diff options
Diffstat (limited to 'bin')
-rwxr-xr-x | bin/build-packages | 57 | ||||
-rwxr-xr-x | bin/change-git-remotes | 8 | ||||
-rwxr-xr-x | bin/check-mirrors | 18 | ||||
-rwxr-xr-x | bin/check-opcodes | 2 | ||||
-rwxr-xr-x | bin/create-build-support-package | 2 | ||||
-rwxr-xr-x | bin/delete-packages | 3 | ||||
-rwxr-xr-x | bin/get-assignment | 4 | ||||
-rwxr-xr-x | bin/harvest-commit-times | 8 | ||||
-rwxr-xr-x | bin/local-build-package | 31 | ||||
-rwxr-xr-x | bin/manage-slaves | 13 | ||||
-rwxr-xr-x | bin/nit-picker | 6 | ||||
-rwxr-xr-x | bin/ping-to-master | 2 | ||||
-rwxr-xr-x | bin/return-assignment | 12 |
13 files changed, 122 insertions, 44 deletions
diff --git a/bin/build-packages b/bin/build-packages index 9c5ab03..de01478 100755 --- a/bin/build-packages +++ b/bin/build-packages @@ -78,6 +78,8 @@ usage() { >&2 echo ' compile from source tarbal from sources.archlinux.org if possible' >&2 echo ' :mirrored_source_by_hash:' >&2 echo ' download sources from sources.archlinux32.org by hash if possible' + >&2 echo ' :on_x86_64:' + >&2 echo ' build any package with x86_64 arch' >&2 echo ' :without_check:' >&2 echo ' run makepkg with "--no-check"' >&2 echo ' :without_systemd_nspawn:' @@ -249,7 +251,7 @@ while [ "${count}" -ne 0 ] && \ if [ -z "${forced_package}" ]; then package=$( # shellcheck disable=SC2029 - ssh \ + ssh -o PasswordAuthentication=No \ -i "${master_build_server_identity}" \ -p "${master_build_server_port}" \ "${master_build_server_user}@${master_build_server}" \ @@ -291,6 +293,9 @@ while [ "${count}" -ne 0 ] && \ package="${package% *}" if [ "${arch}" = 'any' ]; then arch="${my_arch}" + assignment_was_any=true + else + assignment_was_any=false fi if [ -n "${diff_source_dir}" ] && @@ -298,7 +303,7 @@ while [ "${count}" -ne 0 ] && \ >&2 echo 'The prefered package was not handed out.' >&2 echo 'Because -d was given, I will abort.' # shellcheck disable=SC2029 - ssh \ + ssh -o PasswordAuthentication=No \ -i "${master_build_server_identity}" \ -p "${master_build_server_port}" \ "${master_build_server_user}@${master_build_server}" \ @@ -383,7 +388,7 @@ while [ "${count}" -ne 0 ] && \ ! apply_trunk_patch "${tmp_dir}" "${diff_source_dir}"; then # report local failure (probably a missing commit) to build-master # shellcheck disable=SC2029 - ssh \ + ssh -o PasswordAuthentication=No \ -i "${master_build_server_identity}" \ -p "${master_build_server_port}" \ "${master_build_server_user}@${master_build_server}" \ @@ -459,7 +464,7 @@ while [ "${count}" -ne 0 ] && \ >&2 echo 'The prefered package was not handed out.' >&2 echo 'Because straw :without_systemd_nspawn: is active, I will abort.' # shellcheck disable=SC2029 - ssh \ + ssh -o PasswordAuthentication=No \ -i "${master_build_server_identity}" \ -p "${master_build_server_port}" \ "${master_build_server_user}@${master_build_server}" \ @@ -485,6 +490,28 @@ while [ "${count}" -ne 0 ] && \ outerParameters="${innerParameters} -fcrs --asdeps --noconfirm --holdver" middleParameters='' innerParameters='' + elif echo "${straw}" | \ + grep -qF ':on_x86_64:'; then + if [ -z "${prefered_package}" ]; then + >&2 echo 'straw :on_x86_64: only allowed with -p' + exit 2 + fi + if [ "${prefered_package}" != "${package}" ]; then + >&2 echo 'The prefered package was not handed out.' + >&2 echo 'Because straw :on_x86_64: is active, I will abort.' + # shellcheck disable=SC2029 + ssh -o PasswordAuthentication=No \ + -i "${master_build_server_identity}" \ + -p "${master_build_server_port}" \ + "${master_build_server_user}@${master_build_server}" \ + 'return-assignment' 'ABORT' + exit 2 + fi + if ! ${assignment_was_any}; then + >&2 printf 'Can only build "any" packages with :on_x86_64:, but got a "%s" package.\n' "${arch}" + exit 2 + fi + build_command='staging-x86_64-build' else build_command='staging-'"${arch}"'-build' fi @@ -730,11 +757,19 @@ while [ "${count}" -ne 0 ] && \ } | \ sort | \ uniq -u | \ - while read -r unexpected_package; do - >&2 printf 'removing unexpected build artifact "%s"\n' \ - "${unexpected_package}" - rm "${unexpected_package}"* - done + { + removed_something_unexpected=false + while read -r unexpected_package; do + >&2 printf 'removing unexpected build artifact "%s"\n' \ + "${unexpected_package}" + rm "${unexpected_package}"* + removed_something_unexpected=true + done + if "${removed_something_unexpected}"; then + >&2 printf 'I was only expecting:\n%s\n' \ + "${expected_packages}" + fi + } fi >&2 printf 'signing package(s)\n' find . -maxdepth 1 -type f -name '*.pkg.tar.zst' \ @@ -1015,7 +1050,7 @@ while [ "${count}" -ne 0 ] && \ while ${upload_to_build_master}; do err=0 # shellcheck disable=SC2029 - ssh \ + ssh -o PasswordAuthentication=No \ -i "${master_build_server_identity}" \ -p "${master_build_server_port}" \ "${master_build_server_user}@${master_build_server}" \ @@ -1078,7 +1113,7 @@ while [ "${count}" -ne 0 ] && \ while true; do err=0 # shellcheck disable=SC2029 - ssh \ + ssh -o PasswordAuthentication=No \ -i "${master_build_server_identity}" \ -p "${master_build_server_port}" \ "${master_build_server_user}@${master_build_server}" \ diff --git a/bin/change-git-remotes b/bin/change-git-remotes index b7f687c..fc50b7a 100755 --- a/bin/change-git-remotes +++ b/bin/change-git-remotes @@ -63,6 +63,14 @@ fi '' 2 3 4 ) ;; + 'community'|'packages') + new_urls=$( + printf '%s\n' \ + 'git://github.com/archlinux/svntogit-'"${git_name}" \ + 'https://github.com/archlinux/svntogit-'"${git_name}" \ + 'git://git.archlinux.org/svntogit/'"${git_name}"'.git' + ) + ;; *) new_urls="${url}" ;; diff --git a/bin/check-mirrors b/bin/check-mirrors index d106201..aec33a0 100755 --- a/bin/check-mirrors +++ b/bin/check-mirrors @@ -143,14 +143,16 @@ elif [ $# -eq 1 ]; then cnt=$( curl -s "${ip_flag}" "${url}archisos/" ) || has_isos=0 - for suffix in 'i686' 'dual'; do - # shellcheck disable=SC2059 - if ! printf '%s\n' "${cnt}" | \ - grep -qF "$(printf "$(date '+archlinux-%Y.%m.%%02d-'"${suffix}"'.iso\n')" $(seq 31))" -; then - has_isos=0 - break - fi - done +# doesn't really work: dual doesn't exist anymore and the other test sometimes fails, sometimes succeeds? +# let's assume the precense of the 'archisos' directory is enough +# for suffix in 'i686' 'dual'; do +# # shellcheck disable=SC2059 +# if ! printf '%s\n' "${cnt}" | \ +# grep -qF "$(printf "$(date '+archlinux-%Y.