_URL: ${{ secrets.PULP_URL }} + PULP_CONTENT_URL: ${{ secrets.PULP_CONTENT_URL }} + PULP_CI_USERNAME: ${{ secrets.PULP_CI_USERNAME }} + PULP_CI_PASSWORD: ${{ secrets.PULP_CI_PASSWORD }} + PULP_PDNS_GPG_PUBKEY_MASTER: ${{ secrets.PULP_PDNS_GPG_PUBKEY_MASTER }} + PULP_PDNS_GPG_PUBKEY: ${{ secrets.PULP_PDNS_GPG_PUBKEY }} call-build-packages-dnsdist-19: if: ${{ vars.SCHEDULED_PACKAGES_DAILY }} @@ -106,3 +155,10 @@ jobs: DOWNLOADS_AUTOBUILT_SECRET: ${{ secrets.DOWNLOADS_AUTOBUILT_SECRET }} DOWNLOADS_AUTOBUILT_RSYNCTARGET: ${{ secrets.DOWNLOADS_AUTOBUILT_RSYNCTARGET }} DOWNLOADS_AUTOBUILT_HOSTKEY: ${{ secrets.DOWNLOADS_AUTOBUILT_HOSTKEY }} + PULP_FILE_REPO_NAME: ${{ secrets.PULP_FILE_REPO_NAME }} + PULP_URL: ${{ secrets.PULP_URL }} + PULP_CONTENT_URL: ${{ secrets.PULP_CONTENT_URL }} + PULP_CI_USERNAME: ${{ secrets.PULP_CI_USERNAME }} + PULP_CI_PASSWORD: ${{ secrets.PULP_CI_PASSWORD }} + PULP_PDNS_GPG_PUBKEY_MASTER: ${{ secrets.PULP_PDNS_GPG_PUBKEY_MASTER }} + PULP_PDNS_GPG_PUBKEY: ${{ secrets.PULP_PDNS_GPG_PUBKEY }} diff --git a/.github/workflows/build-packages.yml b/.github/workflows/build-packages.yml index 46b463725..25cef5ce9 100644 --- a/.github/workflows/build-packages.yml +++ b/.github/workflows/build-packages.yml @@ -41,10 +41,27 @@ on: required: true DOWNLOADS_AUTOBUILT_HOSTKEY: required: true + PULP_FILE_REPO_NAME: + required: true + PULP_URL: + required: true + PULP_CONTENT_URL: + required: true + PULP_CI_USERNAME: + required: true + PULP_CI_PASSWORD: + required: true + PULP_PDNS_GPG_PUBKEY_MASTER: + required: true + PULP_PDNS_GPG_PUBKEY: + required: true permissions: # least privileges, see https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions contents: read +env: + INV_CMD: ". ${GITHUB_WORKSPACE}/.venv/bin/activate && inv" + jobs: prepare: name: generate OS runner and arch list @@ -53,6 +70,11 @@ jobs: oslist: ${{ steps.get-oslist.outputs.oslist }} runnerlist: ${{ steps.get-runnerlist.outputs.runnerlist }} archlist: ${{ steps.get-archlist.outputs.archlist }} + publish-packages: ${{ steps.set-publish-packages.outputs.publish-packages }} + env: + OS: ${{ inputs.os }} + REF: ${{ inputs.ref }} + IS_RELEASE: ${{ inputs.is_release }} steps: # instead of jo, we could use jq here, which avoids running apt, and thus would be faster. # but, as this whole workflow needs at least 30 minutes to run, I prefer spending a few seconds here @@ -65,9 +87,6 @@ jobs: ref: ${{ inputs.ref }} persist-credentials: false - id: get-oslist - env: - OS: ${{ inputs.os }} - REF: ${{ inputs.ref }} run: | available_targets=$(ls builder-support/dockerfiles/Dockerfile.target.* ) for i in $(echo "${OS}"); do @@ -86,6 +105,9 @@ jobs: run: echo "runnerlist=$(jo -a ubuntu-24.04 ${{ vars.ARM64_USE_UBICLOUD == '1' && 'ubicloud-standard-2-arm' || '' }})" >> "$GITHUB_OUTPUT" - id: get-archlist run: echo "archlist=$(jo -a x86_64 ${{ vars.ARM64_USE_UBICLOUD == '1' && 'aarch64' || '' }})" >> "$GITHUB_OUTPUT" + # Only upload RPM and DEB packages for master and tags. Build outputs and provenance of all refs + - id: set-publish-packages + run: echo "publish-packages=$([[ "${REF}" == "master" || "${IS_RELEASE}" == "YES" ]] && echo 'yes' || echo 'no')" >> "$GITHUB_OUTPUT" build: needs: prepare @@ -291,3 +313,265 @@ jobs: mkdir -m 755 -p "slsa/${PRODUCT}/${VERSION}/" mv "${DOWNLOAD_PATH}"/*.jsonl "slsa/${PRODUCT}/${VERSION}" rsync -4rlptD slsa/* "$RSYNCTARGET" + + upload-packages: + needs: [prepare, build, provenance-src, provenance-pkgs] + continue-on-error: true + if: ${{ needs.prepare.outputs.publish-packages == 'yes' }} + name: Upload packages + runs-on: ubuntu-24.04 + strategy: + matrix: + os: ${{fromJson(needs.prepare.outputs.oslist)}} + architecture: ${{ fromJson(needs.prepare.outputs.archlist )}} + fail-fast: false + steps: + - uses: actions/checkout@v4 + with: + fetch-depth: 1 + submodules: recursive + - name: install pyinvoke and pulp + run: | + python3 -m venv ${GITHUB_WORKSPACE}/.venv + . ${GITHUB_WORKSPACE}/.venv/bin/activate && pip install -r ${GITHUB_WORKSPACE}/builder-support/requirements.txt + - run: ${{ env.INV_CMD }} validate-pulp-credentials + env: + PULP_REPO_NAME: ${{ secrets.PULP_FILE_REPO_NAME }} + PULP_URL: ${{ secrets.PULP_URL }} + PULP_CI_USERNAME: ${{ secrets.PULP_CI_USERNAME }} + PULP_CI_PASSWORD: ${{ secrets.PULP_CI_PASSWORD }} + - name: Download packages + uses: actions/download-artifact@v4 + with: + pattern: "${{ inputs.product }}-${{ matrix.os }}-*-${{ matrix.architecture }}" + - name: Normalize package name + id: normalize-name + run: | + shortversion=$(echo ${{ needs.build.outputs.version }} | grep -qq master && echo master || echo ${{ needs.build.outputs.version }} | awk -F. '{print $1$2}') + if [ "x${{ inputs.product }}" = "xauthoritative" ]; then + echo "normalized-package-name=pdns" >> $GITHUB_OUTPUT + echo "normalized-product-name=auth-${shortversion}" >> $GITHUB_OUTPUT + elif [ "x${{ inputs.product }}" = "xrecursor" ]; then + echo "normalized-package-name=pdns-recursor" >> $GITHUB_OUTPUT + echo "normalized-product-name=rec-${shortversion}" >> $GITHUB_OUTPUT + else + echo "normalized-package-name=${{ inputs.product }}" >> $GITHUB_OUTPUT + echo "normalized-product-name=${{ inputs.product }}-${shortversion}" >> $GITHUB_OUTPUT + fi + - name: Extract and prepare files and packages + run: | + # Prepare files folder + mkdir -p files/${{ steps.normalize-name.outputs.normalized-package-name }}/${{ needs.build.outputs.version }} + # Copy compressed and provenance files + cp ${{ inputs.product }}-${{ matrix.os }}-*-${{ matrix.architecture }}/*/*/*-${{ matrix.architecture }}.tar.bz2 files/${{ steps.normalize-name.outputs.normalized-package-name }}/${{ needs.build.outputs.version }}/ + # Extract packages + for i in $(ls ./${{ inputs.product }}-${{ matrix.os }}-*-${{ matrix.architecture }}/*/*/*${{ matrix.architecture }}.tar.bz2); do mkdir -p ./packages/$(echo $i | cut -d '/' -f 2)/; tar -xvf $i -C ./packages/$(echo $i | cut -d '/' -f 2)/ --transform='s/.*\///'; done + # Move RPM files + for i in $(ls ./packages/*/*.rpm); do f=$(echo $i | awk -F/ '{print $3}' | awk -F'${{ inputs.product }}-' '{print $2}' | awk -F'-${{ needs.build.outputs.version }}-' '{print $1"."