Using Jenkins to build nginx

Last time we installed and configured Jenkins (see Leeeroooy Jenkins or let's do some CI/CD). Let's build nginx with Jenkins today.

We want everything in Git for this. This means we have to install Git and the Git Jenkins plugin (internal network here, that's why the wget calls instead of the built-in Jekins plugin manager).

# pkg install --no-backup-be git
           Packages to install:  1
            Services to change:  1
...

# su - jenkins
$ cd /tank/jenkins/plugins
$ wget https://updates.jenkins-ci.org/latest/git.hpi \
       https://updates.jenkins-ci.org/latest/scm-api.hpi \
       https://updates.jenkins-ci.org/latest/workflow-scm-step.hpi \
       https://updates.jenkins-ci.org/latest/workflow-step-api.hpi \
       https://updates.jenkins-ci.org/latest/mailer.hpi \
       https://updates.jenkins-ci.org/latest/display-url-api.hpi \
       https://updates.jenkins-ci.org/latest/matrix-project.hpi \
       https://updates.jenkins-ci.org/latest/junit.hpi \
       https://updates.jenkins-ci.org/latest/script-security.hpi \
       https://updates.jenkins-ci.org/latest/credentials.hpi \
       https://updates.jenkins-ci.org/latest/git-client.hpi \
       https://updates.jenkins-ci.org/latest/ssh-credentials.hpi \
       https://updates.jenkins-ci.org/latest/structs.hpi
...
$ chown jenkins:jenkins *.hpi

# svcadm restart tomcat8

There should be a Git plugin an the Jenkins website when you click on "Manage Jenkins" -> "Manage Plugins" -> "Installed"

There is? Good, time to switch to a personal user to create our first Git repo (or use an existing one).

$ git init
Initialized empty Git repository in /home/sparcy/jenkins/.git/
$ git config --global user.email "sparcy@jenkins.mycompany.com"
$ git config --global user.name "SPARCy"

And populate it with the bits we need to compile nginx. See How to build software on Solaris 11/SPARC for an explanation where the compiler flags are taken from. Some background on building nginx can be found at nginx on Solaris 11.3 SRU 19 with EC crypto and HTTP/2 support as well.

$ cat << EOF > compiler.sh
export SHELL='/bin/bash'
export NM='/usr/gnu/bin/nm'
export MAKE='/usr/bin/gmake'
export PATH="$(getconf PATH):/opt/solarisstudio12.6/bin"

CPP_LF64="$(getconf LFS64_CFLAGS)"
CPP_XPG6MODE='-D_XOPEN_SOURCE=600 -D__EXTENSIONS__=1 -D_XPG6'
export CPPFLAGS="$CPP_LF64 $CPP_XPG6MODE"

studio_XBITS='-xarch=sparcvis2'
studio_C99_ENABLE='-xc99=all'
studio_FEATURES_EXTENSIONS='-features=extensions'
studio_OPT='-xO4'
studio_PIC='-KPIC -DPIC'
studio_IROPTS='-W2,-xwrap_int'
studio_XREGS='-Qoption cg -xregs=no%appl'
studio_ALIGN='-xmemalign=16s'
studio_MT='-mt'

export CC='/opt/developerstudio12.6/bin/cc'
export CFLAGS="-m64 $studio_OPT $studio_XBITS $studio_XREGS $studio_IROPTS $studio_C99_ENABLE $studio_MT $studio_PIC $studio_ALIGN"

studio_NORUNPATH='-norunpath'
studio_CXXLIB_CSTD='-library=Cstd,Crun'

export CXX='/opt/developerstudio12.6/bin/CC'
export CXXFLAGS="-m64 $studio_OPT $studio_XBITS $studio_XREGS $studio_IROPTS $studio_PIC $studio_NORUNPATH $studio_CXXLIB_CSTD $studio_ALIGN"

LD_Z_IGNORE='-zignore'
LD_Z_STRIP_CLASS='-zstrip-class=comment'
LD_B_DIRECT='-Bdirect'
LD_Z_PIE_ENABLE='-ztype=pie'
ASLR_ENABLE='-zaslr=enable'
NXSTACK_ENABLE='-znxstack=enable'
NXHEAP_ENABLE='-znxheap=enable'
LD_MAP_NOEXBSS='-M /usr/lib/ld/map.noexbss'
LD_MAP_PAGEALIGN='-M /usr/lib/ld/map.pagealign'

export LDFLAGS="-m64 $LD_MAP_NOEXBSS $LD_MAP_PAGEALIGN $LD_B_DIRECT $LD_Z_IGNORE $LD_Z_STRIP_CLASS $ASLR_ENABLE $NXSTACK_ENABLE $NXHEAP_ENABLE $LD_Z_PIE_ENABLE"

export PKG_CONFIG_PATH="/usr/lib/64/pkgconfig"

# also change package.sh when changing DESTDIR
export DESTDIR="$WORKSPACE/$JOB_NAME/proto"
EOF

$ mkdir nginx
$ cd nginx
$ cat << EOF > build.sh
#!/bin/bash

set -ex

. $WORKSPACE/compiler.sh

VER="1.13.5"
rm -rf nginx-$VER
wget https://mirror.mycompany.com/distfiles/nginx-${VER}.tar.gz
gzcat nginx-${VER}.tar.gz | pax -r
cd nginx-$VER
#gpatch -p1 < $WORKSPACE/$JOB_NAME/nginx.patch

./configure --prefix=/opt/nginx --user=webservd --group=webservd \
    --with-cc-opt="$CPPFLAGS $CFLAGS" --with-ld-opt="$LDFLAGS" \
    --with-cpu-opt=sparc64 --with-threads --with-http_ssl_module \
    --with-http_v2_module --pid-path=/var/run/nginx.pid
perl -w -pi -e 's/-fast -xipo //; s/-g //' objs/Makefile
$MAKE build

# Install

rm -rf $DESTDIR
$MAKE DESTDIR=$DESTDIR install

rmdir $DESTDIR/var/run $DESTDIR/var

mkdir -p $DESTDIR/lib/svc/manifest/site $DESTDIR/etc/logadm.d

#/usr/sbin/svccfg validate $WORKSPACE/$JOB_NAME/nginx.xml
#cp $WORKSPACE/$JOB_NAME/nginx.xml $DESTDIR/lib/svc/manifest/site/

#cp $WORKSPACE/$JOB_NAME/nginx.conf $DESTDIR/opt/nginx/conf/
openssl dhparam -engine pkcs11 -out $DESTDIR/opt/nginx/conf/dhparam.pem 2048

#cp $WORKSPACE/$JOB_NAME/nginx.logadm.conf $DESTDIR/etc/logadm.d/
EOF

$ chmod +x build.sh
$ cd ..
$ git add compiler.sh nginx
$ git commit -m "Initial nginx import"

The next steps assume we have the Developer Studio compiler installed, again see How to build software on Solaris 11/SPARC on how to get it. We need some tools like GNU make and binutils, too.

# pkg install --no-backup-be developer/build/gnu-make developer/gnu-binutils
           Packages to install:  2
            Services to change:  1
...

Time to create our first item in Jenkins now. We use nginx for Enter an item name and make it a Freestyle project.

Jenkins System Properties

Select Git as Source Code Management and insert the path to the git repo you initialized above.

Jenkins System Properties

In Build, select Execute Shell and make it execute the following two lines.

cd $WORKSPACE/nginx
./build.sh

Jenkins System Properties

Click Build Now and Jenkins will start building nginx for us.

Links

• Jenkins Git Plugin
• Automated Application Development and Deployment with DevOps on Oracle Solaris 11
• Continuous Integration with Jenkins, Mercurial and CppUnit on C++