From 7c0e7c6e71f4cbc5466008e8fb497a1130d83c73 Mon Sep 17 00:00:00 2001 From: Duncan Macleod Date: Fri, 21 Mar 2025 11:16:21 +0000 Subject: [PATCH 1/2] actions: update RPM build workflow Build a tarball using python-build, then use that to build the SRPM Use dnf instead of yum throughout --- .github/workflows/build.yml | 76 ++++++++++++++++++++++++------------- 1 file changed, 50 insertions(+), 26 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 9440769..4df0a5c 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -20,11 +20,45 @@ concurrency: cancel-in-progress: true jobs: + tarball: + name: Tarball + + runs-on: ubuntu-latest + + steps: + - name: Get source code + uses: actions/checkout@v4 + + - name: Set up Python ${{ matrix.python-version }} + uses: actions/setup-python@v5 + with: + python-version: '3.x' + + - name: Install build requirements + run: python -m pip install build + + - name: Create distributions + run: python -m build . --sdist --wheel --outdir . + + - uses: actions/upload-artifact@v4 + with: + name: tarball + path: htgettoken-*.tar.* + if-no-files-found: error + + - uses: actions/upload-artifact@v4 + with: + name: wheel + path: htgettoken*.whl + if-no-files-found: error + # -- RPM builds -- # Build the Source RPM rhel-srpm: name: EL ${{ matrix.version }} (${{ matrix.distro }}) source package + needs: + - tarball strategy: fail-fast: false matrix: @@ -36,29 +70,23 @@ jobs: version: 9 runs-on: ubuntu-latest container: ${{ matrix.distro }}:${{ matrix.version }} + env: + TARBALL: "htgettoken-*.tar.*" steps: - - name: Get source code - uses: actions/checkout@v3 + - name: Download tarball + uses: actions/download-artifact@v4 + with: + name: tarball - name: Configure SRPM build tools run: | - yum -y install \ - make \ - python-srpm-macros \ + dnf -y install \ + "*-srpm-macros" \ rpm-build \ - yum-utils \ ; - - name: Create distributions - run: make sources - - name: Create source package - run: | - rpmbuild \ - --define "_sourcedir $(pwd)" \ - --define "_srcrpmdir $(pwd)" \ - -bs \ - htgettoken.spec + run: rpmbuild -ts --define "_srcrpmdir $(pwd)" ${TARBALL} - uses: actions/upload-artifact@v4 with: @@ -96,24 +124,20 @@ jobs: dnf config-manager --set-enabled crb - name: Configure EPEL - run: yum -y install epel-release + run: dnf -y install epel-release - name: Install build tools run: | - yum -y -q install \ + dnf -y -q install \ rpm-build \ - yum-utils \ + "dnf-command(builddep)" \ ; - - name: Install epel-rpm-macros - if: matrix.version < 9 - run: yum -y -q install epel-rpm-macros - - name: Install build dependencies - run: yum-builddep -y htgettoken-*.src.rpm + run: dnf builddep -y htgettoken-*.src.rpm - name: List installed packages - run: yum list installed + run: dnf list installed - name: Build binary packages run: | @@ -164,10 +188,10 @@ jobs: name: rpm-${{ matrix.distro }}-${{ matrix.version }} - name: Configure EPEL - run: yum -y install epel-release + run: dnf -y install epel-release - name: Install RPMs - run: yum -y install *.rpm + run: dnf -y install *.rpm - name: Test htgettoken run: /usr/bin/htgettoken --help From 9bf809c2d6838f9cd4245aac7d85f00837ada91f Mon Sep 17 00:00:00 2001 From: Duncan Macleod Date: Fri, 21 Mar 2025 12:32:47 +0000 Subject: [PATCH 2/2] Update RPM spec file to use python3-devel This ensures that full Python metadata is built and installed with the binary RPM(s) --- htgettoken.spec | 35 +++++++++++++++-------------------- 1 file changed, 15 insertions(+), 20 deletions(-) diff --git a/htgettoken.spec b/htgettoken.spec index e7cf188..a3f273f 100644 --- a/htgettoken.spec +++ b/htgettoken.spec @@ -14,22 +14,21 @@ Prefix: %{_prefix} # https://codeload.github.com/fermitools/htgettoken/tar.gz/%%{version} Source0: %{name}-%{version}.tar.gz -# rpmbuild dependencies -BuildRequires: python-rpm-macros -BuildRequires: python3-rpm-macros - # build dependencies -BuildRequires: python3 -BuildRequires: python%{python3_pkgversion}-pip -BuildRequires: python%{python3_pkgversion}-setuptools -BuildRequires: python%{python3_pkgversion}-wheel +BuildRequires: python3-devel +BuildRequires: python3dist(pip) +BuildRequires: python3dist(setuptools) +BuildRequires: python3dist(wheel) # -- Package: htgettoken # /usr/bin/htgettoken: -Requires: python%{python3_pkgversion}-gssapi -Requires: python%{python3_pkgversion}-paramiko -Requires: python%{python3_pkgversion}-urllib3 +# For RHEL>=9 all requirements automatically provided by Python metadata +%if 0%{?rhel} && 0%{?rhel} < 9 +Requires: python3dist(gssapi) +Requires: python3dist(paramiko) +Requires: python3dist(urllib3) +%endif # /usr/bin/httokendecode: Requires: jq Recommends: scitokens-cpp @@ -50,19 +49,11 @@ htgettoken gets OIDC bearer tokens by interacting with Hashicorp vault %autosetup -n %{name}-%{version} %build -%if 0%{?rhel} >= 9 %py3_build_wheel -%else -%py3_build -%endif %install # install the Python project -%if 0%{?rhel} >= 9 %py3_install_wheel %{name}-%{version}-*.whl -%else -%py3_install -%endif # link httokendecode to htdecodetoken (cd %{buildroot}%{_bindir}/; ln -s htdecodetoken httokendecode) # install man pages @@ -71,7 +62,7 @@ gzip -c %{name}.1 >%{buildroot}%{_datadir}/man/man1/%{name}.1.gz for f in %{name} htdestroytoken htdecodetoken httokensh; do gzip -c $f.1 >%{buildroot}%{_datadir}/man/man1/$f.1.gz done -ln -s htdecodetoken.1 %{buildroot}%{_datadir}/man/man1/httokendecode.1.gz +ln -s htdecodetoken.1 %{buildroot}%{_datadir}/man/man1/httokendecode.1.gz %clean rm -rf $RPM_BUILD_ROOT @@ -80,6 +71,10 @@ rm -rf $RPM_BUILD_ROOT %changelog +# - Add BuildRequires python3-devel to generate correct Python metadata. +# - Remove explicit Requires for python dependencies, rely on Python metadata. +# - Always build with wheels. + * Tue Feb 25 2025 Dave Dykstra 2.1-1 - Fix htdecodetoken to work with token files that do not end in a newline. - Support args in htgettoken.main() Python entry point.