-
Notifications
You must be signed in to change notification settings - Fork 14
/
Copy pathmender-deb-package
executable file
·328 lines (280 loc) · 10.3 KB
/
mender-deb-package
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
#!/bin/bash
set -ex
show_help_and_exit() {
cat << EOF
Usage: $0 deb-package deb-build-type repo-url version arch build-id
NOTE: The script expects an /output directory where to store the generated packages. If
running it from a container, create a volume for such directory
EOF
exit 1
}
verify_output_directory_exists() {
if [ ! -d "/output" ]; then
echo "Error: /output directory doesn't exist"
show_help_and_exit
fi
}
verify_script_arguments() {
local expected_min_argc=6
if [ $# -lt ${expected_min_argc} ]; then
show_help_and_exit
fi
DEB_PACKAGE=$1
DEB_BUILD_TYPE=$2
REPO_URL=$3
VERSION=$4
ARCH=$5
BUILD_ID=$6
SAVE_ORIG=$7
}
maybe_import_gpg_key() {
# For PRs and other development branches, we don't have GPG key
if [ -n "$MENDER_PRIVATE_GPG_KEY_BUILD" ]; then \
echo "$MENDER_PRIVATE_GPG_KEY_BUILD" | gpg --import; \
fi
}
# Clean the URL of the login information
checkout_repo_clean_local_path() {
local -r repo_url="$1"
local repo_path="${repo_url#https://}"
if [[ "$repo_url" == *"${MENDER_PRIVATE_REPO_ACCESS_USER:-none}"* ]]; then
repo_path="${REPO_URL//${MENDER_PRIVATE_REPO_ACCESS_USER}:*@/}"
fi
echo "${repo_path}"
}
checkout_repo() {
local -r repo_path=$(checkout_repo_clean_local_path "${REPO_URL}")
git clone --recurse-submodules --branch "${VERSION}" "${REPO_URL}" "${repo_path}"
cd ${repo_path}
}
install_go() {
local GOLANG_VERSION=1.21.1
local GOLANG_ARCH=amd64
local golang_version_set
if [ $ARCH = "armhf" -a $OS_DISTRO = "raspbian" ]; then
local GOLANG_ARCH=armv6l
fi
golang_version_set=$(sed -n '/[^ ]*GOLANG_VERSION:[ "0-9]/{s/.*GOLANG_VERSION:[ ]*\(["0-9\.]*\).*/\1/p;q}' .gitlab-ci.yml)
golang_version_set=${golang_version_set//\"/}
GOLANG_VERSION=${golang_version_set:-${GOLANG_VERSION}}
wget -q https://dl.google.com/go/go$GOLANG_VERSION.linux-${GOLANG_ARCH}.tar.gz \
&& tar -C /usr/local -xzf go$GOLANG_VERSION.linux-${GOLANG_ARCH}.tar.gz
export GOPATH="/root/go"
export PATH="$PATH:/usr/local/go/bin"
rm -vf "go$GOLANG_VERSION.linux-${GOLANG_ARCH}.tar.gz"
}
get_os_version() {
OS_DISTRO="$(. /etc/os-release && echo "$ID")"
OS_CODENAME="$(. /etc/os-release && echo "$VERSION_CODENAME")"
}
get_deb_distribution() {
if [[ "$VERSION" =~ ^[0-9]+\.[0-9]+\.[0-9]+$ ]]; then
DEB_DISTRIBUTION="stable"
else
DEB_DISTRIBUTION="experimental"
