diff options
| -rw-r--r-- | Jenkinsfile | 130 | ||||
| -rwxr-xr-x | data/live-build-config/hooks/live/18-enable-disable_services.chroot | 2 | ||||
| -rw-r--r-- | data/live-build-config/includes.chroot/etc/sudoers.d/openvpn | 2 | ||||
| -rw-r--r-- | docker/Dockerfile | 1 |
4 files changed, 45 insertions, 90 deletions
diff --git a/Jenkinsfile b/Jenkinsfile index 28f3fcb7..6b1ca4ae 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -1,6 +1,5 @@ #!/usr/bin/env groovy - -// Copyright (C) 2018 VyOS maintainers and contributors +// Copyright (C) 2019 VyOS maintainers and contributors // // This program is free software; you can redistribute it and/or modify // in order to easy exprort images built to "external" world @@ -18,7 +17,8 @@ @NonCPS def getGitBranchName() { - return scm.branches[0].name + def branch = scm.branches[0].name + return branch.split('/')[-1] } def getGitRepoURL() { @@ -40,7 +40,6 @@ def setDescription() { // build up the main description text def description = "" description += "<h2>Build VyOS ISO image</h2>" - description += "All required Vyatta/VyOS packages are build from source prior to assembling the ISO." if (isCustomBuild()) { description += "<p style='border: 3px dashed red; width: 50%;'>" @@ -71,6 +70,9 @@ pipeline { timeout(time: 4, unit: 'HOURS') parallelsAlwaysFailFast() } + triggers { + cron('H 2 * * *') + } agent { dockerfile { filename 'Dockerfile' @@ -79,103 +81,51 @@ pipeline { args '--privileged --sysctl net.ipv6.conf.lo.disable_ipv6=0 -e GOSU_UID=1006 -e GOSU_GID=1006' } } - stages { - stage('VyOS Packages') { - steps { - script { - def build = [:] - // get a list of available package from scripts/build-packages - packageList = sh( - script: "scripts/build-packages -l | grep '*' | sed -e 's/ \\* //'", - returnStdout: true - ).split("\r?\n") - - packageList.each { pkg -> - skipList = ['vyos-kernel', 'vyos-wireguard', 'vyos-accel-ppp'] - if (pkg in skipList) { - return - } - - // add each object from 'packageList' to the 'build' array - build[pkg] = { - // we're already in the script{} block, so do our advanced stuff here - sh( - script: "scripts/build-packages -vvv -b ${pkg}", - returnStdout: true - ) - } - } - // Still within the 'Script' block, run the parallel array object - parallel build - } - } - } - - stage('Kernel') { - steps { - sh "scripts/build-packages -vvv -b vyos-kernel" - } - } - - stage('Kernel Modules') { - steps { - script { - def build = [:] - kernelModules = ['vyos-wireguard', 'vyos-accel-ppp'] - kernelModules.each { pkg -> - // add each object from 'packageList' to the 'build' array - build[pkg] = { - // we're already in the script{} block, so do our advanced stuff here - sh( - script: "scripts/build-packages -vvv -b ${pkg}", - returnStdout: true - ) - } - } - // Still within the 'Script' block, run the parallel array object - parallel build - } - } - } - - stage('Intel Drivers') { + stage('Configure') { steps { - sh "KSRC=\$(pwd)/packages/vyos-kernel scripts/build-intel-drivers" - } - } - - stage('List Packages') { - steps { - sh "find packages/ -maxdepth 1 -type f -print0 | xargs -0r ls" + sh """ + pwd + ./configure --build-by="autobuild@vyos.net" --debian-mirror="http://ftp.us.debian.org/debian/" + """ } } - - stage('ISO Image') { + stage('Build') { steps { - sh ''' - #!/bin/sh - - # we do not want to fetch VyOS packages from the mirror, - # we rather prefer all build by ourself! - sed -i '/vyos_repo_entry/d' scripts/live-build-config - - # remove debug packages - rm -f packages/*-dbg_*.deb - - # Configure the ISO - ./configure --build-by="autobuild@vyos.net" --debian-mirror="http://ftp.us.debian.org/debian/" - - # Finally build our ISO + sh """ sudo make iso - ''' + """ } } } - post { success { - archiveArtifacts artifacts: 'build/live-image-*.iso', fingerprint: true + // publish build result, using SSH-dev.packages.vyos.net Jenkins Credentials + sshagent(['SSH-dev.packages.vyos.net']) { + script { + // build up some fancy groovy variables so we do not need to write/copy + // every option over and over again! + def ARCH = sh(returnStdout: true, script: "dpkg --print-architecture").trim() + def SSH_DIR = '/home/sentrium/web/downloads.vyos.io/public_html/rolling/' + getGitBranchName() + '/' + ARCH + def SSH_OPTS = '-o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no' + def SSH_REMOTE = 'khagen@10.217.48.113' + + // No need to explicitly check the return code. The pipeline + // will fail if sh returns a non 0 exit code + sh """ + ssh ${SSH_OPTS} ${SSH_REMOTE} -t "bash --login -c 'mkdir -p ${SSH_DIR}'" + """ + sh """ + ssh ${SSH_OPTS} ${SSH_REMOTE} -t "bash --login -c 'mkdir -p ${SSH_DIR}'" + """ + sh """ + ssh ${SSH_OPTS} ${SSH_REMOTE} -t "bash --login -c 'find ${SSH_DIR} -type f -mtime +14 -exec rm -f {} \\;'" + """ + sh """ + scp ${SSH_OPTS} build/vyos*.iso ${SSH_REMOTE}:${SSH_DIR}/ + """ + } + } } cleanup { echo 'One way or another, I have finished' diff --git a/data/live-build-config/hooks/live/18-enable-disable_services.chroot b/data/live-build-config/hooks/live/18-enable-disable_services.chroot index 787510e0..0caed88a 100755 --- a/data/live-build-config/hooks/live/18-enable-disable_services.chroot +++ b/data/live-build-config/hooks/live/18-enable-disable_services.chroot @@ -39,3 +39,5 @@ systemctl disable strongswan.service systemctl disable frr.service systemctl disable salt-minion.service systemctl disable nginx.service + +systemctl enable vyos-hostsd.service diff --git a/data/live-build-config/includes.chroot/etc/sudoers.d/openvpn b/data/live-build-config/includes.chroot/etc/sudoers.d/openvpn new file mode 100644 index 00000000..7c5454a0 --- /dev/null +++ b/data/live-build-config/includes.chroot/etc/sudoers.d/openvpn @@ -0,0 +1,2 @@ +openvpn ALL=(ALL) NOPASSWD: /sbin/ip +Defaults:openvpn !requiretty diff --git a/docker/Dockerfile b/docker/Dockerfile index 041a9260..1052a8e8 100644 --- a/docker/Dockerfile +++ b/docker/Dockerfile @@ -174,6 +174,7 @@ RUN apt-get update && apt-get install -y \ # Prerequisites for building rtrlib # see http://docs.frrouting.org/projects/dev-guide/en/latest/building-frr-for-debian8.html RUN apt-get update && apt-get install -y \ + graphviz \ doxygen \ libssh-dev \ libssl-dev |