[Git][qa/jenkins.debian.net][master] rdn: add new pseudo arch amd64-pull184 to test with that codebase
Holger Levsen (@holger)
gitlab at salsa.debian.org
Thu Aug 21 00:07:05 BST 2025
Holger Levsen pushed to branch master at Debian QA / jenkins.debian.net
Commits:
e312e1ac by Holger Levsen at 2025-08-21T01:06:45+02:00
rdn: add new pseudo arch amd64-pull184 to test with that codebase
Signed-off-by: Holger Levsen <holger at layer-acht.org>
- - - - -
8 changed files:
- bin/rebuilderd_manual_scheduler.sh
- bin/rebuilderd_pkgsync.sh
- hosts/osuosl5-amd64/etc/dehydrated/domains.txt
- hosts/osuosl5-amd64/etc/nginx/nginx.conf
- + hosts/osuosl5-amd64/etc/rebuilderd/rebuilderd-amd64-pull184.conf
- + hosts/osuosl5-amd64/etc/rebuilderd/rebuilderd-sync-amd64-pull184.conf
- + hosts/osuosl5-amd64/var/www/html/amd64-pull184/index.html
- update_jdn.sh
Changes:
=====================================
bin/rebuilderd_manual_scheduler.sh
=====================================
@@ -10,7 +10,7 @@ set -e
#
case $1 in
any) shift
- for arch in amd64 arm64 armel armhf i386 riscv64 ppc64el ; do
+ for arch in amd64 amd64-pull184 arm64 armel armhf i386 riscv64 ppc64el ; do
echo "Scheduling on arch:any that is $arch now:"
$0 $arch $@
done
@@ -19,6 +19,8 @@ case $1 in
;;
amd64) PORT=8484
;;
+ amd64-pull184) PORT=8494
+ ;;
arm64) PORT=8486
;;
armel) PORT=8491
=====================================
bin/rebuilderd_pkgsync.sh
=====================================
@@ -15,6 +15,8 @@ case $ARCH in
;;
amd64) PORT=8484
;;
+ amd64-pull184) PORT=8494
+ ;;
arm64) PORT=8486
;;
armel) PORT=8491
=====================================
hosts/osuosl5-amd64/etc/dehydrated/domains.txt
=====================================
@@ -1,5 +1,6 @@
reproduce.debian.net
amd64.reproduce.debian.net
+amd64-pull184.reproduce.debian.net
i386.reproduce.debian.net
arm64.reproduce.debian.net
armhf.reproduce.debian.net
=====================================
hosts/osuosl5-amd64/etc/nginx/nginx.conf
=====================================
@@ -18,6 +18,7 @@ http {
server_name all.reproduce.debian.net;
server_name reproduce.debian.net;
server_name amd64.reproduce.debian.net;
+ server_name amd64-pull184.reproduce.debian.net;
server_name i386.reproduce.debian.net;
server_name arm64.reproduce.debian.net;
server_name armel.reproduce.debian.net;
@@ -87,6 +88,20 @@ http {
alias /srv/rebuilderd/amd64/stats/ ;
disable_symlinks off;
}
+ # amd64-pull184
+ location /amd64-pull184/api/ {
+ proxy_set_header X-Real-IP $remote_addr;
+ proxy_pass http://127.0.0.1:8484/api/;
+ }
+ location = /amd64-pull184/api/v0/build/report {
+ client_max_body_size 200M;
+ proxy_set_header X-Real-IP $remote_addr;
+ proxy_pass http://127.0.0.1:8494/api/v0/build/report;
+ }
+ location /amd64-pull184/stats/ {
+ alias /srv/rebuilderd/amd64-pull184/stats/ ;
+ disable_symlinks off;
+ }
# arm64
location /arm64/api/ {
proxy_set_header X-Real-IP $remote_addr;
@@ -223,6 +238,31 @@ http {
}
}
+ server {
+ server_name amd64-pull184.reproduce.debian.net;
+ ssi on;
+ root /var/www/html;
+ listen 443 ssl;
+ listen [::]:443 ssl;
+ ssl_certificate /var/lib/dehydrated/certs/amd64-pull184.reproduce.debian.net/fullchain.pem;
+ ssl_certificate_key /var/lib/dehydrated/certs/amd64-pull184.reproduce.debian.net/privkey.pem;
+ ssl_session_cache shared:le_nginx_SSL:10m;
+ ssl_session_timeout 1440m;
+ ssl_session_tickets off;
+ ssl_protocols TLSv1.2 TLSv1.3;
+ ssl_prefer_server_ciphers off;
+ ssl_ciphers "ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-C
+ HACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384";
+ location /.well-known/acme-challenge/ {
+ alias /var/lib/dehydrated/acme-challenges/;
+ disable_symlinks off;
+ autoindex off;
+ }
+ location / {
+ return 301 https://reproduce.debian.net/amd64-pull184$request_uri;
+ }
+ }
+
server {
server_name arm64.reproduce.debian.net;
ssi on;
=====================================
hosts/osuosl5-amd64/etc/rebuilderd/rebuilderd-amd64-pull184.conf
=====================================
@@ -0,0 +1,40 @@
+## Configuration for http daemon
+[http]
+## The address to bind to. This is 127.0.0.1:8484 by default.
