Merge branch 'add-deb-and-rpm-repos' into 'main'

Publish generic deb and rpm repos. See merge request nvidia/container-toolkit/container-toolkit!460
2025-03-24 14:41:16 +00:00 · 2023-08-10 13:35:12 +00:00 · 2023-08-10 13:35:12 +00:00 · 37ac294a11
commit 37ac294a11
parent 22d7b52a58 0d862efa9c
2 changed files with 98 additions and 81 deletions
--- a/scripts/packages-sign-all.sh
+++ b/scripts/packages-sign-all.sh
@ -8,56 +8,60 @@
 set -x -e

 function deb-sign {
-	local last_found
-	for r in "$@"; do
-		if [ -f "./${r}" ]; then
-			last_found=${r}
-		fi
-	done
-	if [[ -z ${last_found} ]]; then
-		echo "WARNING: No expected package found in $(pwd); skipping signing of repo;"
-		return
-	fi
-	apt-ftparchive packages . \
-		| tee Packages \
-		| xz > Packages.xz
-	apt-ftparchive -c repo.conf release . \
-		| gpg --batch --yes --expert --clearsign \
-			--armor \
-			--no-emit-version \
-			--no-comments \
-			--personal-digest-preferences sha512 \
-			--local-user "${GPG_LOCAL_USER}" \
-		> InRelease
+    local last_found
+    for r in "$@"; do
+        if [ -f "./${r}" ]; then
+            last_found=${r}
+        fi
+    done
+    if [[ -z ${last_found} ]]; then
+        echo "WARNING: No expected package found in $(pwd); skipping signing of repo;"
+        return
+    fi
+    apt-ftparchive packages . \
+        | tee Packages \
+        | xz > Packages.xz
+    apt-ftparchive -c repo.conf release . \
+        | gpg --batch --yes --expert --clearsign \
+            --armor \
+            --no-emit-version \
+            --no-comments \
+            --personal-digest-preferences sha512 \
+            --local-user "${GPG_LOCAL_USER}" \
+        > InRelease
 }

 function rpm-sign {
-	for r in "$@"; do
-		if [ -f "./${r}" ]; then
-			rpmsign --addsign --key-id A04EA552 --digest-algo=sha512 "${r}"
-		fi
-	done
-	createrepo -v --no-database -s sha512 --compress-type xz --revision "1.0" .
-	gpg2 --batch --yes --expert --sign --detach-sign \
-		--armor \
-		--no-emit-version \
-		--no-comments --personal-digest-preferences sha512 \
-		--local-user "${GPG_LOCAL_USER}" \
-	repodata/repomd.xml
+    for r in "$@"; do
+        if [ -f "./${r}" ]; then
+            rpmsign --addsign --key-id A04EA552 --digest-algo=sha512 "${r}"
+        fi
+    done
+    createrepo -v --no-database -s sha512 --compress-type xz --revision "1.0" .
+    gpg2 --batch --yes --expert --sign --detach-sign \
+        --armor \
+        --no-emit-version \
+        --no-comments --personal-digest-preferences sha512 \
+        --local-user "${GPG_LOCAL_USER}" \
+    repodata/repomd.xml
 }

 function sign() {
-	local target=$1
+    local target=$1
    local dst_root=$2
+    local by_package_type=$3

-	local src_dist=${target%-*}
-    local dist=${src_dist/amazonlinux/amzn}
+    local src_dist=${target%-*}
+    local dst_dist=${src_dist/amazonlinux/amzn}
+
+    local pkg_type=unknown
+    local arch=${target##*-}
+    local dst_arch=${arch}

-	local pkg_type
    case ${src_dist} in
    amazonlinux*) pkg_type=rpm
        ;;
-    centos*) pkg_type=rpm
+    centos* | rpm) pkg_type=rpm
        ;;
    debian*) pkg_type=deb
        ;;
@ -65,33 +69,47 @@ function sign() {
        ;;
    opensuse-leap*) pkg_type=rpm
        ;;
-    ubuntu*) pkg_type=deb
+    ubuntu* | deb) pkg_type=deb
+        arch=${arch//ppc64le/ppc64el}
        ;;
    *) echo "ERROR: unexpected distribution ${src_dist}"
        ;;
    esac

-    local arch=${target##*-}
-    case ${src_dist} in
-    ubuntu*) arch=${arch//ppc64le/ppc64el}
-    esac
+    if [[ x"${by_package_type}" == x"true" ]]; then
+        dst_dist=${pkg_type}
+    fi

-    local dst=${dst_root}/${dist}/${arch}
+    local dst=${dst_root}/${dst_dist}/${arch}

-	if [[ ! -d ${dst} ]]; then
-		echo "Directory ${dst} not found. Skipping"
-		return
-	fi
+    if [[ ! -d ${dst} ]]; then
+        echo "Directory ${dst} not found. Skipping"
+        return
+    fi

-	cd "${dst}"
-	if [[ -f "/etc/debian_version" ]]; then
-		[[ "${pkg_type}" == "deb" ]] && deb-sign ${ALL_DEBS}
-	else
-		[[ "${pkg_type}" == "rpm" ]] && rpm-sign ${ALL_RPMS}
-	fi
-	cd -
+    cd "${dst}"
+    if [[ -f "/etc/debian_version" ]]; then
+        [[ "${pkg_type}" == "deb" ]] && deb-sign ${ALL_DEBS}
+    else
+        [[ "${pkg_type}" == "rpm" ]] && rpm-sign ${ALL_RPMS}
+    fi
+    cd -
 }

 for target in ${TARGETS[@]}; do
-    sign "${target}" "$(pwd)"
+    echo "checking target=${target}"
+    by_package_type=
+    case ${target} in
+    ubuntu18.04-* | centos7-*)
+        by_package_type="true"
+        ;;
+    centos8-ppc64le)
+        by_package_type="false"
+        ;;
+    *)
+        echo "Skipping target ${target}"
+        continue
+        ;;
+    esac
+    sign "${target}" "$(pwd)" ${by_package_type}
 done
--- a/scripts/release-packages.sh
+++ b/scripts/release-packages.sh
@ -48,7 +48,7 @@ SHA=$(git rev-parse --short=8 ${REFERENCE})
 IMAGE_NAME="registry.gitlab.com/nvidia/container-toolkit/container-toolkit/staging/container-toolkit"
 IMAGE_TAG=${SHA}-packaging

-VERSION="$(get_version_from_image ${IMAGE_NAME}:${IMAGE_TAG} ${SHA})"
+: ${VERSION:="$(get_version_from_image ${IMAGE_NAME}:${IMAGE_TAG} ${SHA})"}

 REPO="experimental"
 if [[ ${VERSION/rc./} == ${VERSION} ]]; then
@ -83,11 +83,15 @@ function sync() {
    local target=$1
    local src_root=$2
    local dst_root=$3
+    local by_package_type=$4

    local src_dist=${target%-*}
    local dst_dist=${src_dist/amazonlinux/amzn}

-    local pkg_type
+    local pkg_type=unknown
+    local arch=${target##*-}
+    local dst_arch=${arch}
+
    case ${src_dist} in
    amazonlinux*) pkg_type=rpm
        ;;
@ -100,28 +104,17 @@ function sync() {
    opensuse-leap*) pkg_type=rpm
        ;;
    ubuntu*) pkg_type=deb
+        dst_arch=${arch//ppc64le/ppc64el}
        ;;
    *) echo "ERROR: unexpected distribution ${src_dist}"
       exit 1
        ;;
    esac

-    if [[ $# -ge 4 && $4 == "package_type" ]] ; then
-        if [[ "${src_dist}" != "ubuntu18.04" && "${src_dist}" != "centos7" ]]; then
-            echo "Package type repos require ubuntu18.04 or centos7 as the source"
-            echo "skipping"
-            return
-        fi
-        dst_dist=$pkg_type
+    if [[ x"${by_package_type}" == x"true" ]]; then
+        dst_dist=${pkg_type}
    fi

-
-    local arch=${target##*-}
-    local dst_arch=${arch}
-    case ${src_dist} in
-    ubuntu*) dst_arch=${arch//ppc64le/ppc64el}
-    esac
-
    local src=${src_root}/${src_dist}/${arch}
    local dst=${dst_root}/${dst_dist}/${dst_arch}

@ -173,20 +166,27 @@ if [[ x"${_current_branch}" != x"gh-pages" ]]; then
 fi

 : ${UPSTREAM_REMOTE:="origin"}
-_remote_name=$( git remote -v | grep "git@gitlab.com:nvidia/container-toolkit/libnvidia-container.git (push)" | cut -d$'\t' -f1 )
-if [[ x"${_remote_name}" != x"${UPSTREAM_REMOTE}" ]]; then
-    echo "Identified ${_remote_name} as git@gitlab.com:nvidia/container-toolkit/libnvidia-container.git remote."
-    echo "Set UPSTREAM_REMOTE=${_remote_name} instead of ${UPSTREAM_REMOTE}"
-fi

 : ${UPSTREAM_REFERENCE:="${UPSTREAM_REMOTE}/gh-pages"}
 git -C ${PACKAGE_REPO_ROOT} reset --hard ${UPSTREAM_REFERENCE}
 git -C ${PACKAGE_REPO_ROOT} clean -fdx ${REPO}

 for target in ${targets[@]}; do
-    sync ${target} ${PACKAGE_CACHE}/packages ${PACKAGE_REPO_ROOT}/${REPO}
-    # We also create a `package_type` repo; internally we skip this for non-ubuntu18.04 or centos7 distributions
-    sync ${target} ${PACKAGE_CACHE}/packages ${PACKAGE_REPO_ROOT}/${REPO} "package_type"
+    echo "checking target=${target}"
+    by_package_type=
+    case ${target} in
+    ubuntu18.04-* | centos7-*)
+        by_package_type="true"
+        ;;
+    centos8-ppc64le)
+        by_package_type="false"
+        ;;
+    *)
+        echo "Skipping target ${target}"
+        continue
+        ;;
+    esac
+    sync ${target} ${PACKAGE_CACHE}/packages ${PACKAGE_REPO_ROOT}/${REPO} ${by_package_type}
 done

 git -C ${PACKAGE_REPO_ROOT} add ${REPO}
@ -237,7 +237,6 @@ function sign() {
        gpg --import /keys/sub.key;
        /helpers/packages-sign-all.sh;
        "
-
 }

 sign deb