diff options
author | algobolson <45948765+algobolson@users.noreply.github.com> | 2019-06-12 12:04:48 -0400 |
---|---|---|
committer | GitHub <noreply@github.com> | 2019-06-12 12:04:48 -0400 |
commit | 812c9b843e3ba8ddae9648669d0c34f61e571b22 (patch) | |
tree | 01ae29c1508fd37062083ebc7d79d5a6be666af3 | |
parent | c7f8a9bdf0f295312c522f4a6d07da6356ed7659 (diff) |
prod build fixes (#8)origin/masterorigin/HEAD
* fix rpm bulid by passing env vars into it
* commit bulidnumber.dat so that we have a clean checkout and precise hash to compile in
* https and gpg key
-rwxr-xr-x[-rw-r--r--] | installer/rpm/RPM-GPG-KEY-Algorand | 85 | ||||
-rw-r--r-- | installer/rpm/algorand.repo | 6 | ||||
-rwxr-xr-x | scripts/build_release.sh | 66 | ||||
-rw-r--r-- | scripts/build_release_centos_docker.sh | 2 | ||||
-rw-r--r-- | scripts/build_release_local.sh | 5 | ||||
-rw-r--r-- | scripts/build_release_setup.sh | 12 | ||||
-rwxr-xr-x | scripts/build_rpm.sh | 2 |
7 files changed, 156 insertions, 22 deletions
diff --git a/installer/rpm/RPM-GPG-KEY-Algorand b/installer/rpm/RPM-GPG-KEY-Algorand index e69de29bb..d503252cf 100644..100755 --- a/installer/rpm/RPM-GPG-KEY-Algorand +++ b/installer/rpm/RPM-GPG-KEY-Algorand @@ -0,0 +1,85 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- + +mQGNBFz/pAIBDADXyIjyU4pjcyTelWUBoqLHgBp0aACFFZdvm/86t5BSGpqVdQmS +sxg2s5QfChcmWbBnScTI61ojyDPXDEyelUgjXu5p2Ujz4QWLizlAyUGt9P7fHwkB +RR6cYNFtp2xztVHE00aLMbwbmdpv8tbMbBZDgUW0gTYT1Ha17baBBKQL/u+RypOx +fPRwNsnwJ8rZVJYgHqkOc49rL1t2aCdWztXs54Bdd0j39B2NBdd6WGjaOwdkp10s +xrsKCAyDQg/XU2G30ypAxa7zueIqvPkW27dKc4W9juUzoiRNUepUuChfVM+uwkF4 +IHjZvB3II4n0+SLLnw8kovEdQtbDZSc78Lj9bF/5Q1cJR3lTG2gGV69UWO/kKRER +mqxjGRjQZrJ5wScLtnZ9aDAJ+HLNSXh/eE+zBynMcF2VBEwFRsYjmxRvu063ZKdl +n+yANmGG8kcjc2lrx4f+mEth/i0BNpUJYJl0Y4Yh1QP1hAo8C7w1tfqKsKD5z/UJ +5mhozyw0l87JU/sAEQEAAbQmQWxnb3JhbmQgZGV2ZWxvcGVycyA8ZGV2QGFsZ29y +YW5kLmNvbT6JAc4EEwEKADgWIQRhHelKOW8BNZxyr1btrNKdoQpOpgUCXP+kAgIb +AwULCQgHAgYVCgkICwIEFgIDAQIeAQIXgAAKCRDtrNKdoQpOpmyGC/0eQrg0lYNz +7OWRBjgvvMtL9uODxXRc7C2tMzIwlqaJ/ZqCYimLbwDg9RJSdCFa9EYIpbXn9Dsz +6wjiyRd4TQuEom10b2CY5Pm/FJB5p/LHctdSSb3IM0kDaQSmfo8wW7aTdlwOYexz +zSI2MzNYt4HWEkjp5MJbmGZSuGPRWI2OL1irDJUvphoK6pvFYUeocTsufHi46ZOl +4T9s8+9EWv8jPPiIXAGmUbK3cNXvwGTe+rmEBwXC3l864x1X/bDVG9ZbAOJRolje +IKUhdqh7DAWj1NVwx+KPGfqZIdeNDz2ATf9ZEWAbYRKhd6C6tbMIU9rXrpMPnFKk +Q7+EXh+lH2BgMcatnnIrBfj9bdnUHpisA+cWkIL7XwpQVTHv/uyeORqFL632/Z+B +WkSjs+fO72umzXQUh6x7q/B8emaKrljE6L7C1BLfJJnKz4+jTRwSo5EJS6oW6eda +ZpUuJm+VTA6NTcJs4+WlqFe+pZQeslZLom1S1H6m6czyTV7Z/zXNc7q5AY0EXP+k +AgEMAN/JndhoZAdKqFzBBh/P1an9c2LHeG70fLFAEplgkB0ndmqQQYtZqAshOVO4 +8KEuEYJnugj4/NSUgJUcUwq5E+rrC8r2ZIYm1vW95NaeAzXpMvDVZ414GYuUXpSu +oMoF+VAJn+hkilLpvAQFGvsvE70BokIQiDp2s5bZpvQFScH+nUlDl3plG6hWjmDU +VNRx6YPCrFTScB+8Ap585dOIqlkWZIyqn89l2K+ceetMfjUyIlaWO+VkTxaHIAt6 +prPN8UrAy6vZmyFMZZrI1+/9U0JaHRrogSIE4lrJqdbz+wfX7UPepUR/DJUpNwFc +eKnPb7fwkJEC2DfCpsRcX1jgB4vYhhDgh6X0qdvNr8udc0uWoHGmUzO/WeRdHVBG +4twTnscxbViMA0skH6J/F4Y8qm1KQ6rQjO0duKNYvyFjDpx1tpX7bburKMMK1Zo8 +lZSL7ZD0PIO2RrURK1tecIZP9TaP1qCvhKdR4xW8OzGhO/cPdNAaC5t5qdGW/FtL +Eh6/SQARAQABiQG2BBgBCgAgFiEEYR3pSjlvATWccq9W7azSnaEKTqYFAlz/pAIC +GwwACgkQ7azSnaEKTqb4dQv+KY80JMfxOBYOj1VM31Zc67T/C8nD7M3qI3ylkXf8 +eK3vi8DRUaBbz50b8zWadTW2ohUe3PQJoheRUQyVFQbO2BiD+qxkmxUJ71jXW5Fq +cB3hcx1BFePkWz1IlsVdTFtVPJVyBCnOFz+zQwBD9pX1lBoVtK9Wh/7jUaWoc6h3 +mXEWHREnJwrdAcxYVSZuiZEBAvESjpe61KaCiacTquxbOIPPPjt08jQzE3SciRKM +wWqp/mvx3hWWFTI5lMvppeEKaNb/C/NTmheVJnt25O8v7Y1KA8ENWnBltmgEcQe9 +tU86vZ2nagtJW03Rj+AYTQzg7MeHis+iWlOGYlTtev4hVz4Lmiv2LoMjhK7lpAth +u6MtcPKxP/nC9se4m2lO86711qPkgS/f9Rcp7vlwcThr9lOtiIRj5e2afapSzeh1 +QdLcO25IFC2J1ed9S+GD2uBxFRDB/D8Pr3J5jvUUCeaYnVhCRrWqN+1tGhHUedDe +yVjCxLOgqpmA0uZgGnpmTPpBuQGNBFz/qNkBDADAjrCex5F5tnfmAmPL2j3G/bAY +4d4g3ybGnsX0AzLmiBJ+X54wxtPLHRwFWr04yD6B9dzMln4S3yuYIkj1tfuSIuu3 +DifbwDOixPNK7yFuFD14Or4n9d1ehN8KexIXmgnFu1cPHecglEihtK2TzvycN6J/ +ri2xcGnTEQFgQoCIohiSK53tj/+BXZS6LyQCek8Zdm9dBJm2Ed796sjIlxXOhqbI +g+GP7VksIIgLVdHmbvrPLdZrKiXrmBxpEmWBILSWPslDwkobpC+Q9V6jUE+qjypF +/Dut4PB8F+7iK+VZaEmsdNx6HjkQdgLcFDwhzb2UjDlO+EmWdBZb2gCmrUQIbSmh +gXIgIa2n0U+qQrWYkRUXSD130mPzIK2dvysO4eKYuikNOwUw/0EIfg+GWus7ISnx +eDehopTffxVdQovSXckMAgXbf/zrr4LmPOTl0v3q6V7cpmG/Up4HB4dEzn4zclo0 +Lfd2c6slsM4D/pX53j/hvgh5ddKystSl2lO7OzsAEQEAAYkDcgQYAQoAJhYhBGEd +6Uo5bwE1nHKvVu2s0p2hCk6mBQJc/6jZAhsCBQkDwmcAAcAJEO2s0p2hCk6mwPQg +BBkBCgAdFiEE8usQMbz1qT5q5sJ+GUfcABZXaNIFAlz/qNkACgkQGUfcABZXaNLU +ewv+IHfJMcq8AXc6po4jHdeD8w5pqkluw3LL9Zr/dwrr5J5ej+ev9dr365GPMWxi +3hZMNWCvalk5lpen2lIBpBbIYnCpsS3VLczk9g3xBJbHuIYC+as7q2eEXS+Ei2HJ +O4x6m9jkCb0YqMkfTsQPiqr5rXgNqPFX79b5e8awU/f/ldJEJFMPfHXvQsP5skqF +czIjwgms1p84PAUrPAWE7RzQEpe0f9dsuXtwOTE6r54TGThpxbZlKPlD2ij9nDqf +gFNFTaRFEa2fCEODzVZkIRtYtg2oOn8fc6PqY8U+aEWYC98QO0d4Rzs+EgRu7KgJ +FdJEbb8YntZzNaCZt72+ilR9qA4AX6/ehfbROYlAib/oY14NdMJSksVDgNVrKWnZ +DkEwHB0Jdkm00glNNcTbQnYHWKHn3LIngAhKDQa00/axgvqZxmzses2RsCVgRtAu +OjWz4qO2qSwbwEYcul/JCWRn2BA8Bm5cFmUPv8dzROJw6AdUp0IQNCIncy6W+jSh +AH5iwn8L+wU5GuY2t1cNuyWxH4g37wdsL/LI2qcoZEKoMjh9cQAVuBOukcAR1KIu +xxUC9FWvfrJhCaPdt45WYPS4gSGI1GAbH4LwDW8gPV7FmEkSmzXXmOhKxjtAGx7D +M8vMq6hqRhK8vWMfoQyL4MTDtiJKeBXKYmILNx5hBgMy9T9nMBA4vCNFfQB+1+Ou +dpHOuTApBpGX+nF38zOV0LhRtOyukL9UKG3XIH0weWPBNHOLAtj4GwXA2MuPWgsV +adBgAHd/nEJtnF+kj4P79DulPtpyoHEY8z8Ee51mulyFllcQvlv0cDFhXme2b1Mp +rErIeRO5VQq0+luOOtxujybeXfOmrhTQlDaDCeI1MUQLmwFHi5GD4VuLGD2da+jR +512tRd5lBFOOQgeq/B9ffvIf/I6uXAqJdIllmkTWkAbQWCFbgt4fKKaZJOcCdEQ0 +/q8+bDDMCHVuVuM1zmy+Z7PR6VMBFMcI8XAwUIaNAMpAADtqKXAvq+iQgilTp9DB +oCU73hn6+7kBjQRc/6mWAQwA35SzNifCKFWb+iX+OcPj3h4FTlHW55zrSvJLhnTG +SARz9odxzVCzq3JYS4VsTNAHmdXr2TV+Gs4HsU1IZzX5fs7N+rA8qi/eOyctEZjm +ZS0+U3fseofh00N6vwNSU3CIRcLQvJy7XvoTFGQ7n6QZ000SHMUkH9Hf3A9dHmcJ +mYHXHl24CSlzik0FkxGhN+yGIpn6eh+caAG2x559q+lWq5fh6OyMpdkD73Y+2ybS +c1FYUopzaf1XOACRvi9qOQE5gq9RVdoqDecTB3LEmCEAxCKir074MvbLNBgFUo/J +QYoJJOgsIGjyTvP2PhySpt/AeYTG5hBI7dOjvt0oDBGT4IA+8CDy57N2yx8MxdNO +H0oe+8CUZh3RK0wZsVpamKAViRpYkXFFHbnphsGXDo/LrzoWHAKdk3+rPknNSSrm +u8l+UUf7ZV771B7JYrmXHpZh2eZyNKtqqPr4lSgTdOEsj2IBpeNx/EgE7chE/FsP +umOR60fQPH3o6ndbbjuVIb/VABEBAAGJAbwEGAEKACYWIQRhHelKOW8BNZxyr1bt +rNKdoQpOpgUCXP+plgIbDAUJA8JnAAAKCRDtrNKdoQpOprafC/9GWT0iAfhOL9y5 +6W34EaWHpUZTbTWOtKJzmf6T2s3Sz7zozB/GnGFR/92hrfKRDx1YhGabthbwhepu +/gkkhvkHYv+IhNA+Wt0BcvXmcDFwjH88W88vupjdXc4EU9eyx+0JI17M6/GrBGOw +WDUX9ok+dAW/RW5pReBTYZy2Q+TCrBvDHRRha2SAk2nQXGshHgUDD8XOp7HmG69s +20kAFOWLVSgBexelLPmF/NMpOLHUSW3zF4Ca+C6vH62Ob78ANf3Wytvz5mgIq47j +iZxOhKorukl1m3jJ+IaXamXsPvF37D5wBnA/JRYRXzHTK3LpZsJmbV5zjb0a2yZA +16KXscwl8VLpr7NmwywM+rgaGNtN5WEUw2KA69O+IeLydBsVBJCbSDCGaS1a4NDa +wAkN3cg1XMoDNO5+kRr4C9Nj7A8LOYBIFQezfqPjGP6cbAnbhdefM1QRc9IvW75Z +yH2U78m7vGV5jf5FqKUrytzNYmcqWruiNMHDonGlzaqpmq5K3H8= +=IQbt +-----END PGP PUBLIC KEY BLOCK----- diff --git a/installer/rpm/algorand.repo b/installer/rpm/algorand.repo index 111e10912..dd0f37b4f 100644 --- a/installer/rpm/algorand.repo +++ b/installer/rpm/algorand.repo @@ -1,6 +1,6 @@ [algorand] -name=Algorand repository for $basearch -baseurl=http://tbd.algorand.com/rpm/algorand/$basearch +name=Algorand +baseurl=https://releases.algorand.com/rpm/stable/ enabled=1 gpgcheck=1 -gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-Algorand +gpgkey=https://releases.algorand.com/key.pub diff --git a/scripts/build_release.sh b/scripts/build_release.sh index 967cb5d35..ad2a4cf82 100755 --- a/scripts/build_release.sh +++ b/scripts/build_release.sh @@ -46,6 +46,7 @@ OS=${PLATFORM_SPLIT[0]} ARCH=${PLATFORM_SPLIT[1]} export BRANCH=rel/stable export CHANNEL=$(./scripts/compute_branch_channel.sh ${BRANCH}) +export DEFAULTNETWORK=$(./scripts/compute_branch_network.sh) export PKG_ROOT=${HOME}/node_pkg export VARIATIONS="base" # tell underlying 'build' scripts we already built @@ -58,13 +59,34 @@ fi BUILD_NUMBER= if [ -e buildnumber.dat ]; then BUILD_NUMBER=$(cat ./buildnumber.dat) + BUILD_NUMBER=$((${BUILD_NUMBER} + 1)) else BUILD_NUMBER=0 fi -BUILD_NUMBER=$((${BUILD_NUMBER} + 1)) echo ${BUILD_NUMBER} > ./buildnumber.dat +git add -A +git commit -m "Build ${BUILD_NUMBER}" +git push export FULLVERSION=$(./scripts/compute_build_number.sh -f) +# a bash user might `source build_env` to manually continue a broken build +cat <<EOF>${HOME}/build_env +export RELEASE_GENESIS_PROCESS=${RELEASE_GENESIS_PROCESS} +export TRANSITION_TELEMETRY_BUILDS=${TRANSITION_TELEMETRY_BUILDS} +PLATFORM=${PLATFORM} +OS=${OS} +ARCH=${ARCH} +export BRANCH=${BRANCH} +export CHANNEL=${CHANNEL} +export DEFAULTNETWORK=${DEFAULTNETWORK} +export PKG_ROOT=${PKG_ROOT} +export VARIATIONS=${VARIATIONS} +RSTAMP=${RSTAMP} +BUILD_NUMBER=${BUILD_NUMBER} +export FULLVERSION=${FULLVERSION} +EOF +# strip leading 'export ' for docker --env-file +sed 's/^export //g' < ${HOME}/build_env > ${HOME}/build_env_docker # Build! scripts/configure_dev.sh @@ -75,20 +97,6 @@ make build scripts/build_packages.sh "${PLATFORM}" -# Tag Source -git add -A -git commit -m "Build ${BUILD_NUMBER}" - -TAG=${BRANCH}-${FULLVERSION} -if [ ! -z "${SIGNING_KEY_ADDR}" ]; then - git tag -s -u "${SIGNING_KEY_ADDR}" ${TAG} -m "Genesis Timestamp: $(cat ./genesistimestamp.dat)" -else - git tag -s ${TAG} -m "Genesis Timestamp: $(cat ./genesistimestamp.dat)" -fi -git push origin ${TAG} - -git archive --prefix=algorand-${FULLVERSION}/ "${TAG}" | gzip > ${PKG_ROOT}/algorand_${CHANNEL}_source_${FULLVERSION}.tar.gz - # Run RPM bulid in Centos7 Docker container sg docker "docker build -t algocentosbuild - < scripts/centos-build.Dockerfile" @@ -99,8 +107,19 @@ fi rm -rf ${GOPATH}/src/github.com/algorand/go-algorand/crypto/lib # do the RPM build -sg docker "docker run --mount type=bind,src=${GOPATH}/src,dst=/root/go/src --mount type=bind,src=${HOME},dst=/root/subhome --mount type=bind,src=/usr/local/go,dst=/usr/local/go -a stdout -a stderr algocentosbuild /root/go/src/github.com/algorand/go-algorand/scripts/build_release_centos_docker.sh" +sg docker "docker run --env-file ${HOME}/build_env_docker --mount type=bind,src=${GOPATH}/src,dst=/root/go/src --mount type=bind,src=${HOME},dst=/root/subhome --mount type=bind,src=/usr/local/go,dst=/usr/local/go -a stdout -a stderr algocentosbuild /root/go/src/github.com/algorand/go-algorand/scripts/build_release_centos_docker.sh" +# Tag Source + +TAG=${BRANCH}-${FULLVERSION} +if [ ! -z "${SIGNING_KEY_ADDR}" ]; then + git tag -s -u "${SIGNING_KEY_ADDR}" ${TAG} -m "Genesis Timestamp: $(cat ./genesistimestamp.dat)" +else + git tag -s ${TAG} -m "Genesis Timestamp: $(cat ./genesistimestamp.dat)" +fi +git push origin ${TAG} + +git archive --prefix=algorand-${FULLVERSION}/ "${TAG}" | gzip > ${PKG_ROOT}/algorand_${CHANNEL}_source_${FULLVERSION}.tar.gz # create *.sig gpg signatures cd ${PKG_ROOT} @@ -133,6 +152,21 @@ curl --silent http://169.254.169.254/latest/meta-data/ami-id >> "${STATUSFILE}" cat <<EOF>>"${STATUSFILE}" +go version: +EOF +go version >>"${STATUSFILE}" +cat <<EOF>>"${STATUSFILE}" + +go env: +EOF +go env >>"${STATUSFILE}" +cat <<EOF>>"${STATUSFILE}" + +build_env: +EOF +cat <${HOME}/build_env>>"${STATUSFILE}" +cat <<EOF>>"${STATUSFILE}" + dpkg-l: EOF dpkg -l >>"${STATUSFILE}" diff --git a/scripts/build_release_centos_docker.sh b/scripts/build_release_centos_docker.sh index e6f09fa01..773be3477 100644 --- a/scripts/build_release_centos_docker.sh +++ b/scripts/build_release_centos_docker.sh @@ -36,6 +36,8 @@ make ${GOPATH}/src/github.com/algorand/go-algorand/crypto/lib/libsodium.a make build +export NO_BUILD=1 + RPMTMP=$(mktemp -d 2>/dev/null || mktemp -d -t "rpmtmp") trap "rm -rf ${RPMTMP}" 0 scripts/build_rpm.sh ${RPMTMP} diff --git a/scripts/build_release_local.sh b/scripts/build_release_local.sh index 3e12a8783..e534ac57f 100644 --- a/scripts/build_release_local.sh +++ b/scripts/build_release_local.sh @@ -17,7 +17,7 @@ scp -p ${GOPATH}/src/github.com/algorand/go-algorand/scripts/build_release_setup # upload the latest public key GTMPDIR=$(mktemp -d 