+bind_addr = "127.0.0.1:8494"
+## If you use a reverse proxy, use this header instead of the actual connecting ip.
+## Make sure the reverse proxy has filters in place to prevent spoofing issues.
+#real_ip_header = "X-Real-IP"
+## Set a default endpoint for rebuildctl. This is especially useful for the sync timer.
+#endpoint = "http://127.0.0.1:8484"
+
+## A random cookie for administration is generated at startup and written to /var/lib/rebuilderd/auth-cookie
+## You can set this to a fixed value here. Use `pwgen -1s 32` to generate one.
+## rebuildctl is searching for this cookie in ~/.config/rebuilderd.conf, /etc/rebuilderd.conf and
+## /var/lib/rebuilderd/auth-cookie in that order.
+#[auth]
+#cookie = "INSECURE"
+
+## The auth cookie above is only used for the default endpoint.
+## You can use different endpoints with `rebuildctl -H https://rebuilder.example.com status`,
+## In that case you need to configure a section below if you want to attach a cookie.
+#[endpoints."https://rebuilder.example.com"]
+#cookie = "INSECURE"
+
+## IMPORTANT: in production, make sure either `authorized_workers` or `signup_secret` is configured.
+[worker]
+## If we have a fixed set of workers we can allow-list the keys here.
+#authorized_workers = ["key1", "key2"]
+## If we want to spawn new workers dynamically we can configure a sign up secret below.
+## Use `pwgen -1s 32` to generate one.
+signup_secret = "INSECURE"
+
+#[schedule]
+## Configure the delay to automatically retry failed rebuilds in hours. The
+## default is 24h, this base is multiplied with the number of rebuilds, so the
+## first retry would happen after 24h, the second retry would happen 48h after the
+## first retry and the third retry would happen 72h after the second retry. There
+## is no upper limit of retries, if you can't afford frequent retries it's
+## recommended to set this to a high value like 168 (1 week) or higher.
+## Successful rebuilds are not retried.
