add docker packaging work
authorMicah Anderson <micah@riseup.net>
Fri, 18 Nov 2016 21:41:55 +0000 (16:41 -0500)
committerMicah Anderson <micah@riseup.net>
Fri, 18 Nov 2016 21:41:55 +0000 (16:41 -0500)
docker/packaging/B09lintian [new file with mode: 0644]
docker/packaging/D10aptupdate [new file with mode: 0644]
docker/packaging/D11unsafeio [new file with mode: 0644]
docker/packaging/D12aptupgrade [new file with mode: 0644]
docker/packaging/Dockerfile [new file with mode: 0644]
docker/packaging/dput.cf [new file with mode: 0644]
docker/packaging/mini-dinstall.conf [new file with mode: 0644]
docker/packaging/pbuilderrc [new file with mode: 0644]

diff --git a/docker/packaging/B09lintian b/docker/packaging/B09lintian
new file mode 100644 (file)
index 0000000..069a237
--- /dev/null
@@ -0,0 +1,11 @@
+#!/bin/sh
+#
+# run lintian on the finished binary package
+
+apt-get install -y --force-yes lintian
+
+cd /tmp/buildd/*/debian/..
+
+echo "START LINTIAN"
+lintian || true
+echo "END LINTIAN"
diff --git a/docker/packaging/D10aptupdate b/docker/packaging/D10aptupdate
new file mode 100644 (file)
index 0000000..b47ca03
--- /dev/null
@@ -0,0 +1,4 @@
+#!/bin/sh
+# apt update
+
+apt-get update
diff --git a/docker/packaging/D11unsafeio b/docker/packaging/D11unsafeio
new file mode 100644 (file)
index 0000000..189f692
--- /dev/null
@@ -0,0 +1,8 @@
+#!/bin/bash
+
+# make sure we use force-unsafe-io
+installed="$(apt-cache policy dpkg | grep Installed | cut -d ' ' -f 4)"
+if $(dpkg --compare-versions "$installed" ge "1.15.8.6") && [ -z "$(grep '^force-unsafe-io' /etc/dpkg/dpkg.cfg)" ]; then 
+    echo "Setting force-unsafe-io for dpkg"
+    echo "force-unsafe-io" >> /etc/dpkg/dpkg.cfg
+fi
diff --git a/docker/packaging/D12aptupgrade b/docker/packaging/D12aptupgrade
new file mode 100644 (file)
index 0000000..c47bd54
--- /dev/null
@@ -0,0 +1,2 @@
+#!/bin/sh
+apt-get dist-upgrade -y --force-yes
diff --git a/docker/packaging/Dockerfile b/docker/packaging/Dockerfile
new file mode 100644 (file)
index 0000000..d746ae9
--- /dev/null
@@ -0,0 +1,66 @@
+FROM debian:jessie-backports
+
+MAINTAINER LEAP Encryption Access Project <info@leap.se>
+LABEL Description="Bare debian jessie baseimage with cowbuilder chroots for building packages" Vendor="LEAP" Version="1.x"
+
+RUN mkdir -p /var/cache/archive/mini-dinstall/incoming
+RUN mkdir /root/.pbuilder-hooks
+
+ADD ./pbuilderrc /root/.pbuilderrc
+ADD ./mini-dinstall.conf /root/.mini-dinstall.conf
+ADD ./dput.cf /root/.dput.cf
+ADD ./B09lintian /root/.pbuilder-hooks/B09lintian
+ADD ./D10aptupdate /root/.pbuilder-hooks/D10aptupdate
+ADD ./D11unsafeio /root/.pbuilder-hooks/D11unsafeio
+ADD ./D12aptupgrade /root/.pbuilder-hooks/D12aptupgradee
+
+RUN sed -i 's/httpredir/deb/' /etc/apt/sources.list
+RUN apt-get update \
+  && apt-get install -y --no-install-recommends \
+    git \
+    locales \
+    sudo \
+    cowbuilder \
+    devscripts \
+    ubuntu-archive-keyring \
+    dput \
+    mini-dinstall\
+  && apt-get clean \
+  && rm -rf /var/lib/apt/lists/*
+
+RUN localedef -i en_US -c -f UTF-8 -A /usr/share/locale/locale.alias en_US.UTF-8
+ENV LANG en_US.utf8
+
+RUN useradd -ms /bin/bash -G sudo cirunner
+
+# allow all members of sudo group to execute any command without password
+RUN sed -i 's/^%sudo.*/%sudo ALL=(ALL) NOPASSWD:ALL/' /etc/sudoers
+
+RUN mkdir /var/cache/pbuilder/sid-i386 \
+  && DIST=sid ARCH=i386 cowbuilder --create --basepath /var/cache/pbuilder/sid-i386/base.cow --distribution sid --debootstrapopts --arch --debootstrapopts i386
+RUN mkdir /var/cache/pbuilder/sid-amd64 \
+  && DIST=sid ARCH=amd64 cowbuilder --create --basepath /var/cache/pbuilder/sid-amd64/base.cow --distribution sid --debootstrapopts --arch --debootstrapopts amd64