2>/dev/null || mktemp -d -t "rpmtmp") -gpg --export --armor -o "${GTMPDIR}/key.gpg" sa@algorand.com +gpg --export --armor -o "${GTMPDIR}/key.gpg" dev@algorand.com scp -p "${GTMPDIR}/key.gpg" "ubuntu@${TARGET}:~/key.gpg" rm -rf ${GTMPDIR} @@ -47,7 +47,8 @@ type some stuff # TODO: use simpler expression when we can rely on gpg 2.2 on ubuntu >= 18.04 #REMOTE_GPG_SOCKET=$(ssh ubuntu@${TARGET} gpgconf --list-dir agent-socket) -REMOTE_GPG_SOCKET=$(ssh ubuntu@${TARGET} "gpgconf --list-dirs|grep agent-socket|awk -F: '{ print \$2 }'") +#REMOTE_GPG_SOCKET=$(ssh ubuntu@${TARGET} "gpgconf --list-dirs|grep agent-socket|awk -F: '{ print \$2 }'") +REMOTE_GPG_SOCKET=$(ssh ubuntu@${TARGET} gpgbin/remote_gpg_socket) LOCAL_GPG_SOCKET=$(gpgconf --list-dir agent-extra-socket) ssh -A -R "${REMOTE_GPG_SOCKET}:${LOCAL_GPG_SOCKET}" ubuntu@${TARGET} diff --git a/scripts/build_release_setup.sh b/scripts/build_release_setup.sh index 9b52d5582..015922f97 100644 --- a/scripts/build_release_setup.sh +++ b/scripts/build_release_setup.sh @@ -37,6 +37,13 @@ fi mkdir -p ${HOME}/go mkdir -p ${HOME}/gpgbin +cat <<EOF>${HOME}/gpgbin/remote_gpg_socket +export GOPATH=\${HOME}/go +export PATH=\${HOME}/gpgbin:${GOPATH}/bin:/usr/local/go/bin:${PATH} +gpgconf --list-dirs|grep agent-socket|awk -F: '{ print \$2 }' +EOF +chmod +x ${HOME}/gpgbin/remote_gpg_socket + if [ "${DISTRIB_ID}" = "Ubuntu" ]; then if [ "${DISTRIB_RELEASE}" = "16.04" ]; then echo "WARNING: Ubuntu 16.04 is DEPRECATED" @@ -100,7 +107,7 @@ sg docker "docker pull centos:7" # Check out mkdir -p ${GOPATH}/src/github.com/algorand if [ ! -d "${GOPATH}/src/github.com/algorand/go-algorand/.git" ]; then - (cd ${GOPATH}/src/github.com/algorand && git clone "${GIT_REPO_PATH}") + (cd ${GOPATH}/src/github.com/algorand && git clone "${GIT_REPO_PATH}" go-algorand) fi cd ${GOPATH}/src/github.com/algorand/go-algorand git checkout "${GIT_CHECKOUT_LABEL}" @@ -116,6 +123,9 @@ fi cat<<EOF>> "${HOME}/.bashrc" export EDITOR=vi +EOF + +cat<<EOF>> "${HOME}/.profile" export GOPATH=\${HOME}/go export PATH=\${HOME}/gpgbin:\${GOPATH}/bin:/usr/local/go/bin:\${PATH} EOF diff --git a/scripts/build_rpm.sh b/scripts/build_rpm.sh index 2f2991524..1743008f1 100755 --- a/scripts/build_rpm.sh +++ b/scripts/build_rpm.sh @@ -11,6 +11,8 @@ if [ ! "$#" -eq 1 ]; then exit 1 fi +set -x + OUTDIR="$1" export GOPATH=$(go env GOPATH) |