Merge pull request #7920 from inverse-inc/features/inv-73-perl-client

build package fingerbank client [perl-client]
inverse-inc · Dec 7, 2023 · ad21af3 · ad21af3
2 parents 45b432e + edcf926
commit ad21af3
Show file tree

Hide file tree

Showing 138 changed files with 7,942 additions and 10 deletions.
diff --git a/.github/workflows/main_perl-client.yml b/.github/workflows/main_perl-client.yml
@@ -0,0 +1,118 @@
+name: perl-client_debian_rhel8_package
+on:
+  workflow_dispatch:
+  push:
+  schedule:
+    - cron: 0 2 * * *
+
+env:
+  WORKDIR: "/root"
+  VOLUME_MOUNT: "/mnt/${{ github.run_id }}_${{ github.run_attempt }}"
+  OUTPUT_DIRECTORY: "/mnt/output/"
+  BRANCH_NAME: ${{ github.head_ref || github.ref_name }}
+  PACKAGE_NAME: 'fingerbank'
+
+jobs:
+  build_preparation:
+    permissions:
+      pull-requests: read
+    runs-on: package-build
+    outputs:
+      volume_mount: ${{ steps.variable.outputs.volume_mount }}
+      workdir: ${{ steps.variable.outputs.workdir }}
+      output_directory: ${{ steps.variable.outputs.output_directory }}
+      branch_name: ${{ steps.variable.outputs.branch_name }}
+      package_name: ${{ steps.variable.outputs.package_name }}
+      path_changes: ${{ steps.filters.outputs.src }}
+      regex_match_branch: ${{ steps.regex-match.outputs.match }}
+    steps:
+
+      - name: Regex match devel and maintenance branches 
+        uses: kaisugi/[email protected]
+        id: regex-match
+        with:
+          text: ${{ env.BRANCH_NAME }}
+          regex: '^(maintenance\/1[1-9].[0-2]|devel)$'
+
+      - name: Checkout repository
+        uses: actions/checkout@v3
+
+      - uses: dorny/paths-filter@v2
+        id: filters
+        with:
+          base: ${{ github.ref }}
+          filters: |
+            src:
+              - '.addons/perl-client/**'
+              - '.github/workflows/main_perl-client.yml'
+              - '.github/workflows/perl-client_build_package.yml'
+              - '.github/workflows/reusable_sign_package_debian.yml'
+              - '.github/workflows/reusable_sign_package_rhel8.yml'
+              - '.github/workflows/reusable_upload_packages.yml'
+      - run:  | 
+          echo ${{ steps.filters.outputs.src }}
+          echo ${{ steps.filters.outputs.changes }}
+          echo ${{ steps.filters.conclusion }}
+          echo ${{ steps.filters.outcome }}
+          echo ${{env.BRANCH_NAME}}
+          echo ${{ steps.regex-match.outputs.match }}
+
+      - name: Declare 'needs' variable
+        id: variable
+        run: |
+          echo "volume_mount=${{env.VOLUME_MOUNT}}" >> "$GITHUB_OUTPUT"
+          echo "workdir=${{env.WORKDIR}}" >> "$GITHUB_OUTPUT"
+          echo "output_directory=${{env.OUTPUT_DIRECTORY}}" >> "$GITHUB_OUTPUT"
+          echo "branch_name=${{env.BRANCH_NAME}}" >> "$GITHUB_OUTPUT"
+          echo "package_name=${{env.PACKAGE_NAME}}" >> "$GITHUB_OUTPUT"
+
+  build_packages:
+    if: ${{ contains( github.event.head_commit.message, '[perl-client]') || needs.build_preparation.outputs.path_changes == 'true' && needs.build_preparation.outputs.regex_match_branch != '' }}
+    strategy:
+      matrix:
+        images: ['debian', 'rhel8']
+    uses:  ./.github/workflows/perl-client_build_package.yml
+    needs: ['build_preparation']
+    with:
+      _IMAGE_TYPE: ${{ matrix.images }}
+      _WORKDIR:  ${{needs.build_preparation.outputs.workdir}}
+      _BRANCH_NAME: ${{ needs.build_preparation.outputs.branch_name }}
+      _VOLUME_MOUNT: ${{needs.build_preparation.outputs.volume_mount}}
+
+    secrets: inherit
