mirror
/
go-ethereum
mirror of https://github.com/ethereum/go-ethereum
2
0
Fork 1
Code Issues Releases Wiki Activity

build: use SFTP for launchpad uploads (#19037)

Browse Source 
* build: use sftp for launchpad uploads

* .travis.yml: configure sftp export

* build: update CI docs
pull/19043/head
Felix Lange 6 years ago committed by Péter Szilágyi
parent 6cb7d52a29
commit 3de19c8b31
4 changed files with 60 additions and 21 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 4
      .travis.yml
  2. 13
      build/ci-notes.md
  3. 56
      build/ci.go
  4. 8
      build/dput-launchpad.cf

4
.travis.yml
Unescape View File

@ -68,8 +68,10 @@ matrix:
- debhelper - debhelper
- dput - dput
- fakeroot - fakeroot
- python-bzrlib
- python-paramiko
script: script:
- go run build/ci.go debsrc -signer "Go Ethereum Linux Builder <geth-ci@ethereum.org>" -upload ppa:ethereum/ethereum - go run build/ci.go debsrc -upload ppa:ethereum/ethereum -sftp-user geth-ci -signer "Go Ethereum Linux Builder <geth-ci@ethereum.org>"
# This builder does the Linux Azure uploads # This builder does the Linux Azure uploads
- if: type = push - if: type = push

13
build/ci-notes.md
Unescape View File

@ -7,11 +7,18 @@ Canonical.
Packages of develop branch commits have suffix -unstable and cannot be installed alongside Packages of develop branch commits have suffix -unstable and cannot be installed alongside
the stable version. Switching between release streams requires user intervention. the stable version. Switching between release streams requires user intervention.
## Launchpad
The packages are built and served by launchpad.net. We generate a Debian source package The packages are built and served by launchpad.net. We generate a Debian source package
for each distribution and upload it. Their builder picks up the source package, builds it for each distribution and upload it. Their builder picks up the source package, builds it
and installs the new version into the PPA repository. Launchpad requires a valid signature and installs the new version into the PPA repository. Launchpad requires a valid signature
by a team member for source package uploads. The signing key is stored in an environment by a team member for source package uploads.
variable which Travis CI makes available to certain builds.
The signing key is stored in an environment variable which Travis CI makes available to
certain builds. Since Travis CI doesn't support FTP, SFTP is used to transfer the
packages. To set this up yourself, you need to create a Launchpad user and add a GPG key
and SSH key to it. Then encode both keys as base64 and configure 'secret' environment
variables `PPA_SIGNING_KEY` and `PPA_SSH_KEY` on Travis.
We want to build go-ethereum with the most recent version of Go, irrespective of the Go We want to build go-ethereum with the most recent version of Go, irrespective of the Go
version that is available in the main Ubuntu repository. In order to make this possible, version that is available in the main Ubuntu repository. In order to make this possible,
@ -27,7 +34,7 @@ Add the gophers PPA and install Go 1.10 and Debian packaging tools:
$ sudo apt-add-repository ppa:gophers/ubuntu/archive $ sudo apt-add-repository ppa:gophers/ubuntu/archive
$ sudo apt-get update $ sudo apt-get update
$ sudo apt-get install build-essential golang-1.10 devscripts debhelper $ sudo apt-get install build-essential golang-1.10 devscripts debhelper python-bzrlib python-paramiko
Create the source packages: Create the source packages:

