From 38a3f01028ce8ce5dbf99ee21b15e2231211d037 Mon Sep 17 00:00:00 2001 From: Benjosh95 Date: Wed, 30 Jul 2025 09:26:38 +0200 Subject: [PATCH 01/27] add rpm workflow --- .github/workflows/release.yaml | 8 ++++++++ .goreleaser.yaml | 3 +-- 2 files changed, 9 insertions(+), 2 deletions(-) diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index 09d8ce121..4b1c44480 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -75,9 +75,17 @@ jobs: env: GITHUB_TOKEN: ${{ secrets.CLI_RELEASE }} GPG_FINGERPRINT: ${{ steps.import_gpg.outputs.fingerprint }} + - name: Install createrepo_c + run: brew install createrepo_c - name: Publish packages to APT repo if: contains(github.ref_name, '-') == false env: GPG_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }} GPG_PRIVATE_KEY_FINGERPRINT: ${{ steps.import_gpg.outputs.fingerprint }} run: ./scripts/publish-apt-packages.sh + - name: Publish packages to RPM repo + if: contains(github.ref_name, '-') == false + env: + GPG_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }} + GPG_PRIVATE_KEY_FINGERPRINT: ${{ steps.import_gpg.outputs.fingerprint }} + run: ./scripts/publish-rpm-packages.sh diff --git a/.goreleaser.yaml b/.goreleaser.yaml index f8c772377..541860724 100644 --- a/.goreleaser.yaml +++ b/.goreleaser.yaml @@ -165,8 +165,7 @@ winget: homepage: "https://github.com/stackitcloud/stackit-cli" # If set to auto, the release will not be uploaded to the homebrew tap repo # if the tag has a prerelease indicator (e.g. v0.0.1-alpha1) - # Temporarily not skipping prereleases to test integration with Winget - # skip_upload: auto + skip_upload: auto repository: owner: stackitcloud name: winget-pkgs From c2d604b933d56865532043070522c0ac14fd792f Mon Sep 17 00:00:00 2001 From: Benjosh95 Date: Wed, 30 Jul 2025 09:28:04 +0200 Subject: [PATCH 02/27] add rpm publish script --- scripts/publish-rpm-packages.sh | 64 +++++++++++++++++++++++++++++++++ 1 file changed, 64 insertions(+) create mode 100755 scripts/publish-rpm-packages.sh diff --git a/scripts/publish-rpm-packages.sh b/scripts/publish-rpm-packages.sh new file mode 100755 index 000000000..5c7d39c04 --- /dev/null +++ b/scripts/publish-rpm-packages.sh @@ -0,0 +1,64 @@ +#!/bin/bash + +# This script is used to publish new packages to the CLI RPM repository +# Usage: ./publish-rpm-packages.sh +set -eo pipefail + +ROOT_DIR=$(git rev-parse --show-toplevel) + +PACKAGES_BUCKET_URL="https://packages.stackit.cloud" +RPM_REPO_PATH="rpm/cli" +RPM_BUCKET_NAME="distribution" +CUSTOM_KEYRING_FILE="rpm-keyring.gpg" +GORELEASER_PACKAGES_FOLDER="dist/" +TEMP_DIR=$(mktemp -d) + +# We need to disable the key database daemon (keyboxd) +# This can be done by removing "use-keyboxd" from ~/.gnupg/common.conf (see https://github.com/gpg/gnupg/blob/master/README) +echo -n >~/.gnupg/common.conf + +# Create a local mirror of the current state of the remote RPM repository +printf ">>> Creating mirror \n" +curl ${PACKAGES_BUCKET_URL}/${RPM_REPO_PATH}/repodata/repomd.xml >${TEMP_DIR}/repomd.xml || echo "No existing repository found, creating new one" + +# Create RPM repository structure +mkdir -p ${TEMP_DIR}/rpm-repo/RPMS + +# Copy existing RPMs from remote repository (if any) +printf "\n>>> Downloading existing RPMs \n" +aws s3 sync s3://${RPM_BUCKET_NAME}/${RPM_REPO_PATH}/RPMS/ ${TEMP_DIR}/rpm-repo/RPMS/ --endpoint-url https://object.storage.eu01.onstackit.cloud || echo "No existing RPMs found" + +# Copy new generated .rpm packages to the local repo +# Note: GoReleaser already signs these RPM packages with embedded signatures +printf "\n>>> Adding new packages to local repo \n" +cp ${GORELEASER_PACKAGES_FOLDER}/*.rpm ${TEMP_DIR}/rpm-repo/RPMS/ + +# Create RPM repository metadata using createrepo_c +printf "\n>>> Creating RPM repository metadata \n" +docker run --rm \ + -v "${TEMP_DIR}/rpm-repo:/repo" \ + fedora:latest \ + bash -c " + # Install createrepo_c + dnf install -y createrepo_c + + # Create repository metadata + createrepo_c /repo + " + +# Sign the repository metadata using the same GPG key as APT +if [ -n "$GPG_PRIVATE_KEY_FINGERPRINT" ] && [ -n "$GPG_PASSPHRASE" ]; then + printf "\n>>> Signing repository metadata \n" + gpg --batch --yes --pinentry-mode loopback --local-user="${GPG_PRIVATE_KEY_FINGERPRINT}" --passphrase="${GPG_PASSPHRASE}" --detach-sign --armor ${TEMP_DIR}/rpm-repo/repodata/repomd.xml +else + echo ">>> Skipping repository metadata signing (GPG environment variables not set)" +fi + +# Upload to S3 +printf "\n>>> Uploading to S3 \n" +aws s3 sync ${TEMP_DIR}/rpm-repo/ s3://${RPM_BUCKET_NAME}/${RPM_REPO_PATH}/ --endpoint-url https://object.storage.eu01.onstackit.cloud + +# Clean up +rm -rf ${TEMP_DIR} + +printf "\n>>> RPM repository published successfully to ${PACKAGES_BUCKET_URL}/${RPM_REPO_PATH} \n" \ No newline at end of file From 09ecfd4a55af5b03757801bbb9676c5831eb1bf3 Mon Sep 17 00:00:00 2001 From: Benjosh95 Date: Wed, 30 Jul 2025 18:24:17 +0200 Subject: [PATCH 03/27] fix: use Docker for createrepo_c in RPM publishing workflow --- .github/workflows/release.yaml | 7 +++++-- scripts/publish-rpm-packages.sh | 2 +- 2 files changed, 6 insertions(+), 3 deletions(-) diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index 4b1c44480..f91b81fdb 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -75,8 +75,11 @@ jobs: env: GITHUB_TOKEN: ${{ secrets.CLI_RELEASE }} GPG_FINGERPRINT: ${{ steps.import_gpg.outputs.fingerprint }} - - name: Install createrepo_c - run: brew install createrepo_c + - name: Verify Docker is available + run: | + # Docker should already be available on macOS runners + docker --version + echo "Docker is available for createrepo_c operations" - name: Publish packages to APT repo if: contains(github.ref_name, '-') == false env: diff --git a/scripts/publish-rpm-packages.sh b/scripts/publish-rpm-packages.sh index 5c7d39c04..b0e49840e 100755 --- a/scripts/publish-rpm-packages.sh +++ b/scripts/publish-rpm-packages.sh @@ -33,7 +33,7 @@ aws s3 sync s3://${RPM_BUCKET_NAME}/${RPM_REPO_PATH}/RPMS/ ${TEMP_DIR}/rpm-repo/ printf "\n>>> Adding new packages to local repo \n" cp ${GORELEASER_PACKAGES_FOLDER}/*.rpm ${TEMP_DIR}/rpm-repo/RPMS/ -# Create RPM repository metadata using createrepo_c +# Create RPM repository metadata using createrepo_c in Docker printf "\n>>> Creating RPM repository metadata \n" docker run --rm \ -v "${TEMP_DIR}/rpm-repo:/repo" \ From 26d6b3631726bd4e7031aedc28f3efcd7bedcaff Mon Sep 17 00:00:00 2001 From: Benjosh95 Date: Wed, 30 Jul 2025 18:39:02 +0200 Subject: [PATCH 04/27] add docker to release workflow --- .github/workflows/release.yaml | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index f91b81fdb..ff41f97a2 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -75,11 +75,16 @@ jobs: env: GITHUB_TOKEN: ${{ secrets.CLI_RELEASE }} GPG_FINGERPRINT: ${{ steps.import_gpg.outputs.fingerprint }} - - name: Verify Docker is available + - name: Install Docker run: | - # Docker should already be available on macOS runners + # Install Docker on macOS runner + brew install --cask docker + # Start Docker daemon + sudo /Applications/Docker.app/Contents/MacOS/Docker & + # Wait for Docker to be ready + sleep 30 docker --version - echo "Docker is available for createrepo_c operations" + echo "Docker is now available for createrepo_c operations" - name: Publish packages to APT repo if: contains(github.ref_name, '-') == false env: From 3f0d5f196d5e80df7a84b0f2255f7b4fd3e5acd8 Mon Sep 17 00:00:00 2001 From: Benjosh95 Date: Wed, 30 Jul 2025 19:20:28 +0200 Subject: [PATCH 05/27] fix: improve Docker startup on macOS runner --- .github/workflows/release.yaml | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index ff41f97a2..7c23ced77 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -79,20 +79,19 @@ jobs: run: | # Install Docker on macOS runner brew install --cask docker - # Start Docker daemon - sudo /Applications/Docker.app/Contents/MacOS/Docker & + # Start Docker Desktop + open -a Docker # Wait for Docker to be ready - sleep 30 + echo "Waiting for Docker to start..." + timeout 60 bash -c 'until docker info > /dev/null 2>&1; do sleep 2; done' docker --version echo "Docker is now available for createrepo_c operations" - name: Publish packages to APT repo - if: contains(github.ref_name, '-') == false env: GPG_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }} GPG_PRIVATE_KEY_FINGERPRINT: ${{ steps.import_gpg.outputs.fingerprint }} run: ./scripts/publish-apt-packages.sh - name: Publish packages to RPM repo - if: contains(github.ref_name, '-') == false env: GPG_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }} GPG_PRIVATE_KEY_FINGERPRINT: ${{ steps.import_gpg.outputs.fingerprint }} From c135f164b261f182c6a2d6eb2adb2f75da22286e Mon Sep 17 00:00:00 2001 From: Benjosh95 Date: Wed, 30 Jul 2025 19:45:10 +0200 Subject: [PATCH 06/27] fix: use simpler Colima setup for Docker on macOS --- .github/workflows/release.yaml | 14 ++++---------- 1 file changed, 4 insertions(+), 10 deletions(-) diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index 7c23ced77..3398468ad 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -75,17 +75,11 @@ jobs: env: GITHUB_TOKEN: ${{ secrets.CLI_RELEASE }} GPG_FINGERPRINT: ${{ steps.import_gpg.outputs.fingerprint }} - - name: Install Docker + - name: Setup docker (missing on MacOS) + if: runner.os == 'macos' run: | - # Install Docker on macOS runner - brew install --cask docker - # Start Docker Desktop - open -a Docker - # Wait for Docker to be ready - echo "Waiting for Docker to start..." - timeout 60 bash -c 'until docker info > /dev/null 2>&1; do sleep 2; done' - docker --version - echo "Docker is now available for createrepo_c operations" + brew install docker + colima start - name: Publish packages to APT repo env: GPG_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }} From 11f441e0899ad0f0ebab1236fa626c2aefeaeb6e Mon Sep 17 00:00:00 2001 From: Benjosh95 Date: Wed, 30 Jul 2025 19:59:48 +0200 Subject: [PATCH 07/27] fix: install both docker and colima --- .github/workflows/release.yaml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index 3398468ad..5aff8e293 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -78,14 +78,16 @@ jobs: - name: Setup docker (missing on MacOS) if: runner.os == 'macos' run: | - brew install docker + brew install docker colima colima start - name: Publish packages to APT repo + if: contains(github.ref_name, '-') == false env: GPG_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }} GPG_PRIVATE_KEY_FINGERPRINT: ${{ steps.import_gpg.outputs.fingerprint }} run: ./scripts/publish-apt-packages.sh - name: Publish packages to RPM repo + if: contains(github.ref_name, '-') == false env: GPG_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }} GPG_PRIVATE_KEY_FINGERPRINT: ${{ steps.import_gpg.outputs.fingerprint }} From ac73cc003f678d92e296ebd860dcee8dcd421dd6 Mon Sep 17 00:00:00 2001 From: Benjosh95 Date: Thu, 31 Jul 2025 08:56:08 +0200 Subject: [PATCH 08/27] fix: clean Colima setup for Docker on macOS --- .github/workflows/release.yaml | 15 +++++++++++---- 1 file changed, 11 insertions(+), 4 deletions(-) diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index 5aff8e293..9b9a9ba31 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -75,11 +75,18 @@ jobs: env: GITHUB_TOKEN: ${{ secrets.CLI_RELEASE }} GPG_FINGERPRINT: ${{ steps.import_gpg.outputs.fingerprint }} - - name: Setup docker (missing on MacOS) - if: runner.os == 'macos' + - name: Setup Docker with Colima run: | - brew install docker colima - colima start + # Install Docker CLI + brew install docker + # Install Colima + brew install colima + # Start Colima + colima start --cpu 2 --memory 4 --disk 20 + # Verify Docker is working + docker --version + docker info + echo "Docker is ready!" - name: Publish packages to APT repo if: contains(github.ref_name, '-') == false env: From 45de844c9453d4647f773cdecc082d604ae44b7f Mon Sep 17 00:00:00 2001 From: Benjosh95 Date: Thu, 31 Jul 2025 09:45:20 +0200 Subject: [PATCH 09/27] feat: implement clean multi-job workflow with separate macOS and Ubuntu runners --- .github/workflows/release.yaml | 72 +++++++++++++++++++++++---------- scripts/publish-rpm-packages.sh | 13 +----- 2 files changed, 52 insertions(+), 33 deletions(-) diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index 9b9a9ba31..9b3da4c5b 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -17,13 +17,12 @@ permissions: jobs: goreleaser: - name: Release + name: Build and Release runs-on: macOS-latest + outputs: + gpg_fingerprint: ${{ steps.import_gpg.outputs.fingerprint }} env: SNAPCRAFT_STORE_CREDENTIALS: ${{ secrets.SNAPCRAFT_TOKEN }} - # Needed to publish new packages to our S3-hosted APT repo - AWS_ACCESS_KEY_ID: ${{ secrets.OBJECT_STORAGE_ACCESS_KEY_ID }} - AWS_SECRET_ACCESS_KEY: ${{ secrets.OBJECT_STORAGE_SECRET_ACCESS_KEY }} steps: - name: Checkout uses: actions/checkout@v4 @@ -61,11 +60,6 @@ jobs: APPLE_KEY_ID: ${{ secrets.APPLE_KEY_ID }} SIGNING_CERTIFICATE_BASE64: ${{ secrets.APPLICATION_ID_CERT }} AUTHKEY_BASE64: ${{ secrets.APPLE_API_KEY }} - # aptly version 1.6.0 results in an segmentation fault. Therefore we fall back to version 1.5.0. - # Since it is not possible to specify a version via brew command a formula was added for aptly 1.5.0 - # (source: https://github.com/Homebrew/homebrew-core/pull/202415/files) - - name: Install Aptly version 1.5.0 - run: brew install aptly.rb - name: Install Snapcraft uses: samuelmeuli/action-snapcraft@v3 - name: Run GoReleaser @@ -75,26 +69,60 @@ jobs: env: GITHUB_TOKEN: ${{ secrets.CLI_RELEASE }} GPG_FINGERPRINT: ${{ steps.import_gpg.outputs.fingerprint }} - - name: Setup Docker with Colima + - name: Upload dist artifacts + uses: actions/upload-artifact@v4 + with: + name: dist + path: dist/ + retention-days: 1 + + publish-packages: + name: Publish Packages + runs-on: ubuntu-latest + needs: goreleaser + if: contains(github.ref_name, '-') == false + env: + AWS_ACCESS_KEY_ID: ${{ secrets.OBJECT_STORAGE_ACCESS_KEY_ID }} + AWS_SECRET_ACCESS_KEY: ${{ secrets.OBJECT_STORAGE_SECRET_ACCESS_KEY }} + GPG_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }} + GPG_PRIVATE_KEY_FINGERPRINT: ${{ needs.goreleaser.outputs.gpg_fingerprint }} + steps: + - name: Checkout + uses: actions/checkout@v4 + with: + fetch-depth: 0 + - name: Import GPG key + uses: crazy-max/ghaction-import-gpg@v6 + id: import_gpg + with: + gpg_private_key: ${{ secrets.GPG_PRIVATE_KEY }} + passphrase: ${{ secrets.GPG_PASSPHRASE }} + # aptly version 1.6.0 results in an segmentation fault. Therefore we fall back to version 1.5.0. + # Since it is not possible to specify a version via brew command a formula was added for aptly 1.5.0 + # (source: https://github.com/Homebrew/homebrew-core/pull/202415/files) + - name: Install Aptly version 1.5.0 + run: | + # Install aptly on Ubuntu + wget -O - https://www.aptly.info/pubkey.txt | apt-key add - + echo "deb https://repo.aptly.info/ squeeze main" | tee -a /etc/apt/sources.list.d/aptly.list + apt-get update + apt-get install -y aptly + - name: Install createrepo_c run: | - # Install Docker CLI - brew install docker - # Install Colima - brew install colima - # Start Colima - colima start --cpu 2 --memory 4 --disk 20 - # Verify Docker is working - docker --version - docker info - echo "Docker is ready!" + # Install createrepo_c on Ubuntu + sudo apt-get update + sudo apt-get install -y createrepo-c + - name: Download dist artifacts + uses: actions/download-artifact@v4 + with: + name: dist + path: dist/ - name: Publish packages to APT repo - if: contains(github.ref_name, '-') == false env: GPG_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }} GPG_PRIVATE_KEY_FINGERPRINT: ${{ steps.import_gpg.outputs.fingerprint }} run: ./scripts/publish-apt-packages.sh - name: Publish packages to RPM repo - if: contains(github.ref_name, '-') == false env: GPG_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }} GPG_PRIVATE_KEY_FINGERPRINT: ${{ steps.import_gpg.outputs.fingerprint }} diff --git a/scripts/publish-rpm-packages.sh b/scripts/publish-rpm-packages.sh index b0e49840e..a4f085a40 100755 --- a/scripts/publish-rpm-packages.sh +++ b/scripts/publish-rpm-packages.sh @@ -33,18 +33,9 @@ aws s3 sync s3://${RPM_BUCKET_NAME}/${RPM_REPO_PATH}/RPMS/ ${TEMP_DIR}/rpm-repo/ printf "\n>>> Adding new packages to local repo \n" cp ${GORELEASER_PACKAGES_FOLDER}/*.rpm ${TEMP_DIR}/rpm-repo/RPMS/ -# Create RPM repository metadata using createrepo_c in Docker +# Create RPM repository metadata using createrepo_c printf "\n>>> Creating RPM repository metadata \n" -docker run --rm \ - -v "${TEMP_DIR}/rpm-repo:/repo" \ - fedora:latest \ - bash -c " - # Install createrepo_c - dnf install -y createrepo_c - - # Create repository metadata - createrepo_c /repo - " +createrepo_c ${TEMP_DIR}/rpm-repo # Sign the repository metadata using the same GPG key as APT if [ -n "$GPG_PRIVATE_KEY_FINGERPRINT" ] && [ -n "$GPG_PASSPHRASE" ]; then From 30f730405324abb89ab0309a417df94f898c12f6 Mon Sep 17 00:00:00 2001 From: Benjosh95 Date: Thu, 31 Jul 2025 09:56:27 +0200 Subject: [PATCH 10/27] fix: add sudo to aptly installation commands --- .github/workflows/release.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index 9b3da4c5b..df7720eed 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -103,10 +103,10 @@ jobs: - name: Install Aptly version 1.5.0 run: | # Install aptly on Ubuntu - wget -O - https://www.aptly.info/pubkey.txt | apt-key add - - echo "deb https://repo.aptly.info/ squeeze main" | tee -a /etc/apt/sources.list.d/aptly.list - apt-get update - apt-get install -y aptly + wget -O - https://www.aptly.info/pubkey.txt | sudo apt-key add - + echo "deb https://repo.aptly.info/ squeeze main" | sudo tee -a /etc/apt/sources.list.d/aptly.list + sudo apt-get update + sudo apt-get install -y aptly - name: Install createrepo_c run: | # Install createrepo_c on Ubuntu From 8e28cda66dc9de1168d98a767d9fda04e685c434 Mon Sep 17 00:00:00 2001 From: Benjosh95 Date: Fri, 1 Aug 2025 09:27:47 +0200 Subject: [PATCH 11/27] add: stripped down release n publish of rpm --- .github/workflows/rpm-test.yml | 44 +++++++++++++++++++++++++++++++++ goreleaser.rpm.yaml | 45 ++++++++++++++++++++++++++++++++++ publish-rpm-repo.sh | 38 ++++++++++++++++++++++++++++ release-rpm.sh | 15 ++++++++++++ 4 files changed, 142 insertions(+) create mode 100644 .github/workflows/rpm-test.yml create mode 100644 goreleaser.rpm.yaml create mode 100644 publish-rpm-repo.sh create mode 100644 release-rpm.sh diff --git a/.github/workflows/rpm-test.yml b/.github/workflows/rpm-test.yml new file mode 100644 index 000000000..26f61a4cf --- /dev/null +++ b/.github/workflows/rpm-test.yml @@ -0,0 +1,44 @@ +name: RPM Test + +on: + push: + branches: + - testrpmworkflow + workflow_dispatch: + +jobs: + rpm-release: + runs-on: ubuntu-latest + env: + GPG_PRIVATE_KEY: ${{ secrets.GPG_PRIVATE_KEY }} + GPG_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }} + GPG_PRIVATE_KEY_FINGERPRINT: ${{ secrets.GPG_FINGERPRINT }} + AWS_ACCESS_KEY_ID: ${{ secrets.OBJECT_STORAGE_ACCESS_KEY_ID }} + AWS_SECRET_ACCESS_KEY: ${{ secrets.OBJECT_STORAGE_SECRET_ACCESS_KEY }} + steps: + - name: Checkout + uses: actions/checkout@v4 + + - name: Set up Go + uses: actions/setup-go@v5 + with: + go-version-file: "go.mod" + cache: true + + - name: Import GPG key + uses: crazy-max/ghaction-import-gpg@v6 + with: + gpg_private_key: ${{ secrets.GPG_PRIVATE_KEY }} + passphrase: ${{ secrets.GPG_PASSPHRASE }} + + - name: Build RPMs + run: ./release-rpm.sh + + - name: Install createrepo_c + run: sudo apt-get update && sudo apt-get install -y createrepo-c + + - name: Install AWS CLI + run: sudo apt-get install -y awscli + + - name: Publish RPM repo + run: ./publish-rpm-repo.sh \ No newline at end of file diff --git a/goreleaser.rpm.yaml b/goreleaser.rpm.yaml new file mode 100644 index 000000000..b50ca5961 --- /dev/null +++ b/goreleaser.rpm.yaml @@ -0,0 +1,45 @@ +version: 2 + +before: + hooks: + - go mod tidy + +builds: + - id: linux-builds + env: + - CGO_ENABLED=0 + goos: + - linux + goarch: + - amd64 + - arm64 + binary: "stackit" + main: ./cmd/stackit + ldflags: + - -s -w + - -X github.com/stackitcloud/stackit-cli/internal/cmd.Version={{.Version}} + - -X github.com/stackitcloud/stackit-cli/internal/cmd.Commit={{.Commit}} + - -X github.com/stackitcloud/stackit-cli/internal/cmd.Date={{.Date}} + +archives: [] # No archives, just RPMs + +nfpms: + - id: linux-packages + ids: + - linux-builds + package_name: stackit + vendor: STACKIT + homepage: https://github.com/stackitcloud/stackit-cli + maintainer: STACKIT Developer Tools Team + description: A command-line interface to manage STACKIT resources. + license: Apache 2.0 + formats: + - rpm + rpm: + signature: + enabled: true + key_file: "{{ .Env.GPG_PRIVATE_KEY }}" + passphrase: "{{ .Env.GPG_PASSPHRASE }}" + contents: + - src: LICENSE.md + dst: LICENSE.md \ No newline at end of file diff --git a/publish-rpm-repo.sh b/publish-rpm-repo.sh new file mode 100644 index 000000000..c5d82010a --- /dev/null +++ b/publish-rpm-repo.sh @@ -0,0 +1,38 @@ +#!/bin/bash + +set -euo pipefail + +RPM_OUTPUT_DIR="dist" +TEMP_DIR=$(mktemp -d) +GPG_PRIVATE_KEY_FINGERPRINT="${GPG_PRIVATE_KEY_FINGERPRINT:?Set GPG_PRIVATE_KEY_FINGERPRINT}" +GPG_PASSPHRASE="${GPG_PASSPHRASE:?Set GPG_PASSPHRASE}" +AWS_ACCESS_KEY_ID="${AWS_ACCESS_KEY_ID:?Set AWS_ACCESS_KEY_ID}" +AWS_SECRET_ACCESS_KEY="${AWS_SECRET_ACCESS_KEY:?Set AWS_SECRET_ACCESS_KEY}" + +# Test environment S3 bucket +S3_BUCKET="distribution-test" +S3_ENDPOINT="https://object.storage.eu01.onstackit.cloud" +RPM_REPO_PATH="rpm/cli" + +echo ">>> Preparing RPM repository structure..." +mkdir -p "$TEMP_DIR/rpm-repo/RPMS" + +echo ">>> Copying built RPMs..." +cp "$RPM_OUTPUT_DIR"/*.rpm "$TEMP_DIR/rpm-repo/RPMS/" + +echo ">>> Creating RPM repository metadata..." +createrepo_c "$TEMP_DIR/rpm-repo" + +echo ">>> Signing repository metadata..." +gpg --batch --yes --pinentry-mode loopback \ + --local-user="$GPG_PRIVATE_KEY_FINGERPRINT" \ + --passphrase="$GPG_PASSPHRASE" \ + --detach-sign --armor "$TEMP_DIR/rpm-repo/repodata/repomd.xml" + +echo ">>> Uploading to test bucket..." +aws s3 sync "$TEMP_DIR/rpm-repo/" "s3://$S3_BUCKET/$RPM_REPO_PATH/" \ + --endpoint-url "$S3_ENDPOINT" \ + --delete + +rm -rf "$TEMP_DIR" +echo ">>> RPM repo published to test bucket: $S3_BUCKET/$RPM_REPO_PATH" \ No newline at end of file diff --git a/release-rpm.sh b/release-rpm.sh new file mode 100644 index 000000000..f6d095040 --- /dev/null +++ b/release-rpm.sh @@ -0,0 +1,15 @@ +#!/bin/bash + +set -euo pipefail + +: "${GPG_PRIVATE_KEY:?GPG_PRIVATE_KEY must be set}" +: "${GPG_PASSPHRASE:?GPG_PASSPHRASE must be set}" + +export GPG_PRIVATE_KEY +export GPG_PASSPHRASE + +gpg --batch --import <<< "$GPG_PRIVATE_KEY" + +goreleaser release --clean --config goreleaser.rpm.yaml --skip-publish --skip-validate + +echo "RPM build complete. Find RPMs in ./dist/" \ No newline at end of file From 8329c51a4ac41c78e11e6b18be20a42575488711 Mon Sep 17 00:00:00 2001 From: Benjosh95 Date: Fri, 1 Aug 2025 09:31:47 +0200 Subject: [PATCH 12/27] fix: executable --- publish-rpm-repo.sh | 0 release-rpm.sh | 0 2 files changed, 0 insertions(+), 0 deletions(-) mode change 100644 => 100755 publish-rpm-repo.sh mode change 100644 => 100755 release-rpm.sh diff --git a/publish-rpm-repo.sh b/publish-rpm-repo.sh old mode 100644 new mode 100755 diff --git a/release-rpm.sh b/release-rpm.sh old mode 100644 new mode 100755 From d51553397e8d0b1009b4ab819a01886f2d22e3e8 Mon Sep 17 00:00:00 2001 From: Benjosh95 Date: Fri, 1 Aug 2025 09:33:34 +0200 Subject: [PATCH 13/27] add goreleaser --- .github/workflows/rpm-test.