+RUN mkdir /var/cache/pbuilder/stretch-i386 \
+  && DIST=stretch ARCH=i386 cowbuilder --create --basepath /var/cache/pbuilder/stretch-i386/base.cow --distribution strecth --debootstrapopts --arch --debootstrapopts i386
+RUN mkdir /var/cache/pbuilder/stretch-amd64 \
+  && DIST=sid ARCH=amd64 cowbuilder --create --basepath /var/cache/pbuilder/stretch-amd64/base.cow --distribution stretch --debootstrapopts --arch --debootstrapopts amd64
+RUN mkdir /var/cache/pbuilder/jessie-i386 \
+  && DIST=jessie ARCH=i386 cowbuilder --create --basepath /var/cache/pbuilder/jessie-i386/base.cow --distribution jessie --debootstrapopts --arch --debootstrapopts i386
+RUN mkdir /var/cache/pbuilder/jessie-amd64 \
+  && DIST=jessie ARCH=amd64 cowbuilder --create --basepath /var/cache/pbuilder/jessie-amd64/base.cow --distribution jessie --debootstrapopts --arch --debootstrapopts amd64
+RUN mkdir /var/cache/pbuilder/vivid-i386 \
+  && DIST=vivid ARCH=i386 cowbuilder --create --basepath /var/cache/pbuilder/vivid-i386/base.cow --distribution vivid --debootstrapopts --arch --debootstrapopts i386
+RUN mkdir /var/cache/pbuilder/vivid-amd64 \
+  && DIST=vivid ARCH=amd64 cowbuilder --create --basepath /var/cache/pbuilder/vivid-amd64/base.cow --distribution vivid --debootstrapopts --arch --debootstrapopts amd64
+RUN mkdir /var/cache/pbuilder/wily-i386 \
+  && DIST=wily ARCH=i386 cowbuilder --create --basepath /var/cache/pbuilder/wily-i386/base.cow --distribution wily --debootstrapopts --arch --debootstrapopts i386
+RUN mkdir /var/cache/pbuilder/wily-amd64 \
+  && DIST=wily ARCH=amd64 cowbuilder --create --basepath /var/cache/pbuilder/wily-amd64/base.cow --distribution wily --debootstrapopts --arch --debootstrapopts amd64
+RUN mkdir /var/cache/pbuilder/xenial-i386 \
+  && DIST=xenial ARCH=i386 cowbuilder --create --basepath /var/cache/pbuilder/xenial-i386/base.cow --distribution xenial --debootstrapopts --arch --debootstrapopts i386
+RUN mkdir /var/cache/pbuilder/xenial-amd64 \
+  && DIST=xenial ARCH=amd64 cowbuilder --create --basepath /var/cache/pbuilder/xenial-amd64/base.cow --distribution xenial --debootstrapopts --arch --debootstrapopts amd64
+RUN mkdir /var/cache/pbuilder/yakkety-i386 \
+  && DIST=yakkety ARCH=i386 cowbuilder --create --basepath /var/cache/pbuilder/yakkety-i386/base.cow --distribution yakkety --debootstrapopts --arch --debootstrapopts i386
+RUN mkdir /var/cache/pbuilder/yakkety-amd64 \
+  && DIST=yakkety ARCH=amd64 cowbuilder --create --basepath /var/cache/pbuilder/yakkety-amd64/base.cow --distribution yakkety --debootstrapopts --arch --debootstrapopts amd64
diff --git a/docker/packaging/dput.cf b/docker/packaging/dput.cf
new file mode 100644 (file)
index 0000000..fcdaec0
--- /dev/null
@@ -0,0 +1,6 @@
+[local]
+method = local
+incoming = /var/cache/archive/mini-dinstall/incoming
+allow_non-us_software = 1
+run_dinstall = 0
+post_upload_command = mini-dinstall --batch
diff --git a/docker/packaging/mini-dinstall.conf b/docker/packaging/mini-dinstall.conf
new file mode 100644 (file)
index 0000000..c92ee02
--- /dev/null
@@ -0,0 +1,25 @@
+[DEFAULT]
+architectures = all, i386, amd64
+archivedir = /var/cache/archive/
+use_dnotify = 0
+verify_sigs = 0
+extra_keyrings = ~/.gnupg/pubring.gpg
+mail_on_success = 0
+archive_style = flat
+poll_time = 10
+mail_log_level = NONE
+
+[sid]
+
+[stretch]
+
+[jessie]
+
+[vivid]
+
+[wily]
+
+[xenial]
+
+[yakkety]
+
diff --git a/docker/packaging/pbuilderrc b/docker/packaging/pbuilderrc
new file mode 100644 (file)
index 0000000..0f3b26d
--- /dev/null
@@ -0,0 +1,97 @@
+HOOKDIR="/root/.pbuilder-hooks"
+
+# Codenames for Debian suites according to their alias. Update these when
+# needed.
