3 Below is a description of the way the builder infrastructure works. You should
4 read it in order to be able to understand what's exactly going on when you try
7 (It assumes you have a basic understanding of how RPM packages are created.)
11 The builder infrastructure is divided into three parts:
16 The basic idea is to allow developers (requesters) to easily specify which
17 package they want built, and have the rest of the system take care of building
18 and upgrading packages, uploading them where appropriate and reporting back to
19 the developers on the results (were there errors, how long it took to build,
22 What follows is a more detailed description of what each part is supposed to
25 1.1 NOTES ON UPLOADING
27 When talking of uploading packages and logs it is meant as placing them
28 somewhere on the original system (via a simple 'cp'; this also includes copying
29 to /dev/null), or placing them on a remote system via the scp or rsync
34 99% of the system is written in python, with remaining parts using shell
35 scripts (POSIX shell is assumed, bashisms are to be shot at sight and their
36 authors beheaded in a public display). The presence of various helper tools is
37 assumed. They are: gpg, rsync and scp command line utilities.
41 Below are complete basics of how data is tossed around. Only the most relevant
42 transfers are presented.
44 status info status info
45 +--------------+<--+------------------+
47 V request | V src.rpm |
48 requester ---------> src.builder ---------> bin.builders
51 FTP server <---+------------------+
55 Main task: sending build requests to source builders.
57 This is the simplest part. It consists of a shell script (make-request.sh),
58 which, based on the way it's configured and on the cmdline parameters given to
59 it, generates an xml-formated build request, which it then signs with the
60 requester's PGP key (using the gpg utility) and then sends it to the source
61 builder via a sendmail compatible command line application (by default invoking
64 Two modes of operation are:
65 - sending requests to build chosen package(s) on a specified group of builders
66 - sending a chosen command to be executed on a specified group of builders
68 See HOWTO-CLIENT for a hands-on approach to setting yourself up for being able
69 to send out build requests.
71 4. SOURCE BUILDER (AKA SRC.BUILDER)
73 Main task: building src.rpm packages and serving them to binary builders.
74 Additional tasks: reporting back to the requester about the status of the build
75 and uploading generated src.rpm packages where appropriate. Also -- tagging,
76 access control, uploading buildlogs and keeping the 'queue.html' file in sync.
78 The source builder is the central place for managing access rights for
79 requesters. Upon receiving a request (via email), it first checks the pgp
80 signature with which the request was signed, against the pgp key currently
81 assigned to the requester (all done with the 'gpg' command). After verifying
82 that the requester name/requester pgp signature pair match, it then checks if
83 the requester is actually allowed to perform the actions she wants to perform.
84 That is: does she have access to a specified binary builder, is she allowed to
85 specify the 'upgrade' flag or not, is she allowed to use the priority she set
86 for the request and even if she is allowed to request building of a given
89 Once a request passes all verifications, the src.builder uses its own chroot
90 equipped with a basic build environment to fetch the sources of a given
91 package, tag them if configured to do so and create a src.rpm out of them (all
92 done by invoking the 'builder' script as found in the SPECS module of the PLD
93 cvs repository (see http://www.pld-linux.org/Repositories for details)).
95 After finishing the build procedure the src.builder reports (via email) to the
96 requester on the status of the build (OK/FAIL), updates the 'queue.html' file
97 with that information (urls for PLD2.0 and 3.0 queues:
98 http://src.th.pld-linux.org/queue.html and
99 http://ep09.pld-linux.org/~builderth/queue.html) and, if configured to do so,
100 uploads the complete log of the whole procedure (called the buildlog)
101 somewhere, most likely to our PLD buildlogs system
102 (http://buildlogs.pld-linux.org).
104 If the build procedure was successful, the resulting src.rpm file is most
105 likely uploaded somewhere (if configured to do so; in our case it's our FTP
106 server) and, what is most important, it's being served via a http server for
107 the binary builders to download. An xml-formated (and pgp signed) 'queue.gz'
108 and a small 'max_req_no' files are also updated with relevant information, in
109 order for the bin.builders to be able to notice new requests and figure out
110 which are addressed to which builders.
112 The last matter taken care of by the src.builder is receiving (gpg signed)
113 emails from bin.builders with status information regarding what happened to
114 various builds (whether they succeeded or failed) and updating the 'queue.html'
117 See the HOWTO-BUILDERS file for a hands-on approach on setting up builders. All
118 of the technical details are there.
120 5. BINARY BUILDERS (AKA BIN.BUILDERS)
122 Main task: building arch.rpm packages and uploading them where appropriate.
123 Additional tasks: reporting back to the requester and the source builder on the
124 status of the build. Also -- uploading buildlogs.
126 Upon noticing that a new request has been published by the src.builder and
127 verifying the appropriate gpg signatures, binary builders download the relevant
128 src.rpm files and use their build-environment-equipped chroots to start
129 building them (by invoking the 'rpmbuild' command). Once a build is completed
130 (meaning arch.rpm files are produced, or the whole procedure is interrupted for
131 whatever reason), the status of the build (OK/FAIL) is sent via email both to
132 the requester and to the src.builder.
134 Procedure for uploading the produced arch.rpms and buildlogs is the same as
135 with the src.builder.
137 Bin.builders however need to deal with one thing src.builders are mostly not
138 affected by -- managing the build environments inside their chroots. That means
139 installing new packages if required by a given build (using the 'poldek'
140 package manager; http://poldek.pld-linux.org/), upgrading older packages for
141 much the same reasons, downgrading from time to time and locally caching newly
142 built files for short periods of times.
144 All of this, along with lots of quirks and obscure details is explained in the
149 Q: What's this 'tagging' all about with the src.builder?
150 A: When a src.rpm is created and arch.rpms built based on it, it is sometimes
151 useful to be able to check which sources were used to build them. Casual users
152 might be satisfied with just extracting everything from the src.rpm (that is
153 what they are uploaded to the ftp server for), but the old ones aren't always
154 available and even if they are, developers require source control in order to
155 work efficiently. Hence all sources used to build a given src.rpm for a given
156 line are tagged appropriately in the PLD CVS repository, for example trying to
157 build cthulu.spec on the 2.0 (codename Ac) line of our distro might result in a
158 tag looking something like this being set -- 'auto-ac-cthulu-6.6-6'.
159 (Technically the previous sentence is not 100% correct due to (a) the way our
160 DISTFILES infrastructure impacts which sources are and aren't in the CVS repo
161 and hence are subject to tagging and (b) specific policies regarding tagging
162 for each distro line; for the latter refer to appropriate policies.)
165 # vi: formatoptions=aw expandtab
projects / projects / pld-builder.new.git / blob