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.github/workflows/rpm-test.yml b/.github/workflows/rpm-test.yml index 26f61a4cf..df5756252 100644 --- a/.github/workflows/rpm-test.yml +++ b/.github/workflows/rpm-test.yml @@ -25,6 +25,9 @@ jobs: go-version-file: "go.mod" cache: true + - name: Install GoReleaser + run: go install github.com/goreleaser/goreleaser/v2@latest + - name: Import GPG key uses: crazy-max/ghaction-import-gpg@v6 with: From 10a1811c18ddea1a8471b53deb64652b1d81b9f4 Mon Sep 17 00:00:00 2001 From: Benjosh95 Date: Fri, 1 Aug 2025 09:38:17 +0200 Subject: [PATCH 14/27] fix: change skip-publish to snapshot --- release-rpm.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/release-rpm.sh b/release-rpm.sh index f6d095040..ff3cf71d5 100755 --- a/release-rpm.sh +++ b/release-rpm.sh @@ -10,6 +10,6 @@ export GPG_PASSPHRASE gpg --batch --import <<< "$GPG_PRIVATE_KEY" -goreleaser release --clean --config goreleaser.rpm.yaml --skip-publish --skip-validate +goreleaser release --clean --config goreleaser.rpm.yaml --snapshot echo "RPM build complete. Find RPMs in ./dist/" \ No newline at end of file From f889c764be7bbdcf03ef24634991f353efc31c89 Mon Sep 17 00:00:00 2001 From: Benjosh95 Date: Fri, 1 Aug 2025 09:49:07 +0200 Subject: [PATCH 15/27] change embedded signing --- .github/workflows/rpm-test.yml | 2 ++ goreleaser.rpm.yaml | 2 -- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/rpm-test.yml b/.github/workflows/rpm-test.yml index df5756252..5df4690d1 100644 --- a/.github/workflows/rpm-test.yml +++ b/.github/workflows/rpm-test.yml @@ -35,6 +35,8 @@ jobs: passphrase: ${{ secrets.GPG_PASSPHRASE }} - name: Build RPMs + env: + GPG_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }} # TODO: duplicated? run: ./release-rpm.sh - name: Install createrepo_c diff --git a/goreleaser.rpm.yaml b/goreleaser.rpm.yaml index b50ca5961..1f25ad4b3 100644 --- a/goreleaser.rpm.yaml +++ b/goreleaser.rpm.yaml @@ -37,9 +37,7 @@ nfpms: - rpm rpm: signature: - enabled: true key_file: "{{ .Env.GPG_PRIVATE_KEY }}" - passphrase: "{{ .Env.GPG_PASSPHRASE }}" contents: - src: LICENSE.md dst: LICENSE.md \ No newline at end of file From d57a1eb67a100555ebfde011ad0824c0ca2b5d68 Mon Sep 17 00:00:00 2001 From: Benjosh95 Date: Fri, 1 Aug 2025 09:52:13 +0200 Subject: [PATCH 16/27] fix main path --- goreleaser.rpm.yaml | 1 - 1 file changed, 1 deletion(-) diff --git a/goreleaser.rpm.yaml b/goreleaser.rpm.yaml index 1f25ad4b3..ae7b341dd 100644 --- a/goreleaser.rpm.yaml +++ b/goreleaser.rpm.yaml @@ -14,7 +14,6 @@ builds: - amd64 - arm64 binary: "stackit" - main: ./cmd/stackit ldflags: - -s -w - -X github.com/stackitcloud/stackit-cli/internal/cmd.Version={{.Version}} From f28a60cafdebee3a922ff9677ebc0b99a5d800fc Mon Sep 17 00:00:00 2001 From: Benjosh95 Date: Fri, 1 Aug 2025 09:57:35 +0200 Subject: [PATCH 17/27] fix gpg key path instead of content --- release-rpm.sh | 15 ++++++++++++--- 1 file changed, 12 insertions(+), 3 deletions(-) diff --git a/release-rpm.sh b/release-rpm.sh index ff3cf71d5..57a3b7be9 100755 --- a/release-rpm.sh +++ b/release-rpm.sh @@ -5,11 +5,20 @@ set -euo pipefail : "${GPG_PRIVATE_KEY:?GPG_PRIVATE_KEY must be set}" : "${GPG_PASSPHRASE:?GPG_PASSPHRASE must be set}" -export GPG_PRIVATE_KEY -export GPG_PASSPHRASE +# Create temporary GPG key file +TEMP_KEY_FILE=$(mktemp) +echo "$GPG_PRIVATE_KEY" > "$TEMP_KEY_FILE" + +# Import key into GPG keyring +gpg --batch --import "$TEMP_KEY_FILE" -gpg --batch --import <<< "$GPG_PRIVATE_KEY" +# Set environment variable for GoReleaser to use the key file path +export GPG_PRIVATE_KEY="$TEMP_KEY_FILE" +export GPG_PASSPHRASE goreleaser release --clean --config goreleaser.rpm.yaml --snapshot +# Clean up +rm -f "$TEMP_KEY_FILE" + echo "RPM build complete. Find RPMs in ./dist/" \ No newline at end of file From 75bd37bfdd18a2431b1b588c45b2549aaa27b6c7 Mon Sep 17 00:00:00 2001 From: Benjosh95 Date: Tue, 5 Aug 2025 06:54:35 +0200 Subject: [PATCH 18/27] import key with passphrase --- release-rpm.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/release-rpm.sh b/release-rpm.sh index 57a3b7be9..c880da983 100755 --- a/release-rpm.sh +++ b/release-rpm.sh @@ -9,8 +9,8 @@ set -euo pipefail TEMP_KEY_FILE=$(mktemp) echo "$GPG_PRIVATE_KEY" > "$TEMP_KEY_FILE" -# Import key into GPG keyring -gpg --batch --import "$TEMP_KEY_FILE" +# Import key into GPG keyring with passphrase +echo "$GPG_PASSPHRASE" | gpg --batch --yes --passphrase-fd 0 --import "$TEMP_KEY_FILE" # Set environment variable for GoReleaser to use the key file path export GPG_PRIVATE_KEY="$TEMP_KEY_FILE" From ff6100002b9e3ff9feb05f844fb6565a32bfee50 Mon Sep 17 00:00:00 2001 From: Benjosh95 Date: Tue, 5 Aug 2025 07:09:49 +0200 Subject: [PATCH 19/27] provide passphrase with nfpm env --- release-rpm.sh | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/release-rpm.sh b/release-rpm.sh index c880da983..4d2bd43ed 100755 --- a/release-rpm.sh +++ b/release-rpm.sh @@ -9,12 +9,12 @@ set -euo pipefail TEMP_KEY_FILE=$(mktemp) echo "$GPG_PRIVATE_KEY" > "$TEMP_KEY_FILE" -# Import key into GPG keyring with passphrase -echo "$GPG_PASSPHRASE" | gpg --batch --yes --passphrase-fd 0 --import "$TEMP_KEY_FILE" +# Import key into GPG keyring +gpg --batch --import "$TEMP_KEY_FILE" -# Set environment variable for GoReleaser to use the key file path +# Set environment variables for GoReleaser export GPG_PRIVATE_KEY="$TEMP_KEY_FILE" -export GPG_PASSPHRASE +export NFPM_LINUX_PACKAGES_RPM_PASSPHRASE="$GPG_PASSPHRASE" goreleaser release --clean --config goreleaser.rpm.yaml --snapshot From 6a65f286b058df028d93fa89f63b90ee98a2c453 Mon Sep 17 00:00:00 2001 From: Benjosh95 Date: Tue, 5 Aug 2025 07:37:59 +0200 Subject: [PATCH 20/27] provide nfpms envs --- .github/workflows/rpm-test.yml | 3 ++- goreleaser.rpm.yaml | 2 +- release-rpm.sh | 5 +---- 3 files changed, 4 insertions(+), 6 deletions(-) diff --git a/.github/workflows/rpm-test.yml b/.github/workflows/rpm-test.yml index 5df4690d1..b567861c7 100644 --- a/.github/workflows/rpm-test.yml +++ b/.github/workflows/rpm-test.yml @@ -36,7 +36,8 @@ jobs: - name: Build RPMs env: - GPG_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }} # TODO: duplicated? + GPG_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }} + NFPM_LINUX_PACKAGES_RPM_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }} run: ./release-rpm.sh - name: Install createrepo_c diff --git a/goreleaser.rpm.yaml b/goreleaser.rpm.yaml index ae7b341dd..9e1ca289a 100644 --- a/goreleaser.rpm.yaml +++ b/goreleaser.rpm.yaml @@ -36,7 +36,7 @@ nfpms: - rpm rpm: signature: - key_file: "{{ .Env.GPG_PRIVATE_KEY }}" + key_file: "{{ .Env.GPG_KEY_PATH }}" contents: - src: LICENSE.md dst: LICENSE.md \ No newline at end of file diff --git a/release-rpm.sh b/release-rpm.sh index 4d2bd43ed..1dc15ec8e 100755 --- a/release-rpm.sh +++ b/release-rpm.sh @@ -2,9 +2,6 @@ set -euo pipefail -: "${GPG_PRIVATE_KEY:?GPG_PRIVATE_KEY must be set}" -: "${GPG_PASSPHRASE:?GPG_PASSPHRASE must be set}" - # Create temporary GPG key file TEMP_KEY_FILE=$(mktemp) echo "$GPG_PRIVATE_KEY" > "$TEMP_KEY_FILE" @@ -13,7 +10,7 @@ echo "$GPG_PRIVATE_KEY" > "$TEMP_KEY_FILE" gpg --batch --import "$TEMP_KEY_FILE" # Set environment variables for GoReleaser -export GPG_PRIVATE_KEY="$TEMP_KEY_FILE" +export GPG_KEY_PATH="$TEMP_KEY_FILE" export NFPM_LINUX_PACKAGES_RPM_PASSPHRASE="$GPG_PASSPHRASE" goreleaser release --clean --config goreleaser.rpm.yaml --snapshot From d83516d96abd6d22c2cb8b42c4658408126975a5 Mon Sep 17 00:00:00 2001 From: Benjosh95 Date: Tue, 5 Aug 2025 07:42:17 +0200 Subject: [PATCH 21/27] change package id test --- goreleaser.rpm.