From 660ce9ccb96fdd235211b4461a2ec02061e76eaa Mon Sep 17 00:00:00 2001 From: Noah Botimer Date: Wed, 3 Jul 2024 17:58:00 -0400 Subject: [PATCH] Switch to using fpm for Debian package builds - Simplify the structure of the directories since we map included files in the fpm invocation - Remove the DEBIAN directories and move control file values to fpm parameters in per-package build scripts - Add VERSION files to each build directory as a simple way to update the version number manually or with automation - Separate each package build to its own stage in order to normalize them and be able to target them individually for release - Simplify the structure within the build containers to cut down on noise in the Dockerfile and use simple, conventional paths - Add aggregation stage for collecting all packages from /debs/out --- apache/Dockerfile | 48 ++++++++++++------- apache/debpkgs/http-check/DEBIAN/control | 8 ---- apache/debpkgs/http-check/VERSION | 1 + apache/debpkgs/http-check/build | 18 +++++++ .../mod-authn-remoteuser/DEBIAN/control | 8 ---- apache/debpkgs/mod-authn-remoteuser/VERSION | 1 + apache/debpkgs/mod-authn-remoteuser/build | 20 ++++++++ .../authn_remoteuser.conf | 0 .../authn_remoteuser.load | 1 - apache/debpkgs/mod-lauth/DEBIAN/control | 8 ---- apache/debpkgs/mod-lauth/VERSION | 1 + apache/debpkgs/mod-lauth/build | 23 +++++++++ .../mods-available => conf}/lauth.conf | 0 .../mods-available => conf}/lauth.load | 1 - .../debpkgs/mod-lauth/{DEBIAN => }/postinst | 0 apache/debpkgs/package | 18 ------- docker-compose.yml | 2 +- 17 files changed, 97 insertions(+), 61 deletions(-) delete mode 100644 apache/debpkgs/http-check/DEBIAN/control create mode 100644 apache/debpkgs/http-check/VERSION create mode 100755 apache/debpkgs/http-check/build delete mode 100644 apache/debpkgs/mod-authn-remoteuser/DEBIAN/control create mode 100644 apache/debpkgs/mod-authn-remoteuser/VERSION create mode 100755 apache/debpkgs/mod-authn-remoteuser/build rename apache/debpkgs/mod-authn-remoteuser/{etc/apache2/mods-available => conf}/authn_remoteuser.conf (100%) rename apache/debpkgs/mod-authn-remoteuser/{etc/apache2/mods-available => conf}/authn_remoteuser.load (88%) delete mode 100644 apache/debpkgs/mod-lauth/DEBIAN/control create mode 100644 apache/debpkgs/mod-lauth/VERSION create mode 100755 apache/debpkgs/mod-lauth/build rename apache/debpkgs/mod-lauth/{etc/apache2/mods-available => conf}/lauth.conf (100%) rename apache/debpkgs/mod-lauth/{etc/apache2/mods-available => conf}/lauth.load (84%) rename apache/debpkgs/mod-lauth/{DEBIAN => }/postinst (100%) delete mode 100755 apache/debpkgs/package diff --git a/apache/Dockerfile b/apache/Dockerfile index 0228dad..af22a62 100644 --- a/apache/Dockerfile +++ b/apache/Dockerfile @@ -43,26 +43,42 @@ RUN meson configure -Dtests=true -Dintegration-tests=true && meson compile CMD ["meson", "test", "-v"] ### -FROM build-base AS packages +FROM ruby:3.2.4 AS package-base -COPY ./apache/debpkgs /lauth/apache/debpkgs -WORKDIR /lauth/apache/debpkgs +RUN apt update && apt install -y --no-install-recommends binutils +RUN gem install fpm +RUN mkdir -p /debs/out +WORKDIR /debs -# http-check -COPY --from=module /lauth/apache/build/http-check /lauth/apache/debpkgs/http-check/usr/bin/ -RUN ./package http-check +### http-check .deb +FROM package-base AS http-check +COPY ./apache/debpkgs/http-check . -# mod-authn-remoteuser -COPY --from=module /usr/lib/apache2/modules/mod_authn_remoteuser.so /lauth/apache/debpkgs/mod-authn-remoteuser/usr/lib/apache2/modules/ -RUN ./package mod-authn-remoteuser +COPY --from=module /lauth/apache/build/http-check . +RUN ./build && mv *.deb *.changes out/ -# mod-lauth -COPY --from=module /usr/local/ /lauth/apache/debpkgs/mod-lauth/usr/ -COPY --from=module /usr/lib/apache2/modules/mod_lauth.so /lauth/apache/debpkgs/mod-lauth/usr/lib/apache2/modules/ -RUN ./package mod-lauth +### mod-authn-remoteuser .deb +FROM package-base AS mod-authn-remoteuser +COPY ./apache/debpkgs/mod-authn-remoteuser . -# Docker Compose Volume Mapping Directory -COPY ./apache/packages /lauth/apache/packages +COPY --from=module /usr/lib/apache2/modules/mod_authn_remoteuser.so . +RUN ./build && mv *.deb *.changes out/ + +### mod-lauth .deb +FROM package-base AS mod-lauth +COPY ./apache/debpkgs/mod-lauth . + +COPY --from=module /usr/lib/apache2/modules/mod_lauth.so . +RUN ./build && cp *.deb *.changes out/ + +### +FROM package-base AS packages +WORKDIR /debs/out + +COPY --from=http-check /debs/out/* . +COPY --from=mod-authn-remoteuser /debs/out/* . +COPY --from=mod-lauth /debs/out/* . +CMD ["ls", "-la"] ## FROM debian:bullseye-slim AS server @@ -75,7 +91,7 @@ RUN apt update; \ RUN a2enmod authz_groupfile cgid headers proxy proxy_http remoteip rewrite # install debian packages: http-check, mod-authn-remoteuser, mod-lauth -COPY --from=packages /lauth/apache/debpkgs/*.deb /tmp +COPY --from=packages /debs/out/*.deb /tmp RUN dpkg -i /tmp/*.deb RUN rm -f /tmp/*.deb diff --git a/apache/debpkgs/http-check/DEBIAN/control b/apache/debpkgs/http-check/DEBIAN/control deleted file mode 100644 index 6c49806..0000000 --- a/apache/debpkgs/http-check/DEBIAN/control +++ /dev/null @@ -1,8 +0,0 @@ -Package: http-check -Version: 0.0.0 -Architecture: ARCH -Essential: no -Priority: optional -Depends: apache2 -Maintainer: University of Michigan Library Information Technology -Description: Health Check for Apache2 diff --git a/apache/debpkgs/http-check/VERSION b/apache/debpkgs/http-check/VERSION new file mode 100644 index 0000000..8acdd82 --- /dev/null +++ b/apache/debpkgs/http-check/VERSION @@ -0,0 +1 @@ +0.0.1 diff --git a/apache/debpkgs/http-check/build b/apache/debpkgs/http-check/build new file mode 100755 index 0000000..1fa5e89 --- /dev/null +++ b/apache/debpkgs/http-check/build @@ -0,0 +1,18 @@ +#!/usr/bin/env bash + +if [ ! -f "VERSION" ]; then + echo "VERSION file is missing!" + exit -1 +fi + +fpm --input-type dir \ + --output-type deb \ + --architecture native \ + --deb-generate-changes \ + \ + --name http-check \ + --version "$( /dev/null && pwd ) -echo "Building Debian Package from ${PACKAGE_DIR}" - -# Hardware Architecture -ARCH=$(arch | sed s/aarch64/arm64/ | sed s/x86_64/amd64/) - -# Substitute $ARCH for ARCH in control file -sed -i "s/ARCH/$ARCH/g" ${PACKAGE_DIR}/DEBIAN/control - -# Parse control file to create package name -PACKAGE_NAME=$( cat ${PACKAGE_DIR}/DEBIAN/control | awk '$1=="Package:" {print $2} $1=="Version:" {print $2} $1=="Architecture:" {print $2}' | tr '\n' '_' | sed 's/.$//' ) - -# Build package -mv ${PACKAGE_DIR} $(dirname ${PACKAGE_DIR})/${PACKAGE_NAME} -dpkg --build $(dirname ${PACKAGE_DIR})/${PACKAGE_NAME} diff --git a/docker-compose.yml b/docker-compose.yml index 27218b9..a031b7c 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -119,7 +119,7 @@ services: restart: "no" volumes: - ./apache/packages:/lauth/apache/packages - command: ["sh", "-c", "cp *.deb /lauth/apache/packages"] + command: ["sh", "-c", "cp *.deb *.changes /lauth/apache/packages"] mock-api: profiles: [ "test", "integration" ]