Skip to main content

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
Re: [cbi-dev] Building maven artifacts for Eclipse SUMO

We cannot run the containers as root for security reasons. If you want to add additional tools, you need to define your own image, push it to some registry (e.g. docker hub or quay.io) and use it instead of the stock ubuntu image.

Mikaël Barbero 
Manager — Release Engineering and Technology | Eclipse Foundation
🐦 @mikbarbero
Eclipse Foundation: The Platform for Open Innovation and Collaboration

On 24 Mar 2021, at 14:07, Robert.Hilbrich@xxxxxx wrote:

Thank you – I tried and with your help, we are now able to clone the repository. I was also able to use ubuntu:20.04 as a custom image. My next move was to install the compiler tools (apt-get update && apt-get install cmake gcc …). Unfortunately, that fails with:
 
[Pipeline] sh
+ apt-get update
Reading package lists...
E: List directory /var/lib/apt/lists/partial is missing. - Acquire (13: Permission denied)
[Pipeline] }
 
I read that you are running the docker images without root privileges – how can we install the compilers and necessary libraries to the stock ubuntu image?
 
Thanks for any pointers,
Robert
 
From: cbi-dev <cbi-dev-bounces@xxxxxxxxxxx> On Behalf Of Mikael Barbero
Sent: Monday, March 22, 2021 8:38 AM
To: Common-build Developers discussion <cbi-dev@xxxxxxxxxxx>
Cc: karl.schrab@xxxxxxxxxxxxxxxxxxx; Behrisch, Michael <Michael.Behrisch@xxxxxx>
Subject: Re: [cbi-dev] Building maven artifacts for Eclipse SUMO
 
Hi Robert, 
 
see my answers inline.
 
On 19 Mar 2021, at 17:12, Robert.Hilbrich@xxxxxx wrote:
 
Hi CBI-Dev members,
 
the Eclipse SUMO project is currently hosted on GitHub, based on C++ and built with GitHub actions & cmake. As part of our build process, we also create jars (java-bindings for an interface to SUMO – see: https://github.com/orgs/eclipse/packages?repo_name=sumo), which we would like to make publicly available for maven builds. Unfortunately, GitHub Packages require an access token to consume maven artifacts which is a show stopper for other projects relying on our packages. Therefore, we decided to use the Eclipse infrastructure and opened a bug to havehttps://repo.eclipse.org/content/repositories/sumo/ created for us. So far so good … 
 
Unfortunately, we cannot push the artifacts from the GitHub actions build tohttp://repo.eclipse.org, because upload from external sources is currently not possible. Therefore, our only options seems to be to also build SUMO on Jenkins (in addition to the GitHub actions) and to publish the artifacts from the Jenkins build. 
 
We tried to go through the wiki page and experimented with a basic Jenkinsfile on ci.eclipse.org (see: https://github.com/eclipse/sumo/blob/master/Jenkinsfile). For this purpose, we started with a “Multibranch Pipeline” configuration (https://ci.eclipse.org/sumo/job/sumo-build/). However, the repository cloning process already fails at 58% with an exception – as seen in the logs below.
 
Our questions are:
  • Is our approach ok? Is there a better way to achieve our goal?
 
This approach is perfectly fine.


  •  
  • How can we successfully clone the repo in the container infrastructure? Yes – the repo of SUMO has grown to a repo size of 750MB over the years …
 
Given the size of the repo, the build job resources may need to be tweaked (the jnlp container to be precise). Could you please open a ticket at https://bugs.eclipse.org/bugs/enter_bug.cgi?product=Community&component=CI-Jenkins so that we can help you with this?
 
  •  
  • How can we use an ubuntu image with cmake and gcc to build SUMO (instead of maven:alpine)?
 
You can build you own image, push it to docker hub (or quay or gcr) and use that from your Jenkinsfile. See https://wiki.eclipse.org/Jenkins#Custom_container for details.


  •  
  • How can we configure the infrastructure to trigger the Jenkins build based on tagged commits to the GitHub Repository master branch only?
 
I don't think it's possible to trigger builds on tagged commits in a specific branch only, but I guess the Jenkinsfile can be adapted to filter steps on branch/tags in order to do what you want (see https://www.jenkins.io/doc/book/pipeline/syntax/#when).
 
Cheers,
 
 
Mikaël Barbero 
Manager — Release Engineering and Technology | Eclipse Foundation
🐦 @mikbarbero
Eclipse Foundation: The Platform for Open Innovation and Collaboration
 
_______________________________________________
cbi-dev mailing list
cbi-dev@xxxxxxxxxxx
To unsubscribe from this list, visit https://www.eclipse.org/mailman/listinfo/cbi-dev

Attachment: signature.asc
Description: Message signed with OpenPGP


Back to the top