Cadoles/Tamarin
22
0
Fork 0
Code Issues 1 Pull Requests 1 Releases Wiki Activity

Compare commits

base: Cadoles:253c77489b5f6d7289d631fa0d45a3a249d738dc
Branches Tags
Cadoles:develop Cadoles:feature/pathlib Cadoles:feature/selinux Cadoles:feature/doc-compile Cadoles:feature/xelatex-compile Cadoles:feature/stdeb Cadoles:eole Cadoles:feature/python-rkt Cadoles:master
..
compare: Cadoles:feature/selinux
Branches Tags
Cadoles:develop Cadoles:feature/pathlib Cadoles:feature/selinux Cadoles:feature/doc-compile Cadoles:feature/xelatex-compile Cadoles:feature/stdeb Cadoles:eole Cadoles:feature/python-rkt Cadoles:master

14 Commits
253c77489b ... feature/se

Author SHA1 Message Date
Benjamin Bohard
c9b1fa62c8 Étiquetage selinux pour une utilisation non-root 2023-02-01 08:32:02 +01:00
Benjamin Bohard
6fe1d305e0 Ajout du profil pour la version 2.9.0 d'EOLE 2023-02-01 08:32:02 +01:00
Benjamin Bohard
fdebf244d5 Mieux interpréter la numérotation utilisée pour les projets envole 2023-02-01 08:32:02 +01:00
Benjamin Bohard
b49c8c8b02 Limit entries created in changelog. 2022-03-31 15:43:21 +02:00
Benjamin Bohard
766151eae3 Pour une poignée de profils 2022-03-29 10:42:21 +02:00
William Petit
f8195ba9f7 Utilisation de wget pour la récupération des certificats LetsEncrypt 
Contournement pour https://github.com/moby/buildkit/issues/905
 2022-01-28 09:29:29 +01:00
Benjamin Bohard
47c7d0ac3c Suppression du hash de commit pour les paquets dev et staging 2022-01-12 15:08:30 +01:00
William Petit
4c4fd6d42c Add 'no libs volumes' mode 2021-02-25 08:42:54 +01:00
William Petit
546e62e077 Update LetsEncrypt certs 2021-02-22 15:41:22 +01:00
William Petit
4b61e5dafc Install LetsEncrypt CA in packaging environment 2021-02-18 18:56:45 +01:00
Benjamin Bohard
c83e6190c4 Find first commit starting from HEAD 2020-09-16 11:31:47 +02:00
Benjamin Bohard
cad163ffd0 Branch master is not always available, pointing to origin/master 2020-09-16 10:25:16 +02:00
Benjamin Bohard
97fd00a3c7 Fixes changelog creation starting on a pkg tag 2020-09-16 09:39:35 +02:00
Benjamin Bohard
fdba555beb New profile and remove debug flag in hook 2020-09-03 14:50:36 +02:00
10 changed files with 182 additions and 19 deletions
Expand all files Collapse all files

28
hooks/containerbuild/debian/install-letsencrypt-ca Executable file
View File

@ -0,0 +1,28 @@
#!/usr/bin/env bash
set -e
DESTDIR=/usr/local/share/ca-certificates
UPDATE_CERTS_CMD=update-ca-certificates
CERTS="$(cat <<EOF
https://letsencrypt.org/certs/isrgrootx1.pem
https://letsencrypt.org/certs/isrg-root-x2.pem
https://letsencrypt.org/certs/lets-encrypt-r3.pem
https://letsencrypt.org/certs/lets-encrypt-e1.pem
https://letsencrypt.org/certs/lets-encrypt-r4.pem
https://letsencrypt.org/certs/lets-encrypt-e2.pem
EOF
)"
echo "ENV DEBIAN_FRONTEND=noninteractive" >> Dockerfile
echo "RUN apt-get update && apt-get install --yes --no-install-recommends wget openssl ca-certificates" >> Dockerfile
for cert in $CERTS; do
filename=$(basename "$cert")
echo "RUN wget -O '$DESTDIR/$filename' $cert" >> Dockerfile
echo "RUN openssl x509 -in '$DESTDIR/$filename' -inform PEM -out '$DESTDIR/$filename.crt'" >> Dockerfile
done
echo "RUN $UPDATE_CERTS_CMD" >> Dockerfile
echo "ENV DEBIAN_FRONTEND=" >> Dockerfile