%m.%%02d-'"${suffix}"'.iso\n')" $(seq 31))" -; then +# has_isos=0 +# break +# fi +# done else has_isos=0 last_sync='0' diff --git a/bin/check-opcodes b/bin/check-opcodes index e8bb807..2949819 100755 --- a/bin/check-opcodes +++ b/bin/check-opcodes @@ -122,7 +122,7 @@ debug "Checking for architecture: $ARCH ($OPCODE_ARGS).." # shellcheck disable=SC2044 for absfile in $(find $tmp_dir \( -regextype grep -regex '.*\.so\(\.[0-9.]\+\)\?' -type f \) -o \( -executable -type f \) ); do file=$(basename $absfile) - relfile=${absfile#$tmp_dir} + relfile=${absfile#"${tmp_dir}"} debug "Checking file: $relfile" if ! readelf -a $absfile > $tmp_dir/$file.elf 2>/dev/null; then debug "readelf failed, ignoring file" diff --git a/bin/create-build-support-package b/bin/create-build-support-package index 09374ec..43fb592 100755 --- a/bin/create-build-support-package +++ b/bin/create-build-support-package @@ -169,7 +169,7 @@ if [ -n "${source_package}" ]; then fi new_pkg="${pkg%-*-*-*}" - new_pkg="${new_pkg}-shim${pkg#${new_pkg}}" + new_pkg="${new_pkg}-shim${pkg#"${new_pkg}"}" failsafe_rsync \ "${master_mirror_rsync_directory}/pool/${pkg}" \ diff --git a/bin/delete-packages b/bin/delete-packages index 2bb3072..0026c88 100755 --- a/bin/delete-packages +++ b/bin/delete-packages @@ -160,7 +160,8 @@ export TMPDIR="${tmp_dir}" mysql_join_binary_packages_in_repositories_binary_packages mysql_join_binary_packages_in_repositories_repositories mysql_join_repositories_architectures - printf ' WHERE CONCAT(' + printf ' WHERE `repositories`.`is_on_master_mirror`' + printf ' AND CONCAT(' printf '`architectures`.`name`,"/",' printf '`repositories`.`name`,"/",' printf '`binary_packages`.`pkgname`' diff --git a/bin/get-assignment b/bin/get-assignment index f2930c4..6abfaef 100755 --- a/bin/get-assignment +++ b/bin/get-assignment @@ -553,7 +553,7 @@ next_building=$( printf '`build_assignments`.`id`' printf ' LIMIT 1;\n' } | \ - mysql_run_query + mysql_run_query 'unimportant' ) if [ -n "${next_building}" ]; then hand_out_assignment "${next_building}" @@ -579,7 +579,7 @@ count_pending=$( "${arch}" printf ';\n' } | \ - mysql_run_query + mysql_run_query 'unimportant' ) if [ "${count_pending}" -eq 0 ]; then diff --git a/bin/harvest-commit-times b/bin/harvest-commit-times index a978b41..7546aa4 100755 --- a/bin/harvest-commit-times +++ b/bin/harvest-commit-times @@ -76,9 +76,9 @@ trap 'rm "${tmp_file}"' EXIT if ! ${i_am_the_master}; then tmp_remote_file=$( - ssh buildmaster "mktemp 'tmp.harvest-commit-times.remotely.XXXXXXXXXX' --tmpdir" + ssh -o PasswordAuthentication=No buildmaster "mktemp 'tmp.harvest-commit-times.remotely.XXXXXXXXXX' --tmpdir" ) - trap 'rm "${tmp_file}"; ssh buildmaster rm "${tmp_remote_file}"' EXIT + trap 'rm "${tmp_file}"; ssh -o PasswordAuthentication=No buildmaster rm "${tmp_remote_file}"' EXIT fi while true; do @@ -127,7 +127,7 @@ while true; do if [ -s "${tmp_file}" ]; then