Influxdata
/
influxdb
mirror of https://github.com/influxdata/influxdb.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

chore: fix package permissions (1.10) (#24304) 

* chore: replace "package builder" shell/docker implemention with python

* chore: remove unused packaging files
pull/24411/head
Brandon Pfeifer 2023-06-26 12:23:31 -04:00 committed by GitHub
parent 57fb6ef327
commit 933a14e16f
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
19 changed files with 454 additions and 287 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

54
.circleci/config.yml
View File

@ -65,28 +65,15 @@ jobs:
- run: - run:
name: Build binaries name: Build binaries
command: | command: |
set -x
tarsum()
{
FROM_DIR=$1
TARBALL_PATH=$2
tar -C $FROM_DIR -cvzf ${TARBALL_PATH} .
md5sum ${TARBALL_PATH} > ${TARBALL_PATH}.md5
sha256sum ${TARBALL_PATH} > ${TARBALL_PATH}.sha256
}
export CC="$(xcc linux x86_64)" export CC="$(xcc linux x86_64)"
export CGO_ENABLED=1 export CGO_ENABLED=1
# linux amd64 (static build) # linux amd64 (static build)
TMPOUTDIR=$(mktemp -d)
export GOOS=linux export GOOS=linux
export GOARCH=amd64 export GOARCH=amd64
for cmd in github.com/influxdata/influxdb/cmd/{influxd,influx,influx_inspect} for cmd in github.com/influxdata/influxdb/cmd/{influxd,influx,influx_inspect}
do do
go build \ go build \
-o "${TMPOUTDIR}/$(basename $cmd)" \
-tags "netgo,osusergo,static_build" \ -tags "netgo,osusergo,static_build" \
-buildmode=pie \ -buildmode=pie \
-ldflags="-s -ldflags="-s
@ -100,7 +87,14 @@ jobs:
done done
mkdir -p ./bins mkdir -p ./bins
tarsum $TMPOUTDIR ./bins/influxdb_bin_${GOOS}_${GOARCH}-${CIRCLE_SHA1}.tar.gz
target="bins/influxdb_bin_${GOOS}_${GOARCH}-${CIRCLE_SHA1}.tar.gz"
tar -czf "${target}" \
influx \
influx_inspect \
influxd
md5sum "${target}" > "${target}.md5"
sha256sum "${target}" > "${target}.sha256"
- store_artifacts: - store_artifacts:
path: bins/ path: bins/
- persist_to_workspace: - persist_to_workspace:
@ -122,21 +116,27 @@ jobs:
- attach_workspace: - attach_workspace:
at: /tmp/workspace at: /tmp/workspace
- checkout - checkout
- run: - run: |
name: Build packages export DEBIAN_FRONTEND=noninteractive
command: | sudo -E apt-get update
set -x sudo -E apt-get install --no-install-recommends --yes \
asciidoc \
build-essential \
git \
python3 \
rpm \
ruby-dev \
xmlto
WORKING_DIR=$(pwd) sudo gem install fpm
OUTDIR=${WORKING_DIR}/packages
# InfluxDB debs and rpms ( cd man ; make build ; gzip -9 ./*.1 )
# linux
"${WORKING_DIR}/releng/packages/build.bash" \ python3 -m pip install -r .circleci/scripts/package/requirements.txt
-s "/tmp/workspace/tarball/influxdb-src-${CIRCLE_SHA1}.tar.gz" \
-b "/tmp/workspace/bins/influxdb_bin_linux_amd64-${CIRCLE_SHA1}.tar.gz" \ # Unfortunately, this must be executed as root. This is so permission
-O linux -A amd64 \ # modifying commands (chown, chmod, etc.) succeed.
-o "$OUTDIR" sudo --preserve-env=CIRCLE_TAG,CIRCLE_SHA1 .circleci/scripts/package/build.py
- store_artifacts: - store_artifacts:
path: packages/ path: packages/
- persist_to_workspace: - persist_to_workspace:

369
.circleci/scripts/package/build.py Executable file
View File

@ -0,0 +1,369 @@
#!/usr/bin/env python3
import glob
import os
import re
import shutil
import subprocess
import tempfile
import yaml
def build_linux_archive(source, package, version):
"""
Builds a Linux Archive.
This archive contains the binary artifacts, configuration, and scripts
installed by the DEB and RPM packages. This mimics the file-system. So,
binaries are installed into "/usr/bin", configuration into "/etc", and
scripts into their relevant directories. Permissions match those of
the DEB and RPM packages.
"""
with tempfile.TemporaryDirectory() as workspace:
# fmt: off
shutil.copytree(os.path.join(package["source"], "fs"),
workspace, dirs_exist_ok=True, ignore=shutil.ignore_patterns(".keepdir"))
# fmt: on
for extra in package["extras"]:
shutil.copy(extra["source"], os.path.join(workspace, extra["target"]))
for binary in package["binaries"]:
# Since the binaries for different platforms and architectures
# are named the same, the binaries are stored within archives.
# The archive name specifies the platform and architecture.
# Each binary must be extracted with `tar`.
# fmt: off
subprocess.check_call(
[
# globbing is required as the archive name contains the
# release version or git commit of the repository. This
# allows the configuration to remain untouched between
# different builds.
"tar", "-xf", glob.glob(source["binary"])[0],
# binaries are copied to "usr/bin"
"-C", os.path.join(workspace, "usr/bin"),
binary,
]
)
# fmt: on
# After the package contents are copied into the working directory,
# the permissions must be updated. Since the CI executor may change
# occasionally (images/ORBs deprecated over time), the umask may
# not be what we expect. This allows this packaging script to be
# agnostic to umask/system configuration.
for root, dirs, files in os.walk(workspace):
for target in [os.path.join(root, f) for f in files]:
# files in "usr/bin" are executable
if os.path.relpath(root, workspace) == "usr/bin":
os.chmod(target, 0o0755)
else:
# standard file permissions
os.chmod(target, 0o0644)
# fmt: off
shutil.chown(
target,
user = "root",
group = "root")
# fmt: on
for target in [os.path.join(root, d) for d in dirs]:
# standard directory permissions
os.chmod(target, 0o0755)
# fmt: off
shutil.chown(
target,
user = "root",
group = "root")
# fmt: on
for override in package["perm_overrides"]:
target = os.path.join(workspace, override["target"])
os.chmod(target, override["perms"])
# "owner" and "group" should be a system account and group with
# a well-defined UID and GID. Otherwise, the UID/GID might vary
# between systems. When the archive is extracted/package is
# installed, things may not behave as we would expect.
# fmt: off
shutil.chown(
target,
user = override["owner"],
group = override["group"])
# fmt: on
os.makedirs(source["target"], exist_ok=True)
# fmt: off
subprocess.check_call([
"tar", "-czf",
os.path.join(
source["target"],
"{:s}-{:s}_{:s}_{:s}.tar.gz".format(
package["name"],
version,
source["plat"],
source["arch"]
)
),
# ".keepdir" allows Git to track otherwise empty directories. The presence
# of the directories allows `package["extras"]` and `package["binaries"]`
# to be copied into the archive without requiring "mkdir". These should
# directories are excluded from the final archive.
"--exclude", ".keepdir",
# This re-parents the contents of the archive with `package["name"]-version`.
# It is undocumented, however, when matching, "--transform" always removes
# the trailing slash. This regex must handle "./" and "./<more components>".
"--transform",
"s#^.\(/\|$\)#{:s}-{:s}/#".format(
package["name"],
version
),
# compress everything within `workspace`
"-C", workspace, '.'
])
# fmt: on
def build_darwin_archive(source, package, version):
"""
Builds a Darwin Archive.
This archive contains binary artifacts and configuration. Unlike the
linux archive, which contains the configuration and matches the file-
system of the DEB and RPM packages, everything is located within the
root of the archive. However, permissions do match those of the DEB
and RPM packages.
"""
with tempfile.TemporaryDirectory() as workspace:
for extra in package["extras"]:
target = os.path.join(workspace, os.path.basename(extra["target"]))
shutil.copy(extra["source"], target)
os.chmod(target, 0o0644)
# fmt: off
shutil.chown(
target,
user = "root",
group = "root")
# fmt: on
for binary in package["binaries"]:
# Since the binaries for different platforms and architectures
# are named the same, the binaries are stored within archives.
# The archive name specifies the platform and architecture.
# Each binary must be extracted with `tar`.
# fmt: off
subprocess.check_call([
# globbing is required as the archive name contains the
# release version or git commit of the repository. This
# allows the configuration to remain untouched between
# different builds.
"tar", "-xf", glob.glob(source["binary"])[0],
# binaries are copied to "/"
"-C", workspace,
binary
])
# fmt: on
target = os.path.join(workspace, binary)
os.chmod(target, 0o0755)
# fmt: off
shutil.chown(
target,
user = "root",
group = "root")
# fmt: on
os.makedirs(source["target"], exist_ok=True)
# fmt: off
subprocess.check_call([
"tar", "-czf",
os.path.join(
source["target"],
"{:s}-{:s}_{:s}_{:s}.tar.gz".format(
package["name"],
version,
source["plat"],
source["arch"]
)
),
