build: release of debs to our debian repo.

.circleci/config.yml

@@ -398,8 +398,9 @@ jobs:
 
   deploy-release:
     docker:
-      - image: grafana/grafana-ci-deploy:1.0.0
+      - image: xlson/aptly-ci:0.1
     steps:
+      - checkout
       - attach_workspace:
           at: .
       - run:
@@ -417,6 +418,15 @@ jobs:
       - run:
           name: Deploy to Grafana.com
           command: './scripts/build/publish.sh'
+      - run:
+          name: Load GPG private key
+          comand: './scripts/build/load-signing-key.sh'
+      - run:
+          name: Update Debian repository
+          command: './scripts/build/update_repo/update-deb.sh "oss" "$GPG_KEY_PASSWORD"'
+      - run:
+          name: Update RPM repository
+          command: 'ls'
 
 workflows:
   version: 2

scripts/build/load-signing-key.sh

@@ -0,0 +1,7 @@
+#!/usr/bin/env bash
+
+set -e
+
+git clone git@github.com:torkelo/private.git ~/private-repo
+gpg --batch --allow-secret-key-import --import ~/private-repo/signing/private.key
+pkill gpg-agent

scripts/build/update_repo/aptly.conf

@@ -0,0 +1,27 @@
+{
+  "rootDir": "/deb-repo/db",
+  "downloadConcurrency": 4,
+  "downloadSpeedLimit": 0,
+  "architectures": [],
+  "dependencyFollowSuggests": false,
+  "dependencyFollowRecommends": false,
+  "dependencyFollowAllVariants": false,
+  "dependencyFollowSource": false,
+  "dependencyVerboseResolve": false,
+  "gpgDisableSign": false,
+  "gpgDisableVerify": false,
+  "gpgProvider": "gpg2",
+  "downloadSourcePackages": false,
+  "skipLegacyPool": true,
+  "ppaDistributorID": "ubuntu",
+  "ppaCodename": "",
+  "skipContentsPublishing": false,
+  "FileSystemPublishEndpoints": {
+    "repo": {
+      "rootDir": "/deb-repo/repo",
+      "linkMethod": "copy"
+    }
+  },
+  "S3PublishEndpoints": {},
+  "SwiftPublishEndpoints": {}
+}

scripts/build/update_repo/sign-repo.sh

@@ -0,0 +1,7 @@
+#!/usr/bin/env expect
+
+set password [lindex $argv 0]
+spawn aptly publish repo grafana filesystem:repo:grafana
+expect "Enter passphrase: "
+send -- "$password\r"
+expect eof

scripts/build/update_repo/update-deb.sh

@@ -0,0 +1,38 @@
+#!/usr/bin/env bash
+
+RELEASE_TYPE="${1:-}"
+GPG_PASS="${2:-}"
+
+if [ -z "$RELEASE_TYPE" -o -z "$GPG_PASS" ]; then
+    exit 1
+fi
+
+set -e
+
+# Setup environment
+cp scripts/build/update_repo/aptly.conf /etc/aptly.conf
+mkdir -p /deb-repo/db
+mkdir -p /deb-repo/repo
+
+# Download the database
+gsutil -m rsync -r gs://grafana-aptly-db/repo-db /deb-repo/db
+
+# Add the new release to the repo
+set +e
+aptly publish drop squeeze filesystem:repo:grafana
+set -e
+aptly repo add grafana ./dist
+
+# Setup signing and sign the repo
+
+echo "allow-loopback-pinentry" > ~/.gnupg/gpg-agent.conf
+echo "pinentry-mode loopback" > ~/.gnupg/gpg.conf
+
+./scripts/build/update_repo/sign-repo.sh "$GPG_PASS"
+
+# Update the repo and db on gcp
+gsutil -m rsync -r -d /deb-repo/db gs://grafana-aptly-db/repo-db
+gsutil -m rsync -r -d /deb-repo/repo/grafana "gs://grafana-repo/$RELEASE_TYPE/deb"
+
+# usage:
+# deb https://grafana-repo.storage.googleapis.com/oss/deb squeeze main

scripts/build/update_repo/update-rpm.sh

@@ -0,0 +1 @@
+#!/usr/bin/env bash