Are you tired of checking if your favorite devops tools are up-to-date? Are you using a debian based GNU/Linux distribution?
ops2deb is designed to generate Debian packages for common devops tools such as kubectl, kustomize, helm, ...,
but can be used to package any portable application. In short, it consumes a configuration file and outputs .deb packages.
ops2deb can also track new releases of upstream applications and automatically bump application versions in its configuration file.
- Installation
- Dependencies
- Getting started
- Usage examples
- Configuration file
- Development
- Important notes
- Migration guides
With wakemeops
sudo apt-get install ops2debWith pipx
pipx install ops2deb- Python >= 3.10 if installed with
piporpipx - To build debian packages with
ops2deb buildyou need the following packages on your host:
sudo apt install build-essential fakeroot debhelperIf you plan to build packages for armhf and arm64 you will also need the following packages:
sudo apt install binutils-aarch64-linux-gnu binutils-arm-linux-gnueabihfIn a test directory run:
curl https://raw.githubusercontent.com/upciti/ops2deb/main/ops2deb.yml
ops2deb lock # generate lockfile where downloaded file hashes are stored
ops2deb # equivalent to ops2deb generate && ops2deb buildTo check for new releases run:
ops2deb updateThis command updates each blueprint in the ops2deb.yml configuration file with the latest version of the upstream application.
By default ops2deb caches downloaded content in /tmp/ops2deb_cache:
tree /tmp/ops2deb_cacheThe cache can be flushed with:
ops2deb purgeFor more information about existing subcommands and options run ops2deb --help.
The fetch field tells ops2deb to download a file. ops2deb will check the hash
of downloaded files against a lockfile. To generate/update this lockfile, run
ops2dbe lock. By default, the lockfile is named ops2deb.lock.yml.
name: kubectl
version: 1.20.1
summary: command line client for controlling a Kubernetes cluster
description: |
kubectl is a command line client for running commands against Kubernetes clusters.
fetch: https://storage.googleapis.com/kubernetes-release/release/v{{version}}/bin/linux/amd64/kubectl
install:
- kubectl:/usr/bin/Ops2deb can be used to create metapackages:
name: allthethings
version: 0.1.9
architecture: all
summary: install various devops tools
description: Some great description.
depends:
- kubectl
- kustomize
- helm
- helmfile
- devspaceNote that when the fetch key is not used, ops2deb will run the build script from the directory where it was called. Hence for the following blueprint to succeed, you have to run ops2deb from the root directory of this github project.
name: ops2deb
version: 0.15.0
homepage: https://github.com/upciti/ops2deb
summary: debian packaging tool for portable applications
description: |-
Ops2deb is primarily designed to easily generate Debian packages for portable
applications such as single binary applications and scripts. Packages are
described using a simple configuration file format. Ops2deb can track new
releases of upstream applications and automatically bump application versions
in its configuration file.
script:
- poetry install -E pyinstaller
- poetry run task single_binary_application
- install -m 755 build/x86_64-unknown-linux-gnu/release/install/ops2deb {{src}}/usr/bin/If the upstream application is released for multiple architectures,
use the matrix object to generate one source package for each architecture:
name: helm
matrix:
architectures:
- amd64
- armhf
- arm64
version: 3.7.2
homepage: https://helm.sh/
summary: Kubernetes package manager
description: |-
Tool for managing Kubernetes charts.
Charts are packages of pre-configured Kubernetes resources.
depends:
- kubectl
fetch: https://get.helm.sh/helm-v{{version}}-linux-{{goarch}}.tar.gz
script:
- mv linux-*/helm {{src}}/usr/bin/The blueprint above will generate three packages: helm_3.7.2-1~ops2deb_armhf.deb, helm_3.7.2-1~ops2deb_arm64.deb and helm_3.7.2-1~ops2deb_amd64.deb
Note the use of the {{goarch}} variable which maps debian architectures to sensible go architectures.
You can also define your own architecture maps using the fetch.targets field and the {{target}} jinja variable:
name: bottom
matrix:
architectures:
- amd64
- armhf
version: 0.6.6
revision: 2
homepage: https://clementtsang.github.io/bottom
summary: cross-platform graphical process/system monitor
description: |-
A cross-platform graphical process/system monitor with a customizable interface
and a multitude of features. Supports Linux, macOS, and Windows.
Inspired by gtop, gotop, and htop.
fetch:
url: https://github.com/ClementTsang/bottom/releases/download/{{version}}/bottom_{{target}}.tar.gz
targets:
amd64: x86_64-unknown-linux-gnu
armhf: armv7-unknown-linux-gnueabihf
install:
- btm:/usr/bin/You can use {{env("VARIABLE", "a_default")}} in all fields except fetch.targets.*.
The example below uses environment variables set by Gitlab CI:
name: "{{env('CI_PROJECT_NAME')}}"
version: "{{env('CI_COMMIT_TAG', '0')}}"
homepage: "{{env('CI_PROJECT_URL')}}"
summary: awesome application for doing things
description: |-
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor
incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis
nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat.
script:
- install -m 755 build/x86_64-unknown-linux-gnu/release/install/great-app {{src}}/usr/bin/Written in YAML and composed of a single blueprint object or a list of blueprints objects. A blueprint is defined by the following:
| Field | Meaning | Default |
|---|---|---|
name |
Component name, e.g. kustomize. |
|
matrix |
Generate multiple packages from a single blueprint. | None |
version |
Application release to package. | |
revision |
Package revistion. | 1 |
epoch |
Package epoch. | 0 |
architecture |
Package architecture. | amd64 |
homepage |
Upstream project homepage. | None |
summary |
Package short description. | |
description |
Package full description. | |
depends |
List of package dependencies. Corresponds to Depends entry in debian/control. |
[] |
recommends |
List of package recommended dependencies. Corresponds to Recommends entry in debian/control. |
[] |
conflicts |
List of conflicting packages. Corresponds to Conflicts entry in debian/control. |
[] |
fetch |
A file to download. tar.gz, tar.xz, tar, zip and deb archives are extracted automatically. |
None |
pre_script |
Like script but runs before install. |
[] |
install |
List of here-documents and files/directories to add to the debian package. | [] |
script |
List of build instructions templated with jinja2 and interpreted with the default shell. |
[] |
You will need poetry, and probably pyenv if you don't have python 3.10 on your host.
poetry installTo run ops2deb test suite run:
poetry run task checkTo build a python wheel:
poetry run poetry buildNote that the poetry run is important to enable poetry-dynamic-versioning
which is installed as a dev dependency.
To build a single binary application:
Install required build dependencies:
sudo apt install binutils python3-dev
poetry install -E pyinstallerAnd run:
poetry run task single_binary_applicationops2deb DOES NOT sandbox build instructions so if you do something like:
script:
- rm -rf ~/*You will loose your files... To make sure that you won't mess with your system, run it within a container.
Lockfile ops2deb.lock.yml was introduced in ops2deb v1.0.0, before that downloaded file hashes where stored in the configuration file, in the blueprint fetch object.
To migrate from ops2deb <= 1.0.3 to ops2deb > 1.0.3:
- Install ops2deb 1.0.3
- Run
ops2deb migrate
GITHUB_TOKENenvironment variable renamed toOPS2DEB_GITHUB_TOKEN- Command line argument
-kwas removed. Startops2deb.ymlwith# lockfile={path_to_lockfile}to override the default lockfile path.