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/goreleaser.rpm.yaml b/goreleaser.rpm.yaml index 9e1ca289a..b48ee5cf4 100644 --- a/goreleaser.rpm.yaml +++ b/goreleaser.rpm.yaml @@ -23,7 +23,7 @@ builds: archives: [] # No archives, just RPMs nfpms: - - id: linux-packages + - id: linux_packages ids: - linux-builds package_name: stackit From e8a0323873278aea3a4af66b99abdec7d5a0f6fc Mon Sep 17 00:00:00 2001 From: Benjosh95 Date: Tue, 5 Aug 2025 07:52:42 +0200 Subject: [PATCH 22/27] adjust aws cli install --- .github/workflows/rpm-test.yml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/.github/workflows/rpm-test.yml b/.github/workflows/rpm-test.yml index b567861c7..d30d8712b 100644 --- a/.github/workflows/rpm-test.yml +++ b/.github/workflows/rpm-test.yml @@ -44,7 +44,9 @@ jobs: run: sudo apt-get update && sudo apt-get install -y createrepo-c - name: Install AWS CLI - run: sudo apt-get install -y awscli + uses: unfor19/install-aws-cli-action@v1 + with: + version: 2 - name: Publish RPM repo run: ./publish-rpm-repo.sh \ No newline at end of file From 84eb11f994f92b1450b13aa4c1fb02abce04c7bf Mon Sep 17 00:00:00 2001 From: Benjosh95 Date: Tue, 5 Aug 2025 07:59:22 +0200 Subject: [PATCH 23/27] moving envs and keys --- .github/workflows/rpm-test.yml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/.github/workflows/rpm-test.yml b/.github/workflows/rpm-test.yml index d30d8712b..6e01adca6 100644 --- a/.github/workflows/rpm-test.yml +++ b/.github/workflows/rpm-test.yml @@ -12,7 +12,6 @@ jobs: env: GPG_PRIVATE_KEY: ${{ secrets.GPG_PRIVATE_KEY }} GPG_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }} - GPG_PRIVATE_KEY_FINGERPRINT: ${{ secrets.GPG_FINGERPRINT }} AWS_ACCESS_KEY_ID: ${{ secrets.OBJECT_STORAGE_ACCESS_KEY_ID }} AWS_SECRET_ACCESS_KEY: ${{ secrets.OBJECT_STORAGE_SECRET_ACCESS_KEY }} steps: @@ -30,6 +29,7 @@ jobs: - name: Import GPG key uses: crazy-max/ghaction-import-gpg@v6 + id: import_gpg with: gpg_private_key: ${{ secrets.GPG_PRIVATE_KEY }} passphrase: ${{ secrets.GPG_PASSPHRASE }} @@ -49,4 +49,6 @@ jobs: version: 2 - name: Publish RPM repo + env: + GPG_PRIVATE_KEY_FINGERPRINT: ${{ steps.import_gpg.outputs.fingerprint }} run: ./publish-rpm-repo.sh \ No newline at end of file From 22edfa0a7c3a9371c61c0a580ee0d882bd972fa7 Mon Sep 17 00:00:00 2001 From: Benjosh95 Date: Tue, 5 Aug 2025 08:05:11 +0200 Subject: [PATCH 24/27] aws cli test --- .github/workflows/rpm-test.yml | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/.github/workflows/rpm-test.yml b/.github/workflows/rpm-test.yml index 6e01adca6..71b05378f 100644 --- a/.github/workflows/rpm-test.yml +++ b/.github/workflows/rpm-test.yml @@ -48,6 +48,12 @@ jobs: with: version: 2 + - name: Test AWS credentials + run: | + echo "Testing AWS credentials..." + aws s3 ls s3://distribution-test/ --endpoint-url https://object.storage.eu01.onstackit.cloud + echo "✅ AWS credentials work!" + - name: Publish RPM repo env: GPG_PRIVATE_KEY_FINGERPRINT: ${{ steps.import_gpg.outputs.fingerprint }} From 356efd8b86054282632a7239c0640058ae3e7c46 Mon Sep 17 00:00:00 2001 From: Benjosh95 Date: Tue, 5 Aug 2025 08:18:42 +0200 Subject: [PATCH 25/27] test-env object-storage credentials --- .github/workflows/rpm-test.yml | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/.github/workflows/rpm-test.yml b/.github/workflows/rpm-test.yml index 71b05378f..a9b295524 100644 --- a/.github/workflows/rpm-test.yml +++ b/.github/workflows/rpm-test.yml @@ -12,8 +12,9 @@ jobs: env: GPG_PRIVATE_KEY: ${{ secrets.GPG_PRIVATE_KEY }} GPG_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }} - AWS_ACCESS_KEY_ID: ${{ secrets.OBJECT_STORAGE_ACCESS_KEY_ID }} - AWS_SECRET_ACCESS_KEY: ${{ secrets.OBJECT_STORAGE_SECRET_ACCESS_KEY }} + # Use test credentials - replace with your actual test bucket credentials + AWS_ACCESS_KEY_ID: ${{ secrets.TEST_OBJECT_STORAGE_ACCESS_KEY_ID }} + AWS_SECRET_ACCESS_KEY: ${{ secrets.TEST_OBJECT_STORAGE_SECRET_ACCESS_KEY }} steps: - name: Checkout uses: actions/checkout@v4 @@ -50,7 +51,7 @@ jobs: - name: Test AWS credentials run: | - echo "Testing AWS credentials..." + echo "Testing AWS credentials with test bucket..." aws s3 ls s3://distribution-test/ --endpoint-url https://object.storage.eu01.onstackit.cloud echo "✅ AWS credentials work!" From eb4185631e98e0766ddca37bbbe7230c4a9388e2 Mon Sep 17 00:00:00 2001 From: Benjosh95 Date: Thu, 7 Aug 2025 08:20:09 +0200 Subject: [PATCH 26/27] add scripts for testing different distros and update install guide --- INSTALLATION.md | 103 +++++++++++++++++++++++--- scripts/test-almalinux9.sh | 117 +++++++++++++++++++++++++++++ scripts/test-fedora.sh | 117 +++++++++++++++++++++++++++++ scripts/test-opensuse-test-env.sh | 118 ++++++++++++++++++++++++++++++ scripts/test-rhel9.sh | 117 +++++++++++++++++++++++++++++ scripts/test-rocky9.sh | 117 +++++++++++++++++++++++++++++ 6 files changed, 680 insertions(+), 9 deletions(-) create mode 100755 scripts/test-almalinux9.sh create mode 100755 scripts/test-fedora.sh create mode 100755 scripts/test-opensuse-test-env.sh create mode 100755 scripts/test-rhel9.sh create mode 100755 scripts/test-rocky9.sh diff --git a/INSTALLATION.md b/INSTALLATION.md index 965ceddf9..89fd094cb 100644 --- a/INSTALLATION.md +++ b/INSTALLATION.md @@ -130,23 +130,108 @@ asset_filters=["stackit-cli_", "_linux_amd64.tar.gz"] eget stackitcloud/stackit-cli ``` -#### RPM package via dnf, yum and zypper +#### RedHat/Fedora (`dnf`) -The STACKIT CLI is available as [RPM Package](https://github.com/stackitcloud/stackit-cli/releases) and can be installed via dnf, yum and zypper package manager. +The STACKIT CLI can be installed through the `dnf` package manager on modern RedHat-based distributions. -Just download the rpm package from the [release page](https://github.com/stackitcloud/stackit-cli/releases) and run the install command like the following: +**Supported distributions:** +- RHEL 9+ +- Fedora 35+ +- AlmaLinux 9+ +- Rocky Linux 9+ + +> **Note:** RHEL 8 and older derivatives are not supported due to GPG signature compatibility. + +##### Before you begin + +To install the STACKIT CLI package, you will need to have the `curl` and `gnupg` packages installed: + +```shell +sudo dnf install curl gnupg +``` + +##### Installing + +1. Import the STACKIT public key: + +```shell +curl https://packages.stackit.cloud/keys/key.gpg | sudo gpg --dearmor -o /etc/pki/rpm-gpg/RPM-GPG-KEY-stackit +``` + +2. Add the STACKIT CLI package repository: + +```shell +sudo tee /etc/yum.repos.d/stackit.repo << EOF +[stackit] +name=STACKIT CLI Repository +baseurl=https://packages.stackit.cloud/rpm/cli/ +enabled=1 +gpgcheck=1 +repo_gpgcheck=1 +gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-stackit +EOF +``` + +3. Update repository information and install the `stackit` package: + +```shell +sudo dnf update +sudo dnf install stackit +``` + +#### OpenSUSE (`zypper`) + +The STACKIT CLI can be installed through the `zypper` package manager. + +**Supported distributions:** +- OpenSUSE Leap 15.4+ +- OpenSUSE Tumbleweed + +##### Before you begin + +To install the STACKIT CLI package, you will need to have the `curl` and `gnupg` packages installed: + +```shell +sudo zypper install curl gnupg +``` + +##### Installing + +1. Import the STACKIT public key: + +```shell +curl https://packages.stackit.cloud/keys/key.gpg | sudo gpg --dearmor -o /etc/pki/rpm-gpg/RPM-GPG-KEY-stackit +``` + +2. Add the STACKIT CLI package repository: + +```shell +sudo zypper addrepo -g -f https://packages.stackit.cloud/rpm/cli/ stackit +sudo zypper --gpg-auto-import-keys refresh +``` + +3. Install the `stackit` package: ```shell -dnf install stackitcli.rpm -yum install stackitcli.rpm -zypper install stackitcli.rpm +sudo zypper install stackit +``` + +#### Manual RPM Installation + +Alternatively, you can download the RPM package from the [release page](https://github.com/stackitcloud/stackit-cli/releases) and install it manually: + +```shell +# Download and install directly +sudo dnf install https://github.com/stackitcloud/stackit-cli/releases/latest/download/stackit_*_linux_amd64.rpm + +# Or download first, then install +wget https://github.com/stackitcloud/stackit-cli/releases/latest/download/stackit_*_linux_amd64.rpm +sudo dnf install stackit_*_linux_amd64.rpm ``` -#### Any distribution +> **Note:** Manual RPM installation requires a modern distribution (RHEL 9+, Fedora 35+, AlmaLinux 9+, Rocky Linux 9+) for GPG signature verification. -Alternatively, you can install via [Homebrew](https://brew.sh/) or refer to one of the installation methods below. -> We are currently working on distributing the CLI on more package managers for Linux. ### Windows diff --git a/scripts/test-almalinux9.sh b/scripts/test-almalinux9.sh new file mode 100755 index 000000000..f31037e2d --- /dev/null +++ b/scripts/test-almalinux9.sh @@ -0,0 +1,117 @@ +#!/bin/bash + +# Test script for AlmaLinux 9 RPM repository +# Uses test bucket for RPMs, production bucket for GPG key + +set -e + +echo "==========================================" +echo "STACKIT CLI AlmaLinux 9 RPM Test" +echo "==========================================" + +# Configuration +CONTAINER_NAME="stackit-almalinux9-test" +IMAGE="almalinux:9" + +# Test environment S3 bucket (for RPMs) +TEST_S3_BUCKET="distribution-test" +TEST_S3_ENDPOINT="object.storage.eu01.onstackit.cloud" +TEST_RPM_REPO_PATH="rpm/cli" + +# Production S3 bucket (for GPG key) +PROD_S3_BUCKET="distribution" +PROD_S3_ENDPOINT="object.storage.eu01.onstackit.cloud" +PROD_GPG_KEY_PATH="keys/key.gpg" + +echo "Step 1: Starting AlmaLinux 9 container..." +docker run -d --name $CONTAINER_NAME $IMAGE tail -f /dev/null + +echo "Step 2: Installing dependencies..." +docker exec $CONTAINER_NAME bash -c " + dnf update -y + dnf install -y --allowerasing curl wget gpg +" + +echo "Step 3: Downloading GPG key from production bucket..." +docker exec $CONTAINER_NAME bash -c " + curl -o /tmp/stackit-gpg-signer.asc 'https://$PROD_S3_BUCKET.$PROD_S3_ENDPOINT/$PROD_GPG_KEY_PATH' + gpg --import /tmp/stackit-gpg-signer.asc + echo '✅ GPG key imported' +" + +echo "Step 4: Creating repository configuration..." +docker exec $CONTAINER_NAME bash -c " + cat > /etc/yum.repos.d/stackit-cli.repo << EOF +[stackit-cli] +name=STACKIT CLI Repository +baseurl=https://$TEST_S3_BUCKET.$TEST_S3_ENDPOINT/$TEST_RPM_REPO_PATH +enabled=1 +gpgcheck=1 +repo_gpgcheck=1 +gpgkey=https://$PROD_S3_BUCKET.$PROD_S3_ENDPOINT/$PROD_GPG_KEY_PATH +EOF + cat /etc/yum.repos.d/stackit-cli.repo + echo '✅ Repository configuration created' +" + +echo "Step 5: Updating package cache..." +docker exec $CONTAINER_NAME bash -c " + dnf clean all + dnf repolist + echo '✅ Package cache updated' +" + +echo "Step 6: Installing STACKIT CLI..." +docker exec $CONTAINER_NAME bash -c " + dnf install -y stackit + echo '✅ STACKIT CLI installed' +" + +echo "Step 7: Verifying installation..." +docker exec $CONTAINER_NAME bash -c " + if command -v stackit >/dev/null 2>&1; then + echo '✅ stackit command found: \$(which stackit)' + echo '✅ Version: \$(stackit version)' + else + echo '❌ stackit command not found' + exit 1 + fi +" + +echo "Step 8: Testing basic functionality..." +docker exec $CONTAINER_NAME bash -c " + echo '=== STACKIT CLI HELP OUTPUT ===' + stackit --help + echo '=== END HELP OUTPUT ===' + echo '✅ Basic functionality test passed' +" + +echo "Step 9: Testing package update..." +docker exec $CONTAINER_NAME bash -c " + dnf check-update stackit || echo 'No updates available (expected for test)' + echo '✅ Update check completed' +" + +echo "Step 10: Uninstalling STACKIT CLI..." +docker exec $CONTAINER_NAME bash -c " + dnf remove -y stackit + echo '✅ STACKIT CLI uninstalled' +" + +echo "Step 11: Verifying uninstallation..." +docker exec $CONTAINER_NAME bash -c " + if ! command -v stackit >/dev/null 2>&1; then + echo '✅ stackit command no longer found' + else + echo '❌ stackit command still found: \$(which stackit)' + exit 1 + fi +" + +echo "Step 12: Cleaning up container..." +docker stop $CONTAINER_NAME +docker rm $CONTAINER_NAME + +echo "==========================================" +echo "✅ AlmaLinux 9 RPM test completed successfully!" +echo "==========================================" \ No newline at end of file diff --git a/scripts/test-fedora.sh b/scripts/test-fedora.sh new file mode 100755 index 000000000..8fe5d666a --- /dev/null +++ b/scripts/test-fedora.sh @@ -0,0 +1,117 @@ +#!/bin/bash + +# Test script for Fedora RPM repository (test environment) +# Uses test bucket for RPMs, production bucket for GPG key + +set -e + +echo "==========================================" +echo "STACKIT CLI Fedora RPM Test (Test Environment)" +echo "==========================================" + +# Configuration +CONTAINER_NAME="stackit-fedora-test" +IMAGE="fedora:latest" + +# Test environment S3 bucket (for RPMs) +TEST_S3_BUCKET="distribution-test" +TEST_S3_ENDPOINT="object.storage.eu01.onstackit.cloud" +TEST_RPM_REPO_PATH="rpm/cli" + +# Production S3 bucket (for GPG key) +PROD_S3_BUCKET="distribution" +PROD_S3_ENDPOINT="object.storage.eu01.onstackit.cloud" +PROD_GPG_KEY_PATH="keys/key.gpg" + +echo "Step 1: Starting Fedora container..." +docker run -d --name $CONTAINER_NAME $IMAGE tail -f /dev/null + +echo "Step 2: Installing dependencies..." +docker exec $CONTAINER_NAME bash -c " + dnf update -y + dnf install -y curl wget gpg +" + +echo "Step 3: Downloading GPG key from production bucket..." +docker exec $CONTAINER_NAME bash -c " + curl -o /tmp/stackit-gpg-signer.asc 'https://$PROD_S3_BUCKET.$PROD_S3_ENDPOINT/$PROD_GPG_KEY_PATH' + gpg --import /tmp/stackit-gpg-signer.asc + echo '✅ GPG key imported' +" + +echo "Step 4: Creating repository configuration..." +docker exec $CONTAINER_NAME bash -c " + cat > /etc/yum.repos.d/stackit-cli.repo << EOF +[stackit-cli] +name=STACKIT CLI Repository +baseurl=https://$TEST_S3_BUCKET.$TEST_S3_ENDPOINT/$TEST_RPM_REPO_PATH +enabled=1 +gpgcheck=1 +repo_gpgcheck=1 +gpgkey=https://$PROD_S3_BUCKET.$PROD_S3_ENDPOINT/$PROD_GPG_KEY_PATH +EOF + cat /etc/yum.repos.d/stackit-cli.repo + echo '✅ Repository configuration created' +" + +echo "Step 5: Updating package cache..." +docker exec $CONTAINER_NAME bash -c " + dnf clean all + dnf repolist + echo '✅ Package cache updated' +" + +echo "Step 6: Installing STACKIT CLI..." +docker exec $CONTAINER_NAME bash -c " + dnf install -y stackit + echo '✅ STACKIT CLI installed' +" + +echo "Step 7: Verifying installation..." +docker exec $CONTAINER_NAME bash -c " + if command -v stackit >/dev/null 2>&1; then + echo '✅ stackit command found: \$(which stackit)' + echo '✅ Version: \$(stackit version)' + else + echo '❌ stackit command not found' + exit 1 + fi +" + +echo "Step 8: Testing basic functionality..." +docker exec $CONTAINER_NAME bash -c " + echo '=== STACKIT CLI HELP OUTPUT ===' + stackit --help + echo '=== END HELP OUTPUT ===' + echo '✅ Basic functionality test passed' +" + +echo "Step 9: Testing package update..." +docker exec $CONTAINER_NAME bash -c " + dnf check-update stackit || echo 'No updates available (expected for test)' + echo '✅ Update check completed' +" + +echo "Step 10: Uninstalling STACKIT CLI..." +docker exec $CONTAINER_NAME bash -c " + dnf remove -y stackit + echo '✅ STACKIT CLI uninstalled' +" + +echo "Step 11: Verifying uninstallation..." +docker exec $CONTAINER_NAME bash -c " + if ! command -v stackit >/dev/null 2>&1; then + echo '✅ stackit command no longer found' + else + echo '❌ stackit command still found: \$(which stackit)' + exit 1 + fi +" + +echo "Step 12: Cleaning up container..." +docker stop $CONTAINER_NAME +docker rm $CONTAINER_NAME + +echo "==========================================" +echo "✅ Fedora RPM test completed successfully!" +echo "==========================================" \ No newline at end of file diff --git a/scripts/test-opensuse-test-env.sh b/scripts/test-opensuse-test-env.sh new file mode 100755 index 000000000..16c5938a6 --- /dev/null +++ b/scripts/test-opensuse-test-env.sh @@ -0,0 +1,118 @@ +#!