+#retry_delay_base = 24
=====================================
hosts/osuosl5-amd64/etc/rebuilderd/rebuilderd-sync-amd64-pull184.conf
=====================================
@@ -0,0 +1,9 @@
+[profile."debian-main"]
+distro = "debian"
+suite = "main"
+architectures = ["amd64"]
+#releases = ["buster", "sid"]
+releases = ["trixie"]
+source = "http://deb.debian.org/debian"
+#excludes = ["tensorflow*"]
+#pkgs = ["anarchism"]
=====================================
hosts/osuosl5-amd64/var/www/html/amd64-pull184/index.html
=====================================
@@ -0,0 +1,220 @@
+<!DOCTYPE html>
+<html lang="en">
+ <head>
+ <meta charset="utf-8">
+ <title>
+ reproduce.debian.net/amd64 - trixie (arch:amd64)
+ </title>
+ <style>
+ body {
+ font-family: sans-serif;
+ font-size: 18pt;
+ }
+ h1 {
+ font-size: 24pt;
+ }
+ h3 {
+ font-size: 18pt;
+ }
+
+ #search-results {
+ margin: 18pt 0;
+ }
+
+ pre {
+ margin: 0;
+ }
+
+ img {
+ vertical-align: middle;
+ max-width: 1920;
+ width: 50%;
+ }
+
+ #search-results pre {
+ margin: 12pt 0;
+ }
+
+ .status {
+ font-weight: bold;
+ }
+
+ .good {
+ color: green;
+ }
+
+ .bad {
+ color: red;
+ }
+
+ .unknown {
+ color: #957fff;
+ }
+
+ footer {
+ font-size: 12pt;
+ }
+ </style>
+ <script>
+ document.addEventListener('DOMContentLoaded', function() {
+ // package search
+ function spanWith(text) {
+ let s = document.createElement('span');
+ s.textContent = text;
+ return s;
+ }
+
+ function linkTo(href, text) {
+ let a = document.createElement('a');
+ a.href = href;
+ a.textContent = text;
+ return a;
+ }
+
+ function searchPkgs(query) {
+ let div = document.getElementById('search-results');
+ let url = '/amd64/api/v0/pkgs/list?' + new URLSearchParams({
+ name: query,
+ distro: 'debian',
+ });
+ fetch(url)
+ .then(response => response.json())
+ .then(data => {
+ // clear children
+ div.innerHTML = '';
+
+ data.map(pkg => {
+ let build_id = pkg.build_id;
+ let r = document.createElement('pre');
+
+ r.appendChild(spanWith('['));
+ let status = pkg['status'];
+ let statusSpan = spanWith(status);
+ statusSpan.className += ' status';
+ if (status == 'GOOD') {
+ statusSpan.className += ' good';
+ } else if (status == 'BAD') {
+ statusSpan.className += ' bad';
+ } else {
+ statusSpan.className += ' unknown';
+ }
+ r.appendChild(statusSpan);
+ r.appendChild(spanWith(`] ${pkg['name']} ${pkg['version']}\t\t`));
+
+ if (build_id) {
+ r.appendChild(spanWith(' ['));
+ r.appendChild(linkTo(`/amd64/api/v0/builds/${build_id}/log`, 'log'));
+ r.appendChild(spanWith(']'));
+ }
+
+ if (pkg.has_attestation) {
+ r.appendChild(spanWith(' ['));
+ r.appendChild(linkTo(`/amd64/api/v0/builds/${build_id}/attestation`, 'attestation'));
+ r.appendChild(spanWith(']'));
+ }
+
+ if (pkg.has_diffoscope) {
+ r.appendChild(spanWith(' ['));
+ r.appendChild(linkTo(`/amd64/api/v0/builds/${build_id}/diffoscope`, 'diffoscope'));
+ r.appendChild(spanWith(']'));
+ }
+
+ div.appendChild(r);
+ });
+ });
+ }
+
+ if (location.hash) {
+ searchPkgs(location.hash.substr(1));
+ }
+
+ document.getElementById('search').addEventListener('submit', function(e) {
+ e.preventDefault();
+ let query = document.getElementById('search-query').value;
+ location.href = `#${query}`;
+ searchPkgs(query);
+ });
+
+ // display stats
+ function updateStats(data) {
+ let div = document.getElementById('stats');
+ // clear children
+ div.innerHTML = '';
+ // add rows
+ data.map(row => {
+ let r = document.createElement('pre');
+ let key = row[0] + ': ';
+ r.textContent = key.padEnd(25) + row[1];
+ div.appendChild(r);
+ });
+ }
+
+ function fetchStats() {
+ fetch('/amd64/api/v0/dashboard')
+ .then(response => response.json())
+ .then(data => {
+ let div = document.getElementById('stats');
+ let main = data['suites']['main'];
+
+ let good = main['good'];
+ let bad = main['bad'];
+ let unknown = main['unknown'];
+
+ let queue = data['queue_length'];
+ let workers = data['active_builds'].length;
+
+ updateStats([
+ ['reproduced', (100 / (good + bad) * good).toFixed(2) + '%'],
+ ['good', good],
+ ['bad', bad],
+ ['unknown (binary pkgs)', unknown],
+ ['build progress', (100 / (good + unknown + bad) * (good + bad)).toFixed(2) + '%'],
+ ['queue length (src pkgs)', queue],
+ ['active workers', workers],
+ ]);
+ });
+ }
+
+ setInterval(fetchStats, 60 * 1000);
+ fetchStats();
+ });
+ </script>
+ </head>
+ <body>
+ <h1>
+ <a href="https://reproduce.debian.net">reproduce</a>.debian.net/amd64
+ </h1>
+ <a href="stats/rb.png"><img src="stats/rb.png" align="right"></a>
+ <h3>
+ trixie (arch:amd64)
+ </h3>
+
+ <div id="stats">Loading stats...</div>
+
+ <div>
+ <h3>Binary package search</h3>
+ <form id="search">
+ <input type="text" id="search-query" placeholder="2ping">
+ <input type="submit" value="Search">
+ </form>
+ </div>
+ <div id="search-results">
+ </div>
+
+ <footer>
+ <br/>
+ <a href="stats/">Statistics about BAD packages</a> on amd64.
