diff --git a/.forgejo/bin/build.sh b/.forgejo/bin/build.sh new file mode 100755 index 0000000..c065c38 --- /dev/null +++ b/.forgejo/bin/build.sh @@ -0,0 +1,268 @@ +#!/bin/sh +# shellcheck disable=SC3043 + +. /usr/local/lib/functions.sh + +# shellcheck disable=SC3040 +set -eu -o pipefail + +readonly APORTSDIR=$CI_PROJECT_DIR +readonly REPOS="main community testing" +readonly ARCH=$(apk --print-arch) +# gitlab variables +readonly BASEBRANCH=$CI_MERGE_REQUEST_TARGET_BRANCH_NAME + +: "${REPODEST:=$HOME/packages}" +: "${MIRROR:=https://ayakael.net/api/packages/forge/alpine}" +: "${ALPINE_MIRROR:=http://dl-cdn.alpinelinux.org/alpine}" +: "${MAX_ARTIFACT_SIZE:=300000000}" #300M +: "${CI_DEBUG_BUILD:=}" + +: "${CI_ALPINE_BUILD_OFFSET:=0}" +: "${CI_ALPINE_BUILD_LIMIT:=9999}" + +msg() { + local color=${2:-green} + case "$color" in + red) color="31";; + green) color="32";; + yellow) color="33";; + blue) color="34";; + *) color="32";; + esac + printf "\033[1;%sm>>>\033[1;0m %s\n" "$color" "$1" | xargs >&2 +} + +verbose() { + echo "> " "$@" + # shellcheck disable=SC2068 + $@ +} + +debugging() { + [ -n "$CI_DEBUG_BUILD" ] +} + +debug() { + if debugging; then + verbose "$@" + fi +} + +die() { + msg "$1" red + exit 1 +} + +capture_stderr() { + "$@" 2>&1 +} + +report() { + report=$1 + + reportsdir=$APORTSDIR/logs/ + mkdir -p "$reportsdir" + + tee -a "$reportsdir/$report.log" +} + +get_release() { + echo $CI_ALPINE_TARGET +} + + +get_qubes_release() { + case $BASEBRANCH in + r*) echo $BASEBRANCH;; + main) echo r4.3;; + esac +} + +changed_aports() { + : "${APORTSDIR?APORTSDIR missing}" + : "${BASEBRANCH?BASEBRANCH missing}" + + cd "$APORTSDIR" + local aports + + aports=$(git diff --name-only --diff-filter=ACMR \ + "$BASEBRANCH"...HEAD -- "*/APKBUILD" | xargs -rn1 dirname) + + # shellcheck disable=2086 + ap builddirs -d "$APORTSDIR" $aports 2>/dev/null | xargs -rn1 basename +} + + +build_aport() { + local repo="$1" aport="$2" + cd "$APORTSDIR/$repo/$aport" + if abuild -r 2>&1 | report "build-$aport"; then + checkapk 2>&1 | report "checkapk-$aport" || true + aport_ok="$aport_ok $repo/$aport" + else + aport_ng="$aport_ng $repo/$aport" + fi +} + +check_aport() { + local repo="$1" aport="$2" + cd "$APORTSDIR/$repo/$aport" + if ! abuild check_arch 2>/dev/null; then + aport_na="$aport_na $repo/$aport" + return 1 + fi +} + +set_repositories_for() { + local target_repo="$1" repos='' repo='' + local release + + release=$(get_release) + for repo in qubes-$(get_qubes_release); do + [ "$repo" = "non-free" ] && continue + [ "$release" == "edge" ] && [ "$repo" == "backports" ] && continue + repos="$repos $MIRROR/$release/$repo $REPODEST/$repo" + [ "$repo" = "$target_repo" ] && break + done + doas sh -c "printf '%s\n' $repos >> /etc/apk/repositories" + doas apk update || true +} + +apply_offset_limit() { + start=$1 + limit=$2 + end=$((start+limit)) + + sed -n "$((start+1)),${end}p" +} + +setup_system() { + local repos='' repo='' + local release + + release=$(get_release) + for repo in $REPOS; do + [ "$release" != "edge" ] && [ "$repo" == "testing" ] && continue + repos="$repos $ALPINE_MIRROR/$release/$repo" + done + doas sh -c "printf '%s\n' $repos > /etc/apk/repositories" + doas apk -U upgrade -a || apk fix || die "Failed to up/downgrade system" + abuild-keygen -ain + doas sed -i -E 's/export JOBS=[0-9]+$/export JOBS=$(nproc)/' /etc/abuild.conf + ( . /usr/share/abuild/default.conf; . /etc/abuild.conf; echo "Building with ${JOBS-1} jobs" ) + mkdir -p "$REPODEST" + git config --global init.defaultBranch master +} + +sysinfo() { + printf ">>> Host system information (arch: %s, release: %s) <<<\n" "$ARCH" "$(get_release)" + printf "- Number of Cores: %s\n" "$(nproc)" + printf "- Memory: %s Gb\n" "$(awk '/^MemTotal/ {print ($2/1024/1024)}' /proc/meminfo)" + printf "- Free space: %s\n" "$(df -hP / | awk '/\/$/ {print $4}')" +} + +copy_artifacts() { + cd "$APORTSDIR" + + packages_size="$(du -sk "$REPODEST" | awk '{print $1 * 1024}')" + if [ -z "$packages_size" ]; then + return + fi + + echo "Artifact size: $packages_size bytes" + + mkdir -p keys/ packages/ + + if [ "$packages_size" -lt $MAX_ARTIFACT_SIZE ]; then + msg "Copying packages for artifact upload" + cp -ar "$REPODEST"/* packages/ 2>/dev/null + cp ~/.abuild/*.rsa.pub keys/ + else + msg "Artifact size $packages_size larger than max ($MAX_ARTIFACT_SIZE), skipping uploading them" yellow + fi +} + +section_start setup "Setting up the system" collapse + +if debugging; then + set -x +fi + +aport_ok= +aport_na= +aport_ng= +failed= + +sysinfo || true +setup_system || die "Failed to setup system" + +# git no longer allows to execute in repositories owned by different users +doas chown -R buildozer: . + +fetch_flags="-qn" +debugging && fetch_flags="-v" + +git fetch $fetch_flags "$CI_MERGE_REQUEST_PROJECT_URL" \ + "+refs/heads/$BASEBRANCH:refs/heads/$BASEBRANCH" + +if debugging; then + merge_base=$(git merge-base "$BASEBRANCH" HEAD) || echo "Could not determine merge-base" + echo "Merge base: $merge_base" + git --version + git config -l + [ -n "$merge_base" ] && git tag -f merge-base "$merge_base" + git --no-pager log -200 --oneline --graph --decorate --all +fi + +section_end setup + +build_start=$CI_ALPINE_BUILD_OFFSET +build_limit=$CI_ALPINE_BUILD_LIMIT + +set_repositories_for $(get_qubes_release) +built_aports=0 +changed_aports_in_repo=$(changed_aports $BASEBRANCH) +changed_aports_in_repo_count=$(echo "$changed_aports_in_repo" | wc -l) +changed_aports_to_build=$(echo "$changed_aports_in_repo" | apply_offset_limit "$build_start" "$build_limit") + +msg "Changed aports:" +# shellcheck disable=SC2086 # Splitting is expected here +printf " - %s\n" $changed_aports_to_build +for pkgname in $changed_aports_to_build; do + section_start "build_$pkgname" "Building package $pkgname" + built_aports=$((built_aports+1)) + if check_aport . "$pkgname"; then + build_aport . "$pkgname" + fi + section_end "build_$pkgname" +done + +section_start artifacts "Handeling artifacts" collapse +copy_artifacts || true +section_end artifacts + +section_start summary "Build summary" + +echo "### Build summary ###" + +for ok in $aport_ok; do + msg "$ok: build succesfully" +done + +for na in $aport_na; do + msg "$na: disabled for $ARCH" yellow +done + +for ng in $aport_ng; do + msg "$ng: build failed" red + failed=true +done +section_end summary + +if [ "$failed" = true ]; then + exit 1 +elif [ -z "$aport_ok" ]; then + msg "No packages found to be built." yellow +fi + diff --git a/.forgejo/patches/build.patch b/.forgejo/patches/build.patch deleted file mode 100644 index 81015ef..0000000 --- a/.forgejo/patches/build.patch +++ /dev/null @@ -1,140 +0,0 @@ -diff --git a/usr/local/bin/build.sh.orig b/usr/local/bin/build.sh -old mode 100644 -new mode 100755 -index c3b8f7a..0b1c9a5 ---- a/usr/local/bin/build.sh.orig -+++ b/usr/local/bin/build.sh -@@ -7,13 +7,14 @@ - set -eu -o pipefail - - readonly APORTSDIR=$CI_PROJECT_DIR --readonly REPOS="main community testing non-free" -+readonly REPOS="main community testing" - readonly ARCH=$(apk --print-arch) - # gitlab variables - readonly BASEBRANCH=$CI_MERGE_REQUEST_TARGET_BRANCH_NAME - - : "${REPODEST:=$HOME/packages}" --: "${MIRROR:=https://dl-cdn.alpinelinux.org/alpine}" -+: "${MIRROR:=https://ayakael.net/api/packages/forge/alpine}" -+: "${ALPINE_MIRROR:=http://dl-cdn.alpinelinux.org/alpine}" - : "${MAX_ARTIFACT_SIZE:=300000000}" #300M - : "${CI_DEBUG_BUILD:=}" - -@@ -67,13 +68,32 @@ report() { - } - - get_release() { -+ echo $CI_ALPINE_TARGET -+} -+ -+ -+get_qubes_release() { - case $BASEBRANCH in -- *-stable) echo v"${BASEBRANCH%-*}";; -- master) echo edge;; -- *) die "Branch \"$BASEBRANCH\" not supported!" -+ r*) echo $BASEBRANCH;; -+ main) echo r4.3;; - esac - } - -+changed_aports() { -+ : "${APORTSDIR?APORTSDIR missing}" -+ : "${BASEBRANCH?BASEBRANCH missing}" -+ -+ cd "$APORTSDIR" -+ local aports -+ -+ aports=$(git diff --name-only --diff-filter=ACMR \ -+ "$BASEBRANCH"...HEAD -- "*/APKBUILD" | xargs -rn1 dirname) -+ -+ # shellcheck disable=2086 -+ ap builddirs -d "$APORTSDIR" $aports 2>/dev/null | xargs -rn1 basename -+} -+ -+ - build_aport() { - local repo="$1" aport="$2" - cd "$APORTSDIR/$repo/$aport" -@@ -99,13 +119,13 @@ set_repositories_for() { - local release - - release=$(get_release) -- for repo in $REPOS; do -+ for repo in qubes-$(get_qubes_release); do - [ "$repo" = "non-free" ] && continue -- [ "$release" != "edge" ] && [ "$repo" == "testing" ] && continue -+ [ "$release" == "edge" ] && [ "$repo" == "backports" ] && continue - repos="$repos $MIRROR/$release/$repo $REPODEST/$repo" - [ "$repo" = "$target_repo" ] && break - done -- doas sh -c "printf '%s\n' $repos > /etc/apk/repositories" -+ doas sh -c "printf '%s\n' $repos >> /etc/apk/repositories" - doas apk update - } - -@@ -118,7 +138,15 @@ apply_offset_limit() { - } - - setup_system() { -- doas sh -c "echo $MIRROR/$(get_release)/main > /etc/apk/repositories" -+ local repos='' repo='' -+ local release -+ -+ release=$(get_release) -+ for repo in $REPOS; do -+ [ "$release" != "edge" ] && [ "$repo" == "testing" ] && continue -+ repos="$repos $ALPINE_MIRROR/$release/$repo" -+ done -+ doas sh -c "printf '%s\n' $repos > /etc/apk/repositories" - doas apk -U upgrade -a || apk fix || die "Failed to up/downgrade system" - abuild-keygen -ain - doas sed -i -E 's/export JOBS=[0-9]+$/export JOBS=$(nproc)/' /etc/abuild.conf -@@ -192,32 +220,22 @@ section_end setup - build_start=$CI_ALPINE_BUILD_OFFSET - build_limit=$CI_ALPINE_BUILD_LIMIT - --for repo in $(changed_repos); do -- set_repositories_for "$repo" -- built_aports=0 -- changed_aports_in_repo=$(changed_aports "$repo") -- changed_aports_in_repo_count=$(echo "$changed_aports_in_repo" | wc -l) -- changed_aports_to_build=$(echo "$changed_aports_in_repo" | apply_offset_limit "$build_start" "$build_limit") -+set_repositories_for $(get_qubes_release) -+built_aports=0 -+changed_aports_in_repo=$(changed_aports $BASEBRANCH) -+changed_aports_in_repo_count=$(echo "$changed_aports_in_repo" | wc -l) -+changed_aports_to_build=$(echo "$changed_aports_in_repo" | apply_offset_limit "$build_start" "$build_limit") - -- msg "Changed aports in $repo:" -- # shellcheck disable=SC2086 # Splitting is expected here -- printf " - %s\n" $changed_aports_to_build -- for pkgname in $changed_aports_to_build; do -- section_start "build_$pkgname" "Building package $pkgname" -- built_aports=$((built_aports+1)) -- if check_aport "$repo" "$pkgname"; then -- build_aport "$repo" "$pkgname" -- fi -- section_end "build_$pkgname" -- done -- -- build_start=$((build_start-(changed_aports_in_repo_count-built_aports))) -- build_limit=$((build_limit-built_aports)) -- -- if [ $build_limit -le 0 ]; then -- msg "Limit reached, breaking" -- break -+msg "Changed aports:" -+# shellcheck disable=SC2086 # Splitting is expected here -+printf " - %s\n" $changed_aports_to_build -+for pkgname in $changed_aports_to_build; do -+ section_start "build_$pkgname" "Building package $pkgname" -+ built_aports=$((built_aports+1)) -+ if check_aport . "$pkgname"; then -+ build_aport . "$pkgname" - fi -+ section_end "build_$pkgname" - done - - section_start artifacts "Handeling artifacts" collapse diff --git a/.forgejo/workflows/build-edge.yaml b/.forgejo/workflows/build-edge.yaml index 91f86a4..5ee48ea 100644 --- a/.forgejo/workflows/build-edge.yaml +++ b/.forgejo/workflows/build-edge.yaml @@ -24,9 +24,7 @@ jobs: with: fetch-depth: 500 - name: Package build - run: | - doas patch -d / -p1 -i ${{ github.workspace }}/.forgejo/patches/build.patch - build.sh + run: ${{ github.workspace }}/.forgejo/bin/build.sh - name: Package upload uses: forgejo/upload-artifact@v3 with: diff --git a/.forgejo/workflows/build-v3.20.yaml b/.forgejo/workflows/build-v3.20.yaml index d693f55..573aa23 100644 --- a/.forgejo/workflows/build-v3.20.yaml +++ b/.forgejo/workflows/build-v3.20.yaml @@ -24,9 +24,7 @@ jobs: with: fetch-depth: 500 - name: Package build - run: | - doas patch -d / -p1 -i ${{ github.workspace }}/.forgejo/patches/build.patch - build.sh + run: ${{ github.workspace }}/.forgejo/bin/build.sh - name: Package upload uses: forgejo/upload-artifact@v3 with: diff --git a/.forgejo/workflows/build-v3.21.yaml b/.forgejo/workflows/build-v3.21.yaml index 29ddff9..6ed7279 100644 --- a/.forgejo/workflows/build-v3.21.yaml +++ b/.forgejo/workflows/build-v3.21.yaml @@ -24,9 +24,7 @@ jobs: with: fetch-depth: 500 - name: Package build - run: | - doas patch -d / -p1 -i ${{ github.workspace }}/.forgejo/patches/build.patch - build.sh + run: ${{ github.workspace }}/.forgejo/bin/build.sh - name: Package upload uses: forgejo/upload-artifact@v3 with: