| Message ID | 20260513212613.362445-3-laurent.pinchart@ideasonboard.com |
|---|---|
| State | Superseded |
| Headers | show |
| Series |
|
| Related | show |
2026. 05. 13. 23:26 keltezéssel, Laurent Pinchart írta: > From: Stefan Klug <stefan.klug@ideasonboard.com> > > Add a build step that deploys the docs to a server. This step > only runs on pushes to master and on tag builds. It requires three > external variables: > > DEPLOY_SSH_KEY_BASE64: base64 encoded private deploy key > DEPLOY_KNOWN_HOSTS: Known hosts containing the destination > DEPLOY_DESTINAION: user@host:/ for the rsync push Note that having the user, host, and destination together means that in error messages one or the other will likely be unmasked. I assume the user can only log in with a public key or only run a chrooted rsync. So while probably not ideal, leaking the user name and host does not seem like a serious issue. Reviewed-by: Barnabás Pőcze <barnabas.pocze@ideasonboard.com> > > Signed-off-by: Stefan Klug <stefan.klug@ideasonboard.com> > --- > .gitlab-ci/deploy-libcamera-docs.sh | 23 +++++++++++++++++++++++ > .gitlab-ci/setup-container.sh | 2 ++ > gitlab-ci.yml | 29 ++++++++++++++++++++++++++++- > 3 files changed, 53 insertions(+), 1 deletion(-) > create mode 100755 .gitlab-ci/deploy-libcamera-docs.sh > > diff --git a/.gitlab-ci/deploy-libcamera-docs.sh b/.gitlab-ci/deploy-libcamera-docs.sh > new file mode 100755 > index 000000000000..a6936728c4a9 > --- /dev/null > +++ b/.gitlab-ci/deploy-libcamera-docs.sh > @@ -0,0 +1,23 @@ > +#!/bin/bash > + > +# SPDX-License-Identifier: GPL-2.0-or-later > +# SPDX-FileCopyrightText: © 2026 Ideas on Board > +# > +# Deploy libcamera docs > + > +set -e > + > +source "$(dirname "$0")/lib.sh" > + > +libcamera_deploy_docs() { > + echo "Deploying libcamera docs" > + > + rsync -rlz --delete --chmod=Do=rx,Fo=r \ > + --exclude .doctrees \ > + --exclude .buildinfo \ > + --exclude objects.inv \ > + docs/ \ > + "${DEPLOY_DESTINATION}${CI_COMMIT_REF_NAME}" > +} > + > +run libcamera_deploy_docs > diff --git a/.gitlab-ci/setup-container.sh b/.gitlab-ci/setup-container.sh > index c7ca6426c3ab..6c4b439b887b 100755 > --- a/.gitlab-ci/setup-container.sh > +++ b/.gitlab-ci/setup-container.sh > @@ -132,6 +132,8 @@ case $FDO_DISTRIBUTION_VERSION in > python3-sphinxcontrib.doxylink > texlive-latex-extra > ) > + # Packages required to deploy the documentation > + PKGS_LIBCAMERA_RUNTIME+=( openssh-client rsync ) > # Tools requires by the lint jobs. > PKGS_LIBCAMERA_RUNTIME+=( clang-format jq python3-autopep8 reuse shellcheck ) > # libclang-rt-dev for the clang ASan runtime. > diff --git a/gitlab-ci.yml b/gitlab-ci.yml > index 278e69079c15..e363d2908240 100644 > --- a/gitlab-ci.yml > +++ b/gitlab-ci.yml > @@ -5,6 +5,7 @@ stages: > - build > - lint > - test > + - deploy > > variables: > FDO_UPSTREAM_REPO: 'camera/libcamera' > @@ -74,7 +75,7 @@ include: > .libcamera-ci.debian:13: > variables: > FDO_DISTRIBUTION_VERSION: 'trixie' > - FDO_DISTRIBUTION_TAG: '2026-04-24.0' > + FDO_DISTRIBUTION_TAG: '2026-05-06.0' > > .container-debian: > extends: > @@ -440,3 +441,29 @@ test-lc-compliance:virtual: > artifacts: > reports: > junit: build/lc-compliance-report.xml > + > +# ------------------------------------------------------------------------------ > +# Deploy stage - deploy docs if we are building master or a tag > +# ------------------------------------------------------------------------------ > + > +deploy-docs: > + extends: > + - .fdo.distribution-image@debian > + - .libcamera-ci.debian:13 > + - .libcamera-ci.scripts > + rules: > + - if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH > + - if: $CI_COMMIT_TAG =~ /^v([0-9]+\.)*[0-9]+$/ > + environment: deploy > + stage: deploy > + needs: > + - job: build-docs > + script: > + - | > + mkdir -p ~/.ssh > + chmod 700 ~/.ssh > + echo "${DEPLOY_KNOWN_HOSTS}" > ~/.ssh/known_hosts > + eval $(ssh-agent -s) > + echo "${DEPLOY_SSH_KEY_BASE64}" | base64 -d | ssh-add - > + > + - $CI_PROJECT_DIR/.gitlab-ci/deploy-libcamera-docs.sh
On Thu, May 14, 2026 at 10:48:33AM +0200, Barnabás Pőcze wrote: > 2026. 05. 13. 23:26 keltezéssel, Laurent Pinchart írta: > > From: Stefan Klug <stefan.klug@ideasonboard.com> > > > > Add a build step that deploys the docs to a server. This step > > only runs on pushes to master and on tag builds. It requires three > > external variables: > > > > DEPLOY_SSH_KEY_BASE64: base64 encoded private deploy key > > DEPLOY_KNOWN_HOSTS: Known hosts containing the destination > > DEPLOY_DESTINAION: user@host:/ for the rsync push > > Note that having the user, host, and destination together means that in > error messages one or the other will likely be unmasked. I assume the > user can only log in with a public key or only run a chrooted rsync. > So while probably not ideal, leaking the user name and host does not > seem like a serious issue. That's a good point. The risk is low, but I'll still see if I can improve this. > Reviewed-by: Barnabás Pőcze <barnabas.pocze@ideasonboard.com> > > > Signed-off-by: Stefan Klug <stefan.klug@ideasonboard.com> > > --- > > .gitlab-ci/deploy-libcamera-docs.sh | 23 +++++++++++++++++++++++ > > .gitlab-ci/setup-container.sh | 2 ++ > > gitlab-ci.yml | 29 ++++++++++++++++++++++++++++- > > 3 files changed, 53 insertions(+), 1 deletion(-) > > create mode 100755 .gitlab-ci/deploy-libcamera-docs.sh > > > > diff --git a/.gitlab-ci/deploy-libcamera-docs.sh b/.gitlab-ci/deploy-libcamera-docs.sh > > new file mode 100755 > > index 000000000000..a6936728c4a9 > > --- /dev/null > > +++ b/.gitlab-ci/deploy-libcamera-docs.sh > > @@ -0,0 +1,23 @@ > > +#!/bin/bash > > + > > +# SPDX-License-Identifier: GPL-2.0-or-later > > +# SPDX-FileCopyrightText: © 2026 Ideas on Board > > +# > > +# Deploy libcamera docs > > + > > +set -e > > + > > +source "$(dirname "$0")/lib.sh" > > + > > +libcamera_deploy_docs() { > > + echo "Deploying libcamera docs" > > + > > + rsync -rlz --delete --chmod=Do=rx,Fo=r \ > > + --exclude .doctrees \ > > + --exclude .buildinfo \ > > + --exclude objects.inv \ > > + docs/ \ > > + "${DEPLOY_DESTINATION}${CI_COMMIT_REF_NAME}" > > +} > > + > > +run libcamera_deploy_docs > > diff --git a/.gitlab-ci/setup-container.sh b/.gitlab-ci/setup-container.sh > > index c7ca6426c3ab..6c4b439b887b 100755 > > --- a/.gitlab-ci/setup-container.sh > > +++ b/.gitlab-ci/setup-container.sh > > @@ -132,6 +132,8 @@ case $FDO_DISTRIBUTION_VERSION in > > python3-sphinxcontrib.doxylink > > texlive-latex-extra > > ) > > + # Packages required to deploy the documentation > > + PKGS_LIBCAMERA_RUNTIME+=( openssh-client rsync ) > > # Tools requires by the lint jobs. > > PKGS_LIBCAMERA_RUNTIME+=( clang-format jq python3-autopep8 reuse shellcheck ) > > # libclang-rt-dev for the clang ASan runtime. > > diff --git a/gitlab-ci.yml b/gitlab-ci.yml > > index 278e69079c15..e363d2908240 100644 > > --- a/gitlab-ci.yml > > +++ b/gitlab-ci.yml > > @@ -5,6 +5,7 @@ stages: > > - build > > - lint > > - test > > + - deploy > > > > variables: > > FDO_UPSTREAM_REPO: 'camera/libcamera' > > @@ -74,7 +75,7 @@ include: > > .libcamera-ci.debian:13: > > variables: > > FDO_DISTRIBUTION_VERSION: 'trixie' > > - FDO_DISTRIBUTION_TAG: '2026-04-24.0' > > + FDO_DISTRIBUTION_TAG: '2026-05-06.0' > > > > .container-debian: > > extends: > > @@ -440,3 +441,29 @@ test-lc-compliance:virtual: > > artifacts: > > reports: > > junit: build/lc-compliance-report.xml > > + > > +# ------------------------------------------------------------------------------ > > +# Deploy stage - deploy docs if we are building master or a tag > > +# ------------------------------------------------------------------------------ > > + > > +deploy-docs: > > + extends: > > + - .fdo.distribution-image@debian > > + - .libcamera-ci.debian:13 > > + - .libcamera-ci.scripts > > + rules: > > + - if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH > > + - if: $CI_COMMIT_TAG =~ /^v([0-9]+\.)*[0-9]+$/ > > + environment: deploy > > + stage: deploy > > + needs: > > + - job: build-docs > > + script: > > + - | > > + mkdir -p ~/.ssh > > + chmod 700 ~/.ssh > > + echo "${DEPLOY_KNOWN_HOSTS}" > ~/.ssh/known_hosts > > + eval $(ssh-agent -s) > > + echo "${DEPLOY_SSH_KEY_BASE64}" | base64 -d | ssh-add - > > + > > + - $CI_PROJECT_DIR/.gitlab-ci/deploy-libcamera-docs.sh
diff --git a/.gitlab-ci/deploy-libcamera-docs.sh b/.gitlab-ci/deploy-libcamera-docs.sh new file mode 100755 index 000000000000..a6936728c4a9 --- /dev/null +++ b/.gitlab-ci/deploy-libcamera-docs.sh @@ -0,0 +1,23 @@ +#!/bin/bash + +# SPDX-License-Identifier: GPL-2.0-or-later +# SPDX-FileCopyrightText: © 2026 Ideas on Board +# +# Deploy libcamera docs + +set -e + +source "$(dirname "$0")/lib.sh" + +libcamera_deploy_docs() { + echo "Deploying libcamera docs" + + rsync -rlz --delete --chmod=Do=rx,Fo=r \ + --exclude .doctrees \ + --exclude .buildinfo \ + --exclude objects.inv \ + docs/ \ + "${DEPLOY_DESTINATION}${CI_COMMIT_REF_NAME}" +} + +run libcamera_deploy_docs diff --git a/.gitlab-ci/setup-container.sh b/.gitlab-ci/setup-container.sh index c7ca6426c3ab..6c4b439b887b 100755 --- a/.gitlab-ci/setup-container.sh +++ b/.gitlab-ci/setup-container.sh @@ -132,6 +132,8 @@ case $FDO_DISTRIBUTION_VERSION in python3-sphinxcontrib.doxylink texlive-latex-extra ) + # Packages required to deploy the documentation + PKGS_LIBCAMERA_RUNTIME+=( openssh-client rsync ) # Tools requires by the lint jobs. PKGS_LIBCAMERA_RUNTIME+=( clang-format jq python3-autopep8 reuse shellcheck ) # libclang-rt-dev for the clang ASan runtime. diff --git a/gitlab-ci.yml b/gitlab-ci.yml index 278e69079c15..e363d2908240 100644 --- a/gitlab-ci.yml +++ b/gitlab-ci.yml @@ -5,6 +5,7 @@ stages: - build - lint - test + - deploy variables: FDO_UPSTREAM_REPO: 'camera/libcamera' @@ -74,7 +75,7 @@ include: .libcamera-ci.debian:13: variables: FDO_DISTRIBUTION_VERSION: 'trixie' - FDO_DISTRIBUTION_TAG: '2026-04-24.0' + FDO_DISTRIBUTION_TAG: '2026-05-06.0' .container-debian: extends: @@ -440,3 +441,29 @@ test-lc-compliance:virtual: artifacts: reports: junit: build/lc-compliance-report.xml + +# ------------------------------------------------------------------------------ +# Deploy stage - deploy docs if we are building master or a tag +# ------------------------------------------------------------------------------ + +deploy-docs: + extends: + - .fdo.distribution-image@debian + - .libcamera-ci.debian:13 + - .libcamera-ci.scripts + rules: + - if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH + - if: $CI_COMMIT_TAG =~ /^v([0-9]+\.)*[0-9]+$/ + environment: deploy + stage: deploy + needs: + - job: build-docs + script: + - | + mkdir -p ~/.ssh + chmod 700 ~/.ssh + echo "${DEPLOY_KNOWN_HOSTS}" > ~/.ssh/known_hosts + eval $(ssh-agent -s) + echo "${DEPLOY_SSH_KEY_BASE64}" | base64 -d | ssh-add - + + - $CI_PROJECT_DIR/.gitlab-ci/deploy-libcamera-docs.sh