Cloud-native build system and release tools tailored to building, releasing, and maintaining Enterprise Linux distributions and forks
Go to file
Mustafa Gezen 6e77412823
Import RPM key to verify signature and stop blocking on failure
Previously Keykeeper had a faulty verify check, where `rpm --checksig` didn't actually work because the RPM key was never imported. This would normally be caught but the TaskSignature creation was done after every signature without a transaction. That led to the activity succeeding next launch with either a faulty signed RPM or a correctly signed RPM.

We caught all instances of this by verifying signature of all artifacts during compose, but it was an annoying problem that we would run into occasionally. This should fix that.
2022-11-05 18:32:58 +01:00
.github/ISSUE_TEMPLATE add issue templates 2022-07-12 11:06:59 -07:00
.ijwb Default copyright profile 2022-11-04 03:30:09 +01:00
apollo Fix header wrapping in safari. Add tooltip to type/severity row icons 2022-11-02 09:09:13 -07:00
bases Fine tune manual targets 2022-10-30 04:29:29 +01:00
build/bazel Initial commit 2022-07-07 22:13:21 +02:00
ci Support changing local domain 2022-11-04 03:30:10 +01:00
common Initial Helm support 2022-10-31 03:23:40 +01:00
config Block PRs with merge commits 2022-11-01 23:57:35 +01:00
docs docs: Pretty up the yumrepofs doc, pending further expansion 2022-07-08 08:19:52 -07:00
dotui Initial commit 2022-07-07 22:13:21 +02:00
google Initial commit 2022-07-07 22:13:21 +02:00
hack Fetch all refs, then use HEAD~ to get previous merge, then checkout back to current commit 2022-11-01 21:30:06 +01:00
hydra Fix references to resfdeploy 2022-10-30 09:18:01 +01:00
infrastructure Rename all to rules_resf and resf_frontend 2022-10-30 08:58:16 +01:00
initdb Rename all to rules_resf and resf_frontend 2022-10-30 08:58:16 +01:00
koji Initial commit 2022-07-07 22:13:21 +02:00
modulemd Support modulemd v3 and module sync 2022-11-04 03:30:10 +01:00
nofussvendor Initial commit 2022-07-07 22:13:21 +02:00
obsidian Obsidian: Explain callbackForwarder 2022-11-01 04:49:59 +01:00
patches Initial commit 2022-07-07 22:13:21 +02:00
peridot Import RPM key to verify signature and stop blocking on failure 2022-11-05 18:32:58 +01:00
platforms Initial Helm support 2022-10-31 03:23:40 +01:00
proto Initial commit 2022-07-07 22:13:21 +02:00
protoc-gen-openapiv2 Initial commit 2022-07-07 22:13:21 +02:00
publisher Rename all to rules_resf and resf_frontend 2022-10-30 08:58:16 +01:00
rules_raw_ts_library Initial commit 2022-07-07 22:13:21 +02:00
rules_resf Support changing local domain 2022-11-04 03:30:10 +01:00
servicecatalog Rename all to rules_resf and resf_frontend 2022-10-30 08:58:16 +01:00
spicedb Fix references to resfdeploy 2022-10-30 09:18:01 +01:00
tailwind Initial commit 2022-07-07 22:13:21 +02:00
temporalutils Rename all to rules_resf and resf_frontend 2022-10-30 08:58:16 +01:00
third_party Initial commit 2022-07-07 22:13:21 +02:00
tools Support changing local domain 2022-11-04 03:30:10 +01:00
utils Fix dev mode for yumrepofs 2022-11-04 03:30:10 +01:00
validate Initial commit 2022-07-07 22:13:21 +02:00
vendor Vendor 2022-11-04 03:30:09 +01:00
views Initial commit 2022-07-07 22:13:21 +02:00
wrksp Initial commit 2022-07-07 22:13:21 +02:00
.bazelignore Initial commit 2022-07-07 22:13:21 +02:00
.bazelrc Remove repo downloader for now 2022-10-30 07:58:12 +01:00
.bazelversion Initial commit 2022-07-07 22:13:21 +02:00
.editorconfig Initial commit 2022-07-07 22:13:21 +02:00
.envrc Add support for .envrc.local 2022-11-04 03:30:09 +01:00
.envrc.prod.extarches Initial commit 2022-07-07 22:13:21 +02:00
.envrc.prod.mustafarocky Sync-01 - 10/30/2022 2022-10-30 02:59:43 +01:00
.envrc.prod.quaymirror Initial commit 2022-07-07 22:13:21 +02:00
.envrc.prod.resf Initial commit 2022-07-07 22:13:21 +02:00
.gitignore Add .envrc.local to gitignore 2022-11-04 03:30:10 +01:00
.gitlab-ci.yml Initial commit 2022-07-07 22:13:21 +02:00
.prettierrc Initial commit 2022-07-07 22:13:21 +02:00
BUILD.bazel Downgrade gazelle again and switch to bazel-diff 2022-10-30 09:27:01 +01:00
CONTRIBUTORS Fix maintainers list 2022-07-08 22:40:40 +02:00
COPYRIGHT Initial commit 2022-07-07 22:13:21 +02:00
go.mod Go.mod upgrades (srpmproc and aws-sdk-go) 2022-11-04 03:30:10 +01:00
go.sum Go.mod upgrades (srpmproc and aws-sdk-go) 2022-11-04 03:30:10 +01:00
LICENSE Initial commit 2022-07-07 22:13:21 +02:00
nogo.json Initial commit 2022-07-07 22:13:21 +02:00
OWNERS Add owners and prow config 2022-10-30 02:21:39 +02:00
OWNERS_ALIASES Add owners and prow config 2022-10-30 02:21:39 +02:00
package.json Update errata visual design and add additional filters 2022-10-31 09:51:22 -07:00
peridot.code-workspace Initial commit 2022-07-07 22:13:21 +02:00
README.md Rename all to rules_resf and resf_frontend 2022-10-30 08:58:16 +01:00
tsconfig.json Add Cancel button to running tasks 2022-10-30 22:10:39 +01:00
WORKSPACE Initial Helm support 2022-10-31 03:23:40 +01:00
yarn.lock Update errata visual design and add additional filters 2022-10-31 09:51:22 -07:00

