From 71bfc3e95d9f138e0d4d49dc4a7bd97bc6505d47 Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Fri, 18 Nov 2016 16:41:55 -0500 Subject: add docker packaging work --- docker/packaging/B09lintian | 11 +++++ docker/packaging/D10aptupdate | 4 ++ docker/packaging/D11unsafeio | 8 +++ docker/packaging/D12aptupgrade | 2 + docker/packaging/Dockerfile | 66 +++++++++++++++++++++++++ docker/packaging/dput.cf | 6 +++ docker/packaging/mini-dinstall.conf | 25 ++++++++++ docker/packaging/pbuilderrc | 97 +++++++++++++++++++++++++++++++++++++ 8 files changed, 219 insertions(+) create mode 100644 docker/packaging/B09lintian create mode 100644 docker/packaging/D10aptupdate create mode 100644 docker/packaging/D11unsafeio create mode 100644 docker/packaging/D12aptupgrade create mode 100644 docker/packaging/Dockerfile create mode 100644 docker/packaging/dput.cf create mode 100644 docker/packaging/mini-dinstall.conf create mode 100644 docker/packaging/pbuilderrc diff --git a/docker/packaging/B09lintian b/docker/packaging/B09lintian new file mode 100644 index 0000000..069a237 --- /dev/null +++ b/docker/packaging/B09lintian @@ -0,0 +1,11 @@ +#!/bin/sh +# +# run lintian on the finished binary package + +apt-get install -y --force-yes lintian + +cd /tmp/buildd/*/debian/.. + +echo "START LINTIAN" +lintian || true +echo "END LINTIAN" diff --git a/docker/packaging/D10aptupdate b/docker/packaging/D10aptupdate new file mode 100644 index 0000000..b47ca03 --- /dev/null +++ b/docker/packaging/D10aptupdate @@ -0,0 +1,4 @@ +#!/bin/sh +# apt update + +apt-get update diff --git a/docker/packaging/D11unsafeio b/docker/packaging/D11unsafeio new file mode 100644 index 0000000..189f692 --- /dev/null +++ b/docker/packaging/D11unsafeio @@ -0,0 +1,8 @@ +#!/bin/bash + +# make sure we use force-unsafe-io +installed="$(apt-cache policy dpkg | grep Installed | cut -d ' ' -f 4)" +if $(dpkg --compare-versions "$installed" ge "1.15.8.6") && [ -z "$(grep '^force-unsafe-io' /etc/dpkg/dpkg.cfg)" ]; then + echo "Setting force-unsafe-io for dpkg" + echo "force-unsafe-io" >> /etc/dpkg/dpkg.cfg +fi diff --git a/docker/packaging/D12aptupgrade b/docker/packaging/D12aptupgrade new file mode 100644 index 0000000..c47bd54 --- /dev/null +++ b/docker/packaging/D12aptupgrade @@ -0,0 +1,2 @@ +#!/bin/sh +apt-get dist-upgrade -y --force-yes diff --git a/docker/packaging/Dockerfile b/docker/packaging/Dockerfile new file mode 100644 index 0000000..d746ae9 --- /dev/null +++ b/docker/packaging/Dockerfile @@ -0,0 +1,66 @@ +FROM debian:jessie-backports + +MAINTAINER LEAP Encryption Access Project +LABEL Description="Bare debian jessie baseimage with cowbuilder chroots for building packages" Vendor="LEAP" Version="1.x" + +RUN mkdir -p /var/cache/archive/mini-dinstall/incoming +RUN mkdir /root/.pbuilder-hooks + +ADD ./pbuilderrc /root/.pbuilderrc +ADD ./mini-dinstall.conf /root/.mini-dinstall.conf +ADD ./dput.cf /root/.dput.cf +ADD ./B09lintian /root/.pbuilder-hooks/B09lintian +ADD ./D10aptupdate /root/.pbuilder-hooks/D10aptupdate +ADD ./D11unsafeio /root/.pbuilder-hooks/D11unsafeio +ADD ./D12aptupgrade /root/.pbuilder-hooks/D12aptupgradee + +RUN sed -i 's/httpredir/deb/' /etc/apt/sources.list +RUN apt-get update \ + && apt-get install -y --no-install-recommends \ + git \ + locales \ + sudo \ + cowbuilder \ + devscripts \ + ubuntu-archive-keyring \ + dput \ + mini-dinstall\ + && apt-get clean \ + && rm -rf /var/lib/apt/lists/* + +RUN localedef -i en_US -c -f UTF-8 -A /usr/share/locale/locale.alias en_US.UTF-8 +ENV LANG en_US.utf8 + +RUN useradd -ms /bin/bash -G sudo cirunner + +# allow all members of sudo group to execute any command without password +RUN sed -i 's/^%sudo.