+ <br/>
+ <hr/>
+ pew pew, <a href="https://github.com/kpcyrd/rebuilderd">rebuilderd</a> using <a href="https://tracker.debian.org/pkg/devscripts">debrebuild</a> to reproduce what Debian distributes via <code><a href="https://ftp.debian.org/debian/dists/">ftp.debian.org</a></code>. ♥️
+ <br/>
+ <small>
+ <a href="https://reproduce.debian.net/">This setup</a> is in its infancy, even though by now everything is in trixie. Still, please don't consider any URLs as stable here, and more to the point, especially don't take any numbers here seriously, unless...!?!
+ <br/>Oh, and in case you are wondering why we are doing this, then hopefully the <a href="https://reproducible-builds.org">Reproducible Builds website</a> will explain why this is useful.
+ <!--#config timefmt="%Y-%m-%d" --><br/>Static content last modified: <!--#echo var="date_gmt" -->
+ </br>
+ contact: IRC preferred: #debian-reproducible on OFTC or mail to holger at d.o
+ </small>
+ </footer>
+ </body>
+</html>
=====================================
update_jdn.sh
=====================================
@@ -748,9 +748,9 @@ if [ "$HOSTNAME" = "jenkins" ] || [ "$HOSTNAME" = "ionos7-amd64" ] || [ "$HOSTNA
fi
done
fi
-# set secret for remote rebuilderd-workers
+# set secrets for rebuilderd and rebuilderd-workers
case $HOSTNAME in
- osuosl5*) for a in all amd64 arm64 armel armhf i386 ppc64el riscv64 ; do
+ osuosl5*) for a in all amd64 amd64-pull184 arm64 armel armhf i386 ppc64el riscv64 ; do
SIGNUPSECRET="$(sudo cat /etc/rebuilderd/rebuilderd-${a}.secret)"
f=rebuilderd-${a}.conf
if [ -f /etc/rebuilderd/$f ] ; then
@@ -1022,9 +1022,9 @@ case $HOSTNAME in
*ppc64el) deploy_rebuilderd_services worker 1
;;
osuosl5*)
- deploy_rebuilderd_services rebuilderd "all amd64 arm64 armel armhf i386 ppc64el riscv64"
- deploy_rebuilderd_services pkgsync "all amd64 arm64 armel armhf i386 ppc64el riscv64"
- deploy_rebuilderd_services db-backup "all amd64 arm64 armel armhf i386 ppc64el riscv64"
+ deploy_rebuilderd_services rebuilderd "all amd64 amd64-pull184 arm64 armel armhf i386 ppc64el riscv64"
+ deploy_rebuilderd_services pkgsync "all amd64 amd64-pull184 arm64 armel armhf i386 ppc64el riscv64"
+ deploy_rebuilderd_services db-backup "all amd64 amd64-pull184 arm64 armel armhf i386 ppc64el riscv64"
sudo systemctl enable --now rebuilderd-db-backup-compress.timer
;;
*) ;;
View it on GitLab: https://salsa.debian.org/qa/jenkins.debian.net/-/commit/e312e1ac201d24703dfe0d9ee64184e26f452fb6
--
View it on GitLab: https://salsa.debian.org/qa/jenkins.debian.net/-/commit/e312e1ac201d24703dfe0d9ee64184e26f452fb6
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/qa-jenkins-scm/attachments/20250820/f3f9c7a9/attachment-0001.htm>
More information about the Qa-jenkins-scm
mailing list