26
hooks/prebuild/eole/create-changelog
View File

@ -12,11 +12,11 @@ pkg_tags="$(git for-each-ref --format '%(refname)' refs/tags | tac)"
# Set starting commit # Set starting commit
ceiling_commit=$(git describe --match "build/*" --abbrev=0 2>/dev/null) ceiling_commit=$(git describe --match "build/*" --abbrev=0 2>/dev/null)
if [ -z "ceiling_commit" ] if [ -z "$ceiling_commit" ]
then then
ceiling_commit="HEAD" ceiling_commit="HEAD"
fi fi
first_commit=$(git rev-list --max-parents=0 master) first_commit=$(git rev-list --max-parents=0 HEAD)
# Get commits log as changelog # Get commits log as changelog
@ -63,10 +63,10 @@ function parse_tag {
extended_version="${tag##*/}" extended_version="${tag##*/}"
if [ "$flavor" = "pkg" ] if [ "$flavor" = "pkg" ]
then then
exploded_version="$(echo $extended_version | sed "s/\([a-z0-9.]\+\)-\([0-9]\+\)\(-[a-z]\++[0-9]\+\)\?\(-\([0-9]\+\)-\(g[a-z0-9]\+\)\)\?$/version:\1 revision:\2 modification:\3 distance:\5 anchor:\6/")" exploded_version="$(echo $extended_version | sed "s/\([a-z0-9.+]\+\)-\([0-9]\+\)\(-[a-z]\++[0-9]\+\)\?\(-\([0-9]\+\)-\(g[a-z0-9]\+\)\)\?$/version:\1 revision:\2 modification:\3 distance:\5 anchor:\6/")"
elif [ "$flavor" = "release" ] elif [ "$flavor" = "release" ]
then then
exploded_version="$(echo $extended_version | sed "s/\([a-z0-9.]\+\)\(-\([0-9]\+\)-\(g[a-z0-9]\+\)\)\?$/version:\1 distance:\3 anchor:\4/")" exploded_version="$(echo $extended_version | sed "s/\([a-z0-9.+]\+\)\(-\([0-9]\+\)-\(g[a-z0-9]\+\)\)\?$/version:\1 distance:\3 anchor:\4/")"
fi fi
echo $exploded_version echo $exploded_version
} }
@ -105,13 +105,11 @@ function get_package_version_from_tag {
function get_distribution_from_tag { function get_distribution_from_tag {
# tag pkg like pkg/<level>/<distrib>/<version> # tag pkg like pkg/<level>/<distrib>/<version>
# <distrib> may be composed # <distrib> may be composed
set -x
tag="$1" tag="$1"
distribution="${tag#pkg/*/}" distribution="${tag#pkg/*/}"
distribution="${distribution%/*}" distribution="${distribution%/*}"
distribution="${distribution/\//-}" distribution="${distribution/\//-}"
echo $distribution echo $distribution
set +x
} }
function get_previous_release_tag { function get_previous_release_tag {
@ -183,6 +181,7 @@ function packager_from_commit {
} }
function next_version { function next_version {
set -x
commit="$1" commit="$1"
# upstream version is given by most recent of release or pkg tag # upstream version is given by most recent of release or pkg tag
previous_pkg="$(git describe --long --match='pkg/*' $commit 2>/dev/null)" previous_pkg="$(git describe --long --match='pkg/*' $commit 2>/dev/null)"
@ -206,6 +205,7 @@ function next_version {
version="$(get_upstream_version_from_tag $previous_release)-1" version="$(get_upstream_version_from_tag $previous_release)-1"
elif [ -n "$previous_pkg" ] elif [ -n "$previous_pkg" ]
then then
distance_from_pkg=$(get_distance_from_tag "$previous_pkg" "$commit")