fi
}
# This function declares three variables for the rest of the script to use:
# DEB_VERSION The full Debian technical version
# DEB_VERSION_NO_REV The Git version of the package, either tag or X.Y.Z~gitDATE
# DEB_VERSION_NO_EPOCH The Debian version minus the epoch, matching the string in the filename
get_deb_version() {
# Create a version from Git.
# - For Git tags: <debian-epoch>X.Y.Z-<debian_suffix>
# - For master: <debian-epoch>X.Y.Z~git<commit-date>.<commit-sha>-<debian_suffix>+b<BUILD_ID>
# where X.Y.Z is latest tag (not necessarily matching git describe)
debian_epoch=""
if [ "${DEB_PACKAGE}" = "mender-client" ]; then
debian_epoch="1:"
fi
debian_suffix="1"
if [ -n "${OVERRIDE_DEBIAN_SUFFIX}" ]; then
debian_suffix="${OVERRIDE_DEBIAN_SUFFIX}"
fi
if [ $OS_DISTRO = "raspbian" ]; then
################ MEN-7731 Debian armhf packages #####################
# For the raspbian builds, use the old "Debian armhf" for the time being. We need to redesign
# the APT repositories in order to separate these two armhf builds. Rework this with MEN-7754
debian_suffix="$debian_suffix+debian+$OS_CODENAME"
else
debian_suffix="$debian_suffix+$OS_DISTRO+$OS_CODENAME"
fi
if [ "$VERSION" != "master" ] && git describe --tags --exact-match 2>/dev/null; then
DEB_VERSION="$(git describe --tags --exact-match)"
DEB_VERSION_NO_REV="${DEB_VERSION}"
DEB_VERSION="${DEB_VERSION}-${debian_suffix}"
DEB_VERSION_NO_EPOCH="${DEB_VERSION}"
DEB_VERSION="${debian_epoch}${DEB_VERSION}"
else
DEB_VERSION="$(git tag | grep -E '^[0-9]+\.[0-9]+\.[0-9]+$' | sort -rV | head -n1)"
if [ -z "${DEB_VERSION}" ]; then
DEB_VERSION="0.0.0"
fi
# Increment 1 on the minor number and set to 0 bugfix version
DEB_VERSION="$(echo ${DEB_VERSION} | sed -E 's/([0-9]+\.)([0-9]+)\.[0-9]+/echo "\1$((\2+1))\.0"/e')"
# Append git date and commit
DEB_VERSION="${DEB_VERSION}$(git log -1 --pretty=~git%cd.%h --date format:%Y%m%d)"
DEB_VERSION_NO_REV="${DEB_VERSION}"
# Append Debian suffix
DEB_VERSION="${DEB_VERSION}-$debian_suffix"
# Append build number
# there is a bizarre feature: it can't be `bNUMBER`
# or the source won't build (will not be able to find dsc file)
# this has to have something to do with the `b` being a prefix
# to binary numbers in perl
DEB_VERSION="${DEB_VERSION}+builder${BUILD_ID}"
DEB_VERSION_NO_EPOCH="${DEB_VERSION}"
DEB_VERSION="${debian_epoch}${DEB_VERSION}"
fi
}
prepare_recipe() {
# Select the correct Debian recipe according to the minor version of Mender
local debian_recipe="debian-master";
if echo $VERSION | egrep '^[0-9]+\.[0-9]+\.[0-9](b[0-9]+)?(-build[0-9]+)?$'; then
branch=$(echo $VERSION | sed -E 's/\.[^.]+$/.x/')
if [ -d "/recipes/${DEB_PACKAGE}/debian-${branch}" ]; then
debian_recipe="debian-${branch}"
fi
fi
cp -r /recipes/${DEB_PACKAGE}/${debian_recipe}/ debian
# Copy systemd service file
if [ "${DEB_PACKAGE}" = "mender-client" ]; then
if [ "${debian_recipe}" = "debian-2.1.x" ]; then
# Skip for 2.1.x, special handling in debian/rules
true
elif [[ "${debian_recipe}" =~ ^debian-(2|3).* ]]; then
# For the rest of the golang series, copy the service file
cp support/mender-client.service debian/mender-client.service ||
cp support/mender.service debian/mender-client.service
else
# From 4.0 on, it is handled from the CMake install target
true
fi
elif [ "${DEB_PACKAGE}" = "mender-connect" ]; then
cp support/mender-connect.service debian/
elif [ "${DEB_PACKAGE}" = "mender-gateway" ]; then
cp support/mender-gateway.service debian/
elif [ "${DEB_PACKAGE}" = "mender-monitor" ]; then
cp support/mender-monitor.service debian/
fi
dch --create \
--newversion ${DEB_VERSION} \
--distribution ${DEB_DISTRIBUTION} \
--package ${DEB_PACKAGE} \
"Release ${DEB_VERSION}. See online docs for complete changelog"
}
build_orig() {
# we need to reset the mtim to some fixed date
DEFAULT_MTIME=1621101293
# we do not need the .git nor debian directory in the orig file
GZIP=-n tar --sort=name --mtime="@${DEFAULT_MTIME}" --owner=0 --group=0 --numeric-owner --pax-option=exthdr.name=%d/PaxHeaders/%f,delete=atime,delete=ctime --exclude .git --exclude debian -czf /tmp/"${DEB_PACKAGE}_${DEB_VERSION_NO_REV}".orig.tar.gz .