Peridot

Named after the Gemstone, Peridot (pronounced - PERR-ih-dot) is a cloud-native build and release tool used for building, releasing and maintaining Linux distributions and forks.

Structure

Other components pending

  • publisher - Composer for Peridot (currently only includes legacy mode)
  • peridot - Modern build system
  • apollo - Errata mirroring and publishing platform
  • utils - Common utilities
  • modulemd - Modulemd parser in Go

Development

Before the setup install jq, bazelisk, docker and kubectl. A local Kubernetes cluster is also required. Docker Desktop is a good solution.

Initial setup (will soon be replaced by one command dev cluster)

# In the directory where you downloaded istio
bin/istioctl install --set profile=default --set hub=docker.io/querycapistio --set tag=1.12.1 -y
# On aarch64 (ex. M1 Mac) only and add arm64 to list of preferred schedule archs
# Run this while install is running
kubectl -n istio-system edit deployment istio-ingressgateway
sudo hack/deploy_dev_registry
hack/setup_external_dev_services
# Run `kubectl get svc` and add the port of postgres-postgresql to your rc file
# Example:
# postgres-postgresql          NodePort    10.102.68.75     <none>        5432:32442/TCP                  3m32s
# export POSTGRES_PORT="32442"
hack/setup_k8s_dev_env
git clone https://github.com/temporalio/temporal /tmp/temporal && pushd /tmp/temporal && make temporal-sql-tool && popd && hack/setup_dev_temporal /tmp/temporal
# Sometimes the namespace registration may fail because
# Temporal tools CrashLooped before we could run the migrations.
# Run `kubectl delete pods -l "app.kubernetes.io/name=temporal"` and then re-run
# `kubectl exec -it services/temporal-admintools -- tctl --namespace default namespace re`
hack/setup_base_internal_services
# For the cert, mkcert is recommended (mkcert.dev)
# Add default cert using `kubectl -n istio-system create secret tls default-cert --cert=cert.pem --key=cert.key`
# Create the Istio gateway
bazel run //infrastructure/istio-dev

Running ./hack/govendor should create the necessary structure for development

For best experience use IntelliJ+Bazel but govendor creates structure that is compatible with all other Go tools

Auto generate (only) BUILD files for Go

bazel run //:gazelle

Vendor Go dependencies

./hack/govendor

Run UI in development mode

ibazel run //TARGET:TARGET.server - example: ibazel run //apollo/ui:apollo.server

Find UI server targets

bazel query 'attr(tags, "resf_frontend_server", //...)'