blob: f4710bdeaf0588556e8f591a2a0b098c5a373843 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
|
#!/bin/bash
BINHOST_NAME=amd64/17.1/x86-64
_BINHOST_NAME=$(echo ${BINHOST_NAME}|sed -e 's:/:_:g')
TMPFILE="/root/.tmp-binhost-${_BINHOST_NAME}-update-$(date +%s)"
LOCKFILE="/root/.tmp-binhost-${_BINHOST_NAME}-lock"
EMAIL_FROM=binhost@milou.amd64.dev.gentoo.org
EMAIL_TO=gentoo-binhost-autobuilds@lists.gentoo.org
NSPAWN_NAMES="binhost-amd64-x86-64-kde binhost-amd64-x86-64-gnome binhost-amd64-x86-64-openrc binhost-amd64-x86-64-server binhost-amd64-x86-64-v3-kde binhost-amd64-x86-64-v3-gnome binhost-amd64-x86-64-v3-openrc binhost-amd64-x86-64-v3-server"
UPLOAD_USER=amd64
UPLOAD_KEY=/root/.ssh/id_ed25519
TMPFS_SIZE=48
send_email() {
local subject="[binhost ${BINHOST_NAME}] $1"
local message=$2
local logfile=$3
local body
if [ -n "${logfile}" ]; then
body=$(printf '%b\n\n\n' "${message}"; tail -n 500 "${logfile}"; printf '\n\n\nFull build log at %s\n' "${logfile}")
else
body=${message}
fi
printf 'From: %s\r\nTo: %s\r\nSubject: %s\r\n\r\n%b' \
"${EMAIL_FROM}" "${EMAIL_TO}" "${subject}" "${body}" | \
/usr/sbin/sendmail -f "${EMAIL_FROM}" ${EMAIL_TO//,/ }
}
upsync_binpackages() {
# parameter 1: a PKGDIR on the local host
# parameter 2: the target dir in the mirroring system, should be of the
# form arch/profileversion/name (e.g., amd64/17.0/x32 )
echo Upsyncing binpackages from $1 to $2
local SSH_CMD=(
ssh
-i ${UPLOAD_KEY}
-o UserKnownHostsFile=/dev/null
-o VerifyHostKeyDNS=yes
-o StrictHostKeyChecking=no
-o IPQoS=cs0
)
local RSYNC_OPTS=(
-e "${SSH_CMD[*]}"
--archive
--delete
--delete-after
--omit-dir-times
--delay-updates
--mkpath
--stats
)
rsync "${RSYNC_OPTS[@]}" "$1"/* "${UPLOAD_USER}@releng-incoming.gentoo.org:/release/weekly/binpackages/$2/"
}
verify_dnssec() {
which dig >/dev/null || {
echo "net-dns/bind-tools is needed to verify DNSSEC is working"
exit 1
}
if ! dig +noall +comments dev.gentoo.org. IN SSHFP | egrep -q '^;; flags: [ a-z]+\<ad\>'; then
echo "DNSSEC does not appear to be working. Bailing out"
exit 1
fi
if ! grep -q '^options\>.*\<edns0\>' /etc/resolv.conf; then
echo "DNSSEC is not enabled in /etc/resolv.conf"
exit 1
fi
}
if [[ -f ${LOCKFILE} ]] ; then
echo "lockfile ${LOCKFILE} exists, aborting"
exit 111
fi
touch ${LOCKFILE} || exit 112
verify_dnssec
echo Starting run at $(date -u) > ${TMPFILE}
echo Syncing host &>> ${TMPFILE}
emerge --sync -q &>> ${TMPFILE}
anyfail=0
for n in ${NSPAWN_NAMES} ; do
echo Machine ${n} &>> ${TMPFILE}
echo &>> ${TMPFILE}
cd /var/lib/machines/${n}/etc/binhost &>> ${TMPFILE}
git reset --hard &>> ${TMPFILE}
git pull &>> ${TMPFILE}
cd /root &>> ${TMPFILE}
systemd-nspawn --bind /var/cache/distfiles --bind-ro /var/db/repos/gentoo --tmpfs=/var/tmp:mode=1777,size=${TMPFS_SIZE}g -M ${n} /root/bin/run-update &>> ${TMPFILE}
let "anyfail+=$?"
done
upsync_binpackages /var/lib/machines/binhost-amd64-x86-64-kde/var/cache/binpkgs amd64/17.1/x86-64 &>> ${TMPFILE}
upsync_binpackages /var/lib/machines/binhost-amd64-x86-64-v3-kde/var/cache/binpkgs amd64/17.1/x86-64-v3 &>> ${TMPFILE}
if [[ ${anyfail} -gt 0 ]] ; then
send_email "Update failed" "Binhost ${BINHOST_NAME} update failed in at least one nspawn" ${TMPFILE}
fi
rm ${LOCKFILE}
|
GitWeb