# This re-parents the contents of the archive with `package["name"]-version`.
# It is undocumented, however, when matching, "--transform" always removes
# the trailing slash. This regex must handle "./" and "./<more components>".
"--transform",
"s#^.\(/\|$\)#{:s}-{:s}/#".format(
package["name"],
version
),
# compress everything within `workspace`
"-C", workspace, '.'
])
# fmt: on
def build_linux_package(source, package, version):
"""
Constructs a DEB or RPM Package.
"""
with tempfile.TemporaryDirectory() as workspace:
# fmt: off
shutil.copytree(package["source"], workspace,
dirs_exist_ok=True, ignore=shutil.ignore_patterns(".keepdir"))
# fmt: on
for extra in package["extras"]:
shutil.copy(extra["source"], os.path.join(workspace, "fs", extra["target"]))
for binary in package["binaries"]:
# Since the binaries for different platforms and architectures
# are named the same, the binaries are stored within archives.
# The archive name specifies the platform and architecture.
# Each binary must be extracted with `tar`.
# fmt: off
subprocess.check_call(
[
# globbing is required as the archive name contains the
# release version or git commit of the repository. This
# allows the configuration to remain untouched between
# different builds.
"tar", "-xf", glob.glob(source["binary"])[0],
# binaries are copied to "usr/bin"
"-C", os.path.join(workspace, "fs/usr/bin"),
binary,
]
)
# fmt: on
# After the package contents are copied into the working directory,
# the permissions must be updated. Since the CI executor may change
# occasionally (images/ORBs deprecated over time), the umask may
# not be what we expect. This allows this packaging script to be
# agnostic to umask/system configuration.
for root, dirs, files in os.walk(workspace):
for target in [os.path.join(root, f) for f in files]:
# files in "fs/usr/bin" are executable
if os.path.relpath(root, workspace) == "fs/usr/bin":
os.chmod(target, 0o0755)
else:
# standard file permissions
os.chmod(target, 0o0644)
# fmt: off
shutil.chown(
target,
user = "root",
group = "root")
# fmt: on
for target in [os.path.join(root, d) for d in dirs]:
# standard directory permissions
os.chmod(target, 0o0755)
# fmt: off
shutil.chown(
target,
user = "root",
group = "root")
# fmt: on
for override in package["perm_overrides"]:
target = os.path.join(workspace, "fs", override["target"])
os.chmod(target, override["perms"])
# "owner" and "group" should be a system account and group with
# a well-defined UID and GID. Otherwise, the UID/GID might vary
# between systems. When the archive is extracted/package is
# installed, things may not behave as we would expect.
# fmt: off
shutil.chown(
target,
user = override["owner"],
group = override["group"])
# fmt: on
os.makedirs(source["target"], exist_ok=True)
fpm_wrapper(source, package, version, workspace, "rpm")
fpm_wrapper(source, package, version, workspace, "deb")
def fpm_wrapper(source, package, version, workspace, package_type):
"""
Constructs either a DEB/RPM Package.
This wraps some configuration settings that are *only* relevant
to `fpm`.
"""
conffiles = []
for root, dirs, files in os.walk(os.path.join(workspace, "fs/etc")):
for file in files:
# fmt: off
conffiles.extend([
"--config-files", os.path.join("/", os.path.relpath(root, os.path.join(workspace, "fs")), file)
])
# fmt: on
# `source["arch"]` matches DEB architecture names. When building RPMs, it must
# be converted into RPM architecture names.
architecture = source["arch"]
if package_type == "rpm":
if architecture == "amd64":
architecture = "x86_64"
# fmt: off
p = subprocess.check_call([
"fpm",
"--log", "error",
# package description
"--name", package["name"],
"--vendor", "InfluxData",
"--description", "Distributed time-series database.",
"--url", "https://influxdata.com",
"--maintainer", "support@influxdb.com",
"--license", "Proprietary",
# package configuration
"--input-type", "dir",
"--output-type", package_type,
"--architecture", architecture,
"--version", version,
"--iteration", "1",
# maintainer scripts
"--after-install", os.path.join(workspace, "control/post-install"),
"--after-remove", os.path.join(workspace, "control/post-uninstall"),
"--before-install", os.path.join(workspace, "control/pre-install"),
# package conffiles
"--rpm-attr", "750,influxdb,influxdb:/var/log/influxdb",
"--rpm-attr", "750,influxdb,influxdb:/var/lib/influxdb",
*conffiles,
# package options
"--chdir", os.path.join(workspace, "fs/"),
"--package", source["target"]
])
# fmt: on
circle_tag = os.getenv("CIRCLE_TAG", default="")
circle_sha = os.getenv("CIRCLE_SHA1", default="DEADBEEF")
# Determine if `circle_tag` matches the semantic version regex. Otherwise,
# assume that `circle_tag` is not intended to tag a release. The regex is
# permissive of what occurs after the semantic version. This allows for
# alphas, betas, and release candidates.
if re.match("^v[0-9]+.[0-9]+.[0-9]+", circle_tag):
version = circle_tag[1:]
else:
# When `circle_tag` cannot be used to construct the package version,
# use `circle_sha`. Since `circle_sha` can start with an alpha (non-
# -numeric) character, prefix it with "1.x-".
version = "1.x-" + circle_sha[:8]
with open(".circleci/scripts/package/config.yaml") as file:
document = yaml.load(file, Loader=yaml.SafeLoader)
# fmt: off
for s, p in [
(s, p)
for s in document["sources" ]
for p in document["packages"]
]:
# fmt: on
if s["plat"] == "linux":
build_linux_archive(s, p, version)
build_linux_package(s, p, version)
if s["plat"] == "darwin":
build_darwin_archive(s, p, version)