*/%sudo ALL=(ALL) NOPASSWD:ALL/' /etc/sudoers + +RUN mkdir /var/cache/pbuilder/sid-i386 \ + && DIST=sid ARCH=i386 cowbuilder --create --basepath /var/cache/pbuilder/sid-i386/base.cow --distribution sid --debootstrapopts --arch --debootstrapopts i386 +RUN mkdir /var/cache/pbuilder/sid-amd64 \ + && DIST=sid ARCH=amd64 cowbuilder --create --basepath /var/cache/pbuilder/sid-amd64/base.cow --distribution sid --debootstrapopts --arch --debootstrapopts amd64 +RUN mkdir /var/cache/pbuilder/stretch-i386 \ + && DIST=stretch ARCH=i386 cowbuilder --create --basepath /var/cache/pbuilder/stretch-i386/base.cow --distribution strecth --debootstrapopts --arch --debootstrapopts i386 +RUN mkdir /var/cache/pbuilder/stretch-amd64 \ + && DIST=sid ARCH=amd64 cowbuilder --create --basepath /var/cache/pbuilder/stretch-amd64/base.cow --distribution stretch --debootstrapopts --arch --debootstrapopts amd64 +RUN mkdir /var/cache/pbuilder/jessie-i386 \ + && DIST=jessie ARCH=i386 cowbuilder --create --basepath /var/cache/pbuilder/jessie-i386/base.cow --distribution jessie --debootstrapopts --arch --debootstrapopts i386 +RUN mkdir /var/cache/pbuilder/jessie-amd64 \ + && DIST=jessie ARCH=amd64 cowbuilder --create --basepath /var/cache/pbuilder/jessie-amd64/base.cow --distribution jessie --debootstrapopts --arch --debootstrapopts amd64 +RUN mkdir /var/cache/pbuilder/vivid-i386 \ + && DIST=vivid ARCH=i386 cowbuilder --create --basepath /var/cache/pbuilder/vivid-i386/base.cow --distribution vivid --debootstrapopts --arch --debootstrapopts i386 +RUN mkdir /var/cache/pbuilder/vivid-amd64 \ + && DIST=vivid ARCH=amd64 cowbuilder --create --basepath /var/cache/pbuilder/vivid-amd64/base.cow --distribution vivid --debootstrapopts --arch --debootstrapopts amd64 +RUN mkdir /var/cache/pbuilder/wily-i386 \ + && DIST=wily ARCH=i386 cowbuilder --create --basepath /var/cache/pbuilder/wily-i386/base.cow --distribution wily --debootstrapopts --arch --debootstrapopts i386 +RUN mkdir /var/cache/pbuilder/wily-amd64 \ + && DIST=wily ARCH=amd64 cowbuilder --create --basepath /var/cache/pbuilder/wily-amd64/base.cow --distribution wily --debootstrapopts --arch --debootstrapopts amd64 +RUN mkdir /var/cache/pbuilder/xenial-i386 \ + && DIST=xenial ARCH=i386 cowbuilder --create --basepath /var/cache/pbuilder/xenial-i386/base.cow --distribution xenial --debootstrapopts --arch --debootstrapopts i386 +RUN mkdir /var/cache/pbuilder/xenial-amd64 \ + && DIST=xenial ARCH=amd64 cowbuilder --create --basepath /var/cache/pbuilder/xenial-amd64/base.cow --distribution xenial --debootstrapopts --arch --debootstrapopts amd64 +RUN mkdir /var/cache/pbuilder/yakkety-i386 \ + && DIST=yakkety ARCH=i386 cowbuilder --create --basepath /var/cache/pbuilder/yakkety-i386/base.cow --distribution yakkety --debootstrapopts --arch --debootstrapopts i386 +RUN mkdir /var/cache/pbuilder/yakkety-amd64 \ + && DIST=yakkety ARCH=amd64 cowbuilder --create --basepath /var/cache/pbuilder/yakkety-amd64/base.cow --distribution yakkety --debootstrapopts --arch --debootstrapopts amd64 diff --git a/docker/packaging/dput.cf b/docker/packaging/dput.cf new file mode 100644 index 0000000..fcdaec0 --- /dev/null +++ b/docker/packaging/dput.cf @@ -0,0 +1,6 @@ +[local] +method = local +incoming = /var/cache/archive/mini-dinstall/incoming +allow_non-us_software = 1 +run_dinstall = 0 +post_upload_command = mini-dinstall --batch diff --git a/docker/packaging/mini-dinstall.conf b/docker/packaging/mini-dinstall.conf new file mode 100644 index 0000000..c92ee02 --- /dev/null +++ b/docker/packaging/mini-dinstall.conf @@ -0,0 +1,25 @@ +[DEFAULT] +architectures = all, i386, amd64 +archivedir = /var/cache/archive/ +use_dnotify = 0 +verify_sigs = 0 +extra_keyrings = ~/.gnupg/pubring.gpg +mail_on_success = 0 +archive_style = flat +poll_time = 10 +mail_log_level = NONE + +[sid] + +[stretch] + +[jessie] + +[vivid] + +[wily] + +[xenial] + +[yakkety] + diff --git a/docker/packaging/pbuilderrc b/docker/packaging/pbuilderrc new file mode 100644 index 0000000..0f3b26d --- /dev/null +++ b/docker/packaging/pbuilderrc @@ -0,0 +1,97 @@ +HOOKDIR="/root/.pbuilder-hooks" + +# Codenames for Debian suites according to their alias. Update these when +# needed. +UNSTABLE_CODENAME="sid" +TESTING_CODENAME="stretch" +STABLE_CODENAME="jessie" +STABLE_BACKPORTS_SUITE="$STABLE_CODENAME-backports" + +# List of Debian suites. +DEBIAN_SUITES=($UNSTABLE_CODENAME $TESTING_CODENAME $STABLE_CODENAME $STABLE_BACKPORTS_SUITE + "unstable" "testing" "stable") + +# List of Ubuntu suites. Update these when needed. +UBUNTU_SUITES=("xenial" "wily" "vivid" "yakkety" "trusty") + +# Mirrors to use. Update these to your preferred mirror. +DEBIAN_MIRROR="deb.debian.org" +UBUNTU_MIRROR="mirrors.kernel.org" + +EXTRAPACKAGES=eatmydata +EATMYDATA=yes + +export LD_PRELOAD=${LD_PRELOAD:+$LDPRELOAD:}libeatmydata.so +PBUILDERSATISFYDEPENDSCMD="/usr/lib/pbuilder/pbuilder-satisfydepends-gdebi" + +PKGNAME_LOGFILE_EXTENTION="_$(dpkg --print-architecture).build" +PKGNAME_LOGFILE=yes + +export DH_VERBOSE=1 + +# Optionally use the changelog of a package to determine the suite to use if +# none set. +if [ -z "${DIST}" ] && [ -r "debian/changelog" ]; then + DIST=$(dpkg-parsechangelog | awk '/^Distribution: / {print $2}') + # Use the unstable suite for certain suite values. + if $(echo "experimental UNRELEASED" | grep -q $DIST); then + DIST="$UNSTABLE_CODENAME" + fi + # Use the stable suite for stable-backports. + if $(echo "$STABLE_BACKPORTS_SUITE" | grep -q $DIST); then + DIST="$STABLE_CODENAME" + fi +fi + +# Optionally set a default distribution if none is used. Note that you can set +# your own default (i.e. ${DIST:="unstable"}). +: ${DIST:="$(lsb_release --short --codename)"} + +# Optionally change Debian codenames in $DIST to their aliases. +case "$DIST" in + $UNSTABLE_CODENAME) + DIST="unstable" + ;; + $TESTING_CODENAME) + DIST="testing" + ;; + $STABLE_CODENAME) + DIST="stable" + ;; +esac + +# Optionally set the architecture to the host architecture if none set. Note +# that you can set your own default (i.e. ${ARCH:="i386"}). +: ${ARCH:="$(dpkg --print-architecture)"} + +NAME="$DIST" +if [ -n "${ARCH}" ]; then + NAME="$NAME-$ARCH" + DEBOOTSTRAPOPTS=("--arch" "$ARCH" "${DEBOOTSTRAPOPTS[@]}") +fi +#BASETGZ="/var/cache/pbuilder/$NAME-base.tgz" +# Optionally, set BASEPATH (and not BASETGZ) if using cowbuilder +BASEPATH="/var/cache/pbuilder/$NAME/base.cow/" +DISTRIBUTION="$DIST" +BUILDRESULT="/var/cache/pbuilder/$NAME/result/" +APTCACHE="/var/cache/pbuilder/$NAME/aptcache/" +BUILDPLACE="/var/cache/pbuilder/build/" +BINDMOUNTS="/var/cache/archive" + +if $(echo ${DEBIAN_SUITES[@]} | grep -q $DIST); then + # Debian configuration + MIRRORSITE="http://$DEBIAN_MIRROR/debian/" + COMPONENTS="main contrib non-free" + DEBOOTSTRAPOPTS=("${DEBOOTSTRAPOPTS[@]}" "--keyring=/usr/share/keyrings/debian-archive-keyring.gpg") + OTHERMIRROR="deb file:///var/cache/archive $DIST/" + +elif $(echo ${UBUNTU_SUITES[@]} | grep -q $DIST); then + # Ubuntu configuration + MIRRORSITE="http://$UBUNTU_MIRROR/ubuntu/" + COMPONENTS="main restricted universe multiverse" + DEBOOTSTRAPOPTS=("${DEBOOTSTRAPOPTS[@]}" "--keyring=/usr/share/keyrings/ubuntu-archive-keyring.gpg") + OTHERMIRROR="deb file:///var/cache/archive $DIST/" +else + echo "Unknown distribution: $DIST" + exit 1 +fi -- cgit v1.2.3