Migrate to workdir version 5 and move already built packages into the edge
channel subdir, for example:
$WORK/packages/x86_64/hello-world-1-r5.apk
to:
$WORK/packages/edge/x86_64/hello-world-1-r5.apk
The build.postmarketos.org code has already been adjusted to find built
packages in either directory structure.
In case a package can't be built using crossdirect, add an APKBUILD
option to unconditionally disable crossdirect and use the slower
distcc approach instead. This is needed e.g. when using LD_PRELOAD during
the build as crossdirect cannot work with that.
Have explicit selection of the "native" cross compilation method with a
new "pmb:cross-native" option. Deprecate the implicit pkgname pattern
matching.
Related: #1910
No build is necessary if pmaport can't be built for given arch.
pmbootstrap must use Alpine's binary package in that case, even if the
pmaport version is higher than Alpine's binary package version.
Fixes: #1897
The --no-depends option is supposed to stop pmbootstrap if it was
instructed to build a package, but a dependency must be built first. So
far, this only covers the case if there is no binary package for a dependency.
Make it stop if the binary package exists, but is outdated, too.
Fixes: #1895
While at it, also remove unnecessary "#!/usr/bin/env python3" in files
that only get imported, and adjust other empty/comment lines in the
beginnings of the files for consistency.
This makes files easier to read, and makes the pmbootstrap codebase more
consistent with the build.postmarketos.org codebase.
At the moment we have a simple subpkgdesc() function that can only
parse "pkgdesc" from subpackages, without support for any variables.
But we have a quite nice variable parser now that can be extended
to work for subpackages.
Simply put this works by:
- Finding the lines that belong to the subpackage function
- Stripping indentation (tab)
- Parsing relevant attributes similar to the apkbuild() function
The "subpackages" in the parsed APKBUILD are replaced by a dict
of subpkgname: {"pkgdesc": "...", "depends": "..."} which are
parsed from the subpackage function (if found).
This makes it possible to get the "depends" of a subpackage.
Install rust (rustc) in native chroot, if it is in the APKBUILD's
build dependencies. Add a test to verify that crossdirect + rust works
as expected.
Closes: #1861
Make /home/pmos/build/.git point to the .git dir from pmaports.git, with
a symlink so abuild does not fail.
abuild expects the current working directory to be a subdirectory of a
cloned git repository (e.g. main/openrc from aports.git). If git is
installed, it will try to get the last git commit from that repository,
and place it in the resulting apk (.PKGINFO) as well as use the date
from that commit as SOURCE_DATE_EPOCH (for reproducible builds).
With that symlink, we actually make it use the last git commit from
pmaports.git for SOURCE_DATE_EPOCH and have that in the resulting apk's
.PKGINFO.
Fixes: #1841
When 'pmbootstrap build' is started with '--no-depends', we make sure
that binary packages of all dependencies exist before proceeding with a
build. Make sure that we have downloaded the APKINDEX for the given arch
first, otherwise this may complain that a binary package is missing
although it does exist.
This happened when using the "native" cross compile method, e.g. when
building kernels for different architectures. It would complain that
there is no binary package for "bash" (which is in Alpine obviously):
https://builds.sr.ht/~postmarketos/job/103882
Currently, building with envkernel.sh entirely ignores the
makedepends listed in the kernel APKBUILD. Common dependencies
needed by most kernels are hardcoded in envkernel.sh.
However, some kernels may need extra dependencies either during
the build process or when the kernel is packaged.
Installing the makedepends when the build environment is initialized
is difficult because "source helpers/envkernel.sh" is not aware
of the exact kernel package that is going to be built later.
However, we can easily modify the packaging step
(i.e. pmbootstrap build --envkernel linux-...)
to install the required makedepends.
This fixes building "linux-postmarketos-qcom-msm8916" using envkernel,
since it requires "dtbTool" and "installkernel" to be installed when
the APKBUILD package() function is executed.
This file is used by the package browser frontend build by the alpine
developers. It uses the contents of the DESCRIPTION file to validate the
cache in the database.
This fixes regression from commits 0431a519 and 4daf9916.
pmbootstrap kconfig_edit raised an error while trying to checksum a package.
