has been a while that I’m trying different tools to automate our building process. I tested antbs (the antergos build system) and was good, but very complicated to maintain, and some part of the code very specific for antergos OS.
So I decided to give a try to the gitlab CI (Continuous Integration). My interest started after reading this post: https://about.gitlab.com/2016/10/12/automated-debian-package-build-with-gitlab-ci/
why not do the same for chakra? in fact gitlab CI is an automated build server, conceived to build a single program, but in reality the system can call scripts one after the others.
Gitlab CI is based on a configuration file called .gitlab-ci.yml, were are defined all the build stages with its configurations. After lot of testing I decided to split the build process in 3 parts
The whole process is based on the gitlab runner, this are machines that execute the Pipelines with its Jobs when triggered by the main gitlab process. We can consider them as slave, they do the job and report back the artefacts done. Different runners can build at the same time different packages, depending of the Tag assigned.
The runners are basically docker container that runs a chakra container (chakra-bootstrap)
The before_script is in charge to load our chakra continer and configure the basic environment. It consists to generate a builder user, initialize ssh and gpg agents and sync our repository.
The prepare.sh script will modify makepkg and the configuration in order to build with the chakra custom configurations (as already done with our build scripts).
Then the import-validpgpkeys.sh is called to parse the PKGBUILD and import the valid keys.
In order to build something you need a trigger. In our case I decided to build any PKGBUILD or .order file found in the commit files. I created some special scripts that can handle the build process. The gitlab ci interface is very clean, and the build process can be monitored directly on the webpage (or with the android app too )
How to trigger a build
is very simple! you have multiple choices:
- push a modified PKGBUILD
- push multiple modified PKGBUILDs
- push a .order file
How is build
the script build.sh is called by gitlab, this script will handle the whole build process, is divided in 3 main parts:
the list of files that must be build is generated, every PKGBUILD found in the commit is added to the build array, every .order file is parsed and the list of pkgs added to the same build array
this function sort the build array in order to observe the dependency tree
build the packages, what else?
the operation above “build” generate some artefacts (*.tar.gz.xz). With the sign operation we sign those packages. The signature is the “Chakra Build Server”, and does not belong to any real user. I created a new private key and then imported in gitlab to be exposed when the pkg is signed.
as usual there is a script that list the packages and its signatures to be uploaded (rsync) on our server. Then through ssh the akbm script is called to sync the .db.
I decided to upload everything build automatically on [staging], then is the developer that has to move it in the proper repository.
- building single or multiple PKGBUILD works
- building a .order list does not work, because the import-validpgpkeys.sh is not able to parse the PKGBUILD if there is an external reference (source, like for kf5/plasma group)
- sign works with the custom Chakra Build server key (to be released with the dev team)
- deploy on [staging] works
For everyday use gitlab can be the solution, you upload a PKGBUILD and you have it done on [staging] (you can monitor the build process, and get notifications in case of failure). You can update packages with your smartphone, you have only to push the changes. And… can be your primary tool! (almost)
My concern starts with the “groups”, let me explain what I mean:
imaging that you want to update Plasma, you have to modify some PKGBUILD an then the .order/.sums/config files.
Consider now to push the .order file, and the build process will start automatically, but after some packages it fails. In order to fix the build you have to push a new commit (and include the .order file) and wait again that all the packages are build. This process can take lot of time, prepare-build-error-push-build-error-push-build… I know, is very rigorous, but is what we are looking for? any better idea how to handle that?
We can use the commit comment to trigger a group build! can be an alternative? otherwise we have to commit at every change the .order file, and to do that we need to modify something on it to be seen by git.
gitlab ci provides already a special key that can be used inside the git comment in order to skip the build, is [ci skip] or [skip ci]. We can use a similar approach…
Questions? you want to try it?
I enabled my testing repository to almost all chakra devs, if not, ask me the access.
The repository is: https://gitlab.com/AlmAck/chakra-build/
Please, any feedback is welcome, we are at the early stage, needs a lot of improvements!