distance=$distance_from_pkg distance=$distance_from_pkg
version="$(get_upstream_version_from_tag $previous_pkg)-$(expr $(get_package_version_from_tag $previous_pkg) + 1)" version="$(get_upstream_version_from_tag $previous_pkg)-$(expr $(get_package_version_from_tag $previous_pkg) + 1)"
else else
@ -214,22 +214,22 @@ function next_version {
fi fi
if [ "$package_level" = 'dev' ] || [ "$package_level" = 'staging' ] if [ "$package_level" = 'dev' ] || [ "$package_level" = 'staging' ]
then then
version="${version}~${package_level}+${distance}~$(get_short_hash $commit)" version="${version}~${package_level}+${distance}"
fi fi
echo $version echo $version
set +x
} }
function gen_changelog_entry { function gen_changelog_entry {
ceiling_commit=$1 ceiling_commit=$1
floor_commit="$(next_step "${ceiling_commit}")" floor_commit="$(next_step "${ceiling_commit}")"
if [ "$(get_hash ${ceiling_commit})" = "$(get_hash ${floor_commit})" ] if [ "$(get_hash ${ceiling_commit})" = "$(get_hash ${floor_commit})" ]
then then
return 1 return 1
fi fi
if on_pkg_tag $ceiling_commit if on_pkg_tag $ceiling_commit
then then
ceiling_commit="$(get_previous_pkg_tag $ceiling_commit)"
version="$(get_upstream_version_from_tag $ceiling_commit)-$(get_package_version_from_tag $ceiling_commit)" version="$(get_upstream_version_from_tag $ceiling_commit)-$(get_package_version_from_tag $ceiling_commit)"
distribution="$(get_distribution_from_tag $ceiling_commit)" distribution="$(get_distribution_from_tag $ceiling_commit)"
else else
@ -237,13 +237,11 @@ function gen_changelog_entry {
version=$(next_version $ceiling_commit) version=$(next_version $ceiling_commit)
distribution="UNRELEASED" distribution="UNRELEASED"
fi fi
#current_release="$(git describe --abbrev=0 --always --match='release/*' $ceiling_commit)" #current_release="$(git describe --abbrev=0 --always --match='release/*' $ceiling_commit)"
tamarin_info "Création de lentrée de changelog entre ${ceiling_commit} et ${floor_commit}" tamarin_info "Création de lentrée de changelog entre ${ceiling_commit} et ${floor_commit}"
maintainer="$(packager_from_commit ${ceiling_commit})" maintainer="$(packager_from_commit ${ceiling_commit})"
package_date="$(date_from_commit ${ceiling_commit})" package_date="$(date_from_commit ${ceiling_commit})"
version=${version/_/-} version=${version/_/-}
changelog_entry="${project_name} (${version}) ${distribution}; urgency=${urgency}" changelog_entry="${project_name} (${version}) ${distribution}; urgency=${urgency}"
echo "$changelog_entry" >> debian/changelog echo "$changelog_entry" >> debian/changelog
@ -262,9 +260,15 @@ function gen_changelog_entry {
} }
function gen_changelog() { function gen_changelog() {
limit=10
while gen_changelog_entry $ceiling_commit while gen_changelog_entry $ceiling_commit
do do
limit=`expr $limit - 1`
echo $changelog_entry echo $changelog_entry
if [ "$limit" -le 0 ]
then
break
fi
done done
} }