}
build_packages() {
# For PRs and other development branches, we don't have GPG key
sign_flags=
if [ "$(gpg --list-secret-keys)" == "" ]; then
sign_flags="--unsigned-source --unsigned-changes"
else
key_id=$(gpg --list-secret-keys --with-colons| awk -F: '/^sec:/ { print $5 }')
sign_flags="--sign-key=$key_id"
fi
if [[ $DEB_BUILD_TYPE =~ source ]]; then
# dh_make needs a name of the user in the env
export USER=root
# dh_make returns 1 because debian directory exists,
# hence the || true, without orig file buildpackage command would fail
dh_make --file /orig/"${DEB_PACKAGE}_${DEB_VERSION_NO_REV}".orig.tar.gz --packagename "${DEB_PACKAGE}_${DEB_VERSION_NO_REV}" -s -y || true
fi
dpkg_build_ignore_flag="--diff-ignore=(.git|vendor)"
# Install the dependencies from the debian/control file
apt-get update
mk-build-deps --install \
--build-indep \
--tool='apt-get -o Debug::pkgProblemResolver=yes --no-install-recommends --yes' \
debian/control
rm -f ${DEB_PACKAGE}-build-deps-indep_*
mk-build-deps --install \
--build-dep \
--tool='apt-get -o Debug::pkgProblemResolver=yes --no-install-recommends --yes' \
--host-arch ${ARCH} \
debian/control
rm -f ${DEB_PACKAGE}-build-deps-depends_*
case "$ARCH" in
amd64)
# Native build (amd64)
dpkg-buildpackage \
${sign_flags} \
${dpkg_build_ignore_flag} \
--build=$DEB_BUILD_TYPE
;;
armhf)
if [ "$OS_DISTRO" = "raspbian" ]; then
# Native build (emulated ARM v6)
dpkg-buildpackage \
${sign_flags} \
${dpkg_build_ignore_flag} \
--build=$DEB_BUILD_TYPE
else
# Debian ARM 32bit toolchain
CROSS_COMPILE="arm-linux-gnueabihf" \
CC="$CROSS_COMPILE-gcc" \
PKG_CONFIG_PATH="/usr/lib/arm-linux-gnueabihf/pkgconfig/" \
GOARCH=arm \
dpkg-buildpackage \
--target-arch armhf \
${sign_flags} \
${dpkg_build_ignore_flag} \
--build=$DEB_BUILD_TYPE
fi
;;
arm64)
# Debian ARM 64bit toolchain
CROSS_COMPILE="aarch64-linux-gnu" \
CC="$CROSS_COMPILE-gcc" \
PKG_CONFIG_PATH="/usr/lib/aarch64-linux-gnu/pkgconfig/" \
GOARCH=arm64 \
dpkg-buildpackage \
--target-arch arm64 \
${sign_flags} \
${dpkg_build_ignore_flag} \
--build=$DEB_BUILD_TYPE
;;
esac
}
copy_orig_packages() {
if [ -f /tmp/"${DEB_PACKAGE}_${DEB_VERSION_NO_REV}".orig.tar.gz ]; then
cp /tmp/"${DEB_PACKAGE}_${DEB_VERSION_NO_REV}".orig.tar.gz /orig/
fi
# Give packages same owner as the folder.
chown --reference /orig /orig/*
}
copy_deb_packages() {
for file in $(find ../ -maxdepth 1 -type f); do
cp ${file} /output
done
# Echo the package version to /output
echo ${DEB_VERSION_NO_EPOCH} > /output/${DEB_PACKAGE}-deb-version
# Give packages same owner as the folder.
chown --reference /output /output/*
}
##############
# Run script #
##############
verify_output_directory_exists
verify_script_arguments "$@"
maybe_import_gpg_key
checkout_repo
get_os_version
get_deb_distribution
get_deb_version
prepare_recipe
if [[ "${SAVE_ORIG}" == "true" ]]; then
build_orig
copy_orig_packages
else
if [[ -f "go.mod" ]]; then
install_go
fi
build_packages
copy_deb_packages
fi