application-inventory: use RPM's Version and Release, set Epoch #263
Conversation
ginglis13
force-pushed
the
application-json-updates
branch
2 times, most recently
from
46b512d to
b8749fa
Compare
|
^ split rpm2img changes into a separate commit; add |
ginglis13
changed the title
|
Rebased locally and seeing the failure now. There are some integ tests that expect package naming of a certain form that changes in this PR |
Hmm yeah the test ensures that the packages were built for the kit by checking for the RPM output file. Can you update the test to accommodate the new naming convention? |
ginglis13
force-pushed
the
application-json-updates
branch
from
b8749fa to
68152bf
Compare
|
^ update twoliter/src/cmd/build.rs tests to include defaults for |
ginglis13
force-pushed
the
application-json-updates
branch
2 times, most recently
from
f3c7472 to
5505e53
Compare
|
^ use |
ginglis13
force-pushed
the
application-json-updates
branch
from
5505e53 to
7185d90
Compare
|
^ set The kernel package definitions are a special case in terms of Defined in their spec. This change includes some E.g. showing package and its subpackages set |
| let rpm = kit_output_dir.join(&format!("bottlerocket-{package}-0.0-0.{arch}.rpm")); | ||
| let rpm = kit_output_dir.join(&format!( | ||
| "bottlerocket-{package}-0.0-00000000000.00000000.br1.{arch}.rpm" | ||
| )); |
There was a problem hiding this comment.
Will this test still succeed if the commit is -dirty?
There was a problem hiding this comment.
I'm confused as to how these default values are arriving in the build-package calls. I think this test is actually demonstrating the problem of having these args absent from cargo make build-kit. build-kit will result in package builds, and the package builds will then have these values absent.
I think buildsys needs to choke on the absence of these values and the Makefile needs to ensure they exist.
There was a problem hiding this comment.
Will this test still succeed if the commit is
-dirty?
If the commit were dirty, the rpm would be named "bottlerocket-{package}-0.0-00000000000.00000000_dirty.br1.{arch}.rpm" per /~https://github.com/bottlerocket-os/twoliter/pull/263/files#diff-a08098dd4b8cb6afda85dec0555534eaeb5a75f4e43f2db7ddcbc2e8c63d0e17R170-R171. So no, this test would not succeed if the package is being built from a dirty tree.
I'm confused as to how these default values are arriving in the build-package calls. I think this test is actually demonstrating the problem of having these args absent from cargo make build-kit. build-kit will result in package builds, and the package builds will then have these values absent.
These values are set via environment variables in twoliter's Makefile.toml: /~https://github.com/bottlerocket-os/twoliter/pull/263/files#diff-ad5b91511e741abc0f447ce47f0d0c399ec15a4acd7666aa0f30094356d53af5R27-R31. They are read in BuildPackageArgs here: /~https://github.com/bottlerocket-os/twoliter/pull/263/files#diff-d69207eb08549801c5be3079f2fef42b9c132b83ecdb9d73160b91db074395cdR119-R135, which ultimately is used in a build-package call. I see between this and other similar comments, we must set these values in kit build as well, otherwise we'll always have default values present for packages built from kits...
I think buildsys needs to choke on the absence of these values and the Makefile needs to ensure they exist.
can do
There was a problem hiding this comment.
I did some validation with kit building given these changes. Because kit building also builds packages, the required environment variables will be set for package building, and resultant kits will have packages with these values properly set:
$ ls tests/projects/local-kit/build/kits/extra-3-kit/aarch64/Packages
bottlerocket-pkg-e-0.0-01717804500.7185d90.br1.aarch64.rpm
bottlerocket-pkg-f-0.0-01717804500.7185d90.br1.aarch64.rpm
bottlerocket-pkg-g-0.0-01717804500.7185d90.br1.aarch64.rpm
$ ls tests/projects/local-kit/build/rpms/pkg-b
bottlerocket-pkg-b-0.0-01717804500.7185d90.br1.aarch64.rpm
As for why the integration test is using default values, that's because the integ test builds kits in a temp dir that and is not a git project.
twoliter/embedded/Makefile.toml
Outdated
| export BUILDSYS_VERSION_BUILD="${BUILDSYS_VERSION_BUILD}" | ||
| export BUILDSYS_VERSION_BUILD_TIMESTAMP="${BUILDSYS_VERSION_BUILD_TIMESTAMP}" | ||
| export BUILDSYS_VERSION_BUILD_EPOCH="${BUILDSYS_VERSION_BUILD_EPOCH}" |
There was a problem hiding this comment.
Aren't these also needed in build-kit?
There was a problem hiding this comment.