+UNSTABLE_CODENAME="sid"
+TESTING_CODENAME="stretch"
+STABLE_CODENAME="jessie"
+STABLE_BACKPORTS_SUITE="$STABLE_CODENAME-backports"
+
+# List of Debian suites.
+DEBIAN_SUITES=($UNSTABLE_CODENAME $TESTING_CODENAME $STABLE_CODENAME $STABLE_BACKPORTS_SUITE
+    "unstable" "testing" "stable")
+
+# List of Ubuntu suites. Update these when needed.
+UBUNTU_SUITES=("xenial" "wily" "vivid" "yakkety" "trusty")
+
+# Mirrors to use. Update these to your preferred mirror.
+DEBIAN_MIRROR="deb.debian.org"
+UBUNTU_MIRROR="mirrors.kernel.org"
+
+EXTRAPACKAGES=eatmydata
+EATMYDATA=yes
+
+export LD_PRELOAD=${LD_PRELOAD:+$LDPRELOAD:}libeatmydata.so
+PBUILDERSATISFYDEPENDSCMD="/usr/lib/pbuilder/pbuilder-satisfydepends-gdebi"
+
+PKGNAME_LOGFILE_EXTENTION="_$(dpkg --print-architecture).build"
+PKGNAME_LOGFILE=yes
+
+export DH_VERBOSE=1
+
+# Optionally use the changelog of a package to determine the suite to use if
+# none set.
+if [ -z "${DIST}" ] && [ -r "debian/changelog" ]; then
+    DIST=$(dpkg-parsechangelog | awk '/^Distribution: / {print $2}')
+    # Use the unstable suite for certain suite values.
+    if $(echo "experimental UNRELEASED" | grep -q $DIST); then
+        DIST="$UNSTABLE_CODENAME"
+    fi
+    # Use the stable suite for stable-backports.
+    if $(echo "$STABLE_BACKPORTS_SUITE" | grep -q $DIST); then
+        DIST="$STABLE_CODENAME"
+    fi
+fi
+
+# Optionally set a default distribution if none is used. Note that you can set
+# your own default (i.e. ${DIST:="unstable"}).
+: ${DIST:="$(lsb_release --short --codename)"}
+
+# Optionally change Debian codenames in $DIST to their aliases.
+case "$DIST" in
+    $UNSTABLE_CODENAME)
+        DIST="unstable"
+        ;;
+    $TESTING_CODENAME)
+        DIST="testing"
+        ;;
+    $STABLE_CODENAME)
+        DIST="stable"
+        ;;
+esac
+
+# Optionally set the architecture to the host architecture if none set. Note
+# that you can set your own default (i.e. ${ARCH:="i386"}).
+: ${ARCH:="$(dpkg --print-architecture)"}
+
+NAME="$DIST"
+if [ -n "${ARCH}" ]; then
+    NAME="$NAME-$ARCH"
+    DEBOOTSTRAPOPTS=("--arch" "$ARCH" "${DEBOOTSTRAPOPTS[@]}")
+fi
+#BASETGZ="/var/cache/pbuilder/$NAME-base.tgz"
+# Optionally, set BASEPATH (and not BASETGZ) if using cowbuilder
+BASEPATH="/var/cache/pbuilder/$NAME/base.cow/"
+DISTRIBUTION="$DIST"
+BUILDRESULT="/var/cache/pbuilder/$NAME/result/"
+APTCACHE="/var/cache/pbuilder/$NAME/aptcache/"
+BUILDPLACE="/var/cache/pbuilder/build/"
+BINDMOUNTS="/var/cache/archive"
+
+if $(echo ${DEBIAN_SUITES[@]} | grep -q $DIST); then
+    # Debian configuration
+    MIRRORSITE="http://$DEBIAN_MIRROR/debian/"
+    COMPONENTS="main contrib non-free"
+    DEBOOTSTRAPOPTS=("${DEBOOTSTRAPOPTS[@]}" "--keyring=/usr/share/keyrings/debian-archive-keyring.gpg")
+    OTHERMIRROR="deb file:///var/cache/archive $DIST/"
+
+elif $(echo ${UBUNTU_SUITES[@]} | grep -q $DIST); then
+    # Ubuntu configuration
+    MIRRORSITE="http://$UBUNTU_MIRROR/ubuntu/"
+    COMPONENTS="main restricted universe multiverse"
+    DEBOOTSTRAPOPTS=("${DEBOOTSTRAPOPTS[@]}" "--keyring=/usr/share/keyrings/ubuntu-archive-keyring.gpg")
+    OTHERMIRROR="deb file:///var/cache/archive $DIST/"
+else
+    echo "Unknown distribution: $DIST"
+    exit 1
+fi