Initial commit - move scripts into new release/ dir#690
Initial commit - move scripts into new release/ dir#690btoll wants to merge 3 commits intoalgorand:masterfrom
Conversation
There was a problem hiding this comment.
why ? doesn't make build creates that automatically ?
There was a problem hiding this comment.
I'll have to check with Brian to see if there's a reason to build this.
There was a problem hiding this comment.
this shouldn't be necessary, here and a couple other places, make build should take care of building libsodium, but I guess at one point in the past this worked around a finicky build. Probably we should try without it and see if we don't need it and maybe this time we can take the time to fix it right, or comment here why it's a good workaround
There was a problem hiding this comment.
Brian is correct. At some point in the past it was needed.
Today, assuming that you're building on a clean environment every time, there shouldn't be a need to do that. ( but please do correct me if I'm wrong )
There was a problem hiding this comment.
I've found that if I don't include this right before we make the rpm package that it won't build.
For example, if I comment out the code here:
# definitely rebuild libsodium which could link to external C libraries
#if [ -f ${REPO_DIR}/crypto/libsodium-fork/Makefile ]; then
# (cd ${REPO_DIR}/crypto/libsodium-fork && make distclean)
#fi
#rm -rf ${REPO_DIR}/crypto/lib
#make crypto/lib/libsodium.a
make build
RPMTMP=$(mktemp -d 2>/dev/null || mktemp -d -t "rpmtmp")
trap 'rm -rf ${RPMTMP}' 0
"${REPO_DIR}/scripts/release/helper/build_rpm.sh" "${RPMTMP}"
I get the following build errors:
crypto/lib/libsodium.a(libsodium_la-utils.o): In function `explicit_bzero':
/usr/include/x86_64-linux-gnu/bits/string_fortified.h:83: undefined reference to `__explicit_bzero_chk'
/usr/include/x86_64-linux-gnu/bits/string_fortified.h:83: undefined reference to `__explicit_bzero_chk'
/usr/include/x86_64-linux-gnu/bits/string_fortified.h:83: undefined reference to `__explicit_bzero_chk'
collect2: error: ld returned 1 exit status
make: *** [buildsrc] Error 2
build_release done packaging centos 20200108_033715
There was a problem hiding this comment.
ok, inside the rpm build inside the centos docker container I know we need the cleanup lines. The outer ubuntu build and the inner centos build are using the same checkout to ensure they have exactly the same source version. (We might be able to get rid of the entire 'centos build' now, we should do testing that current builds built on ubuntu18 run on ubuntu16 and centos7; this should work because of Tsachi's changes to make the build fully static)
The question I had about the build scripts was can we just skip the line make crypto/lib/libsodium.a that shows up in a few places.
There was a problem hiding this comment.
I think that you're missing set -e here.
There was a problem hiding this comment.
also, in the case of this script you also want set the option so that and error on one pipe would break the entire command.
There was a problem hiding this comment.
I'll add the set -e. I'm afraid I didn't understand your second comment.
There was a problem hiding this comment.
it's ok for now, but I would prefer to move this away from S3 and into github.
( like the reminder of our build sources ).
There was a problem hiding this comment.
Ok, I'll either move this iteration or make a note to do so.
There was a problem hiding this comment.
I built that compilation of gpg for centos. Centos7 ships with a version that is too old. I statically compiled a gpg that we can unpack into Centos7 and run. S3 is the right place for that archive.
There was a problem hiding this comment.
is there any particular reason you're not using
GOPATH=$(go env GOPATH)
export GOPATH
?
There was a problem hiding this comment.
I remember at one point that it couldn't find the go binary and so I manually set it to keep moving. I'll revisit this.
tsachiherman
left a comment
tsachiherman
left a comment
There was a problem hiding this comment.
could you move the files build.sh, package.sh and sign.sh, which are executed by the dynamically invoked host, to a sub-directory ? I'd like to create a separation between the "jenkins server" that is used to "orchestrate" the process and the actual running agent, which is building it.
btoll
force-pushed
the
build_release
branch
2 times, most recently
from
7fb2f27 to
569170b
Compare
btoll
left a comment
btoll
left a comment
There was a problem hiding this comment.
could you move the files build.sh, package.sh and sign.sh, which are executed by the dynamically invoked host, to a sub-directory ? I'd like to create a separation between the "jenkins server" that is used to "orchestrate" the process and the actual running agent, which is building it.
Yes, I'll do as you suggest.
btoll
force-pushed
the
build_release
branch
4 times, most recently
from
89df002 to
08b685f
Compare
Most significantly, move the following files into a subdirectory to emphasize a separation between Jenkins master controller and any build agents: - build.sh - package.sh - setup.sh - sign.sh Separated the `build and package` stage into its own parts.
algobolson
left a comment
algobolson
left a comment
There was a problem hiding this comment.
I should read the scripts in more detail. A couple early comments.
| stages { | ||
| stage("create ec2 instance") { | ||
| steps { | ||
| sh script: 'scripts/release/start_ec2_instance.sh us-west-1 ami-0dd655843c87b6930 t2.2xlarge' |
There was a problem hiding this comment.
what is that ami? comment how it was picked and when? Like, it's the "us-west-1 ubuntu 18.04 as of 2019-12-27" or so.
|
|
||
| ## TODO | ||
|
|
||
| Create the git tag. |
There was a problem hiding this comment.
Disagree. I think tagging should remain a manual process. Then the build system picks that up. We decide "this is 2.1.42" and then the build system builds it.
There was a problem hiding this comment.
Sure, I have no problem with that.
| } | ||
|
|
||
| /* | ||
| stage("tag") { |
There was a problem hiding this comment.
If you want to have a "push button" tag, you can use an "input":
https://jenkins.io/doc/pipeline/steps/pipeline-input-step/
I think that we probably want to reverse this though, and only run the job for tagged commits.
There was a problem hiding this comment.
That make sense. The workflow can be manually create a tag, then input that to Jenkins to pass to the build agent.
Yes, I'm already using the input step for both pausing the build and getting user input.
|
For each file that was copied scripts/* to scripts/release/... could you delete the original? git will hopefully detect that as a move and show the diff from the old version to the new version along with the move. |
Yes, I wanted to keep them around just in case. Once everything looks good, I'll remove them. |
|
Closing in favor of #698 |
4 participants
See the README