+
+  unit_tests_packages:
+    strategy:
+      matrix:
+        images: ['debian', 'rhel8']
+    uses:  ./.github/workflows/reusable_unit_test.yml
+    needs: ['build_preparation', 'build_packages']
+    with:
+      _IMAGE_TYPE: ${{ matrix.images }}
+      _PACKAGE_NAME: ${{ needs.build_preparation.outputs.package_name }}
+
+  sign_package:
+    strategy:
+      matrix:
+        images: ['debian', 'rhel8']
+    uses:  ./.github/workflows/reusable_sign_packages.yml
+    needs: ['build_preparation', 'build_packages', 'unit_tests_packages']
+    with:
+      _IMAGE_TYPE: ${{ matrix.images }}
+      _VOLUME_MOUNT: ${{needs.build_preparation.outputs.volume_mount}}
+      _BRANCH_NAME: ${{ needs.build_preparation.outputs.branch_name }}
+      _PACKAGE_NAME: ${{ needs.build_preparation.outputs.package_name }}
+    secrets: inherit
+
+  upload_packages:
+    strategy:
+      matrix:
+        images: ['debian', 'rhel8']
+    uses:  ./.github/workflows/reusable_upload_packages.yml
+    needs: ['build_preparation', 'build_packages', 'unit_tests_packages', 'sign_package']
+    with:
+      _IMAGE_TYPE: ${{ matrix.images }}
+      _VOLUME_MOUNT: ${{needs.build_preparation.outputs.volume_mount}}
+      _BRANCH_NAME: ${{ needs.build_preparation.outputs.branch_name }}
+      _PACKAGE_NAME: ${{ needs.build_preparation.outputs.package_name }}
+    secrets: inherit
diff --git a/.github/workflows/perl-client_build_package.yml b/.github/workflows/perl-client_build_package.yml
@@ -0,0 +1,85 @@
+name: Packetfence-perl image/package build 
+on:
+  workflow_call:
+    inputs:
+      _IMAGE_TYPE:
+        required: True
+        type: string
+      _WORKDIR:
+        required: True
+        type: string
+      _BRANCH_NAME:
+        required: True
+        type: string
+      _VOLUME_MOUNT:
+        required: True
+        type: string
+
+jobs:
+  git_checkout:
+    runs-on: package-build
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v3
+
+  build_package:
+    runs-on: package-build
+    needs: git_checkout
+    container:
+      image: registry.gitlab.com/orange-opensource/gitlab-buildpkg/${{ inputs._IMAGE_TYPE == 'rhel8' && 'centos:8' || 'debian:bullseye'}}
+      env:
+        EXECUTION_DIRECTORY: '/mnt/packetfence/'
+#      volumes:
+#        - ${{ github.workspace }}/:${{ inputs._VOLUME_MOUNT }}
+    steps:
+      - name: Copy 
+        run: |
+          cp -avT ${GITHUB_WORKSPACE} ${EXECUTION_DIRECTORY}
+
+      - name: Install RHEL dependencies ${{ inputs._IMAGE_TYPE }}
+        if: inputs._IMAGE_TYPE == 'rhel8'
+        run: dnf -y install rpm-sign python39 && python3.9 -m pip install -q  -U pip && pip install -q pynacl requests
+
+      - name: Install Debian dependencies ${{ inputs._IMAGE_TYPE }}
+        if: inputs._IMAGE_TYPE == 'debian'
+        run:  apt -qq update && apt -qq -y install python3 python3-pip && python3 -m pip install -q  -U pip && pip install -q pynacl requests
+
+      - name: Safety add directory
+        shell: bash
+        run: |
+          cd ${EXECUTION_DIRECTORY}
+          git config --global --add safe.directory '*'
+          cd -
+
+      - name: Build package ${{inputs._IMAGE_TYPE}}
+        shell: bash
+        run: |
+          ls -la ${EXECUTION_DIRECTORY}
+          env
+          echo "${EXECUTION_DIRECTORY}"
+          ls -la  "${EXECUTION_DIRECTORY}"
+          echo "${EXECUTION_DIRECTORY}/addons"
+          ls -la "${EXECUTION_DIRECTORY}/addons"
+          cd "${EXECUTION_DIRECTORY}"/addons/perl-client/
