-
Notifications
You must be signed in to change notification settings - Fork 367
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Add APT repository preparation and upload scripts
Build an apt/deb repository on builds and store locally on the build server. Also push it to development infra instantly. Push to staging if it's a release. And store locally for manual push to production later
- Loading branch information
Showing
4 changed files
with
171 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,18 @@ | ||
#!/usr/bin/env bash | ||
# | ||
# Buildserver configuration. Runtime values are defined here instead of | ||
# the scripts where they are used. | ||
|
||
# Which gpg key to sign things with | ||
export CODE_SIGNING_KEY_FINGERPRINT="A1198702FC3E0A09A9AE5B75D5A1D4F266DE8DDF" | ||
|
||
# Debian codenames we support. | ||
SUPPORTED_DEB_CODENAMES=("sid" "testing" "bookworm" "bullseye") | ||
# Ubuntu codenames we support (latest two LTS + latest non-LTS) | ||
SUPPORTED_DEB_CODENAMES+=("jammy" "focal" "lunar") | ||
export SUPPORTED_DEB_CODENAMES | ||
|
||
# Servers to upload Linux deb/rpm repositories to | ||
export DEV_LINUX_REPOSITORY_SERVERS=("se-got-cdn-001.devmole.eu" "se-got-cdn-002.devmole.eu") | ||
export STAGING_LINUX_REPOSITORY_SERVERS=("se-got-cdn-001.stagemole.eu" "se-got-cdn-002.stagemole.eu") | ||
export PRODUCTION_LINUX_REPOSITORY_SERVERS=("se-got-cdn-111.mullvad.net" "se-mma-cdn-101.mullvad.net") |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,59 @@ | ||
#!/usr/bin/env bash | ||
# | ||
# Usage: ./prepare-apt-repository.sh <artifact dir> <app version> <repository dir> | ||
# | ||
# Will create a deb repository in <repository dir> and add all .deb files from | ||
# <artifact dir> matching <app version> to the repository. | ||
|
||
set -eu | ||
|
||
SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )" | ||
|
||
source "$SCRIPT_DIR/buildserver-config.sh" | ||
|
||
artifact_dir=$1 | ||
version=$2 | ||
repo_dir=$3 | ||
|
||
function generate_repository_configuration { | ||
local codename=$1 | ||
|
||
echo -e "Origin: repository.mullvad.net | ||
Label: Mullvad apt repository | ||
Description: Mullvad package repository for Debian/Ubuntu | ||
Codename: $codename | ||
Architectures: amd64 arm64 | ||
Components: main | ||
SignWith: $CODE_SIGNING_KEY_FINGERPRINT" | ||
} | ||
|
||
function generate_deb_distributions_content { | ||
local distributions="" | ||
for codename in "${SUPPORTED_DEB_CODENAMES[@]}"; do | ||
distributions+=$(generate_repository_configuration "$codename")$'\n'$'\n' | ||
distributions+=$(generate_repository_configuration "$codename"-testing)$'\n'$'\n' | ||
done | ||
echo "$distributions" | ||
} | ||
|
||
function add_deb_to_repo { | ||
local deb_path=$1 | ||
local codename=$2 | ||
echo "Adding $deb_path to repository $codename" | ||
reprepro -V --basedir "$repo_dir" --component main includedeb "$codename" "$deb_path" | ||
} | ||
|
||
echo "Generating deb repository into $repo_dir/" | ||
mkdir -p "$repo_dir/conf" | ||
|
||
echo "Writing repository configuration to $repo_dir/conf/distributions" | ||
generate_deb_distributions_content > "$repo_dir/conf/distributions" | ||
echo "" | ||
|
||
for deb_path in "$artifact_dir"/MullvadVPN-"$version"*.deb; do | ||
for codename in "${SUPPORTED_DEB_CODENAMES[@]}"; do | ||
add_deb_to_repo "$deb_path" "$codename" | ||
echo "" | ||
done | ||
echo "" | ||
done |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,76 @@ | ||
#!/usr/bin/env bash | ||
# | ||
# Usage: ./publish-linux-repositories.sh [--production/--staging] <app version> <deb repository dir> | ||
# | ||
# Rsyncs a locally prepared and stored apt repository to the dev/staging/production | ||
# repository servers. | ||
|
||
set -eu | ||
|
||
SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )" | ||
|
||
source "$SCRIPT_DIR/buildserver-config.sh" | ||
|
||
while [ "$#" -gt 0 ]; do | ||
case "$1" in | ||
"--production") | ||
repository_servers=("${PRODUCTION_LINUX_REPOSITORY_SERVERS[@]}") | ||
;; | ||
"--staging") | ||
repository_servers=("${STAGING_LINUX_REPOSITORY_SERVERS[@]}") | ||
;; | ||
"--dev") | ||
repository_servers=("${DEV_LINUX_REPOSITORY_SERVERS[@]}") | ||
;; | ||
-*) | ||
echo "Unknown option \"$1\"" >&2 | ||
exit 1 | ||
;; | ||
*) | ||
if [[ -z ${version+x} ]]; then | ||
version=$1 | ||
elif [[ -z ${deb_repo_dir+x} ]]; then | ||
deb_repo_dir=$1 | ||
else | ||
echo "Too many arguments" >&2 | ||
exit 1 | ||
fi | ||
;; | ||
esac | ||
shift | ||
done | ||
|
||
if [[ -z ${version+x} ]]; then | ||
echo "Please give the release version as an argument to this script" >&2 | ||
exit 1 | ||
fi | ||
if [[ -z ${deb_repo_dir+x} ]]; then | ||
echo "Please specify the deb repository directory as an argument to this script" >&2 | ||
exit 1 | ||
fi | ||
if [[ -z ${repository_servers+x} ]]; then | ||
echo "Pass either --dev, --staging or --production to select target servers" >&2 | ||
exit 1 | ||
fi | ||
|
||
function rsync_repo { | ||
local local_repo_dir=$1 | ||
local remote_repo_dir=$2 | ||
|
||
for server in "${repository_servers[@]}"; do | ||
echo "Syncing to $server:$remote_repo_dir" | ||
rsync -av --delete --mkpath --rsh='ssh -p 1122' \ | ||
"$local_repo_dir"/ \ | ||
build@"$server":"$remote_repo_dir" | ||
done | ||
} | ||
|
||
if [[ ! -d "$deb_repo_dir" ]]; then | ||
echo "$deb_repo_dir does not exist" >&2 | ||
exit 1 | ||
fi | ||
|
||
rsync_repo "$deb_repo_dir" "deb/beta" | ||
if [[ $version != *"-beta"* ]]; then | ||
rsync_repo "$deb_repo_dir" "deb/stable" | ||
fi |