$2}'); mkdir -p rpm_packages/${f}; mv $i rpm_packages/${f}/; done + # Move deb files + for i in $(ls ./packages/*/*.deb); do mkdir -p deb_packages/$(echo $i | awk -F/ '{print $3}' | awk -F- '{print $2"-"$3}'); mv $i deb_packages/$(echo $i | awk -F/ '{print $3}' | awk -F- '{print $2"-"$3}'); done + - name: Upload DEB Packages + if: ${{ contains(matrix.os, 'ubuntu-') || ( contains(matrix.os, 'debian-')) }} + run: ${{ env.INV_CMD }} pulp-upload-deb-packages-by-folder deb_packages ${{ steps.normalize-name.outputs.normalized-product-name }} + env: + PULP_URL: ${{ secrets.PULP_URL }} + PULP_CI_USERNAME: ${{ secrets.PULP_CI_USERNAME }} + PULP_CI_PASSWORD: ${{ secrets.PULP_CI_PASSWORD }} + - name: Upload RPM Packages + if: ${{ contains(matrix.os, 'el-') || ( contains(matrix.os, 'centos-')) }} + run: ${{ env.INV_CMD }} pulp-upload-rpm-packages-by-folder rpm_packages ${{ steps.normalize-name.outputs.normalized-product-name }} + env: + PULP_URL: ${{ secrets.PULP_URL }} + PULP_CI_USERNAME: ${{ secrets.PULP_CI_USERNAME }} + PULP_CI_PASSWORD: ${{ secrets.PULP_CI_PASSWORD }} + + upload-src-files: + needs: [prepare, build, provenance-src, provenance-pkgs] + continue-on-error: true + name: Upload source and other files + runs-on: ubuntu-24.04 + strategy: + matrix: + os: ${{fromJson(needs.prepare.outputs.oslist)}} + architecture: ${{ fromJson(needs.prepare.outputs.archlist )}} + fail-fast: false + steps: + - uses: actions/checkout@v4 + with: + fetch-depth: 1 + submodules: recursive + - name: install pyinvoke and pulp + run: | + python3 -m venv ${GITHUB_WORKSPACE}/.venv + . ${GITHUB_WORKSPACE}/.venv/bin/activate && pip install -r ${GITHUB_WORKSPACE}/builder-support/requirements.txt + - run: ${{ env.INV_CMD }} validate-pulp-credentials + env: + PULP_REPO_NAME: ${{ secrets.PULP_FILE_REPO_NAME }} + PULP_URL: ${{ secrets.PULP_URL }} + PULP_CI_USERNAME: ${{ secrets.PULP_CI_USERNAME }} + PULP_CI_PASSWORD: ${{ secrets.PULP_CI_PASSWORD }} + - name: Download packages + uses: actions/download-artifact@v4 + with: + pattern: "${{ inputs.product }}-${{ matrix.os }}-*-${{ matrix.architecture }}" + - name: Normalize package name + id: normalize-name + run: | + if [ "x${{ inputs.product }}" = "xauthoritative" ]; then + echo "normalized-package-name=pdns" >> $GITHUB_OUTPUT + elif [ "x${{ inputs.product }}" = "xrecursor" ]; then + echo "normalized-package-name=pdns-recursor" >> $GITHUB_OUTPUT + else + echo "normalized-package-name=${{ inputs.product }}" >> $GITHUB_OUTPUT + fi + - name: Extract and prepare files and packages + run: | + # Prepare files folder + mkdir -p files/${{ steps.normalize-name.outputs.normalized-package-name }}/${{ needs.build.outputs.version }} + # Copy compressed files + cp ${{ inputs.product }}-${{ matrix.os }}-*-${{ matrix.architecture }}/*/*/*.tar.bz2 files/${{ steps.normalize-name.outputs.normalized-package-name }}/${{ needs.build.outputs.version }}/ + # Extract packages + for i in $(ls ./${{ inputs.product }}-${{ matrix.os }}-*-${{ matrix.architecture }}/*/*/*${{ matrix.architecture }}.tar.bz2); do mkdir -p ./packages/$(echo $i | cut -d '/' -f 2)/; tar -xvf $i -C ./packages/$(echo $i | cut -d '/' -f 2)/ --transform='s/.*\///'; done + # Add file with list of dependencies + for i in $(ls ./packages/*/*.json); do mv $i files/${{ steps.normalize-name.outputs.normalized-package-name }}/${{ needs.build.outputs.version }}/; done + - name: Upload build data + run: ${{ env.INV_CMD }} pulp-upload-file-packages-by-folder files + env: + PULP_REPO_NAME: ${{ secrets.PULP_FILE_REPO_NAME }} + PULP_URL: ${{ secrets.PULP_URL }} + PULP_CI_USERNAME: ${{ secrets.PULP_CI_USERNAME }} + PULP_CI_PASSWORD: ${{ secrets.PULP_CI_PASSWORD }} + + upload-provenance-files: + needs: [build, provenance-src, provenance-pkgs] + name: Upload provenance files + continue-on-error: true + runs-on: ubuntu-24.04 + steps: + - uses: actions/checkout@v4 + with: + fetch-depth: 1 + submodules: recursive + - name: install pyinvoke and pulp + run: | + python3 -m venv ${GITHUB_WORKSPACE}/.venv + . ${GITHUB_WORKSPACE}/.venv/bin/activate && pip install -r ${GITHUB_WORKSPACE}/builder-support/requirements.txt + - run: ${{ env.INV_CMD }} validate-pulp-credentials + env: + PULP_REPO_NAME: ${{ secrets.PULP_FILE_REPO_NAME }} + PULP_URL: ${{ secrets.PULP_URL }} + PULP_CI_USERNAME: ${{ secrets.PULP_CI_USERNAME }} + PULP_CI_PASSWORD: ${{ secrets.PULP_CI_PASSWORD }} + - name: Download provenance files + uses: actions/download-artifact@v4 + with: + pattern: "${{ inputs.product }}-*.intoto.jsonl" + - name: Normalize package name + id: normalize-name + run: | + if [ "x${{ inputs.product }}" = "xauthoritative" ]; then + echo "normalized-package-name=pdns" >> $GITHUB_OUTPUT + elif [ "x${{ inputs.product }}" = "xrecursor" ]; then + echo "normalized-package-name=pdns-recursor" >> $GITHUB_OUTPUT + else + echo "normalized-package-name=${{ inputs.product }}" >> $GITHUB_OUTPUT + fi + - name: Extract and prepare files and packages + run: | + # Prepare files folder + mkdir -p files/${{ steps.normalize-name.outputs.normalized-package-name }}/${{ needs.build.outputs.version }} + # Copy provenance files + cp *.jsonl/*.jsonl files/${{ steps.normalize-name.outputs.normalized-package-name }}/${{ needs.build.outputs.version }}/ + - name: Upload provenance data + run: ${{ env.INV_CMD }} pulp-upload-file-packages-by-folder files + env: + PULP_REPO_NAME: ${{ secrets.PULP_FILE_REPO_NAME }} + PULP_URL: ${{ secrets.PULP_URL }} + PULP_CI_USERNAME: ${{ secrets.PULP_CI_USERNAME }} + PULP_CI_PASSWORD: ${{ secrets.PULP_CI_PASSWORD }} + + publish-packages: + needs: [prepare, build, upload-packages] + continue-on-error: true + name: Publish RPM and DEB packages + runs-on: ubuntu-24.04 + outputs: + check-finished: ${{ steps.check-finished.outputs.upload-completed }} + steps: + - uses: actions/checkout@v4 + with: + fetch-depth: 1 + submodules: recursive + - name: install pyinvoke and pulp + run: | + python3 -m venv ${GITHUB_WORKSPACE}/.venv + . ${GITHUB_WORKSPACE}/.venv/bin/activate && pip install -r ${GITHUB_WORKSPACE}/builder-support/requirements.txt + - name: Normalize product name + id: normalize-name + run: | + shortversion=$(echo ${{ needs.build.outputs.version }} | grep -qq master && echo master || echo ${{ needs.build.outputs.version }} | awk -F. '{print $1$2}') + if [ "x${{ inputs.product }}" = "xauthoritative" ]; then + echo "normalized-product-name=auth-${shortversion}" >> $GITHUB_OUTPUT + elif [ "x${{ inputs.product }}" = "xrecursor" ]; then + echo "normalized-product-name=rec-${shortversion}" >> $GITHUB_OUTPUT + else + echo "normalized-product-name=${{ inputs.product }}-${shortversion}" >> $GITHUB_OUTPUT + fi + - name: Publish DEB Packages + run: ${{ env.INV_CMD }} pulp-create-deb-publication + env: + PULP_URL: ${{ secrets.PULP_URL }} + PULP_CI_USERNAME: ${{ secrets.PULP_CI_USERNAME }} + PULP_CI_PASSWORD: ${{ secrets.PULP_CI_PASSWORD }} + - name: Publish RPM Packages + run: ${{ env.INV_CMD }} pulp-create-rpm-publication ${{ steps.normalize-name.outputs.normalized-product-name }} '${{ needs.prepare.outputs.oslist }}' '${{ needs.prepare.outputs.archlist }}' + env: + PULP_URL: ${{ secrets.PULP_URL }} + PULP_CI_USERNAME: ${{ secrets.PULP_CI_USERNAME }} + PULP_CI_PASSWORD: ${{ secrets.PULP_CI_PASSWORD }} + - id: check-finished + run: echo "upload-completed=yes" >> $GITHUB_OUTPUT + + test-packages: + needs: [prepare, build, publish-packages] + continue-on-error: true + name: Test packages + runs-on: ${{ matrix.runner-os }} + if: ${{ needs.publish-packages.outputs.check-finished == 'yes' }} + strategy: + matrix: + os: ${{fromJson(needs.prepare.outputs.oslist)}} + runner-os: ${{ fromJson(needs.prepare.outputs.runnerlist )}} + fail-fast: false + steps: + - uses: actions/checkout@v4 + with: + fetch-depth: 1 + submodules: recursive + - name: install pyinvoke and pulp + run: | + python3 -m venv ${GITHUB_WORKSPACE}/.venv + . ${GITHUB_WORKSPACE}/.venv/bin/activate && pip install -r ${GITHUB_WORKSPACE}/builder-support/requirements.txt + - name: Normalize product name + id: normalize-name + run: | + shortversion=$(echo ${{ needs.build.outputs.version }} | grep -qq master && echo master || echo ${{ needs.build.outputs.version }} | awk -F. '{print $1$2}') + if [ "x${{ inputs.product }}" = "xauthoritative" ]; then + echo "normalized-package-name=pdns" >> $GITHUB_OUTPUT + echo "normalized-product-name=auth-${shortversion}" >> $GITHUB_OUTPUT + echo "process-name=pdns_server" >> $GITHUB_OUTPUT + elif [ "x${{ inputs.product }}" = "xrecursor" ]; then + echo "normalized-package-name=pdns-recursor" >> $GITHUB_OUTPUT + echo "normalized-product-name=rec-${shortversion}" >> $GITHUB_OUTPUT + echo "process-name=pdns_recursor" >> $GITHUB_OUTPUT + else + echo "normalized-package-name=${{ inputs.product }}" >> $GITHUB_OUTPUT + echo "normalized-product-name=${{ inputs.product }}-${shortversion}" >> $GITHUB_OUTPUT + echo "process-name=dnsdist" >> $GITHUB_OUTPUT + fi + - id: get-gpg-pubkey-url + run: | + echo "gpg-pubkey-url=$(echo ${{ needs.build.outputs.version }} | grep -qq "master" && echo ${{ secrets.PULP_PDNS_GPG_PUBKEY_MASTER }} || echo ${{ secrets.PULP_PDNS_GPG_PUBKEY }} )" >> $GITHUB_OUTPUT + - run: ${{ env.INV_CMD }} test-install-package ${{ steps.normalize-name.outputs.normalized-product-name }} ${{ matrix.os }} ${{ secrets.PULP_CONTENT_URL }} ${{ steps.get-gpg-pubkey-url.outputs.gpg-pubkey-url }} ${{ steps.normalize-name.outputs.normalized-package-name }} ${{ needs.build.outputs.version }} + - name: check package version + run: docker run -t test-build-${{ steps.normalize-name.outputs.normalized-product-name }}-${{ matrix.os }}:latest ${{ steps.normalize-name.outputs.process-name }} --version | grep -qq ${{ needs.build.outputs.version }} && echo "[OK]" || exit 1 diff --git a/.github/workflows/build-tags.yml b/.github/workflows/build-tags.yml index cccb4d5ca..45bc3ec03 100644 --- a/.github/workflows/build-tags.yml +++ b/.github/workflows/build-tags.yml @@ -25,6 +25,13 @@ jobs: DOWNLOADS_AUTOBUILT_SECRET: ${{ secrets.DOWNLOADS_AUTOBUILT_SECRET }} DOWNLOADS_AUTOBUILT_RSYNCTARGET: ${{ secrets.DOWNLOADS_AUTOBUILT_RSYNCTARGET }} DOWNLOADS_AUTOBUILT_HOSTKEY: ${{ secrets.DOWNLOADS_AUTOBUILT_HOSTKEY }} + PULP_FILE_REPO_NAME: ${{ secrets.PULP_FILE_REPO_NAME }} + PULP_URL: ${{ secrets.PULP_URL }} + PULP_CONTENT_URL: ${{ secrets.PULP_CONTENT_URL }} + PULP_CI_USERNAME: ${{ secrets.PULP_CI_USERNAME }} + PULP_CI_PASSWORD: ${{ secrets.PULP_CI_PASSWORD }} + PULP_PDNS_GPG_PUBKEY_MASTER: ${{ secrets.PULP_PDNS_GPG_PUBKEY_MASTER }} + PULP_PDNS_GPG_PUBKEY: ${{ secrets.PULP_PDNS_GPG_PUBKEY }} call-build-packages-dnsdist: uses: PowerDNS/pdns/.github/workflows/build-packages.yml@master @@ -37,6 +44,13 @@ jobs: DOWNLOADS_AUTOBUILT_SECRET: ${{ secrets.DOWNLOADS_AUTOBUILT_SECRET }} DOWNLOADS_AUTOBUILT_RSYNCTARGET: ${{ secrets.DOWNLOADS_AUTOBUILT_RSYNCTARGET }} DOWNLOADS_AUTOBUILT_HOSTKEY: ${{ secrets.DOWNLOADS_AUTOBUILT_HOSTKEY }} + PULP_FILE_REPO_NAME: ${{ secrets.PULP_FILE_REPO_NAME }} + PULP_URL: ${{ secrets.PULP_URL }} + PULP_CONTENT_URL: ${{ secrets.PULP_CONTENT_URL }} + PULP_CI_USERNAME: ${{ secrets.PULP_CI_USERNAME }} + PULP_CI_PASSWORD: ${{ secrets.PULP_CI_PASSWORD }} + PULP_PDNS_GPG_PUBKEY_MASTER: ${{ secrets.PULP_PDNS_GPG_PUBKEY_MASTER }} + PULP_PDNS_GPG_PUBKEY: ${{ secrets.PULP_PDNS_GPG_PUBKEY }} call-build-packages-rec: uses: PowerDNS/pdns/.github/workflows/build-packages.yml@master @@ -49,3 +63,10 @@ jobs: DOWNLOADS_AUTOBUILT_SECRET: ${{ secrets.DOWNLOADS_AUTOBUILT_SECRET }} DOWNLOADS_AUTOBUILT_RSYNCTARGET: ${{ secrets.DOWNLOADS_AUTOBUILT_RSYNCTARGET }} DOWNLOADS_AUTOBUILT_HOSTKEY: ${{ secrets.DOWNLOADS_AUTOBUILT_HOSTKEY }} + PULP_FILE_REPO_NAME: ${{ secrets.PULP_FILE_REPO_NAME }} + PULP_URL: ${{ secrets.PULP_URL }} + PULP_CONTENT_URL: ${{ secrets.PULP_CONTENT_URL }} + PULP_CI_USERNAME: ${{ secrets.PULP_CI_USERNAME }} + PULP_CI_PASSWORD: ${{ secrets.PULP_CI_PASSWORD }} + PULP_PDNS_GPG_PUBKEY_MASTER: ${{ secrets.PULP_PDNS_GPG_PUBKEY_MASTER }} + PULP_PDNS_GPG_PUBKEY: ${{ secrets.PULP_PDNS_GPG_PUBKEY }} diff --git a/.github/workflows/builder-dispatch.yml b/.github/workflows/builder-dispatch.yml index 576939a85..aad6ba95b 100644 --- a/.github/workflows/builder-dispatch.yml +++ b/.github/workflows/builder-dispatch.yml @@ -52,3 +52,10 @@ jobs: DOWNLOADS_AUTOBUILT_SECRET: ${{ secrets.DOWNLOADS_AUTOBUILT_SECRET }} DOWNLOADS_AUTOBUILT_RSYNCTARGET: ${{ secrets.DOWNLOADS_AUTOBUILT_RSYNCTARGET }} DOWNLOADS_AUTOBUILT_HOSTKEY: ${{ secrets.DOWNLOADS_AUTOBUILT_HOSTKEY }} + PULP_FILE_REPO_NAME: ${{ secrets.PULP_FILE_REPO_NAME }} + PULP_URL: ${{ secrets.PULP_URL }} + PULP_CONTENT_URL: ${{ secrets.PULP_CONTENT_URL }} + PULP_CI_USERNAME: ${{ secrets.PULP_CI_USERNAME }} + PULP_CI_PASSWORD: ${{ secrets.PULP_CI_PASSWORD }} + PULP_PDNS_GPG_PUBKEY_MASTER: ${{ secrets.PULP_PDNS_GPG_PUBKEY_MASTER }} + PULP_PDNS_GPG_PUBKEY: ${{ secrets.PULP_PDNS_GPG_PUBKEY }} diff --git a/builder-support/requirements.in b/builder-support/requirements.in new