+          set -e && export FINGERBANK_API_KEY=$(set -e && python3  "${EXECUTION_DIRECTORY}"/addons/packetfence-perl/psono.py --api_key_id=${{ secrets.PSONO_API_KEY_ID }} --api_key_secret_key=${{ secrets.PSONO_API_KEY_SECRET_KEY }} --secret_id=${{ vars.PSONO_BUILDS_KEY_FINGERBANK }} --return_value=password)
+          set -e &&  make SHELL='sh' -e ${{ inputs._IMAGE_TYPE == 'rhel8' && 'build_rpm' || 'build_deb'}}
+          ls -la "${EXECUTION_DIRECTORY}"/addons/perl-client/result/${{ inputs._IMAGE_TYPE == 'rhel8' && 'centos/8' || 'debian/bullseye'}}
+        env:
+          CI_COMMIT_REF_NAME: ${{ inputs._BRANCH_NAME }}
+
+      - name: Upload the package to artifactory ${{inputs._IMAGE_TYPE}}
+        uses: actions/upload-artifact@v3
+        with:
+          name: ${{ env.ARTIFACTORY_NAME }}
+#          path:  /__w/packetfence/packetfence/addons/perl-client/result/${{ inputs._IMAGE_TYPE == 'rhel8' && 'centos/8' || 'debian/bullseye'}}/${{ env.PACKAGE_NAME }}
+          path:  /mnt/packetfence/addons/perl-client/result/${{ inputs._IMAGE_TYPE == 'rhel8' && 'centos/8' || 'debian/bullseye'}}/${{ env.PACKAGE_NAME }}
+        env:
+          PACKAGE_NAME: ${{ inputs._IMAGE_TYPE == 'rhel8' &&  'fingerbank-*.noarch.rpm' || 'fingerbank*.deb' }}
+          ARTIFACTORY_NAME: ${{ inputs._IMAGE_TYPE == 'rhel8' &&  'package-rpm' || 'package-deb' }}
+          PATH: "${GITHUB_WORKSPACE}"
+
+      - name: Clean directory
+        if: always()
+        run: |
+          rm -rf "${EXECUTION_DIRECTORY}"
+          rm -rf  ${HOME}/rpmbuild
diff --git a/.github/workflows/reusable_sign_packages.yml b/.github/workflows/reusable_sign_packages.yml
@@ -54,8 +54,10 @@ jobs:
           name: ${{ env.ARTIFACTORY_NAME }}
           path:  /mnt/${{ env.PACKAGE_NAME }}
         env:
-          PACKAGE_NAME: ${{ inputs._IMAGE_TYPE == 'rhel8' &&  'packetfence-perl-*.rpm' || 'packetfence-perl*.deb' }}
+          PACKAGE_NAME: ${{ inputs._IMAGE_TYPE == 'rhel8' &&   env.RPM_FORMAT_PACKAGE_NAME || env.DEB_FORMAT_PACKAGE_NAME }}
           ARTIFACTORY_NAME: ${{ inputs._IMAGE_TYPE == 'rhel8' &&  'package-rpm' || 'package-deb' }}
+          DEB_FORMAT_PACKAGE_NAME: "${{ inputs._PACKAGE_NAME }}*.deb"
+          RPM_FORMAT_PACKAGE_NAME: "${{ inputs._PACKAGE_NAME }}*.rpm"
 
   sign_package_rpm:
     runs-on: packetfence-perl-package-build 
@@ -100,5 +102,7 @@ jobs:
           name: ${{ env.ARTIFACTORY_NAME }}
           path:  /mnt/${{ env.PACKAGE_NAME }}
         env:
-          PACKAGE_NAME: ${{ inputs._IMAGE_TYPE == 'rhel8' &&  'packetfence-perl-*.rpm' || 'packetfence-perl*.deb' }}
+          PACKAGE_NAME: ${{ inputs._IMAGE_TYPE == 'rhel8' &&   env.RPM_FORMAT_PACKAGE_NAME || env.DEB_FORMAT_PACKAGE_NAME }}
           ARTIFACTORY_NAME: ${{ inputs._IMAGE_TYPE == 'rhel8' &&  'package-rpm' || 'package-deb' }}
+          DEB_FORMAT_PACKAGE_NAME: "${{ inputs._PACKAGE_NAME }}*.deb"
+          RPM_FORMAT_PACKAGE_NAME: "${{ inputs._PACKAGE_NAME }}*.rpm"
diff --git a/.github/workflows/reusable_unit_test.yml b/.github/workflows/reusable_unit_test.yml
@@ -23,12 +23,28 @@ jobs:
         env:
           ARTIFACTORY_NAME: ${{ inputs._IMAGE_TYPE == 'rhel8' && 'package-rpm' || 'package-deb' }}
 
-      - name: Install the package packetfence-perl ${{ inputs._IMAGE_TYPE }}
+      - name: Install the package ${{ inputs._PACKAGE_NAME}} rhel8
+        if: inputs._IMAGE_TYPE == 'rhel8'
         run: |
           ls -la /mnt
-          ${{ inputs._IMAGE_TYPE == 'rhel8' && env.INSTALL_RPM_PACKAGE  || env.INSTALL_DEB_PACKAGE }}
-        env:
