Feature #54061

Provide apt-repository for our custom scripts & tools

Added by Andri Steiner about 6 years ago. Updated over 2 years ago.

Status:
Closed
Priority:
Should have
Assignee:
Target version:
-
Start date:
2013-11-29
Due date:
% Done:

60%


Description

  1. Create Package fpm-recipes
    https://github.com/steinair/fpm-recipes/commit/d8089da424998c620a4c17d9fff9042d5a04647b
  1. Setup Repository
    https://wiki.debian.org/SettingUpSignedAptRepositoryWithReprepro
    sudo apt-get install reprepro
    reprepro includedeb wheezy ../packages/mysql-tuning-primer_28-typo3-1_amd64.deb
    gpg --armor --export A2134D46 > gpg.key
    rsync -avz gpg.key pool dists :~/www/debian/
  1. Use Repository
    wget -O - http://xxx/debian/gpg.key | apt-key add -
    echo "deb http://xxx/ wheezy typo3" > /etc/apt/sources.list.d/typo3.list

History

#1 Updated by Andri Steiner about 6 years ago

Open Questions

  • where do we compile Packages (Jenkins Server)
  • where and how do we sign Packages (Jenkins Server)
  • should we use a new GPG Key or is there an existing one

decided at the Server Team Sprint November 2013

  • Origin/Label (=> TYPO3 Server Admin Team)
  • Codename: wheezy
  • Architecture: amd64, noarch
  • Components: typo3infrastructure (not typo3 to avoid confusion - this is not a Repository for TYPO3 Packages but a Repository for the TYPO3 Server Team)

#2 Updated by Steffen Gebert about 6 years ago

Hi Andri,

yes, I'd like to see the whole pipeline implemented in jenkins. Can we have a job template that we use as starting point for setting up the particular package jobs that we have? I'm not a Jenkins expert (at all..).

There's no GPG key, yet.

Anything else unanswered?

Thanks for your help!
Steffen

#3 Updated by Steffen Gebert about 6 years ago

Another requirement that I would see is to add existing @.deb@s from external sources (that are either not in any repo (like chef) or could be just under our control (could imagine that for nginx or varnish repos)).

Would we have one job per package (chef-client, chef-server, nginx) or would it be one job, where we just pass the URL or upload the .deb?

#4 Updated by Andri Steiner almost 6 years ago

Everything is up & running on my own internal Jenkins Server. Adding existing Packages is very easy, just skip the Compiling stuff but only fetch the Package from somewhere and add it to the Repository. I'm not sure about the GPG Key on the Jenkins Server for Security Reasons. AFAIK there are many other Projekts on this Server (every TYPO3 Extension?) who could access this Key then. The same would apply to the SSH Key which is required to upload those Packages to the Package Server.

#5 Updated by Steffen Gebert almost 6 years ago

Thanks Andri, cool news! There is no way that we separate the jobs from each other?

#6 Updated by Andri Steiner almost 6 years ago

At least on our internal Server everything is executed as "jenkins" User. Maybe there are some other solutions but i've never seen something like that, however im not a jenkins expert and never thought about this before.

#7 Updated by Andri Steiner almost 6 years ago

  • Status changed from Needs Feedback to Accepted
  • % Done changed from 0 to 60

Implemented at the Server Team Sprint March 2014

  • Jenkins Server
  • Docker Installation
  • Script to create and update Docker Images
  • Script to create Docker Containers and run appropriate Commands
  • Scripts to fetch and/or compile Software according to our needs
  • glue everything together with different Jenkins Jobs

to do

  • activate Package sync to pkg.typo3.0rg
  • move fpm build process to a own Docker Container with Wheezy only
  • move GIT Repository from my personal GitHub Account to where ever it belongs
  • Documentation
  • create Jenkins Jobs and compile Scripts for all required Packages and Distributions

#9 Updated by Bastian Bringenberg over 2 years ago

  • Status changed from Accepted to Closed

Also available in: Atom PDF