/bin/bash + +# Test script for OpenSUSE RPM repository (test environment) +# Uses test bucket for RPMs, production bucket for GPG key + +set -e + +echo "==========================================" +echo "STACKIT CLI OpenSUSE RPM Test (Test Environment)" +echo "==========================================" + +# Configuration +CONTAINER_NAME="stackit-opensuse-test" +IMAGE="opensuse/tumbleweed:latest" + +# Test environment S3 bucket (for RPMs) +TEST_S3_BUCKET="distribution-test" +TEST_S3_ENDPOINT="object.storage.eu01.onstackit.cloud" +TEST_RPM_REPO_PATH="rpm/cli" + +# Production S3 bucket (for GPG key) +PROD_S3_BUCKET="distribution" +PROD_S3_ENDPOINT="object.storage.eu01.onstackit.cloud" +PROD_GPG_KEY_PATH="keys/key.gpg" + +echo "Step 1: Starting OpenSUSE container..." +docker run -d --name $CONTAINER_NAME $IMAGE tail -f /dev/null + +echo "Step 2: Installing dependencies..." +docker exec $CONTAINER_NAME bash -c " + zypper update -y + zypper install -y curl wget gpg2 +" + +echo "Step 3: Downloading GPG key from production bucket..." +docker exec $CONTAINER_NAME bash -c " + curl -o /tmp/stackit-gpg-signer.asc 'https://$PROD_S3_BUCKET.$PROD_S3_ENDPOINT/$PROD_GPG_KEY_PATH' + gpg --import /tmp/stackit-gpg-signer.asc + echo '✅ GPG key imported' +" + +echo "Step 4: Creating repository configuration..." +docker exec $CONTAINER_NAME bash -c " + cat > /etc/zypp/repos.d/stackit-cli.repo << EOF +[stackit-cli] +name=STACKIT CLI Repository +baseurl=https://$TEST_S3_BUCKET.$TEST_S3_ENDPOINT/$TEST_RPM_REPO_PATH +enabled=1 +gpgcheck=1 +repo_gpgcheck=1 +gpgkey=https://$PROD_S3_BUCKET.$PROD_S3_ENDPOINT/$PROD_GPG_KEY_PATH +EOF + cat /etc/zypp/repos.d/stackit-cli.repo + echo '✅ Repository configuration created' +" + +echo "Step 5: Updating package cache..." +docker exec $CONTAINER_NAME bash -c " + zypper clean --all + zypper refresh + zypper repos + echo '✅ Package cache updated' +" + +echo "Step 6: Installing STACKIT CLI..." +docker exec $CONTAINER_NAME bash -c " + zypper install -y stackit + echo '✅ STACKIT CLI installed' +" + +echo "Step 7: Verifying installation..." +docker exec $CONTAINER_NAME bash -c " + if command -v stackit >/dev/null 2>&1; then + echo '✅ stackit command found: \$(which stackit)' + echo '✅ Version: \$(stackit version)' + else + echo '❌ stackit command not found' + exit 1 + fi +" + +echo "Step 8: Testing basic functionality..." +docker exec $CONTAINER_NAME bash -c " + echo '=== STACKIT CLI HELP OUTPUT ===' + stackit --help + echo '=== END HELP OUTPUT ===' + echo '✅ Basic functionality test passed' +" + +echo "Step 9: Testing package update..." +docker exec $CONTAINER_NAME bash -c " + zypper list-updates stackit || echo 'No updates available (expected for test)' + echo '✅ Update check completed' +" + +echo "Step 10: Uninstalling STACKIT CLI..." +docker exec $CONTAINER_NAME bash -c " + zypper remove -y stackit + echo '✅ STACKIT CLI uninstalled' +" + +echo "Step 11: Verifying uninstallation..." +docker exec $CONTAINER_NAME bash -c " + if ! command -v stackit >/dev/null 2>&1; then + echo '✅ stackit command no longer found' + else + echo '❌ stackit command still found: \$(which stackit)' + exit 1 + fi +" + +echo "Step 12: Cleaning up container..." +docker stop $CONTAINER_NAME +docker rm $CONTAINER_NAME + +echo "==========================================" +echo "✅ OpenSUSE RPM test completed successfully!" +echo "==========================================" \ No newline at end of file diff --git a/scripts/test-rhel9.sh b/scripts/test-rhel9.sh new file mode 100755 index 000000000..a8ff9cb18 --- /dev/null +++ b/scripts/test-rhel9.sh @@ -0,0 +1,117 @@ +#!/bin/bash + +# Test script for RHEL 9 RPM repository +# Uses test bucket for RPMs and GPG key + +set -e + +echo "==========================================" +echo "STACKIT CLI RHEL 9 RPM Test" +echo "==========================================" + +# Configuration +CONTAINER_NAME="stackit-rhel9-test" +IMAGE="registry.access.redhat.com/ubi9/ubi:latest" + +# Test environment S3 bucket (for RPMs) +TEST_S3_BUCKET="distribution-test" +TEST_S3_ENDPOINT="object.storage.eu01.onstackit.cloud" +TEST_RPM_REPO_PATH="rpm/cli" + +# Production S3 bucket (for GPG key) +PROD_S3_BUCKET="distribution" +PROD_S3_ENDPOINT="object.storage.eu01.onstackit.cloud" +PROD_GPG_KEY_PATH="keys/key.gpg" + +echo "Step 1: Starting RHEL 9 container..." +docker run -d --name $CONTAINER_NAME $IMAGE tail -f /dev/null + +echo "Step 2: Installing dependencies..." +docker exec $CONTAINER_NAME bash -c " + dnf update -y + dnf install -y --allowerasing curl wget gpg +" + +echo "Step 3: Downloading GPG key from production bucket..." +docker exec $CONTAINER_NAME bash -c " + curl -o /tmp/stackit-gpg-signer.asc 'https://$PROD_S3_BUCKET.$PROD_S3_ENDPOINT/$PROD_GPG_KEY_PATH' + gpg --import /tmp/stackit-gpg-signer.asc + echo '✅ GPG key imported' +" + +echo "Step 4: Creating repository configuration..." +docker exec $CONTAINER_NAME bash -c " + cat > /etc/yum.repos.d/stackit-cli.repo << EOF +[stackit-cli] +name=STACKIT CLI Repository +baseurl=https://$TEST_S3_BUCKET.$TEST_S3_ENDPOINT/$TEST_RPM_REPO_PATH +enabled=1 +gpgcheck=1 +repo_gpgcheck=1 +gpgkey=https://$PROD_S3_BUCKET.$PROD_S3_ENDPOINT/$PROD_GPG_KEY_PATH +EOF + cat /etc/yum.repos.d/stackit-cli.repo + echo '✅ Repository configuration created' +" + +echo "Step 5: Updating package cache..." +docker exec $CONTAINER_NAME bash -c " + dnf clean all + dnf repolist + echo '✅ Package cache updated' +" + +echo "Step 6: Installing STACKIT CLI..." +docker exec $CONTAINER_NAME bash -c " + dnf install -y stackit + echo '✅ STACKIT CLI installed' +" + +echo "Step 7: Verifying installation..." +docker exec $CONTAINER_NAME bash -c " + if command -v stackit >/dev/null 2>&1; then + echo '✅ stackit command found: \$(which stackit)' + echo '✅ Version: \$(stackit version)' + else + echo '❌ stackit command not found' + exit 1 + fi +" + +echo "Step 8: Testing basic functionality..." +docker exec $CONTAINER_NAME bash -c " + echo '=== STACKIT CLI HELP OUTPUT ===' + stackit --help + echo '=== END HELP OUTPUT ===' + echo '✅ Basic functionality test passed' +" + +echo "Step 9: Testing package update..." +docker exec $CONTAINER_NAME bash -c " + dnf check-update stackit || echo 'No updates available (expected for test)' + echo '✅ Update check completed' +" + +echo "Step 10: Uninstalling STACKIT CLI..." +docker exec $CONTAINER_NAME bash -c " + dnf remove -y stackit + echo '✅ STACKIT CLI uninstalled' +" + +echo "Step 11: Verifying uninstallation..." +docker exec $CONTAINER_NAME bash -c " + if ! command -v stackit >/dev/null 2>&1; then + echo '✅ stackit command no longer found' + else + echo '❌ stackit command still found: \$(which stackit)' + exit 1 + fi +" + +echo "Step 12: Cleaning up container..." +docker stop $CONTAINER_NAME +docker rm $CONTAINER_NAME + +echo "==========================================" +echo "✅ RHEL 9 RPM test completed successfully!" +echo "==========================================" \ No newline at end of file diff --git a/scripts/test-rocky9.sh b/scripts/test-rocky9.sh new file mode 100755 index 000000000..238b3a45b --- /dev/null +++ b/scripts/test-rocky9.sh @@ -0,0 +1,117 @@ +#!