56
build/ci.go
Unescape View File

@ -441,11 +441,8 @@ func archiveBasename(arch string, archiveVersion string) string {
func archiveUpload(archive string, blobstore string, signer string) error { func archiveUpload(archive string, blobstore string, signer string) error {
// If signing was requested, generate the signature files // If signing was requested, generate the signature files
if signer != "" { if signer != "" {
pgpkey, err := base64.StdEncoding.DecodeString(os.Getenv(signer)) key := getenvBase64(signer)
if err != nil { if err := build.PGPSignFile(archive, archive+".asc", string(key)); err != nil {
return fmt.Errorf("invalid base64 %s", signer)
}
if err := build.PGPSignFile(archive, archive+".asc", string(pgpkey)); err != nil {
return err return err
} }
} }
@ -489,6 +486,7 @@ func doDebianSource(cmdline []string) {
var ( var (
signer = flag.String("signer", "", `Signing key name, also used as package author`) signer = flag.String("signer", "", `Signing key name, also used as package author`)
upload = flag.String("upload", "", `Where to upload the source package (usually "ppa:ethereum/ethereum")`) upload = flag.String("upload", "", `Where to upload the source package (usually "ppa:ethereum/ethereum")`)
sshUser = flag.String("sftp-user", "", `Username for SFTP upload (usually "geth-ci")`)
workdir = flag.String("workdir", "", `Output directory for packages (uses temp dir if unset)`) workdir = flag.String("workdir", "", `Output directory for packages (uses temp dir if unset)`)
now = time.Now() now = time.Now()
) )
@ -498,11 +496,7 @@ func doDebianSource(cmdline []string) {
maybeSkipArchive(env) maybeSkipArchive(env)
// Import the signing key. // Import the signing key.
if b64key := os.Getenv("PPA_SIGNING_KEY"); b64key != "" { if key := getenvBase64("PPA_SIGNING_KEY"); len(key) > 0 {
key, err := base64.StdEncoding.DecodeString(b64key)
if err != nil {
log.Fatal("invalid base64 PPA_SIGNING_KEY")
}
gpg := exec.Command("gpg", "--import") gpg := exec.Command("gpg", "--import")
gpg.Stdin = bytes.NewReader(key) gpg.Stdin = bytes.NewReader(key)
build.MustRun(gpg) build.MustRun(gpg)
@ -523,12 +517,45 @@ func doDebianSource(cmdline []string) {
build.MustRunCommand("debsign", changes) build.MustRunCommand("debsign", changes)
} }
if *upload != "" { if *upload != "" {
build.MustRunCommand("dput", "--passive", "--no-upload-log", *upload, changes) uploadDebianSource(*workdir, *upload, *sshUser, changes)
} }
} }
} }
} }
func uploadDebianSource(workdir, ppa, sshUser, changes string) {
// Create the dput config file.
dputConfig := filepath.Join(workdir, "dput.cf")
p := strings.Split(ppa, "/")
if len(p) != 2 {
log.Fatal("-upload PPA name must contain single /")
}
templateData := map[string]string{
"LaunchpadUser": p[0],
"LaunchpadPPA": p[1],
"LaunchpadSSH": sshUser,
}
if sshkey := getenvBase64("PPA_SSH_KEY"); len(sshkey) > 0 {
idfile := filepath.Join(workdir, "sshkey")
ioutil.WriteFile(idfile, sshkey, 0600)
templateData["IdentityFile"] = idfile
}
build.Render("build/dput-launchpad.cf", dputConfig, 0644, templateData)
// Run dput to do the upload.
dput := exec.Command("dput", "-c", dputConfig, "--no-upload-log", ppa, changes)
dput.Stdin = strings.NewReader("Yes\n") // accept SSH host key
build.MustRun(dput)
}
func getenvBase64(variable string) []byte {
dec, err := base64.StdEncoding.DecodeString(os.Getenv(variable))
if err != nil {
log.Fatal("invalid base64 " + variable)
}
return []byte(dec)
}
func makeWorkdir(wdflag string) string { func makeWorkdir(wdflag string) string {
var err error var err error
if wdflag != "" { if wdflag != "" {
@ -800,15 +827,10 @@ func doAndroidArchive(cmdline []string) {
os.Rename(archive, meta.Package+".aar") os.Rename(archive, meta.Package+".aar")
if *signer != "" && *deploy != "" { if *signer != "" && *deploy != "" {
// Import the signing key into the local GPG instance // Import the signing key into the local GPG instance
b64key := os.Getenv(*signer) key := getenvBase64(*signer)
key, err := base64.StdEncoding.DecodeString(b64key)
if err != nil {
log.Fatalf("invalid base64 %s", *signer)
}
gpg := exec.Command("gpg", "--import") gpg := exec.Command("gpg", "--import")
gpg.Stdin = bytes.NewReader(key) gpg.Stdin = bytes.NewReader(key)
build.MustRun(gpg) build.MustRun(gpg)
keyID, err := build.PGPKeyID(string(key)) keyID, err := build.PGPKeyID(string(key))
if err != nil { if err != nil {
log.Fatal(err) log.Fatal(err)

8
build/dput-launchpad.cf
Unescape View File

@ -0,0 +1,8 @@
[{{.LaunchpadUser}}/{{.LaunchpadPPA}}]
fqdn = ppa.launchpad.net
method = sftp
incoming = ~{{.LaunchpadUser}}/ubuntu/{{.LaunchpadPPA}}/
login = {{.LaunchpadSSH}}
{{ if .IdentityFile }}
ssh_options = IdentityFile {{.IdentityFile}}
{{ end }}
Write Preview
Loading…
Cancel
Save