See above comment, we won't need these in build-kit as they're already included in build-package
| let rpm = kit_output_dir.join(&format!("bottlerocket-{package}-0.0-0.{arch}.rpm")); | ||
| let rpm = kit_output_dir.join(&format!( | ||
| "bottlerocket-{package}-0.0-00000000000.00000000.br1.{arch}.rpm" | ||
| )); |
There was a problem hiding this comment.
I'm confused as to how these default values are arriving in the build-package calls. I think this test is actually demonstrating the problem of having these args absent from cargo make build-kit. build-kit will result in package builds, and the package builds will then have these values absent.
I think buildsys needs to choke on the absence of these values and the Makefile needs to ensure they exist.
ginglis13
force-pushed
the
application-json-updates
branch
from
7185d90 to
5b0fd67
Compare
|
^ take feedback to add some clarity in comments, group all Epoch changes to an RPM in the |
twoliter/embedded/build.Dockerfile
Outdated
| && cat generated.bconds ${PACKAGE}.spec >> rpmbuild/SPECS/${PACKAGE}.spec \ | ||
| && sed -i "/%package.*$/a Epoch: ${BUILD_EPOCH}" rpmbuild/SPECS/${PACKAGE}.spec \ |
There was a problem hiding this comment.
consider deleting existing Epoch lines, and being more rigorous about matches:
| && sed -i "/%package.*$/a Epoch: ${BUILD_EPOCH}" rpmbuild/SPECS/${PACKAGE}.spec \ | |
| && sed -i '/^Epoch:/d' rpmbuild/SPECS/${PACKAGE}.spec \ | |
| && sed -i "/^%package\s.*$/a Epoch: ${BUILD_EPOCH}" rpmbuild/SPECS/${PACKAGE}.spec \ |
There was a problem hiding this comment.
I think this fits into the case that we could alter the expectations of a packager by modifying their Epoch value. Would it be better to fail the build than to produce something unexpected?
There was a problem hiding this comment.
In the latest revision of this PR, I opted not to delete existing Epoch lines for two reasons:
- attempting to delete previous Epoch was resulting in invalid RPM, with an error along the lines of
File must begin with "/": Epoch:. I didn't dive further becaue I concluded that instead of making this change, we can: - By always attempting to set our
Epoch, we will induce RPM failures for the case where a packager attempts to specify their ownEpoch. This seems more reasonable than silently changing the value they intend to set asEpoch
ginglis13
force-pushed
the
application-json-updates
branch
2 times, most recently
from
9215834 to
7e070cf
Compare
Before the onset of kits, Bottlerocket would build RPMs with Release values set to the commit of Bottlerocket being released (or, more accurately, the commit of Bottlerocket being built). This worked fine under the monorepo model, but with the advent of kits, this is not enough for indicating incremental changes to a project. There must be some monotonically increasing value present in the application-invetory for a Bottlerocket variant for systems to key off of for versioning and Release comparisons. This change computes the unix timestamp in ms of the project commit from which a package is built by buildsys and sets the Release of the package as <timestamp>+<commit short sha>. It also sets the Epoch value of RPMs and their subpackages based on an environment variable BUILDSYS_VERSION_BUILD_EPOCH. Signed-off-by: Gavin Inglis <giinglis@amazon.com>
when building application-inventory for packages, use the actual package Version specifying in the package spec, as well as its actualy Release value. Also, specify an Epoch for cases where package versioning breaks between releases. Signed-off-by: Gavin Inglis <giinglis@amazon.com>
ginglis13
force-pushed
the
application-json-updates
branch
from
7e070cf to
51cd42e
Compare
|
^ first force push, address feedback:
^ second force push, rebase ^ 3rd, fix a missed nit in above two pushes |
revert most of bottlerocket-os#263, which set the Epoch for packages built with Twoliter, set package inventory Version as the actual package version, and built a customer release field to give to the package. This PR retains the change to setting Release in the actual package RPM but reverts the change to include that in the application inventory for the package. Signed-off-by: Gavin Inglis <giinglis@amazon.com>
Issue number:
Closes #140
Description of changes:
Before the onset of kits, Bottlerocket would build RPMs with Release values set to the commit of Bottlerocket being released (or, more accurately, the commit of Bottlerocket being built). This worked fine under the monorepo model, but with the advent of kits, this is not enough for indicating incremental changes to a project. There must be some monotonically increasing value present in the application-inventory for a Bottlerocket variant for systems to key off of for versioning and Release comparisons.
This change computes the unix timestamp in ms of the project commit from which a package is built by buildsys and sets the Release of the package as <timestamp>+<commit short sha>. It also sets the
Versionof a package to the actual package's version, and not the Bottlerocket version.Testing done:
Built a Bottlerocket variant with these changes and inspected packages:
Launched a bottlerocket instance:
Terms of contribution:
By submitting this pull request, I agree that this contribution is dual-licensed under the terms of both the Apache License, version 2.0, and the MIT license.