3
lib/tamarin.py
View File

@ -12,6 +12,9 @@ def run_profile_hooks(profile, step, **kwargs):
hook_path = os.path.join(hooks_dir, trimmed_hook_name) hook_path = os.path.join(hooks_dir, trimmed_hook_name)
run([hook_path], **kwargs) run([hook_path], **kwargs)
def get_base_dir():
return os.path.realpath(os.path.dirname(os.path.abspath(__file__)) + "/..")
def get_hooks_dir(): def get_hooks_dir():
return os.path.realpath(os.path.dirname(os.path.abspath(__file__)) + "/../hooks") return os.path.realpath(os.path.dirname(os.path.abspath(__file__)) + "/../hooks")

19
package
View File

@ -23,13 +23,16 @@ def create_args_parser():
parser.add_argument("--cleanup", help="Clear the workspace and remove obsolete Docker images before build", action="store_true", default=False) parser.add_argument("--cleanup", help="Clear the workspace and remove obsolete Docker images before build", action="store_true", default=False)
parser.add_argument("--override-docker-args", help="Override all 'docker run' arguments. Use '[IMAGE_TAG]', '[PROFILE]' and '[ARCH]' to insert the corresponding values into your command.", default="") parser.add_argument("--override-docker-args", help="Override all 'docker run' arguments. Use '[IMAGE_TAG]', '[PROFILE]' and '[ARCH]' to insert the corresponding values into your command.", default="")
parser.add_argument("--prepare-only", help="Only prepare build environment for the given profile", action="store_true", default=False) parser.add_argument("--prepare-only", help="Only prepare build environment for the given profile", action="store_true", default=False)
parser.add_argument("--no-lib-mounts", help="Disable Tamarin library volumes mount", action="store_true", default=False)
return parser return parser
def build_image(build_workspace, base_image, profile_name, profile, debug=False, rebuild=False): def build_image(build_workspace, base_image, profile_name, profile, debug=False, rebuild=False):
shutil.copytree(tamarin.get_base_dir(), os.path.join(build_workspace, '.tamarin'))
with open("{:s}/Dockerfile".format(build_workspace), 'w') as dockerfile: with open("{:s}/Dockerfile".format(build_workspace), 'w') as dockerfile:
dockerfile.write("FROM {:s}\n".format(base_image)) dockerfile.write("FROM {:s}\n".format(base_image))
dockerfile.write("COPY .tamarin /tamarin\n")
# Configure "containerbuild" hooks environment # Configure "containerbuild" hooks environment
hooks_env = os.environ.copy() hooks_env = os.environ.copy()
@ -105,12 +108,16 @@ if __name__ == "__main__":
# volumes definition # volumes definition
docker_args += [ docker_args += [
"-v", "{:s}:/src:ro".format(project_dir), "-v", "{:s}:/src:z,ro".format(project_dir),
"-v", "{:s}:/dist".format(output_dir), "-v", "{:s}:/dist:z".format(output_dir),
"-v", "{:s}:/tamarin/hooks:ro".format(tamarin.get_hooks_dir()), ]
"-v", "{:s}:/tamarin/lib:ro".format(tamarin.get_lib_dir()),
"-v", "{:s}:/tamarin/profiles:ro".format(tamarin.get_profiles_dir()), if not args.no_lib_mounts:
"-v", "{:s}:/tamarin/utils:ro".format(tamarin.get_utils_dir()) docker_args += [
"-v", "{:s}:/tamarin/hooks:z,ro".format(tamarin.get_hooks_dir()),
"-v", "{:s}:/tamarin/lib:z,ro".format(tamarin.get_lib_dir()),
"-v", "{:s}:/tamarin/profiles:z,ro".format(tamarin.get_profiles_dir()),
"-v", "{:s}:/tamarin/utils:z,ro".format(tamarin.get_utils_dir())
] ]
# Use environment proxy if defined # Use environment proxy if defined

3
profiles/debian.conf
View File

@ -7,7 +7,8 @@ default_image=debian:stretch
[containerbuild] [containerbuild]
hooks= hooks=
containerbuild/debian/install-build-essential, containerbuild/debian/install-build-essential,
containerbuild/debian/install-git containerbuild/debian/install-git,
containerbuild/debian/install-letsencrypt-ca
# Configuration de l'étape de pré-construction du paquet # Configuration de l'étape de pré-construction du paquet
[prebuild] [prebuild]

