mirror of
https://github.com/freedomofpress/dangerzone.git
synced 2025-05-04 20:51:49 +02:00
1daaafe2a3
Introduce a script for installing Podman in Ubuntu Focal, in environments that may, or may not, have sudo installed. Also, update our CircleCI configuration to use this script when installing Podman.
365 lines
10 KiB
YAML
365 lines
10 KiB
YAML
version: 2.1
|
|
|
|
aliases:
|
|
- &provide-podman
|
|
name: Provide Podman in Ubuntu Focal
|
|
command: ./install/linux/install-podman-ubuntu-focal.sh --repo-only
|
|
|
|
- &install-podman
|
|
name: Install Podman in Ubuntu Focal
|
|
command: ./install/linux/install-podman-ubuntu-focal.sh
|
|
|
|
- &install-dependencies-deb
|
|
name: Install dependencies (deb)
|
|
command: |
|
|
export DEBIAN_FRONTEND=noninteractive DEBCONF_NONINTERACTIVE_SEEN=true
|
|
apt-get update
|
|
apt-get install -y git ssh podman python-all dh-python python3 python3-stdeb python3-pyside2.qtcore python3-pyside2.qtgui python3-pyside2.qtwidgets python3-appdirs python3-click python3-xdg python3-colorama
|
|
|
|
- &install-dependencies-rpm
|
|
name: Install dependencies (rpm)
|
|
command: |
|
|
dnf install -y podman git openssh make automake gcc gcc-c++ rpm-build python3-setuptools python3-pyside2 python3-appdirs python3-click python3-pyxdg python3-colorama
|
|
|
|
- &build-deb
|
|
name: Build the .deb package
|
|
command: |
|
|
./install/linux/build-deb.py
|
|
ls -lh deb_dist/
|
|
|
|
- &build-rpm
|
|
name: Build the .rpm package
|
|
command: |
|
|
./install/linux/build-rpm.py
|
|
ls -lh dist/
|
|
|
|
- &restore-cache
|
|
key: v1-{{ checksum "container/Dockerfile" }}-{{ checksum "container/dangerzone.py" }}
|
|
paths:
|
|
- /caches/container.tar.gz
|
|
- /caches/image-id.txt
|
|
|
|
- ©-image
|
|
name: Copy container image into package
|
|
command: |
|
|
cp /caches/container.tar.gz share/
|
|
cp /caches/image-id.txt share/
|
|
|
|
- &deploy-packagecloud
|
|
command: |
|
|
VERSION=$(cat share/version.txt)
|
|
echo "PACKAGE_TYPE is ${PACKAGE_TYPE}"
|
|
echo "PACKAGECLOUD_DISTRO is ${PACKAGECLOUD_DISTRO}"
|
|
echo "VERSION is ${VERSION}"
|
|
echo ""
|
|
|
|
if [[ "${PACKAGE_TYPE}" == "deb" ]]; then
|
|
echo "pushing: deb_dist/dangerzone_${VERSION}-1_all.deb"
|
|
package_cloud push "firstlookmedia/code/${PACKAGECLOUD_DISTRO}" "deb_dist/dangerzone_${VERSION}-1_all.deb"
|
|
echo ""
|
|
echo "pushing: deb_dist/dangerzone_${VERSION}-1.dsc"
|
|
package_cloud push "firstlookmedia/code/${PACKAGECLOUD_DISTRO}" "deb_dist/dangerzone_${VERSION}-1.dsc"
|
|
elif [[ "${PACKAGE_TYPE}" == "rpm" ]]; then
|
|
echo "pushing: dist/dangerzone-${VERSION}-1.noarch.rpm"
|
|
package_cloud push "firstlookmedia/code/${PACKAGECLOUD_DISTRO}" "dist/dangerzone-${VERSION}-1.noarch.rpm"
|
|
echo ""
|
|
echo "pushing: dist/dangerzone-${VERSION}-1.src.rpm"
|
|
package_cloud push "firstlookmedia/code/${PACKAGECLOUD_DISTRO}" "dist/dangerzone-${VERSION}-1.src.rpm"
|
|
fi
|
|
|
|
jobs:
|
|
run-lint:
|
|
docker:
|
|
- image: debian:bullseye
|
|
resource_class: small
|
|
steps:
|
|
- checkout
|
|
- run:
|
|
name: Install dev. dependencies
|
|
command: |
|
|
export DEBIAN_FRONTEND=noninteractive DEBCONF_NONINTERACTIVE_SEEN=true
|
|
apt-get update
|
|
apt-get install -y make python3 python3-pip python3-venv
|
|
python3 -m venv .venv
|
|
source .venv/bin/activate
|
|
pip install poetry
|
|
poetry install # FIXME --dev-only once poetry 1.2.0 is out https://github.com/python-poetry/poetry/issues/2572
|
|
- run:
|
|
name: Run linters to enforce code style
|
|
command: |
|
|
source .venv/bin/activate
|
|
make lint
|
|
|
|
build-container-image:
|
|
working_directory: /app
|
|
docker:
|
|
- image: docker:dind
|
|
steps:
|
|
- checkout
|
|
- restore_cache:
|
|
keys:
|
|
- v1-{{ checksum "container/Dockerfile" }}-{{ checksum "container/dangerzone.py" }}
|
|
- setup_remote_docker
|
|
- run:
|
|
name: Build Dangerzone image
|
|
command: |
|
|
if [ -f "/caches/container.tar.gz" ]; then
|
|
echo "Already cached, skipping"
|
|
else
|
|
docker build --cache-from=dangerzone.rocks/dangerzone --tag dangerzone.rocks/dangerzone container
|
|
fi
|
|
- run:
|
|
name: Save Dangerzone image and image-id.txt to cache
|
|
command: |
|
|
if [ -f "/caches/container.tar.gz" ]; then
|
|
echo "Already cached, skipping"
|
|
else
|
|
mkdir -p /caches
|
|
docker save -o /caches/container.tar dangerzone.rocks/dangerzone
|
|
gzip -f /caches/container.tar
|
|
docker image ls dangerzone.rocks/dangerzone | grep "dangerzone.rocks/dangerzone" | tr -s ' ' | cut -d' ' -f3 > /caches/image-id.txt
|
|
fi
|
|
- save_cache:
|
|
key: v1-{{ checksum "container/Dockerfile" }}-{{ checksum "container/dangerzone.py" }}
|
|
paths:
|
|
- /caches/container.tar.gz
|
|
- /caches/image-id.txt
|
|
|
|
convert-test-docs:
|
|
machine:
|
|
image: ubuntu-2004:202111-01
|
|
steps:
|
|
- checkout
|
|
- run: *install-podman
|
|
- run:
|
|
name: Install poetry dependencies
|
|
command: |
|
|
sudo pip3 install poetry
|
|
poetry install
|
|
- run:
|
|
name: Prepare cache directory
|
|
command: |
|
|
sudo mkdir -p /caches
|
|
sudo chown -R $USER:$USER /caches
|
|
- restore_cache: *restore-cache
|
|
- run: *copy-image
|
|
- run:
|
|
name: run automated tests
|
|
command: |
|
|
poetry run make test
|
|
|
|
build-ubuntu-jammy:
|
|
docker:
|
|
- image: ubuntu:22.04
|
|
resource_class: medium+
|
|
steps:
|
|
- run: *install-dependencies-deb
|
|
- checkout
|
|
- restore_cache: *restore-cache
|
|
- run: *copy-image
|
|
- run: *build-deb
|
|
|
|
build-debian-bookworm:
|
|
docker:
|
|
- image: debian:bookworm
|
|
resource_class: medium+
|
|
steps:
|
|
- run: *install-dependencies-deb
|
|
- checkout
|
|
- restore_cache: *restore-cache
|
|
- run: *copy-image
|
|
- run: *build-deb
|
|
|
|
build-debian-bullseye:
|
|
docker:
|
|
- image: debian:bullseye
|
|
resource_class: medium+
|
|
steps:
|
|
- run: *install-dependencies-deb
|
|
- checkout
|
|
- restore_cache: *restore-cache
|
|
- run: *copy-image
|
|
- run: *build-deb
|
|
|
|
build-fedora-37:
|
|
docker:
|
|
- image: fedora:37
|
|
resource_class: medium+
|
|
steps:
|
|
- run: *install-dependencies-rpm
|
|
- checkout
|
|
- restore_cache: *restore-cache
|
|
- run: *copy-image
|
|
- run: *build-rpm
|
|
|
|
build-fedora-36:
|
|
docker:
|
|
- image: fedora:36
|
|
resource_class: medium+
|
|
steps:
|
|
- run: *install-dependencies-rpm
|
|
- checkout
|
|
- restore_cache: *restore-cache
|
|
- run: *copy-image
|
|
- run: *build-rpm
|
|
|
|
build-fedora-35:
|
|
docker:
|
|
- image: fedora:35
|
|
resource_class: medium+
|
|
steps:
|
|
- run: *install-dependencies-rpm
|
|
- checkout
|
|
- restore_cache: *restore-cache
|
|
- run: *copy-image
|
|
- run: *build-rpm
|
|
|
|
deploy-fedora:
|
|
docker:
|
|
- image: fedora:35
|
|
resource_class: medium+
|
|
steps:
|
|
- run: *install-dependencies-rpm
|
|
- checkout
|
|
- restore_cache: *restore-cache
|
|
- run: *copy-image
|
|
- run: *build-rpm
|
|
- run:
|
|
name: Install packagecloud.io
|
|
command: |
|
|
dnf module install -y ruby:2.7 # requires ruby 2.7
|
|
dnf --allowerasing -y distro-sync
|
|
dnf install -y ruby-devel
|
|
gem install package_cloud
|
|
- run:
|
|
name: Deploy fedora/37
|
|
environment:
|
|
PACKAGE_TYPE: "rpm"
|
|
PACKAGECLOUD_DISTRO: "fedora/37"
|
|
<<: *deploy-packagecloud
|
|
- run:
|
|
name: Deploy fedora/36
|
|
environment:
|
|
PACKAGE_TYPE: "rpm"
|
|
PACKAGECLOUD_DISTRO: "fedora/36"
|
|
<<: *deploy-packagecloud
|
|
- run:
|
|
name: Deploy fedora/35
|
|
environment:
|
|
PACKAGE_TYPE: "rpm"
|
|
PACKAGECLOUD_DISTRO: "fedora/35"
|
|
<<: *deploy-packagecloud
|
|
|
|
deploy-debian:
|
|
docker:
|
|
- image: debian:bullseye
|
|
resource_class: medium+
|
|
steps:
|
|
- run: *install-dependencies-deb
|
|
- checkout
|
|
- restore_cache: *restore-cache
|
|
- run: *copy-image
|
|
- run: *build-deb
|
|
- run:
|
|
name: Install packagecloud.io
|
|
command: |
|
|
apt-get install -y ruby-dev rubygems
|
|
gem install -N rake
|
|
gem install -N package_cloud
|
|
- run:
|
|
name: Deploy debian/bullseye
|
|
environment:
|
|
PACKAGE_TYPE: "deb"
|
|
PACKAGECLOUD_DISTRO: "debian/bullseye"
|
|
<<: *deploy-packagecloud
|
|
- run:
|
|
name: Deploy debian/bookworm
|
|
environment:
|
|
PACKAGE_TYPE: "deb"
|
|
PACKAGECLOUD_DISTRO: "debian/bookworm"
|
|
<<: *deploy-packagecloud
|
|
|
|
deploy-ubuntu:
|
|
docker:
|
|
- image: ubuntu:22.04
|
|
resource_class: medium+
|
|
steps:
|
|
- run: *install-dependencies-deb
|
|
- checkout
|
|
- restore_cache: *restore-cache
|
|
- run: *copy-image
|
|
- run: *build-deb
|
|
- run:
|
|
name: Install packagecloud.io
|
|
command: |
|
|
apt-get install -y ruby-dev rubygems
|
|
gem install -N rake
|
|
gem install -N package_cloud
|
|
- run:
|
|
name: Deploy ubuntu/jammy
|
|
environment:
|
|
PACKAGE_TYPE: "deb"
|
|
PACKAGECLOUD_DISTRO: "ubuntu/jammy"
|
|
<<: *deploy-packagecloud
|
|
|
|
workflows:
|
|
version: 2
|
|
|
|
build:
|
|
jobs:
|
|
- run-lint
|
|
- build-container-image
|
|
- convert-test-docs:
|
|
requires:
|
|
- build-container-image
|
|
- build-ubuntu-jammy:
|
|
requires:
|
|
- build-container-image
|
|
- build-debian-bullseye:
|
|
requires:
|
|
- build-container-image
|
|
- build-debian-bookworm:
|
|
requires:
|
|
- build-container-image
|
|
- build-fedora-37:
|
|
requires:
|
|
- build-container-image
|
|
- build-fedora-36:
|
|
requires:
|
|
- build-container-image
|
|
- build-fedora-35:
|
|
requires:
|
|
- build-container-image
|
|
|
|
build-and-deploy:
|
|
jobs:
|
|
- build-container-image:
|
|
filters:
|
|
tags:
|
|
only: /^v.*/
|
|
branches:
|
|
ignore: /.*/
|
|
- deploy-ubuntu:
|
|
requires:
|
|
- build-container-image
|
|
filters:
|
|
tags:
|
|
only: /^v.*/
|
|
branches:
|
|
ignore: /.*/
|
|
- deploy-debian:
|
|
requires:
|
|
- build-container-image
|
|
filters:
|
|
tags:
|
|
only: /^v.*/
|
|
branches:
|
|
ignore: /.*/
|
|
- deploy-fedora:
|
|
requires:
|
|
- build-container-image
|
|
filters:
|
|
tags:
|
|
only: /^v.*/
|
|
branches:
|
|
ignore: /.*/
|