Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

services/nomad/build/signing.nomad: move signing to xbps-legacy-sign #169

Merged
merged 6 commits into from
Oct 17, 2023
Merged

services/nomad/build/signing.nomad: move signing to xbps-legacy-sign #169

merged 6 commits into from
Oct 17, 2023

Conversation

classabbyamp
Copy link
Member

No description provided.

the-maldridge
the-maldridge requested changes Aug 13, 2023
View reviewed changes
services/nomad/build/signing.nomad Outdated Show resolved Hide resolved
services/nomad/build/build-rsyncd.nomad Outdated Show resolved Hide resolved
@classabbyamp classabbyamp force-pushed the legacy-sign branch 3 times, most recently from 6853b65 to 8fba605 Compare August 13, 2023 20:46
classabbyamp
classabbyamp commented Aug 13, 2023
View reviewed changes
Copy link
Member Author

@classabbyamp classabbyamp left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

some notes

also, buildsync-dist could maybe be added to using rsyncd but i grok it less

services/nomad/build/build-rsyncd.nomad Outdated Show resolved Hide resolved
services/nomad/build/buildsync-watch Outdated Show resolved Hide resolved
services/nomad/build/buildsync-watch Outdated Show resolved Hide resolved
@classabbyamp classabbyamp marked this pull request as ready for review August 13, 2023 20:48
@classabbyamp classabbyamp force-pushed the legacy-sign branch 5 times, most recently from 6181323 to e28cad8 Compare August 14, 2023 01:34
the-maldridge
the-maldridge requested changes Aug 14, 2023
View reviewed changes
services/nomad/build/build-rsyncd.nomad Show resolved Hide resolved
services/nomad/build/buildsync-aarch64.nomad Outdated Show resolved Hide resolved
services/nomad/build/buildsync-aarch64.nomad Outdated Show resolved Hide resolved
services/nomad/build/buildsync-musl.nomad Outdated Show resolved Hide resolved
services/nomad/build/buildsync-musl.nomad Outdated Show resolved Hide resolved
services/pkg/docker-bake.hcl Outdated Show resolved Hide resolved
services/pkg/lsyncd/Dockerfile Outdated Show resolved Hide resolved
@classabbyamp classabbyamp mentioned this pull request Aug 14, 2023
Merged
@classabbyamp classabbyamp force-pushed the legacy-sign branch 2 times, most recently from fe42ffd to e005811 Compare August 14, 2023 05:02
@the-maldridge the-maldridge reopened this Aug 15, 2023
@the-maldridge
Copy link
Member

Here are the remaining patches that I added to deploy this successfully. As to why its not attached, that would be because github, a source code hosting site, does not support patch files...

From 7472296e2ecd1412d510c8bd4dc4d87fb03cffc1 Mon Sep 17 00:00:00 2001
From: Michael Aldridge <[email protected]>
Date: Wed, 16 Aug 2023 14:42:42 -0500
Subject: [PATCH] outstanding-patches


diff --git a/services/nomad/build/build-rsyncd.nomad b/services/nomad/build/build-rsyncd.nomad
index cb0fd35..55490a2 100644
--- a/services/nomad/build/build-rsyncd.nomad
+++ b/services/nomad/build/build-rsyncd.nomad
@@ -26,7 +26,7 @@ job "build-rsyncd" {
       driver = "docker"
 
       config {
-        image = "ghcr.io/void-linux/infra-rsync:20230812"
+        image = "ghcr.io/void-linux/infra-rsync:20230815"
         volumes = [ "local/buildsync.conf:/etc/rsyncd.conf.d/buildsync.conf" ]
       }
 
@@ -45,11 +45,14 @@ job "build-rsyncd" {
         data = <<EOF
 [pkgs]
 path = /pkgs
+uid = 992
+gid = 991
 read only = no
 list = yes
 transfer logging = true
 timeout = 600
-filter = + */ + *-repodata + otime + *.xbps - * - .*
+incoming chmod = D0755,F0644
+filter = + */ + *-repodata + otime + *.xbps - *.sig - *.sig2 - *-repodata.* - *-stagedata.* - .*
 post-xfer exec = /local/xbps-clean-sigs
 EOF
         destination = "local/buildsync.conf"
diff --git a/services/nomad/build/buildsync-musl.nomad b/services/nomad/build/buildsync-musl.nomad
index e6ac7ea..108a22d 100644
--- a/services/nomad/build/buildsync-musl.nomad
+++ b/services/nomad/build/buildsync-musl.nomad
@@ -7,7 +7,7 @@ job "buildsync-musl" {
     count = 1
     network { mode = "bridge" }
 
-    volume "hostdir" {
+    volume "musl_hostdir" {
       type = "host"
       source = "musl_hostdir"
       read_only = true
-- 
2.41.0

@classabbyamp
Copy link
Member Author

thanks, rebased

@classabbyamp classabbyamp force-pushed the legacy-sign branch 4 times, most recently from 36a3c31 to 343cf20 Compare August 18, 2023 22:27
@classabbyamp
services/nomad/build/signing.nomad: move signing to xbps-legacy-sign
74580c0
@classabbyamp
services/nomad/build/build-rsyncd.nomad: run an rsyncd for buildsync
0d1a8b8 
this allows the builders to push packages to the glibc builder and run
xbps-sign-repos after each transfer. xbps-sign-repos also now only adds
the key to the repodata and cleans old signatures
@classabbyamp
services/nomad/build/buildsync-{aarch64,musl}.nomad: use lsyncd
1627a24 
instead of a cron job, use lsyncd to trigger rsync jobs. This should also
push to the glibc builder now, instead of the glibc builder pulling from
the other builders
@classabbyamp
services/nomad/build: move shadow repo to a-fsn-de, secure rsync
386db1c 
- buildsync-dist is no longer needed
- lsyncd now syncs sources and packages from aarch64 and musl
- build-rsyncd is now split into multiple rsync modules, with specific
  access perms
@classabbyamp
services/nomad/mirror/sync.nomad: shadow mirror is moved
c82d7b2
@classabbyamp
services/nomad/build/buildsync*.nomad: combine
e5a9074
@the-maldridge the-maldridge merged commit 4a59ec8 into void-linux:master Oct 17, 2023
@classabbyamp classabbyamp deleted the legacy-sign branch October 22, 2023 23:43
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@the-maldridge the-maldridge the-maldridge approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@classabbyamp @the-maldridge