51
.circleci/scripts/package/config.yaml Normal file
View File

@ -0,0 +1,51 @@
---
sources:
- binary: /tmp/workspace/bins/influxdb_bin_linux_amd64-*.tar.gz
target: packages/
arch: amd64
plat: linux
packages:
- name: influxdb
binaries:
- influx
- influx_inspect
- influxd
extras:
- source: etc/config.sample.toml
target: etc/influxdb/influxdb.conf
- source: man/influx.1.gz
target: usr/share/man/man1/influx.1.gz
- source: man/influx_inspect.1.gz
target: usr/share/man/man1/influx_inspect.1.gz
- source: man/influxd.1.gz
target: usr/share/man/man1/influxd.1.gz
- source: man/influxd-backup.1.gz
target: usr/share/man/man1/influxd-backup.1.gz
- source: man/influxd-config.1.gz
target: usr/share/man/man1/influxd-config.1.gz
- source: man/influxd-restore.1.gz
target: usr/share/man/man1/influxd-restore.1.gz
- source: man/influxd-run.1.gz
target: usr/share/man/man1/influxd-run.1.gz
- source: man/influxd-version.1.gz
target: usr/share/man/man1/influxd-version.1.gz
perm_overrides:
- owner: root
group: root
perms: 0755
target: usr/lib/influxdb/scripts/init.sh
- owner: root
group: root
perms: 0755
target: usr/lib/influxdb/scripts/influxd-systemd-start.sh
source: .circleci/scripts/package/influxdb

0
scripts/post-install.sh → .circleci/scripts/package/influxdb/control/post-install
View File

0
scripts/post-uninstall.sh → .circleci/scripts/package/influxdb/control/post-uninstall
View File

0
scripts/pre-install.sh → .circleci/scripts/package/influxdb/control/pre-install Executable file → Normal file
View File

1
.circleci/scripts/package/influxdb/fs/etc/influxdb/.keepdir Normal file
View File

@ -0,0 +1 @@
This prevents Git from removing this directory.