30
profiles/eole-2.7.0.conf Normal file
View File

@ -0,0 +1,30 @@
# Configuration générale du profil
[profile]
# Image Docker par défaut
default_image=ubuntu:bionic
# Configuration de l'étape de pré-construction du conteneur
[containerbuild]
hooks=
containerbuild/debian/install-build-essential,
containerbuild/debian/install-git,
# Configuration de l'étape de pré-construction du paquet
[prebuild]
hooks=
prebuild/debian/copy-sources-to-workspace,
prebuild/debian/run-project-hooks,
prebuild/debian/load-project-db,
prebuild/debian/complete-project-db,
prebuild/eole/create-changelog,
prebuild/debian/install-build-depends
# Configuration de l'étape de construction du paquet
[build]
hooks=build/debian/build
# Configuration de l'étape de post-construction du paquet
[postbuild]
hooks=
postbuild/debian/run-project-hooks,
postbuild/debian/export-dist

1
profiles/eole-2.7.1.conf
View File

@ -17,7 +17,6 @@ hooks=
prebuild/debian/load-project-db, prebuild/debian/load-project-db,
prebuild/debian/complete-project-db, prebuild/debian/complete-project-db,
prebuild/eole/create-changelog, prebuild/eole/create-changelog,
prebuild/eole/add-package-version-suffix,
prebuild/debian/install-build-depends prebuild/debian/install-build-depends
# Configuration de l'étape de construction du paquet # Configuration de l'étape de construction du paquet

30
profiles/eole-2.7.2.conf Normal file
View File

@ -0,0 +1,30 @@
# Configuration générale du profil
[profile]
# Image Docker par défaut
default_image=ubuntu:bionic
# Configuration de l'étape de pré-construction du conteneur
[containerbuild]
hooks=
containerbuild/debian/install-build-essential,
containerbuild/debian/install-git,
# Configuration de l'étape de pré-construction du paquet
[prebuild]
hooks=
prebuild/debian/copy-sources-to-workspace,
prebuild/debian/run-project-hooks,
prebuild/debian/load-project-db,
prebuild/debian/complete-project-db,
prebuild/eole/create-changelog,
prebuild/debian/install-build-depends
# Configuration de l'étape de construction du paquet
[build]
hooks=build/debian/build
# Configuration de l'étape de post-construction du paquet
[postbuild]
hooks=
postbuild/debian/run-project-hooks,
postbuild/debian/export-dist

30
profiles/eole-2.8.1.conf Normal file
View File

@ -0,0 +1,30 @@
# Configuration générale du profil
[profile]
# Image Docker par défaut
default_image=ubuntu:focal
# Configuration de l'étape de pré-construction du conteneur
[containerbuild]
hooks=
containerbuild/debian/install-build-essential,
containerbuild/debian/install-git,
# Configuration de l'étape de pré-construction du paquet
[prebuild]
hooks=
prebuild/debian/copy-sources-to-workspace,
prebuild/debian/run-project-hooks,
prebuild/debian/load-project-db,
prebuild/debian/complete-project-db,
prebuild/eole/create-changelog,
prebuild/debian/install-build-depends
# Configuration de l'étape de construction du paquet
[build]
hooks=build/debian/build
# Configuration de l'étape de post-construction du paquet
[postbuild]
hooks=
postbuild/debian/run-project-hooks,
postbuild/debian/export-dist

31
profiles/eole-2.9.0.conf Normal file
View File

@ -0,0 +1,31 @@
# Configuration générale du profil
[profile]
# Image Docker par défaut
default_image=ubuntu:jammy
# Configuration de l'étape de pré-construction du conteneur
[containerbuild]
hooks=
containerbuild/debian/install-build-essential,
containerbuild/debian/install-git,
containerbuild/eole-2.9.0/configure-additional-repository,
# Configuration de l'étape de pré-construction du paquet
[prebuild]
hooks=
prebuild/debian/copy-sources-to-workspace,
prebuild/debian/run-project-hooks,
prebuild/debian/load-project-db,
prebuild/debian/complete-project-db,
prebuild/eole/create-changelog,
prebuild/debian/install-build-depends
# Configuration de l'étape de construction du paquet
[build]
hooks=build/debian/build
# Configuration de l'étape de post-construction du paquet
[postbuild]
hooks=
postbuild/debian/run-project-hooks,
postbuild/debian/export-dist