jenkins-debian-glue and LXC

Written by dashie September 24, 2016

First you can install Jenkins and then follow the guide here to manually install jenkins-debian-glue.

Then you will need to:

  • Install pbuilder from jessie backports
  • Use in the build section for binaries:
Instead of:
/usr/bin/build-and-provide-package
I used (enabling freight too):
export PBUILDER_CONFIG=/etc/pbuilder_lxc
export USE_FREIGHT=true
export SUDO_CMD=sudo
export KEYID="pkg@sigpipe.me"
/usr/bin/build-and-provide-package
rsync -lrt --stats --delete --force --ignore-errors /var/cache/freight/ 10.0.0.101::jenkins-deb-repo-cutecw >/dev/null

File /etc/pbuilder_lxc:

USEDEVFS=no
USEDEVPTS=no
USESYSFS=no
USEPROC=no

Sudo config:

# If using Reprepro instead of Freight, stick with the sudoer from j-d-g manual

# You will temporarilly need for first success build:
jenkins ALL=NOPASSWD: ALL
# Since there is some /bin/sh cat etc... to build config

# Then use afterwards:
# jenkins ALL=NOPASSWD: /usr/sbin/cowbuilder, /usr/sbin/chroot, /bin/mkdir, /bin/rm -rf, /usr/local/bin/freight

Defaults env_keep+="DEB_* DIST ARCH"
  • Edit /usr/share/debootstrap/functions
  • Line 1027, in_target mount -t sysfs sysfs /sys comment that line

In your LXC host (like proxmox):

  • Edit /etc/apparmor.d/lxc/lxc-default

  • Add mount options=(rw, bind, ro), the line after the deny mount...

  • Reload apparmor /etc/init.d/apparmor reload

Remember that:

  • Most of the time dev, proc and sys are useless
  • You can't mount sysfs in LXC
  • We told pbuilder to not use anything, we don't care for debootstrap except for sysfs

If I have not forgot anything you should be good to go...

This article is under the CC-BY-SA license.

Log in, or use your Fediverse account to interact with this article

0

Boost

Comments

No comments yet. Be the first to react!