1
.circleci/scripts/package/influxdb/fs/usr/bin/.keepdir Normal file
View File

@ -0,0 +1 @@
This prevents Git from removing this directory.

0
scripts/influxd-systemd-start.sh → .circleci/scripts/package/influxdb/fs/usr/lib/influxdb/scripts/influxd-systemd-start.sh Executable file → Normal file
View File

0
scripts/influxdb.service → .circleci/scripts/package/influxdb/fs/usr/lib/influxdb/scripts/influxdb.service
View File

0
scripts/init.sh → .circleci/scripts/package/influxdb/fs/usr/lib/influxdb/scripts/init.sh Executable file → Normal file
View File

1
.circleci/scripts/package/influxdb/fs/usr/share/man/man1/.keepdir Normal file
View File

@ -0,0 +1 @@
This prevents Git from removing this directory.

1
.circleci/scripts/package/influxdb/fs/var/lib/influxdb/.keepdir Normal file
View File

@ -0,0 +1 @@
This prevents Git from removing this directory.

1
.circleci/scripts/package/influxdb/fs/var/log/influxdb/.keepdir Normal file
View File

@ -0,0 +1 @@
This prevents Git from removing this directory.

2
.circleci/scripts/package/requirements.txt Normal file
View File

@ -0,0 +1,2 @@
PyYAML==6.0
regex==2023.6.3

18
releng/packages/Dockerfile
View File

@ -1,18 +0,0 @@
FROM ruby:2.6-alpine3.9
RUN apk add --no-cache \
bash \
jq \
gcc \
make \
musl-dev \
rpm \
ruby-dev \
tar \
zip
RUN gem install fpm -v 1.11.0
COPY fs/ /
ENTRYPOINT ["influxdb_packages.bash"]

55
releng/packages/build.bash
View File

@ -1,55 +0,0 @@
#!/bin/bash
function printHelp() {
>&2 echo "\
USAGE: $0 \\
-s PATH_TO_SOURCE_TARBALL \\
-b PATH_TO_BINARIES_TARBALL \\
-O OS \\
-A ARCH \\
-o OUTDIR
Creates the given package type, using the given binaries in the tarball and
configuration files in the source tarball.
"
}
if [ $# -eq 0 ]; then
printHelp
exit 1
fi
SRCDIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
SRC_TARBALL=""
BIN_TARBALL=""
OS=""
ARCH=""
OUTDIR=""
while getopts hs:b:O:A:o: arg; do
case "$arg" in
h) printHelp; exit 1;;
s) SRC_TARBALL="$OPTARG";;
b) BIN_TARBALL="$OPTARG";;
O) OS="$OPTARG";;
A) ARCH="$OPTARG";;
o) OUTDIR="$OPTARG";;
esac
done
if [ -z "$OUTDIR" ] || [ -z "$SRC_TARBALL" ] || [ -z "$BIN_TARBALL" ] || [ -z "$OS" ] || [ -z "$ARCH" ]; then
printHelp
exit 1
fi
# Always build the latest version of the image.
docker build -t influxdata/influxdb/releng/packages:latest "$SRCDIR"
mkdir -p "$OUTDIR"
docker run --rm \
--mount type=bind,source="${OUTDIR}",destination=/out \
--mount type=bind,source="${SRC_TARBALL}",destination=/influxdb-src.tar.gz \
--mount type=bind,source="${BIN_TARBALL}",destination=/influxdb-bin.tar.gz \
influxdata/influxdb/releng/packages:latest -O "$OS" -A "$ARCH"

179
releng/packages/fs/usr/local/bin/influxdb_packages.bash
View File

@ -1,179 +0,0 @@
#!/bin/bash
set -e
function printHelp() {
>&2 echo "\
USAGE: $0 -O OS -A ARCH
Creates packages for the given OS/ARCH, using the influxdb source tarball mounted at
/influxdb-src.tar.gz and the binaries tarball mounted at /influxdb-bin.tar.gz .
"
}
if [ $# -eq 0 ]; then
printHelp
exit 1
fi
OS=""
ARCH=""
while getopts hO:A:s arg; do
case "$arg" in
h) printHelp; exit 1;;
O) OS="$OPTARG";;
# For backwards compatibility, ensure the packages say i386 if using GOARCH=386.
A) ARCH="$(echo "$OPTARG" | sed 's/386/i386/')";;
esac
done
if [ -z "$OS" ] || [ -z "$ARCH" ]; then
printHelp
exit 1
fi
WORK=/influxdata
mkdir -p ${WORK}
tar x -C ${WORK} -zf /influxdb-src.tar.gz
ln -s ${WORK}/influxdb /isrc # Shorthand for influxdb source.
SHA=$(jq -r .sha < "/isrc/.metadata.json")
VERSION=$(jq -r .version < "/isrc/.metadata.json")
ARCHIVE_ROOT_NAME="influxdb-${VERSION}-1"
PKG_ROOT="/pkg/$ARCHIVE_ROOT_NAME"
# Extract the respective binaries to dedicated folders.
mkdir -p /ibin
(cd /ibin && tar xzf /influxdb-bin.tar.gz)
# TODO: $STATIC is always 0
if [ "$OS" == "linux" ] && [ "$STATIC" == "1" ]; then
# Static linux packages get only the binaries and the conf file in the root directory,
# plus the man pages in the full path.
rm -rf "$PKG_ROOT"
mkdir -p "$PKG_ROOT"
cp /ibin/* "$PKG_ROOT/"
cp /isrc/etc/config.sample.toml "$PKG_ROOT/influxdb.conf"
mkdir -p "$PKG_ROOT/usr/share/man/man1"
cp /isrc/man/*.1.gz "$PKG_ROOT/usr/share/man/man1"
# Creating tarball from /pkg, NOT from $PKG_ROOT, so that influxdb-$VERSION-1 directory is present in archive.
(cd /pkg && tar czf "/out/influxdb-${VERSION}-static_${OS}_${ARCH}.tar.gz" ./*)
(cd /out && for f in *.tar.gz; do
md5sum "$f" > "$f.md5"
sha256sum "$f" > "$f.sha256"
done)
elif [ "$OS" == "linux" ] || [ "$OS" == "darwin" ]; then
#############################
####### Data packages #######
#############################
# Create layout for packaging under $PKG_ROOT.
rm -rf "$PKG_ROOT"
mkdir -p "$PKG_ROOT/usr/bin" \
"$PKG_ROOT/var/log/influxdb" \
"$PKG_ROOT/var/lib/influxdb" \
"$PKG_ROOT/usr/lib/influxdb/scripts" \
"$PKG_ROOT/usr/share/man/man1" \
"$PKG_ROOT/etc/influxdb" \
"$PKG_ROOT/etc/logrotate.d"
chmod -R 0755 /pkg
# Copy service scripts.
cp /isrc/scripts/init.sh "$PKG_ROOT/usr/lib/influxdb/scripts/init.sh"
chmod 0644 "$PKG_ROOT/usr/lib/influxdb/scripts/init.sh"
cp /isrc/scripts/influxdb.service "$PKG_ROOT/usr/lib/influxdb/scripts/influxdb.service"
chmod 0644 "$PKG_ROOT/usr/lib/influxdb/scripts/influxdb.service"
cp /isrc/scripts/influxd-systemd-start.sh "$PKG_ROOT/usr/lib/influxdb/scripts/influxd-systemd-start.sh"
chmod 0755 "$PKG_ROOT/usr/lib/influxdb/scripts/influxd-systemd-start.sh"
# Copy logrotate script.
cp /isrc/scripts/logrotate "$PKG_ROOT/etc/logrotate.d/influxdb"