file mode 100644 index 000000000..e57450026 --- /dev/null +++ b/builder-support/requirements.in @@ -0,0 +1,7 @@ +# To generate requirements.txt, install pip-tools and run: +# pip-compile --generate-hashes -U requirements.in + +invoke +requests==2.32.3 +pulp-cli==0.29.2 +pulp-cli-deb==0.3.1 diff --git a/builder-support/requirements.txt b/builder-support/requirements.txt new file mode 100644 index 000000000..14fd0ebc0 --- /dev/null +++ b/builder-support/requirements.txt @@ -0,0 +1,215 @@ +# +# This file is autogenerated by pip-compile with Python 3.11 +# by the following command: +# +# pip-compile --generate-hashes requirements.in +# +certifi==2025.1.31 \ + --hash=sha256:3d5da6925056f6f18f119200434a4780a94263f10d1c21d032a6f6b2baa20651 \ + --hash=sha256:ca78db4565a652026a4db2bcdf68f2fb589ea80d0be70e03929ed730746b84fe + # via requests +charset-normalizer==3.4.1 \ + --hash=sha256:0167ddc8ab6508fe81860a57dd472b2ef4060e8d378f0cc555707126830f2537 \ + --hash=sha256:01732659ba9b5b873fc117534143e4feefecf3b2078b0a6a2e925271bb6f4cfa \ + --hash=sha256:01ad647cdd609225c5350561d084b42ddf732f4eeefe6e678765636791e78b9a \ + --hash=sha256:04432ad9479fa40ec0f387795ddad4437a2b50417c69fa275e212933519ff294 \ + --hash=sha256:0907f11d019260cdc3f94fbdb23ff9125f6b5d1039b76003b5b0ac9d6a6c9d5b \ + --hash=sha256:0924e81d3d5e70f8126529951dac65c1010cdf117bb75eb02dd12339b57749dd \ + --hash=sha256:09b26ae6b1abf0d27570633b2b078a2a20419c99d66fb2823173d73f188ce601 \ + --hash=sha256:09b5e6733cbd160dcc09589227187e242a30a49ca5cefa5a7edd3f9d19ed53fd \ + --hash=sha256:0af291f4fe114be0280cdd29d533696a77b5b49cfde5467176ecab32353395c4 \ + --hash=sha256:0f55e69f030f7163dffe9fd0752b32f070566451afe180f99dbeeb81f511ad8d \ + --hash=sha256:1a2bc9f351a75ef49d664206d51f8e5ede9da246602dc2d2726837620ea034b2 \ + --hash=sha256:22e14b5d70560b8dd51ec22863f370d1e595ac3d024cb8ad7d308b4cd95f8313 \ + --hash=sha256:234ac59ea147c59ee4da87a0c0f098e9c8d169f4dc2a159ef720f1a61bbe27cd \ + --hash=sha256:2369eea1ee4a7610a860d88f268eb39b95cb588acd7235e02fd5a5601773d4fa \ + --hash=sha256:237bdbe6159cff53b4f24f397d43c6336c6b0b42affbe857970cefbb620911c8 \ + --hash=sha256:28bf57629c75e810b6ae989f03c0828d64d6b26a5e205535585f96093e405ed1 \ + --hash=sha256:2967f74ad52c3b98de4c3b32e1a44e32975e008a9cd2a8cc8966d6a5218c5cb2 \ + --hash=sha256:2a75d49014d118e4198bcee5ee0a6f25856b29b12dbf7cd012791f8a6cc5c496 \ + --hash=sha256:2bdfe3ac2e1bbe5b59a1a63721eb3b95fc9b6817ae4a46debbb4e11f6232428d \ + --hash=sha256:2d074908e1aecee37a7635990b2c6d504cd4766c7bc9fc86d63f9c09af3fa11b \ + --hash=sha256:2fb9bd477fdea8684f78791a6de97a953c51831ee2981f8e4f583ff3b9d9687e \ + --hash=sha256:311f30128d7d333eebd7896965bfcfbd0065f1716ec92bd5638d7748eb6f936a \ + --hash=sha256:329ce159e82018d646c7ac45b01a430369d526569ec08516081727a20e9e4af4 \ + --hash=sha256:345b0426edd4e18138d6528aed636de7a9ed169b4aaf9d61a8c19e39d26838ca \ + --hash=sha256:363e2f92b0f0174b2f8238240a1a30142e3db7b957a5dd5689b0e75fb717cc78 \ + --hash=sha256:3a3bd0dcd373514dcec91c411ddb9632c0d7d92aed7093b8c3bbb6d69ca74408 \ + --hash=sha256:3bed14e9c89dcb10e8f3a29f9ccac4955aebe93c71ae803af79265c9ca5644c5 \ + --hash=sha256:44251f18cd68a75b56585dd00dae26183e102cd5e0f9f1466e6df5da2ed64ea3 \ + --hash=sha256:44ecbf16649486d4aebafeaa7ec4c9fed8b88101f4dd612dcaf65d5e815f837f \ + --hash=sha256:4532bff1b8421fd0a320463030c7520f56a79c9024a4e88f01c537316019005a \ + --hash=sha256:49402233c892a461407c512a19435d1ce275543138294f7ef013f0b63d5d3765 \ + --hash=sha256:4c0907b1928a36d5a998d72d64d8eaa7244989f7aaaf947500d3a800c83a3fd6 \ + --hash=sha256:4d86f7aff21ee58f26dcf5ae81a9addbd914115cdebcbb2217e4f0ed8982e146 \ + --hash=sha256:5777ee0881f9499ed0f71cc82cf873d9a0ca8af166dfa0af8ec4e675b7df48e6 \ + --hash=sha256:5df196eb874dae23dcfb968c83d4f8fdccb333330fe1fc278ac5ceeb101003a9 \ + --hash=sha256:619a609aa74ae43d90ed2e89bdd784765de0a25ca761b93e196d938b8fd1dbbd \ + --hash=sha256:6e27f48bcd0957c6d4cb9d6fa6b61d192d0b13d5ef563e5f2ae35feafc0d179c \ + --hash=sha256:6ff8a4a60c227ad87030d76e99cd1698345d4491638dfa6673027c48b3cd395f \ + --hash=sha256:73d94b58ec7fecbc7366247d3b0b10a21681004153238750bb67bd9012414545 \ + --hash=sha256:7461baadb4dc00fd9e0acbe254e3d7d2112e7f92ced2adc96e54ef6501c5f176 \ + --hash=sha256:75832c08354f595c760a804588b9357d34ec00ba1c940c15e31e96d902093770 \ + --hash=sha256:7709f51f5f7c853f0fb938bcd3bc59cdfdc5203635ffd18bf354f6967ea0f824 \ + --hash=sha256:78baa6d91634dfb69ec52a463534bc0df05dbd546209b79a3880a34487f4b84f \ + --hash=sha256:7974a0b5ecd505609e3b19742b60cee7aa2aa2fb3151bc917e6e2646d7667dcf \ + --hash=sha256:7a4f97a081603d2050bfaffdefa5b02a9ec823f8348a572e39032caa8404a487 \ + --hash=sha256:7b1bef6280950ee6c177b326508f86cad7ad4dff12454483b51d8b7d673a2c5d \ + --hash=sha256:7d053096f67cd1241601111b698f5cad775f97ab25d81567d3f59219b5f1adbd \ + --hash=sha256:804a4d582ba6e5b747c625bf1255e6b1507465494a40a2130978bda7b932c90b \ + --hash=sha256:807f52c1f798eef6cf26beb819eeb8819b1622ddfeef9d0977a8502d4db6d534 \ + --hash=sha256:80ed5e856eb7f30115aaf94e4a08114ccc8813e6ed1b5efa74f9f82e8509858f \ + --hash=sha256:8417cb1f36cc0bc7eaba8ccb0e04d55f0ee52df06df3ad55259b9a323555fc8b \ + --hash=sha256:8436c508b408b82d87dc5f62496973a1805cd46727c34440b0d29d8a2f50a6c9 \ + --hash=sha256:89149166622f4db9b4b6a449256291dc87a99ee53151c74cbd82a53c8c2f6ccd \ + --hash=sha256:8bfa33f4f2672964266e940dd22a195989ba31669bd84629f05fab3ef4e2d125 \ + --hash=sha256:8c60ca7339acd497a55b0ea5d506b2a2612afb2826560416f6894e8b5770d4a9 \ + --hash=sha256:91b36a978b5ae0ee86c394f5a54d6ef44db1de0815eb43de826d41d21e4af3de \ + --hash=sha256:955f8851919303c92343d2f66165294848d57e9bba6cf6e3625485a70a038d11 \ + --hash=sha256:97f68b8d6831127e4787ad15e6757232e14e12060bec17091b85eb1486b91d8d \ + --hash=sha256:9b23ca7ef998bc739bf6ffc077c2116917eabcc901f88da1b9856b210ef63f35 \ + --hash=sha256:9f0b8b1c6d84c8034a44893aba5e767bf9c7a211e313a9605d9c617d7083829f \ + --hash=sha256:aabfa34badd18f1da5ec1bc2715cadc8dca465868a4e73a0173466b688f29dda \ + --hash=sha256:ab36c8eb7e454e34e60eb55ca5d241a5d18b2c6244f6827a30e451c42410b5f7 \ + --hash=sha256:b010a7a4fd316c3c484d482922d13044979e78d1861f0e0650423144c616a46a \ + --hash=sha256:b1ac5992a838106edb89654e0aebfc24f5848ae2547d22c2c3f66454daa11971 \ + --hash=sha256:b7b2d86dd06bfc2ade3312a83a5c364c7ec2e3498f8734282c6c3d4b07b346b8 \ + --hash=sha256:b97e690a2118911e39b4042088092771b4ae3fc3aa86518f84b8cf6888dbdb41 \ + --hash=sha256:bc2722592d8998c870fa4e290c2eec2c1569b87fe58618e67d38b4665dfa680d \ + --hash=sha256:c0429126cf75e16c4f0ad00ee0eae4242dc652290f940152ca8c75c3a4b6ee8f \ + --hash=sha256:c30197aa96e8eed02200a83fba2657b4c3acd0f0aa4bdc9f6c1af8e8962e0757 \ + --hash=sha256:c4c3e6da02df6fa1410a7680bd3f63d4f710232d3139089536310d027950696a \ + --hash=sha256:c75cb2a3e389853835e84a2d8fb2b81a10645b503eca9bcb98df6b5a43eb8886 \ + --hash=sha256:c96836c97b1238e9c9e3fe90844c947d5afbf4f4c92762679acfe19927d81d77 \ + --hash=sha256:d7f50a1f8c450f3925cb367d011448c39239bb3eb4117c36a6d354794de4ce76 \ + --hash=sha256:d973f03c0cb71c5ed99037b870f2be986c3c05e63622c017ea9816881d2dd247 \ + --hash=sha256:d98b1668f06378c6dbefec3b92299716b931cd4e6061f3c875a71ced1780ab85 \ + --hash=sha256:d9c3cdf5390dcd29aa8056d13e8e99526cda0305acc038b96b30352aff5ff2bb \ + --hash=sha256:dad3e487649f498dd991eeb901125411559b22e8d7ab25d3aeb1af367df5efd7 \ + --hash=sha256:dccbe65bd2f7f7ec22c4ff99ed56faa1e9f785482b9bbd7c717e26fd723a1d1e \ + --hash=sha256:dd78cfcda14a1ef52584dbb008f7ac81c1328c0f58184bf9a84c49c605002da6 \ + --hash=sha256:e218488cd232553829be0664c2292d3af2eeeb94b32bea483cf79ac6a694e037 \ + --hash=sha256:e358e64305fe12299a08e08978f51fc21fac060dcfcddd95453eabe5b93ed0e1 \ + --hash=sha256:ea0d8d539afa5eb2728aa1932a988a9a7af94f18582ffae4bc10b3fbdad0626e \ + --hash=sha256:eab677309cdb30d047996b36d34caeda1dc91149e4fdca0b1a039b3f79d9a807 \ + --hash=sha256:eb8178fe3dba6450a3e024e95ac49ed3400e506fd4e9e5c32d30adda88cbd407 \ + --hash=sha256:ecddf25bee22fe4fe3737a399d0d177d72bc22be6913acfab364b40bce1ba83c \ + --hash=sha256:eea6ee1db730b3483adf394ea72f808b6e18cf3cb6454b4d86e04fa8c4327a12 \ + --hash=sha256:f08ff5e948271dc7e18a35641d2f11a4cd8dfd5634f55228b691e62b37125eb3 \ + --hash=sha256:f30bf9fd9be89ecb2360c7d94a711f00c09b976258846efe40db3d05828e8089 \ + --hash=sha256:fa88b843d6e211393a37219e6a1c1df99d35e8fd90446f1118f4216e307e48cd \ + --hash=sha256:fc54db6c8593ef7d4b2a331b58653356cf04f67c960f584edb7c3d8c97e8f39e \ + --hash=sha256:fd4ec41f914fa74ad1b8304bbc634b3de73d2a0889bd32076342a573e0779e00 \ + --hash=sha256:ffc9202a29ab3920fa812879e95a9e78b2465fd10be7fcbd042899695d75e616 + # via requests +click==8.1.8 \ + --hash=sha256:63c132bbbed01578a06712a2d1f497bb62d9c1c0d329b7903a866228027263b2 \ + --hash=sha256:ed53c9d8990d83c2a27deae68e4ee337473f6330c040a31d4225c9574d16096a + # via pulp-cli +idna==3.10 \ + --hash=sha256:12f65c9b470abda6dc35cf8e63cc574b1c52b11df2c86030af0ac09b01b13ea9 \ + --hash=sha256:946d195a0d259cbba61165e88e65941f16e9b36ea6ddb97f00452bae8b1287d3 + # via requests +invoke==2.2.0 \ + --hash=sha256:6ea924cc53d4f78e3d98bc436b08069a03077e6f85ad1ddaa8a116d7dad15820 \ + --hash=sha256:ee6cbb101af1a859c7fe84f2a264c059020b0cb7fe3535f9424300ab568f6bd5 + # via -r requirements.in +packaging==24.2 \ + --hash=sha256:09abb1bccd265c01f4a3aa3f7a7db064b36514d2cba19a2f694fe6150451a759 \ + --hash=sha256:c228a6dc5e932d346bc5739379109d49e8853dd8223571c7c5b55260edc0b97f + # via + # pulp-cli + # pulp-glue +pulp-cli==0.29.2 \ + --hash=sha256:5641abe0e04ebe8a33f478e82926e013cb623382cf847c4e000c6460058e46a9 \ + --hash=sha256:8a8497cc15a1d4b1102fac1ead23194c848a3c604ee865f23c72ff7f13199e26 + # via + # -r requirements.in + # pulp-cli-deb +pulp-cli-deb==0.3.1 \ + --hash=sha256:049d404bd35737c6b2a5fb20f84957d12254228dfdc03c265551840f1d9c8605 \ + --hash=sha256:19d66dc01e6c1c6a83222f3ef3bb7f9944f7aa89b3903e35ff72bcd3c329c9a1 + # via -r requirements.in +pulp-glue==0.29.2 \ + --hash=sha256:4f6480105cafd7c22cdf0bb68e2752760c7593c01b962741125c725fbb987aac \ + --hash=sha256:d90ecfd0b4fd233705d4f5e87a55335db2ba8b1fc6e06c34a4275b9c928b903c + # via + # pulp-cli + # pulp-glue-deb +pulp-glue-deb==0.3.1 \ + --hash=sha256:3970b523b4822ead4cc474ab9359456eaac17fecfc3f809fb2fc02b098068a8c \ + --hash=sha256:74723c057c6caea2eb6e6791e51781fa0aa6518eb56732b1b910a38657661cad + # via pulp-cli-deb +pyyaml==6.0.2 \ + --hash=sha256:01179a4a8559ab5de078078f37e5c1a30d76bb88519906844fd7bdea1b7729ff \ + --hash=sha256:0833f8694549e586547b576dcfaba4a6b55b9e96098b36cdc7ebefe667dfed48 \ + --hash=sha256:0a9a2848a5b7feac301353437eb7d5957887edbf81d56e903999a75a3d743086 \ + --hash=sha256:0b69e4ce7a131fe56b7e4d770c67429700908fc0752af059838b1cfb41960e4e \ + --hash=sha256:0ffe8360bab4910ef1b9e87fb812d8bc0a308b0d0eef8c8f44e0254ab3b07133 \ + --hash=sha256:11d8f3dd2b9c1207dcaf2ee0bbbfd5991f571186ec9cc78427ba5bd32afae4b5 \ + --hash=sha256:17e311b6c678207928d649faa7cb0d7b4c26a0ba73d41e99c4fff6b6c3276484 \ + --hash=sha256:1e2120ef853f59c7419231f3bf4e7021f1b936f6ebd222406c3b60212205d2ee \ + --hash=sha256:1f71ea527786de97d1a0cc0eacd1defc0985dcf6b3f17bb77dcfc8c34bec4dc5 \ + --hash=sha256:23502f431948090f597378482b4812b0caae32c22213aecf3b55325e049a6c68 \ + --hash=sha256:24471b829b3bf607e04e88d79542a9d48bb037c2267d7927a874e6c205ca7e9a \ + --hash=sha256:29717114e51c84ddfba879543fb232a6ed60086602313ca38cce623c1d62cfbf \ + --hash=sha256:2e99c6826ffa974fe6e27cdb5ed0021786b03fc98e5ee3c5bfe1fd5015f42b99 \ + --hash=sha256:39693e1f8320ae4f43943590b49779ffb98acb81f788220ea932a6b6c51004d8 \ + --hash=sha256:3ad2a3decf9aaba3d29c8f537ac4b243e36bef957511b4766cb0057d32b0be85 \ + --hash=sha256:3b1fdb9dc17f5a7677423d508ab4f243a726dea51fa5e70992e59a7411c89d19 \ + --hash=sha256:41e4e3953a79407c794916fa277a82531dd93aad34e29c2a514c2c0c5fe971cc \ + --hash=sha256:43fa96a3ca0d6b1812e01ced1044a003533c47f6ee8aca31724f78e93ccc089a \ + --hash=sha256:50187695423ffe49e2deacb8cd10510bc361faac997de9efef88badc3bb9e2d1 \ + --hash=sha256:5ac9328ec4831237bec75defaf839f7d4564be1e6b25ac710bd1a96321cc8317 \ + --hash=sha256:5d225db5a45f21e78dd9358e58a98702a0302f2659a3c6cd320564b75b86f47c \ + --hash=sha256:6395c297d42274772abc367baaa79683958044e5d3835486c16da75d2a694631 \ + --hash=sha256:688ba32a1cffef67fd2e9398a2efebaea461578b0923624778664cc1c914db5d \ + --hash=sha256:68ccc6023a3400877818152ad9a1033e3db8625d899c72eacb5a668902e4d652 \ + --hash=sha256:70b189594dbe54f75ab3a1acec5f1e3faa7e8cf2f1e08d9b561cb41b845f69d5 \ + --hash=sha256:797b4f722ffa07cc8d62053e4cff1486fa6dc094105d13fea7b1de7d8bf71c9e \ + --hash=sha256:7c36280e6fb8385e520936c3cb3b8042851904eba0e58d277dca80a5cfed590b \ + --hash=sha256:7e7401d0de89a9a855c839bc697c079a4af81cf878373abd7dc625847d25cbd8 \ + --hash=sha256:80bab7bfc629882493af4aa31a4cfa43a4c57c83813253626916b8c7ada83476 \ + --hash=sha256:82d09873e40955485746739bcb8b4586983670466c23382c19cffecbf1fd8706 \ + --hash=sha256:8388ee1976c416731879ac16da0aff3f63b286ffdd57cdeb95f3f2e085687563 \ + --hash=sha256:8824b5a04a04a047e72eea5cec3bc266db09e35de6bdfe34c9436ac5ee27d237 \ + --hash=sha256:8b9c7197f7cb2738065c481a0461e50ad02f18c78cd75775628afb4d7137fb3b \ + --hash=sha256:9056c1ecd25795207ad294bcf39f2db3d845767be0ea6e6a34d856f006006083 \ + --hash=sha256:936d68689298c36b53b29f23c6dbb74de12b4ac12ca6cfe0e047bedceea56180 \ + --hash=sha256:9b22676e8097e9e22e36d6b7bda33190d0d400f345f23d4065d48f4ca7ae0425 \ + --hash=sha256:a4d3091415f010369ae4ed1fc6b79def9416358877534caf6a0fdd2146c87a3e \ + --hash=sha256:a8786accb172bd8afb8be14490a16625cbc387036876ab6ba70912730faf8e1f \ + --hash=sha256:a9f8c2e67970f13b16084e04f134610fd1d374bf477b17ec1599185cf611d725 \ + --hash=sha256:bc2fa7c6b47d6bc618dd7fb02ef6fdedb1090ec036abab80d4681424b84c1183 \ + --hash=sha256:c70c95198c015b85feafc136515252a261a84561b7b1d51e3384e0655ddf25ab \ + --hash=sha256:cc1c1159b3d456576af7a3e4d1ba7e6924cb39de8f67111c735f6fc832082774 \ + --hash=sha256:ce826d6ef20b1bc864f0a68340c8b3287705cae2f8b4b1d932177dcc76721725 \ + --hash=sha256:d584d9ec91ad65861cc08d42e834324ef890a082e591037abe114850ff7bbc3e \ + --hash=sha256:d7fded462629cfa4b685c5416b949ebad6cec74af5e2d42905d41e257e0869f5 \ + --hash=sha256:d84a1718ee396f54f3a086ea0a66d8e552b2ab2017ef8b420e92edbc841c352d \ + --hash=sha256:d8e03406cac8513435335dbab54c0d385e4a49e4945d2909a581c83647ca0290 \ + --hash=sha256:e10ce637b18caea04431ce14fabcf5c64a1c61ec9c56b071a4b7ca131ca52d44 \ + --hash=sha256:ec031d5d2feb36d1d1a24380e4db6d43695f3748343d99434e6f5f9156aaa2ed \ + --hash=sha256:ef6107725bd54b262d6dedcc2af448a266975032bc85ef0172c5f059da6325b4 \ + --hash=sha256:efdca5630322a10774e8e98e1af481aad470dd62c3170801852d752aa7a783ba \ + --hash=sha256:f753120cb8181e736c57ef7636e83f31b9c0d1722c516f7e86cf15b7aa57ff12 \ + --hash=sha256:ff3824dc5261f50c9b0dfb3be22b4567a6f938ccce4587b38952d85fd9e9afe4 + # via pulp-cli +requests==2.32.3 \ + --hash=sha256:55365417734eb18255590a9ff9eb97e9e1da868d4ccd6402399eaf68af20a760 \ + --hash=sha256:70761cfe03c773ceb22aa2f671b4757976145175cdfca038c02654d061d6dcc6 + # via + # -r requirements.in + # pulp-glue +schema==0.7.7 \ + --hash=sha256:5d976a5b50f36e74e2157b47097b60002bd4d42e65425fcc9c9befadb4255dde \ + --hash=sha256:7da553abd2958a19dc2547c388cde53398b39196175a9be59ea1caf5ab0a1807 + # via pulp-cli +toml==0.10.2 \ + --hash=sha256:806143ae5bfb6a3c6e736a764057db0e6a0e05e338b5630894a5f779cabb4f9b \ + --hash=sha256:b3bda1d108d5dd99f4a20d24d9c348e91c4db7ab1b749200bded2f839ccbe68f + # via pulp-cli +urllib3==2.3.0 \ + --hash=sha256:1cee9ad369867bfdbbb48b7dd50374c0967a0bb7710050facf0dd6911440e3df \ + --hash=sha256:f8c5449b3cf0861679ce7e0503c7b44b5ec981bec0d1d3795a07f1ba96f0204d + # via requests diff --git a/meson/requirements.in b/meson/requirements.in index 395468003..3e75fc4d4 100644 --- a/meson/requirements.in +++ b/meson/requirements.in @@ -5,3 +5,4 @@ pyyaml==6.0.1 meson ninja invoke +requests==2.32.3 diff --git a/meson/requirements.txt b/meson/requirements.txt index 73f2f28e2..b4624b0bb 100644 --- a/meson/requirements.txt +++ b/meson/requirements.txt @@ -4,6 +4,108 @@ # # pip-compile --generate-hashes requirements.in # +certifi==2025.1.31 \ + --hash=sha256:3d5da6925056f6f18f119200434a4780a94263f10d1c21d032a6f6b2baa20651 \ + --hash=sha256:ca78db4565a652026a4db2bcdf68f2fb589ea80d0be70e03929ed730746b84fe + # via requests +charset-normalizer==3.4.1 \ + --hash=sha256:0167ddc8ab6508fe81860a57dd472b2ef4060e8d378f0cc555707126830f2537 \ + --hash=sha256:01732659ba9b5b873fc117534143e4feefecf3b2078b0a6a2e925271bb6f4cfa \ + --hash=sha256:01ad647cdd609225c5350561d084b42ddf732f4eeefe6e678765636791e78b9a \ + --hash=sha256:04432ad9479fa40ec0f387795ddad4437a2b50417c69fa275e212933519ff294 \ + --hash=sha256:0907f11d019260cdc3f94fbdb23ff9125f6b5d1039b76003b5b0ac9d6a6c9d5b \ + --hash=sha256:0924e81d3d5e70f8126529951dac65c1010cdf117bb75eb02dd12339b57749dd \ + --hash=sha256:09b26ae6b1abf0d27570633b2b078a2a20419c99d66fb2823173d73f188ce601 \ + --hash=sha256:09b5e6733cbd160dcc09589227187e242a30a49ca5cefa5a7edd3f9d19ed53fd \ + --hash=sha256:0af291f4fe114be0280cdd29d533696a77b5b49cfde5467176ecab32353395c4 \ + --hash=sha256:0f55e69f030f7163dffe9fd0752b32f070566451afe180f99dbeeb81f511ad8d \ + --hash=sha256:1a2bc9f351a75ef49d664206d51f8e5ede9da246602dc2d2726837620ea034b2 \ + --hash=sha256:22e14b5d70560b8dd51ec22863f370d1e595ac3d024cb8ad7d308b4cd95f8313 \ + --hash=sha256:234ac59ea147c59ee4da87a0c0f098e9c8d169f4dc2a159ef720f1a61bbe27cd \ + --hash=sha256:2369eea1ee4a7610a860d88f268eb39b95cb588acd7235e02fd5a5601773d4fa \ + --hash=sha256:237bdbe6159cff53b4f24f397d43c6336c6b0b42affbe857970cefbb620911c8 \ + --hash=sha256:28bf57629c75e810b6ae989f03c0828d64d6b26a5e205535585f96093e405ed1 \ + --hash=sha256:2967f74ad52c3b98de4c3b32e1a44e32975e008a9cd2a8cc8966d6a5218c5cb2 \ + --hash=sha256:2a75d49014d118e4198bcee5ee0a6f25856b29b12dbf7cd012791f8a6cc5c496 \ + --hash=sha256:2bdfe3ac2e1bbe5b59a1a63721eb3b95fc9b6817ae4a46debbb4e11f6232428d \ + --hash=sha256:2d074908e1aecee37a7635990b2c6d504cd4766c7bc9fc86d63f9c09af3fa11b \ + --hash=sha256:2fb9bd477fdea8684f78791a6de97a953c51831ee2981f8e4f583ff3b9d9687e \ + --hash=sha256:311f30128d7d333eebd7896965bfcfbd0065f1716ec92bd5638d7748eb6f936a \ + --hash=sha256:329ce159e82018d646c7ac45b01a430369d526569ec08516081727a20e9e4af4 \ + --hash=sha256:345b0426edd4e18138d6528aed636de7a9ed169b4aaf9d61a8c19e39d26838ca \ + --hash=sha256:363e2f92b0f0174b2f8238240a1a30142e3db7b957a5dd5689b0e75fb717cc78 \ + --hash=sha256:3a3bd0dcd373514dcec91c411ddb9632c0d7d92aed7093b8c3bbb6d69ca74408 \ + --hash=sha256:3bed14e9c89dcb10e8f3a29f9ccac4955aebe93c71ae803af79265c9ca5644c5 \ + --hash=sha256:44251f18cd68a75b56585dd00dae26183e102cd5e0f9f1466e6df5da2ed64ea3 \ + --hash=sha256:44ecbf16649486d4aebafeaa7ec4c9fed8b88101f4dd612dcaf65d5e815f837f \ + --hash=sha256:4532bff1b8421fd0a320463030c7520f56a79c9024a4e88f01c537316019005a \ + --hash=sha256:49402233c892a461407c512a19435d1ce275543138294f7ef013f0b63d5d3765 \ + --hash=sha256:4c0907b1928a36d5a998d72d64d8eaa7244989f7aaaf947500d3a800c83a3fd6 \ + --hash=sha256:4d86f7aff21ee58f26dcf5ae81a9addbd914115cdebcbb2217e4f0ed8982e146 \ + --hash=sha256:5777ee0881f9499ed0f71cc82cf873d9a0ca8af166dfa0af8ec4e675b7df48e6 \ + --hash=sha256:5df196eb874dae23dcfb968c83d4f8fdccb333330fe1fc278ac5ceeb101003a9 \ + --hash=sha256:619a609aa74ae43d90ed2e89bdd784765de0a25ca761b93e196d938b8fd1dbbd \ + --hash=sha256:6e27f48bcd0957c6d4cb9d6fa6b61d192d0b13d5ef563e5f2ae35feafc0d179c \ + --hash=sha256:6ff8a4a60c227ad87030d76e99cd1698345d4491638dfa6673027c48b3cd395f \ + --hash=sha256:73d94b58ec7fecbc7366247d3b0b10a21681004153238750bb67bd9012414545 \ + --hash=sha256:7461baadb4dc00fd9e0acbe254e3d7d2112e7f92ced2adc96e54ef6501c5f176 \ + --hash=sha256:75832c08354f595c760a804588b9357d34ec00ba1c940c15e31e96d902093770 \ + --hash=sha256:7709f51f5f7c853f0fb938bcd3bc59cdfdc5203635ffd18bf354f6967ea0f824 \ + --hash=sha256:78baa6d91634dfb69ec52a463534bc0df05dbd546209b79a3880a34487f4b84f \ + --hash=sha256:7974a0b5ecd505609e3b19742b60cee7aa2aa2fb3151bc917e6e2646d7667dcf \ + --hash=sha256:7a4f97a081603d2050bfaffdefa5b02a9ec823f8348a572e39032caa8404a487 \ + --hash=sha256:7b1bef6280950ee6c177b326508f86cad7ad4dff12454483b51d8b7d673a2c5d \ + --hash=sha256:7d053096f67cd1241601111b698f5cad775f97ab25d81567d3f59219b5f1adbd \ + --hash=sha256:804a4d582ba6e5b747c625bf1255e6b1507465494a40a2130978bda7b932c90b \ + --hash=sha256:807f52c1f798eef6cf26beb819eeb8819b1622ddfeef9d0977a8502d4db6d534 \ + --hash=sha256:80ed5e856eb7f30115aaf94e4a08114ccc8813e6ed1b5efa74f9f82e8509858f \ + --hash=sha256:8417cb1f36cc0bc7eaba8ccb0e04d55f0ee52df06df3ad55259b9a323555fc8b \ + --hash=sha256:8436c508b408b82d87dc5f62496973a1805cd46727c34440b0d29d8a2f50a6c9 \ + --hash=sha256:89149166622f4db9b4b6a449256291dc87a99ee53151c74cbd82a53c8c2f6ccd \ + --hash=sha256:8bfa33f4f2672964266e940dd22a195989ba31669bd84629f05fab3ef4e2d125 \ + --hash=sha256:8c60ca7339acd497a55b0ea5d506b2a2612afb2826560416f6894e8b5770d4a9 \ + --hash=sha256:91b36a978b5ae0ee86c394f5a54d6ef44db1de0815eb43de826d41d21e4af3de \ + --hash=sha256:955f8851919303c92343d2f66165294848d57e9bba6cf6e3625485a70a038d11 \ + --hash=sha256:97f68b8d6831127e4787ad15e6757232e14e12060bec17091b85eb1486b91d8d \ + --hash=sha256:9b23ca7ef998bc739bf6ffc077c2116917eabcc901f88da1b9856b210ef63f35 \ + --hash=sha256:9f0b8b1c6d84c8034a44893aba5e767bf9c7a211e313a9605d9c617d7083829f \ + --hash=sha256:aabfa34badd18f1da5ec1bc2715cadc8dca465868a4e73a0173466b688f29dda \ + --hash=sha256:ab36c8eb7e454e34e60eb55ca5d241a5d18b2c6244f6827a30e451c42410b5f7 \ + --hash=sha256:b010a7a4fd316c3c484d482922d13044979e78d1861f0e0650423144c616a46a \ + --hash=sha256:b1ac5992a838106edb89654e0aebfc24f5848ae2547d22c2c3f66454daa11971 \ + --hash=sha256:b7b2d86dd06bfc2ade3312a83a5c364c7ec2e3498f8734282c6c3d4b07b346b8 \ + --hash=sha256:b97e690a2118911e39b4042088092771b4ae3fc3aa86518f84b8cf6888dbdb41 \ + --hash=sha256:bc2722592d8998c870fa4e290c2eec2c1569b87fe58618e67d38b4665dfa680d \ + --hash=sha256:c0429126cf75e16c4f0ad00ee0eae4242dc652290f940152ca8c75c3a4b6ee8f \ + --hash=sha256:c30197aa96e8eed02200a83fba2657b4c3acd0f0aa4bdc9f6c1af8e8962e0757 \ + --hash=sha256:c4c3e6da02df6fa1410a7680bd3f63d4f710232d3139089536310d027950696a \ + --hash=sha256:c75cb2a3e389853835e84a2d8fb2b81a10645b503eca9bcb98df6b5a43eb8886 \ + --hash=sha256:c96836c97b1238e9c9e3fe90844c947d5afbf4f4c92762679acfe19927d81d77 \ + --hash=sha256:d7f50a1f8c450f3925cb367d011448c39239bb3eb4117c36a6d354794de4ce76 \ + --hash=sha256:d973f03c0cb71c5ed99037b870f2be986c3c05e63622c017ea9816881d2dd247 \ + --hash=sha256:d98b1668f06378c6dbefec3b92299716b931cd4e6061f3c875a71ced1780ab85 \ + --hash=sha256:d9c3cdf5390dcd29aa8056d13e8e99526cda0305acc038b96b30352aff5ff2bb \ + --hash=sha256:dad3e487649f498dd991eeb901125411559b22e8d7ab25d3aeb1af367df5efd7 \ + --hash=sha256:dccbe65bd2f7f7ec22c4ff99ed56faa1e9f785482b9bbd7c717e26fd723a1d1e \ + --hash=sha256:dd78cfcda14a1ef52584dbb008f7ac81c1328c0f58184bf9a84c49c605002da6 \ + --hash=sha256:e218488cd232553829be0664c2292d3af2eeeb94b32bea483cf79ac6a694e037 \ + --hash=sha256:e358e64305fe12299a08e08978f51fc21fac060dcfcddd95453eabe5b93ed0e1 \ + --hash=sha256:ea0d8d539afa5eb2728aa1932a988a9a7af94f18582ffae4bc10b3fbdad0626e \ + --hash=sha256:eab677309cdb30d047996b36d34caeda1dc91149e4fdca0b1a039b3f79d9a807 \ + --hash=sha256:eb8178fe3dba6450a3e024e95ac49ed3400e506fd4e9e5c32d30adda88cbd407 \ + --hash=sha256:ecddf25bee22fe4fe3737a399d0d177d72bc22be6913acfab364b40bce1ba83c \ + --hash=sha256:eea6ee1db730b3483adf394ea72f808b6e18cf3cb6454b4d86e04fa8c4327a12 \ + --hash=sha256:f08ff5e948271dc7e18a35641d2f11a4cd8dfd5634f55228b691e62b37125eb3 \ + --hash=sha256:f30bf9fd9be89ecb2360c7d94a711f00c09b976258846efe40db3d05828e8089 \ + --hash=sha256:fa88b843d6e211393a37219e6a1c1df99d35e8fd90446f1118f4216e307e48cd \ + --hash=sha256:fc54db6c8593ef7d4b2a331b58653356cf04f67c960f584edb7c3d8c97e8f39e \ + --hash=sha256:fd4ec41f914fa74ad1b8304bbc634b3de73d2a0889bd32076342a573e0779e00 \ + --hash=sha256:ffc9202a29ab3920fa812879e95a9e78b2465fd10be7fcbd042899695d75e616 + # via requests +idna==3.10 \ + --hash=sha256:12f65c9b470abda6dc35cf8e63cc574b1c52b11df2c86030af0ac09b01b13ea9 \ + --hash=sha256:946d195a0d259cbba61165e88e65941f16e9b36ea6ddb97f00452bae8b1287d3 + # via requests invoke==2.2.0 \ --hash=sha256:6ea924cc53d4f78e3d98bc436b08069a03077e6f85ad1ddaa8a116d7dad15820 \ --hash=sha256:ee6cbb101af1a859c7fe84f2a264c059020b0cb7fe3535f9424300ab568f6bd5 @@ -84,3 +186,11 @@ pyyaml==6.0.1 \ --hash=sha256:fd1592b3fdf65fff2ad0004b5e363300ef59ced41c2e6b3a99d4089fa8c5435d \ --hash=sha256:fd66fc5d0da6d9815ba2cebeb4205f95818ff4b79c3ebe268e75d961704af52f # via -r requirements.in +requests==2.32.3 \ + --hash=sha256:55365417734eb18255590a9ff9eb97e9e1da868d4ccd6402399eaf68af20a760 \ + --hash=sha256:70761cfe03c773ceb22aa2f671b4757976145175cdfca038c02654d061d6dcc6 + # via -r requirements.in +urllib3==2.3.0 \ + --hash=sha256:1cee9ad369867bfdbbb48b7dd50374c0967a0bb7710050facf0dd6911440e3df \ + --hash=sha256:f8c5449b3cf0861679ce7e0503c7b44b5ec981bec0d1d3795a07f1ba96f0204d + # via requests diff --git a/tasks.py b/tasks.py index b1da20bf2..2f8795bce 100644 --- a/tasks.py +++ b/tasks.py @@ -1,5 +1,7 @@ import os import time +import json +import requests from invoke import task from invoke.exceptions import Failure, UnexpectedExit @@ -1256,6 +1258,179 @@ def ci_build_and_install_quiche(c, repo): c.run('cp /usr/lib/libquiche.so /opt/dnsdist/lib/libquiche.so') break +pulp_cmd_prefix = " ".join([ + "pulp", + f"--base-url {os.getenv('PULP_URL', '')}", + f"--username {os.getenv('PULP_CI_USERNAME', '')}", + f"--password {os.getenv('PULP_CI_PASSWORD', '')}" +]) + +def run_pulp_cmd(c, cmd): + res = c.run(f'{pulp_cmd_prefix} {cmd}') + if res.exited != 0: + raise