Automated Build System For Remixes Without Koji
This document outlines the process of creating an automated RPM and ISO building infrastructure for smaller Fedora Remix projects that do not make use of Fedora’s Koji ecosystem.
It is best practice to keep the web server and builder separate.
The web server is a CentOS system. It’s main purpose is to host the public ISO downloads and package repository. The playbook-mirror.yml Ansible playbook located in this repository automates the provisioning of the web server. The choice of CentOS was to maximize support time and stay within the RHEL family. It could just as easily be a Debian server though the playbook would need to be adjusted.
The builder is a Fedora system provisioned using the playbook-builder.yml Ansible playbook. The builder is a Jenkins CI server which rebuilds RPMs when changes are made in the version control. The automation should be configured in Jenkins to trigger on a push to
master for each repo housing package sources.
The series of commands shown below illustrates the process of building RPM packages with Jenkins.
sudo rm -rf /home/$USER/to-sign/ mkdir -p /home/$USER/to-sign/ copr-rpmbuild scm --clone-url [URL of git repo with package source] --chroot \ fedora-$(lsb_release -a | grep Release | cut -f2)-x86_64 sudo cp /var/lib/copr-rpmbuild/results/*.rpm /home/$USER/to-sign rm -rf /var/lib/copr-rpmbuild/results
Once the RPM build finishes, a responsible team member then needs to connect to the build server via SSH in order to sign the completed RPM package using:
sudo rpmsign --addsign /path/to/to-sign/directory/*rpm
A tool such as
rsync should then be used to push the new packages to the mirror. After verifying the permissions are correct, run:
sudo createrepo_c --update /path/to/RPMs or SRPMs
on the mirror in order to update the proper RPM repository.
ISOs should be built as needed. In order to build an ISO, you need two prerequisites:
A kickstart file to be used by the Anaconda Installer
Clone the Fedora Kickstarts repository:
git clone https://pagure.io/fedora-kickstarts.git
Enter the directory:
Choose a kickstart to use as a base for your remix
Flatten the kickstart:
ksflatten --config [name of kickstart].ks -o flat-[name of kickstart].ks --version [fedora version]
%packagessection of the flat kickstart if you wish to add/remove base packages
SELinuxto permissive with:
sudo setenforce 0
sudo livemedia-creator --ks /path/to/flat/kickstart/file --no-virt \ --resultdir /var/lmc --project [image name] --make-iso --volid [image name] \ --iso-only --iso-name [image name].iso --releasever [fedora release] \ --title [image name] --macboot
The resulting ISO will be in
SELinuxback to enforcing:
sudo setenforce 1
After an initial ISO build, a new ISO may be created by running:
setenforce 0 livemedia-creator --ks [kickstart-name].ks --no-virt --resultdir /var/lmc \ --project [remix name]-Live --make-iso --volid [remix name] \ --iso-only --iso-name [remix name].iso --releasever $vers \ --title [remix name]-live --macboot setenforce 1
You may want to consider automating the ISO build with Jenkins.