-          INSTALL_RPM_PACKAGE: "set -x && yum -y install findutils && find /mnt -name ${{ inputs._PACKAGE_NAME }}*.rpm -exec rpm -ivh {} \\;"
-          INSTALL_DEB_PACKAGE: "set -x && find /mnt -name ${{ inputs._PACKAGE_NAME }}*.deb -exec dpkg -i {} \\;"
-
+          PF_RELEASE_PATH=https://raw.githubusercontent.com/inverse-inc/packetfence/devel/conf/pf-release
+          PF_MINOR_RELEASE=$(curl -s ${PF_RELEASE_PATH}  | grep -oE '[0-9]+\.[0-9]+')
+          yum -y install findutils
+          yum -y localinstall http://packetfence.org/downloads/PacketFence/RHEL8/packetfence-release-${PF_MINOR_RELEASE}.el8.noarch.rpm
+          set -e && find /mnt -name ${{ inputs._PACKAGE_NAME }}*.rpm -exec bash -c 'yum -y localinstall --enablerepo=packetfence {}' \;
+          echo "Next packages ${{ inputs._PACKAGE_NAME }} was installed successfuly: "
+          rpm -qa | grep ${{ inputs._PACKAGE_NAME }}
 
+      - name: Install the package ${{ inputs._PACKAGE_NAME}} debian
+        if: inputs._IMAGE_TYPE == 'debian'
+        run: |
+          ls -la /mnt
+          apt update; apt  install -y gnupg sudo wget  curl
+          PF_RELEASE_PATH=https://raw.githubusercontent.com/inverse-inc/packetfence/devel/conf/pf-release
+          PF_MINOR_RELEASE=$(curl -s ${PF_RELEASE_PATH}  | grep -oE '[0-9]+\.[0-9]+')
+          wget -q -O - https://inverse.ca/downloads/GPG_PUBLIC_KEY | apt-key add -
+          echo "deb http://inverse.ca/downloads/PacketFence/debian/${PF_MINOR_RELEASE} bullseye bullseye" > /etc/apt/sources.list.d/packetfence.list
+          apt update
+          set -e && find /mnt -name ${{ inputs._PACKAGE_NAME }}*.deb -exec bash -c 'apt install -f -y {}' \;
+          echo "Next packages ${{ inputs._PACKAGE_NAME }} was installed successfuly: "
+          dpkg -l | grep ${{ inputs._PACKAGE_NAME }}
diff --git a/.github/workflows/reusable_upload_packages.yml b/.github/workflows/reusable_upload_packages.yml
@@ -20,7 +20,7 @@ jobs:
   upload-package: 
     runs-on: packetfence-perl-package-build
     env:
-      PACKAGE_DEST_PATH: "~/packages/packetfence-perl/${{ inputs._BRANCH_NAME }}/${{ inputs._IMAGE_TYPE }}/"
+      PACKAGE_DEST_PATH: "~/packages/${{ inputs._PACKAGE_NAME }}/${{ inputs._BRANCH_NAME }}/${{ inputs._IMAGE_TYPE }}/"
     container:
       image: debian:11.0
       volumes:
@@ -44,7 +44,7 @@ jobs:
           set -e && \
           export private_key=$(/usr/bin/python3 /root/packetfence-perl/psono.py --api_key_id=${{ secrets.PSONO_API_KEY_ID }} --api_key_secret_key=${{ secrets.PSONO_API_KEY_SECRET_KEY }} --secret_id=${{ vars.PSONO_SSH_RUNNER_GH_PRIVATE }} --return_value=password_notes) && \
           eval `ssh-agent -s` && ssh-add - <<< ${private_key}
-          rsync -avzr --delete --rsync-path='mkdir -p  ${{ env.PACKAGE_DEST_PATH }} && rsync' -e "ssh -o StrictHostKeyChecking=no -p 22"   /mnt/${{inputs._PACKAGE_NAME}}${{ env.PACKAGE_TYPE }} reposync@${{ vars.WEB_INVERSE_IP_ADDRESS }}:${{ env.PACKAGE_DEST_PATH }}
+          rsync -avzr --delete --rsync-path='mkdir -p  ${{ env.PACKAGE_DEST_PATH }} &&  rm -rf ${{ env.PACKAGE_DEST_PATH }}/* && rsync' -e "ssh -o StrictHostKeyChecking=no -p 22"   /mnt/${{inputs._PACKAGE_NAME}}${{ env.PACKAGE_TYPE }} reposync@${{ vars.WEB_INVERSE_IP_ADDRESS }}:${{ env.PACKAGE_DEST_PATH }}
           ssh-add -D
         env:
           PACKAGE_TYPE: ${{ inputs._IMAGE_TYPE == 'rhel8' &&  '*.rpm' || '*.deb' }}
diff --git a/addons/perl-client/.gitignore b/addons/perl-client/.gitignore
@@ -0,0 +1,3 @@
+queue/
+public/
+result/
-Original file line number
+Diff line change
@@ -0,0 +1,3 @@
+    queue/
+    public/
+    result/