UnexpectedExit(res) + return res.stdout + +@task +def validate_pulp_credentials(c): + # Basic pulp command that require credentials to succeed + repo_name = os.getenv("PULP_REPO_NAME", '') + cmd = f'file repository show --repository {repo_name}' + run_pulp_cmd(c, cmd) + +@task +def pulp_upload_file_packages_by_folder(c, source): + repo_name = os.getenv("PULP_REPO_NAME", '') + for root, dirs, files in os.walk(source): + for path in files: + file = os.path.join(root, path).split('/',1)[1] + # file repositories have been configured with autopublish set to true + cmd = f'file content upload --repository {repo_name} --file {source}/{file} --relative-path {file}' + run_pulp_cmd(c, cmd) + +@task +def pulp_create_rpm_publication(c, product, list_os_rel, list_arch): + rpm_distros = ["centos", "el"] + for os_rel in json.loads(list_os_rel): + if not "el-" in os_rel: + break + release = os_rel.split('-')[1] + for arch in json.loads(list_arch): + for distro in rpm_distros: + repo_name = f"repo-{distro}-{release}-{arch}-{product}" + cmd = f'rpm publication create --repository {repo_name} --checksum-type sha256' + run_pulp_cmd(c, cmd) + +@task +def pulp_create_deb_publication(c): + deb_distros = ["debian", "ubuntu"] + for distro in deb_distros: + repo_name = f"repo-{distro}" + cmd = f'deb publication create --repository {repo_name}' + run_pulp_cmd(c, cmd) + +@task +def pulp_upload_rpm_packages_by_folder(c, source, product): + rpm_distros = ["centos", "el"] + builds = os.listdir(source) + + for build_folder in builds: + release = build_folder.split('.')[0].split('-')[1] + arch = build_folder.split('.')[1] + for distro in rpm_distros: + repo_name = f"repo-{distro}-{release}-{arch}-{product}" + for root, dirs, files in os.walk(f"{source}/{build_folder}"): + for path in files: + file = os.path.join(root, path).split('/',1)[1] + # Set chunk size to 500MB to avoid creating an "upload" instead of a file. Required for signing RPMs. + cmd = f'rpm content -t package upload --file {source}/{file} --repository {repo_name} --no-publish --chunk-size 500MB' + run_pulp_cmd(c, cmd) + +def get_pulp_repository_href(c, repo_name, repo_type): + cmd = f"{repo_type} repository show --name {repo_name} | jq -r '.pulp_href' | tr -d '\n'" + href = run_pulp_cmd(c, cmd) + return href + +def is_pulp_task_completed(c, task_href): + elapsed_time = 0 + check_interval = 5 + max_wait_time = 60 + + while elapsed_time < max_wait_time: + cmd = f"task show --href {task_href} | jq -r .state | tr -d '\n'" + task_state = run_pulp_cmd(c, cmd) + if task_state == "completed": + return True + time.sleep(check_interval) + elapsed_time += check_interval + + return False + +@task +def pulp_upload_deb_packages_by_folder(c, source, product): + builds = os.listdir(source) + upload_url = os.getenv('PULP_URL', '') + "/pulp/api/v3/content/deb/packages/" + headers = {"Content-Type": "application/json"} + auth = requests.auth.HTTPBasicAuth(os.getenv("PULP_CI_USERNAME", ""), os.getenv("PULP_CI_PASSWORD", "")) + + for build_folder in builds: + distro = build_folder.split('-')[0] + distribution = f"{build_folder.split('-')[1]}-{product}" + repo_name = f"repo-{distro}" + repository_href = get_pulp_repository_href(c, repo_name, "deb") + + for root, dirs, files in os.walk(source): + for path in files: + file = os.path.join(root, path).split('/',1)[1] + cmd = f"artifact upload --file {source}/{file} | jq -r '.pulp_href' | tr -d '\n'" + artifact_href = run_pulp_cmd(c, cmd) + + package_data = { + "repository": repository_href, + "distribution": distribution, + "component": "main", + "artifact": artifact_href + } + + try: + res = requests.post(upload_url, auth=auth, headers=headers, json=package_data) + res.raise_for_status() + except requests.exceptions.HTTPError as e: + raise Failure(f'Error creating DEB upload: {e}') + + task_href = res.json().get('task') + if not is_pulp_task_completed(c, task_href): + raise Failure('Error uploading DEB packages into Pulp') + +@task +def test_install_package(c, product_name, distro_release, content_url, gpgkey_url, package_name, package_version): + distro, release = distro_release.split('-')[:2] + repo_domain = content_url.split('/')[2] + is_rpm = True if distro == 'centos' or distro == 'el' else False + + if is_rpm: + image_name = 'oraclelinux' + else: + image_name = distro + # pdns package is called pdns-server for debian/ubuntu + package_name = 'pdns-server' if package_name == 'pdns' else package_name + + # version of packages from master or not releases have a different order than the package name + parts = package_version.split('.') + if len(parts) > 4: + if distro == 'el': + if 'master' in package_version: + package_version = f"{'.'.join(parts[:3])}.{parts[4]}.{parts[3]}.{'.'.join(parts[5:])}" + else: + package_version = f"{'.'.join(parts[:3])}-{parts[4]}.{parts[3]}.{'.'.join(parts[5:])}" + else: + package_version = f"{'.'.join(parts[:3])}+{parts[4]}.{parts[3]}.{'.'.join(parts[5:])}" + + # Add wildcards to work with and without releases + parts = package_version.split('-') + if len(parts) > 1: + package_version = f"{parts[0]}*{parts[1]}" if is_rpm else f"{parts[0]}~{parts[1]}" + + dockerfile_rpm = f''' +FROM {image_name}:{release} +RUN curl -L {content_url}/repo-files/{distro}-{product_name}.repo -o /etc/yum.repos.d/{distro}-{product_name}.repo +RUN yum install -y https://dl.fedoraproject.org/pub/epel/epel-release-latest-{release}.noarch.rpm +RUN yum install -y {package_name}-{package_version}* +''' + dockerfile_deb = f''' +FROM {image_name}:{release} +RUN apt update && apt install -y curl libluajit-5.1-dev adduser +RUN install -d /etc/apt/keyrings && curl -L {gpgkey_url} -o /etc/apt/keyrings/{product_name}-pub.asc +RUN echo "deb [signed-by=/etc/apt/keyrings/{product_name}-pub.asc] {content_url}/{distro} {release}-{product_name} main" | tee /etc/apt/sources.list.d/pdns.list +RUN bash -c 'echo -e "Package: auth*\\nPin: origin {repo_domain}\\nPin-Priority: 600" | tee /etc/apt/preferences.d/{product_name}' +RUN apt-get update && apt-get install -y {package_name}={package_version}* +''' + dockerfile = dockerfile_rpm if is_rpm else dockerfile_deb + with open('/tmp/Dockerfile', "w") as f: + f.write(dockerfile) + + c.run(f'docker build . -t test-build-{product_name}-{distro_release}:latest -f /tmp/Dockerfile') + # this is run always def setup(): if '/usr/lib/ccache' not in os.environ['PATH']: