Opened 7 years ago

Closed 7 years ago

#6390 closed task (fixed)

Request for Fedora 17 virtual machine or chroot for RPM builds under tpo's control

Reported by: hiviah Owned by:
Priority: Medium Milestone:
Component: Internal Services/Tor Sysadmin Team Version:
Severity: Keywords:
Cc: weasel Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

I'd like to revive the official RPM builds that stopped few months ago.

Target distros/platforms:

  • Fedora 16/17 i686/x86_64
  • EL 5/6 i686/x86_64

Requirements for the VM/chroot:

  • I need root account to be able to install/update/configure packages
  • unshare() syscall must be functional (e.g. OpenVZ has this problem, "unshare -m /bin/bash" will fail with operation-not-permitted even under root)
  • 20-30 GB disk space; 20 GB is minimum, 30 GB is ideal
  • some minimal Fedora netinstall would be enough, I'll setup the rest

Ticket#6043:comment:9 has few patches and short description of the build process (it's via "mock" tool, which is in turn "rpmbuild with chroots").

Child Tickets

Change History (3)

comment:1 Changed 7 years ago by hiviah

Rough overview of the proposed deployment of RPM builds:

  1. cron script checks for new tags in git, verifies tag signature
  2. for every target package architecture: build, install in chroot, test if basic things like check.torproject.org work via curl/SOCKS5
  3. Notify maintainer (me,...) about success/failure, maintainer signs rpms offline
  4. Working singed rpms are uploaded to tpo web (script also does cleanup of very old packages)
  5. If anything broke, maintainer fixes it, pushes to a repo like git.tpo/rpm/tor.git, requests pull/merge

It would be probably a good idea to make the rpm build "similar" to deb build (at least for consistency sake and integration with nagios/etc).

comment:2 Changed 7 years ago by weasel

Ok, I set up a VM. Do you have a torproject.org ldap account yet?

comment:3 Changed 7 years ago by weasel

Resolution: fixed
Status: newclosed

There is feddei.torproject.org, and you should have access.

In your .ssh/config, you might want something like that:

Host feddei.torproject.org

ProxyCommand ssh perdulce.torproject.org nc -q1 %h 22

(or use ssh's -W over netcat if it's new enough)

Note: See TracTickets for help on using tickets.