if ! ${i_am_the_master}; then - ssh buildmaster 'cat > "'"${tmp_remote_file}"'"' < \ + ssh -o PasswordAuthentication=No buildmaster 'cat > "'"${tmp_remote_file}"'"' < \ "${tmp_file}" fi # shellcheck disable=SC2016 @@ -149,7 +149,7 @@ while true; do if ${i_am_the_master}; then mysql_run_query 'unimportant' else - ssh buildmaster 'mysql buildmaster -N --raw --batch' + ssh -o PasswordAuthentication=No buildmaster 'mysql buildmaster -N --raw --batch' fi else >&2 printf '\n' diff --git a/bin/local-build-package b/bin/local-build-package index fd4fdab..e0b02dc 100755 --- a/bin/local-build-package +++ b/bin/local-build-package @@ -1,4 +1,4 @@ -#!/bin/sh +#!/bin/bash # build one package to test if modifications are ok (before opening a pull # request in https://github.com/archlinux32/packages) @@ -31,8 +31,15 @@ usage() { >&2 echo ' Specify tmpdir instead of using a random one, usually with -N' >&2 echo ' -N|--nobuild:' >&2 echo ' Assume packages have already been built, just upload them.' - >&2 echo ' -s|--signkey:' + >&2 echo ' --signkey:' >&2 echo ' Use explicit sign key instead of the one from the configuration.' + >&2 echo ' -s|--straw $straw:' + >&2 echo ' Use this straw instead of the preconfigured ones. -- May be' + >&2 echo ' given multiple times to allow using multiple straws.' + >&2 echo '' + >&2 echo 'known straws (separated by and enclosed in ":", sets of straws separated by " "):' + >&2 echo ' :with_build_support:' + >&2 echo ' allow using [build-support]' [ -z "$1" ] && exit 1 || exit "$1" } @@ -47,6 +54,7 @@ eval set -- "$( --long host \ --long tmpdir \ --long signkey \ + --long straw \ --long help \ -n "$(basename "$0")" -- "$@" || \ echo usage @@ -61,6 +69,7 @@ bootstrap_host='' bootstrap_dir='' tmp_dir=$(mktemp -d "${work_dir}/tmp.XXXXXX") signkey="${package_key}" +declare -A straws while true do case "$1" in @@ -93,10 +102,14 @@ do shift tmp_dir="$1" ;; - -s|--signkey) + --signkey) shift signkey="$1" ;; + -s|--straw) + shift + straws["$1"]=1 + ;; -h|--help) usage 0 ;; @@ -162,8 +175,14 @@ if ! ${nobuild}; then if [ -z "${mod_git_revision}" ]; then mod_git_revision=$(git -C "${repo_paths__archlinux32}" rev-parse HEAD) fi - build_command="staging-${arch}-build" - parameters='' + + if [[ -z "${straws[:with_build_support:]}" ]]; then + build_command="staging-${arch}-build" + else + build_command='staging-with-build-support-'"${arch}"'-build' + fi + + parameters="-r ${archbuild_chroots}" if ${nocheck}; then parameters='-- -- --nocheck' fi @@ -212,7 +231,7 @@ if ${bootstrap}; then esac scp -P "${bootstrap_port}" -rC "${tmp_dir}/"*"-${arch}.pkg.tar.zst" "${tmp_dir}/"*"-${arch}.pkg.tar.zst.sig" "${bootstrap_host}:${bootstrap_dir}/${staging_repo}/." - ssh -p "${bootstrap_port}" "${bootstrap_host}" bash -l -c "'cd ${bootstrap_dir}/${staging_repo} && repo-add -n bootstrap-${staging_repo}.db.tar.gz *-${arch}.pkg.tar.zst'" + ssh -o PasswordAuthentication=No -p "${bootstrap_port}" "${bootstrap_host}" bash -l -c "'cd ${bootstrap_dir}/${staging_repo} && repo-add -n bootstrap-${staging_repo}.db.tar.gz *-${arch}.pkg.tar.zst'" fi # do not delete build reports, why might actually to want to have a look for things diff --git a/bin/manage-slaves b/bin/manage-slaves index cddda84..32883a3 100755 --- a/bin/manage-slaves +++ b/bin/manage-slaves @@ -9,6 +9,7 @@ usage() { >&2 echo 'manage-slaves $action [parameters]: manage the list of build slaves' >&2 echo '' >&2 echo 'possible actions:' + >&2 echo ' list' >&2 echo ' add $name $owner $ssh-key-fingerprint' >&2 echo ' disable $name' >&2 echo ' enable $name' @@ -33,6 +34,18 @@ if errors=$( fi case "$1" in + 'list') + # shellcheck disable=SC2016 + { + printf 'SELECT' + printf ' name, CASE WHEN access_allowed = 1 THEN "enabled" ELSE "disabled" END ' + printf ' name, CASE WHEN is_sane = 1 THEN "sane" ELSE "not sane" END ' + printf ' FROM build_slaves' + printf ';\n' + } | \ + mysql_run_query | \ + tr '\t' ' ' + ;; 'add') shift if [ $# -ne 3 ]; then diff --git a/bin/nit-picker b/bin/nit-picker index 8dd0156..ed5b7da 100755 --- a/bin/nit-picker +++ b/bin/nit-picker @@ -281,9 +281,9 @@ while pgrep -x ii >/dev/null \ case "${action}" in 'commit') # check whether a given commit is present in the git repo git_repo="${parameters%% *}" - git_rev="${parameters#${git_repo} }" + git_rev="${parameters#"${git_repo}" }" git_head="${git_rev%% *}" - git_rev="${git_rev#${git_head} }" + git_rev="${git_rev#"${git_head}" }" # shellcheck disable=SC2016 eval "$( printf 'git_dir="${repo_paths__%s}"\n' \ @@ -881,6 +881,6 @@ done printf ';\n' fi } \ -| ifne ssh buildmaster 'mysql buildmaster +| ifne ssh -o PasswordAuthentication=No buildmaster 'mysql buildmaster rm -f "/tmp/add-those-dependencies" ' diff --git a/bin/ping-to-master b/bin/ping-to-master index b1539cc..0b72935 100755 --- a/bin/ping-to-master +++ b/bin/ping-to-master @@ -27,7 +27,7 @@ while kill -0 "${parent_pid}" && \ -name '*.build-log' \ -exec wc -l {} \; | \ sed 's, .*/, ,' | \ - ssh \ + ssh -o PasswordAuthentication=No \ -i "${master_build_server_identity}" \ -p "${master_build_server_port}" \ "${master_build_server_user}@${master_build_server}" \ diff --git a/bin/return-assignment b/bin/return-assignment index a0cbbbb..eca5af7 100755 --- a/bin/return-assignment +++ b/bin/return-assignment @@ -142,25 +142,25 @@ if [ "$6" = 'ERROR' ]; then exit 2 fi build_assignment_architecture="${infos##* }" - infos="${infos% ${build_assignment_architecture}}" + infos="${infos% "${build_assignment_architecture}"}" pkgrel="${infos##* }" - infos="${infos% ${pkgrel}}" + infos="${infos% "${pkgrel}"}" epoch="${infos##* }" - infos="${infos% ${epoch}}" + infos="${infos% "${epoch}"}" pkgver="${infos##* }" - infos="${infos% ${pkgver}}" + infos="${infos% "${pkgver}"}" pkgver=$( printf '%s' "${pkgver}" \ | base64 -d ) upstream_flag_date="${infos##* }" - infos="${infos% ${upstream_flag_date}}" + infos="${infos% "${upstream_flag_date}"}" upstream_flag_date=$( printf '%s' "${upstream_flag_date}" \ | base64 -d ) was_broken_before="${infos##* }" - build_assignment_id="${infos% ${was_broken_before}}" + build_assignment_id="${infos% "${was_broken_before}"}" # save sent build logs saved_build_logs=$( |