ci: Move srpm/rpm build to packit

Teach make-srpm.sh to support building a directory with the sprm ingredients (the unpacked directory) to become compatible with the packit workflow. This mostly obsoletes the need of doing custom COPR builds, so eventually .copr/ can be simplified. But keep the old functionality for the time being. Note that this way of building an srpm in packit is still rather unusual: the normal mode is to maintain the .spec and all auxiliary files in the upstream git; that then enables automatic Fedora releases, and make it easier to keep the spec in sync. But one step after another.. Configure packit to automatically build srpm and rpms in the usual temporary COPRs. This makes it much easier to test PRs both by humans and future integration tests. There are no test plans yet, but already enable the TF run to at least cover package installation/upgrade. Run these on Rawhide and the current stable Fedora (38 right now). This entirely replaces the "build-rpm" workflow, so drop that.
martinpitt · Aug 8, 2023 · fbfa187 · fbfa187
1 parent 045f69b
commit fbfa187
Show file tree

Hide file tree

Showing 3 changed files with 34 additions and 31 deletions.
diff --git a/.copr/make-srpm.sh b/.copr/make-srpm.sh
@@ -3,6 +3,12 @@
 set -eux
 
 outdir="$1"; shift
+mkdir -p "$outdir"
+
+# when this is specified, build a source directory and skip the rpmbuild step
+if [ "${1:-}" = "srcdir" ]; then
+    srcdir=1
+fi
 
 rootdir="$(realpath -m "$0/../..")"
 
@@ -45,6 +51,11 @@ cp "$expander_dir/macro-expander.sh" "$distgit_dir/macro-expander"
 sed -i "s/%global commit [^ ]*$/%global commit $base_head_id/;
         s/%{?dist}/.$base_date.$base_short_head_id%{?dist}/" "$distgit_dir/selinux-policy.spec"
 rm -f "$distgit_dir/sources"
-rpmbuild --define "_topdir $rpmbuild_dir" -bs "$distgit_dir/selinux-policy.spec"
 
-cp "$rpmbuild_dir/SRPMS/"*.src.rpm "$outdir"
+if [ -n "${srcdir:-}" ]; then
+    cp -r "$distgit_dir"/* "$outdir"
+else
+    # full rpmbuild for copr
+    rpmbuild --define "_topdir $rpmbuild_dir" -bs "$distgit_dir/selinux-policy.spec"
+    cp "$rpmbuild_dir/SRPMS/"*.src.rpm "$outdir"
+fi
diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
@@ -14,32 +14,3 @@ jobs:
       - run: make -j $(nproc) policy
       - run: make -j $(nproc) validate
       - run: make -j $(nproc) container.pp
-  build-rpm:
-    runs-on: ubuntu-latest
-    container:
-      image: fedora:rawhide
-      options: --security-opt seccomp=unconfined
-    steps:
-      - run: dnf install --nogpgcheck -y make git-core rpm-build 'dnf-command(builddep)'
-      - uses: actions/checkout@v3
-      # https://github.blog/2022-04-12-git-security-vulnerability-announced/
-      - run: git config --global --add safe.directory "$PWD"
-      - run: make -C .copr srpm outdir="$PWD"
-      - name: Store the SRPM as an artifact
-        uses: actions/upload-artifact@v2
-        with:
-          name: srpm
-          path: "*.src.rpm"
-      - run: |
-          if grep -q rawhide /etc/os-release; then
-            tag=rawhide
-          else
-            tag='f$releasever-build'
-          fi
-          dnf builddep --nogpgcheck --repofrompath "koji,https://kojipkgs.fedoraproject.org/repos/$tag/latest/\$arch/" -y *.src.rpm
-      - run: rpmbuild --define "_topdir $PWD/rpmbuild" -rb *.src.rpm
-      - name: Store binary RPMs as artifacts
-        uses: actions/upload-artifact@v2
-        with:
-          name: rpms
-          path: rpmbuild/RPMS
diff --git a/packit.yaml b/packit.yaml
@@ -0,0 +1,21 @@
+# See https://packit.dev/docs/configuration/
+
+specfile_path: tmp/rpm/selinux-policy.spec
+
+actions:
+  post-upstream-clone:
+    - .copr/make-srpm.sh tmp/rpm srcdir
+  create-archive: sh -c 'ls tmp/rpm/selinux-policy*.tar.gz'
+
+jobs:
+  - job: copr_build
+    trigger: pull_request
+    targets:
+    - fedora-development
+    - fedora-latest-stable
+
+  - job: tests
+    trigger: pull_request
+    targets:
+    - fedora-development
+    - fedora-latest-stable