chmod 0644 "$PKG_ROOT/etc/logrotate.d/influxdb"
# Copy sample config.
cp /isrc/etc/config.sample.toml "$PKG_ROOT/etc/influxdb/influxdb.conf"
# Copy data binaries.
cp /ibin/* "$PKG_ROOT/usr/bin/"
# Copy man pages.
cp /isrc/man/*.1.gz "$PKG_ROOT/usr/share/man/man1"
# Make tarball of files in packaging.
BIN_GZ_NAME="/out/influxdb-${VERSION}_${OS}_${ARCH}.tar.gz"
if [ "$STATIC" == "1" ]; then
BIN_GZ_NAME="/out/influxdb-${VERSION}-static_${OS}_${ARCH}.tar.gz"
fi
# Creating tarball from /pkg, NOT from $PKG_ROOT, so that influxdb-$VERSION-1 directory is present in archive.
(cd /pkg && tar czf $BIN_GZ_NAME ./*)
if [ "$OS" == "linux" ] ; then
# Call fpm to build .deb and .rpm packages.
for typeargs in "-t deb" "-t rpm --depends coreutils --depends shadow-utils"; do
ARCH_CONVERTED=$ARCH
pkg_t=$(echo $typeargs | cut -d ' ' -f2)
if [ "$pkg_t" == "rpm" ] && [ $"$ARCH" == "armhf" ]; then
ARCH_CONVERTED="armv7hl"
elif [ "$pkg_t" == "rpm" ] && [ $"$ARCH" == "arm64" ]; then
ARCH_CONVERTED="aarch64"
fi
FPM_NAME=$(
fpm \
-s dir \
$typeargs \
--depends curl \
--log error \
--vendor InfluxData \
--url "https://influxdata.com" \
--after-install /isrc/scripts/post-install.sh \
--before-install /isrc/scripts/pre-install.sh \
--after-remove /isrc/scripts/post-uninstall.sh \
--license Proprietary \
--maintainer "support@influxdb.com" \
--directories /var/log/influxdb \
--directories /var/lib/influxdb \
--rpm-attr 755,influxdb,influxdb:/var/log/influxdb \
--rpm-attr 755,influxdb,influxdb:/var/lib/influxdb \
--description 'Distributed time-series database.' \
--config-files /etc/influxdb/influxdb.conf \
--config-files /etc/logrotate.d/influxdb \
--name "influxdb" \
--architecture "$ARCH_CONVERTED" \
--version "$VERSION" \
--iteration 1 \
-C "$PKG_ROOT" \
-p /out \
| ruby -e 'puts (eval ARGF.read)[:path]' )
echo "fpm created $FPM_NAME"
NEW_NAME=$(echo "$FPM_NAME" | rev | sed "s/1-//" | rev)
echo "renaming to ${NEW_NAME}"
mv "${FPM_NAME}" "${NEW_NAME}"
done
fi
#############################
######### Checksums #########
#############################
(cd /out && find . \( -name '*.deb' -o -name '*.rpm' -o -name '*.tar.gz' \) -exec sh -c 'md5sum {} > {}.md5 && sha256sum {} > {}.sha256' \;)
elif [ "$OS" == "windows" ]; then
# Windows gets the binaries and the sample config file.
rm -rf "$PKG_ROOT"
mkdir -p "$PKG_ROOT"
cp /ibin/*.exe "$PKG_ROOT"
cp /isrc/etc/config.sample.toml "$PKG_ROOT/influxdb.conf"
(cd /pkg && zip -9 -r "/out/influxdb-${VERSION}_${OS}_${ARCH}.zip" ./*)
(cd /out && for f in *.zip; do
md5sum "$f" > "$f.md5"
sha256sum "$f" > "$f.sha256"
done)
else
>&2 echo "Unrecognized OS: $OS"
exit 1
fi

8
scripts/logrotate
View File

@ -1,8 +0,0 @@
/var/log/influxdb/influxd.log {
daily
rotate 7
missingok
dateext
copytruncate
compress
}