diff --git a/.packit.yaml b/.packit.yaml new file mode 100644 index 0000000000..8751f03164 --- /dev/null +++ b/.packit.yaml @@ -0,0 +1,61 @@ +# This file is used by the Packit service. +# Currently it is used for the gating of pull requests. +# +# See the documentation for more information: +# https://packit.dev/docs/configuration/ + +# We need a specfile to build the RPM package. +# But instead of storing it in this repository, +# we use the one that exists already in src.fedoraproject.org/rpms/golang. +# In particular, we use the specfile from the branch `eln`. +# We'll create the temporary folder .packit_rpm to store the content of the +# Fedora repository. +specfile_path: .packit_rpm/golang.spec + +# We need to tell Packit which files to sync from the upstream repository. +files_to_sync: + - .packit.yaml + - ./scripts/packit.sh + - src: .packit_rpm/golang.spec + dest: golang.spec + +srpm_build_deps: + - golang + - net-tools + - openssl-devel + - glibc-static + - perl-interpreter + - procps-ng + +# The name of the package in the upstream repository. +upstream_package_name: golang +# The name of the package in Fedora. +downstream_package_name: golang +# Use a different tag template for the upstream repository. +#upstream_tag_template: "v{version}" + +actions: + create-archive: + - "bash ./scripts/packit.sh create-archive" + post-upstream-clone: + # Use the Fedora ELN package. + - "git clone https://src.fedoraproject.org/rpms/golang.git .packit_rpm --branch eln" + fix-spec-file: + # Fix the specfile by running the ./scripts/packit.sh script + # We cannot put the content of the script inside the yaml due to limitations of the format + - "bash ./scripts/packit.sh" + +jobs: + # Build the package in Fedora ELN when a pull request is opened. + # It can be requested by adding a comment with the text: /packit copr-build + # This will run the job in the Copr project `alexsaezm/golang-fips`. + - job: copr_build + trigger: pull_request + owner: alexsaezm + project: go-fips + targets: + - fedora-eln-aarch64 + - fedora-eln-ppc64le + - fedora-eln-s390x + - fedora-eln-x86_64 + diff --git a/scripts/packit.sh b/scripts/packit.sh new file mode 100755 index 0000000000..35cb235995 --- /dev/null +++ b/scripts/packit.sh @@ -0,0 +1,33 @@ +#!/usr/bin/env bash +# This script execute a set of steps needed by the .packit.yaml file + +# Detect the Go version targeted in the PR +version=$(awk '/github.com\/golang\/go/ {gsub(/[: "go]/, "", $2); print $2}' config/versions.json) +# Split the version using '.' as the delimiter +IFS='.' read -ra parts <<< "$version" +# Extract the first two parts and store in go_api +go_api="${parts[0]}.${parts[1]}" +# Extract the third part and store in go_patch +go_patch="${parts[2]}" +# Create a high package release number. This is a dirty hack. +pkg_release="99" + +package="go$version-$pkg_release-openssl-fips" + +if [ "$1" = "create-archive" ]; then + git archive --verbose --output $package.tar.gz --prefix go-$package/ HEAD + ls -1t ./go*-openssl-fips.tar.gz | head -n 1 +else + # Drop fedora.go file + rm -fv .packit_rpm/fedora.go + sed -i '/SOURCE2/d' .packit_rpm/golang.spec + sed -i '/fedora.go/d' .packit_rpm/golang.spec + # Drop all the patches, we don't know if they can be apply to the new code + rm -fv .packit_rpm/*.patch + sed -ri '/^Patch[0-9]*:.+$/d' .packit_rpm/golang.spec + + # Update the Go version in golang.spec with the value of $go_api and $go_patch + sed -i "s/%global go_api .*/%global go_api $go_api/" .packit_rpm/golang.spec + sed -i "s/%global go_patch .*/%global go_patch $go_patch/" .packit_rpm/golang.spec + sed -i "s/%global pkg_release .*/%global pkg_release $pkg_release/" .packit_rpm/golang.spec +fi