Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision 		Previous revision
Last revision Both sides next revision
gitlab_to_aptly [2021/05/29 15:05]
okias update 		gitlab_to_aptly [2021/05/29 19:04]
okias [Aptly]
Line 1: Line 1:
 ====== Creating repository from automated Debian Salsa builds ====== ====== Creating repository from automated Debian Salsa builds ======
 +{{ :salsa_to_aptly.png |}}
 ===== Motivation ===== ===== Motivation =====
  
 I'm not an Debian maintainer. Nor I want to be in future. I'm not an Debian maintainer. Nor I want to be in future.
-My reasons to do all this is that:+My reasons to do all this is:
   - I want some specific software to be packaged for Debian   - I want some specific software to be packaged for Debian
-  - when I update packaging on salsa.debian.org I want to have available package for computers and phones +  - when I update packaging on salsa.debian.org I want to have available package for my devices 
-  - I don't want to bother myself downloading packages from Salsa CI manually or compiling them again on the devices+  - I don't want to bother with downloading packages from Salsa CI manually or compiling them again on these devices
   - I want also others to be able use my packages   - I want also others to be able use my packages
  
 These reasons motivated me to look into [[salsa.debian.org/|Salsa]], [[https://docs.gitlab.com/ee/api/|GitLab API]] and [[https://www.aptly.info/tutorial/|Aptly]] deployment. These reasons motivated me to look into [[salsa.debian.org/|Salsa]], [[https://docs.gitlab.com/ee/api/|GitLab API]] and [[https://www.aptly.info/tutorial/|Aptly]] deployment.
  
-===== Predispozition ===== +==== Advantages ==== 
-  - You have correctly setup Salsa CI (including debian/salsa-ci.yml and Gitlab settings) +   * package build process is handled by salsa, no need to worry about it 
-  - you didn't disabled build for the architecture you planing to distribute+   * ecologic - it's build only once 
 + 
 +==== Disadvantages ==== 
 +   * no control about build process than offered by salsa-ci.yml configuration file 
 + 
 +===== Predisposition ===== 
 +  - You did correctly setup **debian/salsa-ci.yml** and Gitlab settings ([[https://debconf19.debconf.org/talks/148-salsa-ci-debian-pipeline-for-developers/|Debconf19 talk about Salsa CI]]
 +  - you build for achitectures you'll be distributing with aptly
  
-You can take [[https://salsa.debian.org/okias-guest/]] as an example.+You can look at project configuration of [[https://salsa.debian.org/okias-guest/]] as an example.
  
 ===== Where to start ===== ===== Where to start =====
Line 27: Line 34:
  
 Then it's a time to create user and generate your repository replated GPG key. Then it's a time to create user and generate your repository replated GPG key.
 +==== Aptly ====
 <code> <code>
 useradd -m repo && export USER=repo # create user repo useradd -m repo && export USER=repo # create user repo
Line 59: Line 66:
 TOKEN= # watch https://www.youtube.com/watch?v=0LsMC3ZiXkA TOKEN= # watch https://www.youtube.com/watch?v=0LsMC3ZiXkA
  
-ARCHS="arm64 amd64" +ARCHS="amd64" 
-JOBS="build build\ arm64" # jobs must match to build == amd64;+JOBS="build" # jobs must match to build == amd64;
  
 ARTIF_UNPACK=debian/output ARTIF_UNPACK=debian/output
Line 97: Line 104:
 get_artifacts() { get_artifacts() {
         for job in $JOBS; do         for job in $JOBS; do
-        curl -o ${id}_${job}.zip -H 'Accept: application/json' -H "Authorization: Bearer ${TOKEN}" "https://salsa.debian.org/api/v4/projects/${id}/jobs/artifacts/debian/latest/download?job=${job}" && \+                BRANCH="debian/latest"         
 +        curl -o ${id}_${job}.zip -H 'Accept: application/json' -H "Authorization: Bearer ${TOKEN}" "https://salsa.debian.org/api/v4/projects/${id}/jobs/artifacts/${BRANCH}/download?job=${job}" && \
                 unzip ${id}_${job}.zip && \                 unzip ${id}_${job}.zip && \
                 rm ${id}_${job}.zip && \                 rm ${id}_${job}.zip && \
Line 114: Line 122:
         aptly repo add ${REPO_NAME} ${ARTIF_UNPACK} # add files         aptly repo add ${REPO_NAME} ${ARTIF_UNPACK} # add files
  aptly publish drop unstable # first we get rid of previously published repo  aptly publish drop unstable # first we get rid of previously published repo
-        aptly publish repo -batch -architectures ${ARCHS} -distribution unstable ${REPO_NAME}+ APTLY_ARCHS=`echo $ARCHS | tr " " ,` 
 + aptly publish repo -batch -architectures "${APTLY_ARCHS}-distribution unstable ${REPO_NAME}
 } }
  
Line 122: Line 131:
  
 </code> </code>
 +
 +==== Nginx ====
  
 Test script with <code>sudo -u $USER ./gitlab_to_aptly.sh</code>, if your /home/$USER/.aptly/public is populated, prepare nginx configuration. This configuration may differ a lot from your use. I'm assuming you have SSL configured (ssl.conf) and SSL certificates in place. Test script with <code>sudo -u $USER ./gitlab_to_aptly.sh</code>, if your /home/$USER/.aptly/public is populated, prepare nginx configuration. This configuration may differ a lot from your use. I'm assuming you have SSL configured (ssl.conf) and SSL certificates in place.
Line 141: Line 152:
  
 systemctl reload nginx and check URL, if you see the repository. systemctl reload nginx and check URL, if you see the repository.
 +
 +==== Testing it ====
  
 In that case, you can try add it to the first device. Replace ixit with your repository name: In that case, you can try add it to the first device. Replace ixit with your repository name:
Line 150: Line 163:
 </code> </code>
 now you can install package you desire and test. now you can install package you desire and test.
 +
 +==== Repository refreshing ====
  
 Most likely, you'll want to regenerate your repository at least every hour. Most likely, you'll want to regenerate your repository at least every hour.