Chef-soloにてrpmをビルド
開発環境
OS:CentOS6.6(64bit) ruby:2.2.2p95 rubygems:2.4.5 chef:12.4.0 cookbook:rpm
事前作業
ソースRPMとパッチを取得のレシピを作成 getpatch.rb
src_url = "http://vault.centos.org/6.5/os/Source/SPackages/openssl-1.0.1e-15.el6.src.rpm"
src_file = "openssl-1.0.1e-15.el6.src.rpm"
src_path = "/tmp/#{src_file}"
git_path = "/tmp/openssl"
patch_file = "openssl-1.0.1e-cve-2015-0293.patch"
patch_path = "#{git_path}/SOURCES/#{patch_file}"
rpm_path = "/root/rpmbuild/SOURCES/"
# ソースrpmをダウンロード
remote_file src_path do
not_if { File.exists?("#{src_path}") }
source src_url
end
# ソースの解凍
rpm_package "openssl_install" do
action :install
source "#{src_path}"
end
# gitコマンドを使用するためインストール
yum_package "git" do
not_if "rpm -qa | grep ^git"
action :install
end
# clone元ディレクトリを削除
execute "dir delete" do
only_if "test -d #{git_path}"
command <<-EOC
rm -rf #{git_path}
EOC
end
# gitでclone
git "/tmp/openssl" do
repository "https://github.com/ptudor/centos6-openssl"
revision "master"
action :sync
end
# パッチを展開先ソースディレクトリへコピー
execute "patch copy" do
not_if { File.exists?("#{rpm_path}/#{patch_file}") }
command <<-EOC
cp -fp #{patch_path} #{rpm_path}
EOC
end
# rpm-buildをインストール
yum_package 'rpm-build' do
not_if "rpm -qa | grep ^rpm-build"
action :install
end
# gccをインストール
yum_package 'gcc' do
not_if "rpm -qa | grep ^gcc"
action :install
end
作成したgetpatchレシピを実行
$ chef-solo -o rpm:getpatch
SPECファイルを編集※省略
ビルド用のレシピを作成 build.rb
src_file = "openssl.spec"
src_path = "/root/rpmbuild/SPECS/#{src_file}"
execute "rpm build" do
command <<-EOC
rpmbuild -ba #{src_path}
EOC
end
作成したbuildレシピを実行
$ chef-solo -o rpm:build
