From 9bb3794416cfa245b75ec972d7d1a9a3122aff45 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Alejandro=20S=C3=A1ez?= Date: Thu, 9 Nov 2023 16:45:12 +0100 Subject: [PATCH] Enable Packit integration in pull requests This feature adds support for Packit and the Packit bot. It adds two files: - .packit.yaml: Defines the tasks. It can be expanded later in case other features are attractive. - scripts/packit.sh: Variables can't be passed due to YAML limitations, and some commands with complex structures fail. Hence the script. The features inside the script are complex to use outside the Packit system; instead of having two scripts, two different functionalities are inside this file. How it works: When a PR is open or has changed, the bot packit-as-a-service will detect them. Then, three stages are run: - create-archive: this stage will run scripts/packit.sh using a create-archive argument that triggers git archive. Packit default functionality in this stage fails. By default, it thinks we are trying to substitute the Go upstream tarball. post-upstream-clone: this stage will clone the ELN branch inside a new folder named .packit_rpm. - fix-spec-file: Several actions performed by scripts/packit.sh are executed here. It detects the version targeted in the PR, fakes the spec file previously downloaded in the second stage, and removes the patches that Fedora carries because those changes will likely conflict with the changes in the pull request. --- .packit.yaml | 61 +++++++++++++++++++++++++++++++++++++++++++++++ scripts/packit.sh | 33 +++++++++++++++++++++++++ 2 files changed, 94 insertions(+) create mode 100644 .packit.yaml create mode 100755 scripts/packit.sh diff --git a/.packit.yaml b/.packit.yaml new file mode 100644 index 0000000000..8751f03164 --- /dev/null +++ b/.packit.yaml @@ -0,0 +1,61 @@ +# This file is used by the Packit service. +# Currently it is used for the gating of pull requests. +# +# See the documentation for more information: +# https://packit.dev/docs/configuration/ + +# We need a specfile to build the RPM package. +# But instead of storing it in this repository, +# we use the one that exists already in src.fedoraproject.org/rpms/golang. +# In particular, we use the specfile from the branch `eln`. +# We'll create the temporary folder .packit_rpm to store the content of the +# Fedora repository. +specfile_path: .packit_rpm/golang.spec + +# We need to tell Packit which files to sync from the upstream repository. +files_to_sync: + - .packit.yaml + - ./scripts/packit.sh + - src: .packit_rpm/golang.spec + dest: golang.spec + +srpm_build_deps: + - golang + - net-tools + - openssl-devel + - glibc-static + - perl-interpreter + - procps-ng + +# The name of the package in the upstream repository. +upstream_package_name: golang +# The name of the package in Fedora. +downstream_package_name: golang +# Use a different tag template for the upstream repository. +#upstream_tag_template: "v{version}" + +actions: + create-archive: + - "bash ./scripts/packit.sh create-archive" + post-upstream-clone: + # Use the Fedora ELN package. + - "git clone https://src.fedoraproject.org/rpms/golang.git .packit_rpm --branch eln" + fix-spec-file: + # Fix the specfile by running the ./scripts/packit.sh script + # We cannot put the content of the script inside the yaml due to limitations of the format + - "bash ./scripts/packit.sh" + +jobs: + # Build the package in Fedora ELN when a pull request is opened. + # It can be requested by adding a comment with the text: /packit copr-build + # This will run the job in the Copr project `alexsaezm/golang-fips`. + - job: copr_build + trigger: pull_request + owner: alexsaezm + project: go-fips + targets: + - fedora-eln-aarch64 + - fedora-eln-ppc64le + - fedora-eln-s390x + - fedora-eln-x86_64 + diff --git a/scripts/packit.sh b/scripts/packit.sh new file mode 100755 index 0000000000..35cb235995 --- /dev/null +++ b/scripts/packit.sh @@ -0,0 +1,33 @@ +#!/usr/bin/env bash +# This script execute a set of steps needed by the .packit.yaml file + +# Detect the Go version targeted in the PR +version=$(awk '/github.com\/golang\/go/ {gsub(/[: "go]/, "", $2); print $2}' config/versions.json) +# Split the version using '.' as the delimiter +IFS='.' read -ra parts <<< "$version" +# Extract the first two parts and store in go_api +go_api="${parts[0]}.${parts[1]}" +# Extract the third part and store in go_patch +go_patch="${parts[2]}" +# Create a high package release number. This is a dirty hack. +pkg_release="99" + +package="go$version-$pkg_release-openssl-fips" + +if [ "$1" = "create-archive" ]; then + git archive --verbose --output $package.tar.gz --prefix go-$package/ HEAD + ls -1t ./go*-openssl-fips.tar.gz | head -n 1 +else + # Drop fedora.go file + rm -fv .packit_rpm/fedora.go + sed -i '/SOURCE2/d' .packit_rpm/golang.spec + sed -i '/fedora.go/d' .packit_rpm/golang.spec + # Drop all the patches, we don't know if they can be apply to the new code + rm -fv .packit_rpm/*.patch + sed -ri '/^Patch[0-9]*:.+$/d' .packit_rpm/golang.spec + + # Update the Go version in golang.spec with the value of $go_api and $go_patch + sed -i "s/%global go_api .*/%global go_api $go_api/" .packit_rpm/golang.spec + sed -i "s/%global go_patch .*/%global go_patch $go_patch/" .packit_rpm/golang.spec + sed -i "s/%global pkg_release .*/%global pkg_release $pkg_release/" .packit_rpm/golang.spec +fi