/bin/bash + +# Test script for Rocky Linux 9 RPM repository +# Uses test bucket for RPMs, production bucket for GPG key + +set -e + +echo "==========================================" +echo "STACKIT CLI Rocky Linux 9 RPM Test" +echo "==========================================" + +# Configuration +CONTAINER_NAME="stackit-rocky9-test" +IMAGE="rockylinux:9" + +# Test environment S3 bucket (for RPMs) +TEST_S3_BUCKET="distribution-test" +TEST_S3_ENDPOINT="object.storage.eu01.onstackit.cloud" +TEST_RPM_REPO_PATH="rpm/cli" + +# Production S3 bucket (for GPG key) +PROD_S3_BUCKET="distribution" +PROD_S3_ENDPOINT="object.storage.eu01.onstackit.cloud" +PROD_GPG_KEY_PATH="keys/key.gpg" + +echo "Step 1: Starting Rocky Linux 9 container..." +docker run -d --name $CONTAINER_NAME $IMAGE tail -f /dev/null + +echo "Step 2: Installing dependencies..." +docker exec $CONTAINER_NAME bash -c " + dnf update -y + dnf install -y --allowerasing curl wget gpg +" + +echo "Step 3: Downloading GPG key from production bucket..." +docker exec $CONTAINER_NAME bash -c " + curl -o /tmp/stackit-gpg-signer.asc 'https://$PROD_S3_BUCKET.$PROD_S3_ENDPOINT/$PROD_GPG_KEY_PATH' + gpg --import /tmp/stackit-gpg-signer.asc + echo '✅ GPG key imported' +" + +echo "Step 4: Creating repository configuration..." +docker exec $CONTAINER_NAME bash -c " + cat > /etc/yum.repos.d/stackit-cli.repo << EOF +[stackit-cli] +name=STACKIT CLI Repository +baseurl=https://$TEST_S3_BUCKET.$TEST_S3_ENDPOINT/$TEST_RPM_REPO_PATH +enabled=1 +gpgcheck=1 +repo_gpgcheck=1 +gpgkey=https://$PROD_S3_BUCKET.$PROD_S3_ENDPOINT/$PROD_GPG_KEY_PATH +EOF + cat /etc/yum.repos.d/stackit-cli.repo + echo '✅ Repository configuration created' +" + +echo "Step 5: Updating package cache..." +docker exec $CONTAINER_NAME bash -c " + dnf clean all + dnf repolist + echo '✅ Package cache updated' +" + +echo "Step 6: Installing STACKIT CLI..." +docker exec $CONTAINER_NAME bash -c " + dnf install -y stackit + echo '✅ STACKIT CLI installed' +" + +echo "Step 7: Verifying installation..." +docker exec $CONTAINER_NAME bash -c " + if command -v stackit >/dev/null 2>&1; then + echo '✅ stackit command found: \$(which stackit)' + echo '✅ Version: \$(stackit version)' + else + echo '❌ stackit command not found' + exit 1 + fi +" + +echo "Step 8: Testing basic functionality..." +docker exec $CONTAINER_NAME bash -c " + echo '=== STACKIT CLI HELP OUTPUT ===' + stackit --help + echo '=== END HELP OUTPUT ===' + echo '✅ Basic functionality test passed' +" + +echo "Step 9: Testing package update..." +docker exec $CONTAINER_NAME bash -c " + dnf check-update stackit || echo 'No updates available (expected for test)' + echo '✅ Update check completed' +" + +echo "Step 10: Uninstalling STACKIT CLI..." +docker exec $CONTAINER_NAME bash -c " + dnf remove -y stackit + echo '✅ STACKIT CLI uninstalled' +" + +echo "Step 11: Verifying uninstallation..." +docker exec $CONTAINER_NAME bash -c " + if ! command -v stackit >/dev/null 2>&1; then + echo '✅ stackit command no longer found' + else + echo '❌ stackit command still found: \$(which stackit)' + exit 1 + fi +" + +echo "Step 12: Cleaning up container..." +docker stop $CONTAINER_NAME +docker rm $CONTAINER_NAME + +echo "==========================================" +echo "✅ Rocky Linux 9 RPM test completed successfully!" +echo "==========================================" \ No newline at end of file From a8449a4f5619ce63eb3ecc522a086f6c93cd36ff Mon Sep 17 00:00:00 2001 From: Benjosh95 Date: Thu, 7 Aug 2025 08:32:36 +0200 Subject: [PATCH 27/27] rename test script --- scripts/test-opensuse.sh | 118 +++++++++++++++++++++++++++++++++++++++ 1 file changed, 118 insertions(+) create mode 100755 scripts/test-opensuse.sh diff --git a/scripts/test-opensuse.sh b/scripts/test-opensuse.sh new file mode 100755 index 000000000..16c5938a6 --- /dev/null +++ b/scripts/test-opensuse.sh @@ -0,0 +1,118 @@ +#!/bin/bash + +# Test script for OpenSUSE RPM repository (test environment) +# Uses test bucket for RPMs, production bucket for GPG key + +set -e + +echo "==========================================" +echo "STACKIT CLI OpenSUSE RPM Test (Test Environment)" +echo "==========================================" + +# Configuration +CONTAINER_NAME="stackit-opensuse-test" +IMAGE="opensuse/tumbleweed:latest" + +# Test environment S3 bucket (for RPMs) +TEST_S3_BUCKET="distribution-test" +TEST_S3_ENDPOINT="object.storage.eu01.onstackit.cloud" +TEST_RPM_REPO_PATH="rpm/cli" + +# Production S3 bucket (for GPG key) +PROD_S3_BUCKET="distribution" +PROD_S3_ENDPOINT="object.storage.eu01.onstackit.cloud" +PROD_GPG_KEY_PATH="keys/key.gpg" + +echo "Step 1: Starting OpenSUSE container..." +docker run -d --name $CONTAINER_NAME $IMAGE tail -f /dev/null + +echo "Step 2: Installing dependencies..." +docker exec $CONTAINER_NAME bash -c " + zypper update -y + zypper install -y curl wget gpg2 +" + +echo "Step 3: Downloading GPG key from production bucket..." +docker exec $CONTAINER_NAME bash -c " + curl -o /tmp/stackit-gpg-signer.asc 'https://$PROD_S3_BUCKET.$PROD_S3_ENDPOINT/$PROD_GPG_KEY_PATH' + gpg --import /tmp/stackit-gpg-signer.asc + echo '✅ GPG key imported' +" + +echo "Step 4: Creating repository configuration..." +docker exec $CONTAINER_NAME bash -c " + cat > /etc/zypp/repos.d/stackit-cli.repo << EOF +[stackit-cli] +name=STACKIT CLI Repository +baseurl=https://$TEST_S3_BUCKET.$TEST_S3_ENDPOINT/$TEST_RPM_REPO_PATH +enabled=1 +gpgcheck=1 +repo_gpgcheck=1 +gpgkey=https://$PROD_S3_BUCKET.$PROD_S3_ENDPOINT/$PROD_GPG_KEY_PATH +EOF + cat /etc/zypp/repos.d/stackit-cli.repo + echo '✅ Repository configuration created' +" + +echo "Step 5: Updating package cache..." +docker exec $CONTAINER_NAME bash -c " + zypper clean --all + zypper refresh + zypper repos + echo '✅ Package cache updated' +" + +echo "Step 6: Installing STACKIT CLI..." +docker exec $CONTAINER_NAME bash -c " + zypper install -y stackit + echo '✅ STACKIT CLI installed' +" + +echo "Step 7: Verifying installation..." +docker exec $CONTAINER_NAME bash -c " + if command -v stackit >/dev/null 2>&1; then + echo '✅ stackit command found: \$(which stackit)' + echo '✅ Version: \$(stackit version)' + else + echo '❌ stackit command not found' + exit 1 + fi +" + +echo "Step 8: Testing basic functionality..." +docker exec $CONTAINER_NAME bash -c " + echo '=== STACKIT CLI HELP OUTPUT ===' + stackit --help + echo '=== END HELP OUTPUT ===' + echo '✅ Basic functionality test passed' +" + +echo "Step 9: Testing package update..." +docker exec $CONTAINER_NAME bash -c " + zypper list-updates stackit || echo 'No updates available (expected for test)' + echo '✅ Update check completed' +" + +echo "Step 10: Uninstalling STACKIT CLI..." +docker exec $CONTAINER_NAME bash -c " + zypper remove -y stackit + echo '✅ STACKIT CLI uninstalled' +" + +echo "Step 11: Verifying uninstallation..." +docker exec $CONTAINER_NAME bash -c " + if ! command -v stackit >/dev/null 2>&1; then + echo '✅ stackit command no longer found' + else + echo '❌ stackit command still found: \$(which stackit)' + exit 1 + fi +" + +echo "Step 12: Cleaning up container..." +docker stop $CONTAINER_NAME +docker rm $CONTAINER_NAME + +echo "==========================================" +echo "✅ OpenSUSE RPM test completed successfully!" +echo "==========================================" \ No newline at end of file