Error was:
(028793) [16:13:22] ERROR: 'module' object is not callable
(028793) [16:13:22] See also: <https://postmarketos.org/troubleshooting>
(028793) [16:13:22] Traceback (most recent call last):
File "/home/lexx/dev/pmos/pmbootstrap/pmb/__init__.py", line 63, in main
getattr(frontend, args.action)(args)
File "/home/lexx/dev/pmos/pmbootstrap/pmb/helpers/frontend.py", line 279, in kconfig
pmb.build.menuconfig(args, args.package)
File "/home/lexx/dev/pmos/pmbootstrap/pmb/build/menuconfig.py", line 158, in menuconfig
pmb.build.checksum(args, pkgname)
TypeError: 'module' object is not callable
The function was renamed, call new function.
(Some?) Mediatek kernels don't have the kernel in the top-level
directory but in a subdirectory called 'kernel' next to a folder
'mediatek' containing most device-specific code.
Adjust the menuconfig code to be able to work with that.
Download all sources and verify their checksums.
This will be used in pmaports.git CI, if ci:skip-build is set in the
commit message (currently it just skips the build, and we don't test if
the source checksums are valid or not).
abuild depends on the gcc binary in order to define a default CBUILD value.
When using an alternative gcc version (e.g. envkernel.sh with gcc6), the
gcc binary is not installed by the envkernel.sh script.
This change sets the CBUILD env variable so that abuild doesn't need to
depend on the gcc package.
Packages can add pmb:strict to their options to enable the --strict
mode. This can be used if packages need to get build in a clean chroot
or their make dependencies need to get removed.
Depend on new pmaports version, where crossdirect uses the native ccache
binary instead of going through the foreign arch ccache first and then
going through crossdirect.
Old:
ccache (foreign) -> crossdirect (native) -> gcc (native)
New:
crossdirect (native) -> ccache (native) -> gcc (native)
Set the PATH to the crossdirect binaries, and don't set CCACHE_PATH or
CCACHE_COMPILERCHECK from pmbootstrap anymore. crossdirect sets the
CCACHE_PATH to /native/usr/bin now, along with all other required
environment variables. CCACHE_COMPILERCHECK isn't necessary anymore,
because ccache will call gcc directly and therefore be able to use the
file's timestamp and size directly. Also passing that would not work
with the current crossdirect package.
Launch native cross compilers inside foreign chroot. Enable by default,
but allow disabling with --no-crossdirect for now. This option and the
distcc-sshd related code will be removed in the future.
Aborts the build if any dependencies would have to be build first. This
is useful for build.postmarketos.org, because we want to build exactly
one package in one build job. If dependencies would need to be built, we
made a mistake earlier, and not aborting the build makes it harder to
find that orginal mistake.
When a pmaport can not be built for the desired architecture, fall back
to the binary package (from postmarketOS or Alpine) if it exists. This
allows us to provide an updated version of mesa for arm arches, but
using Alpine's mesa package on x86* arches.
Provides a quick way to incrementally compile a kernel and push it to
device.
Example usage.
Compile the kernel:
$ cd /src/linux/
$ source /src/pmbootstrap/helpers/envkernel.sh
$ make tegra_postmarketos_defconfig
$ make -jX
Package kernel and flash to device:
$ pmbootstrap build --envkernel linux-samsung-p4wifi
$ pmbootstrap flasher flash_kernel
Modify kernel source then incremental compile, package, and flash:
$ make -jX
$ pmbootstrap build --envkernel linux-samsung-p4wifi
$ pmbootstrap flasher flash_kernel
Add a new action that lists all aports, for which no binary packages
exist. Only list packages that can be built for the relevant arch
(specified with --arch). This works recursively: when a package can be
built for a certain arch, but one of its dependencies
(or their depends) can not be built for that arch, then don't list it.
This action will be used for the new sr.ht based build infrastructure,
to figure out which packages need to be built ahead of time (so we can
trigger each of them as single build job). Determining the order of the
packages to be built is not determined with pmbootstrap, the serverside
code of build.postmarketos.org takes care of that.
For testing purposes, a single package can also be specified and the
action will list if it can be built for that arch with its
dependencies, and what needs to be built exactly.
Add pmb/helpers/package.py to hold functions that work on both pmaports
and (binary package) repos - in contrary to the existing
pmb/helpers/pmaports.py (see previous commit) and pmb/helpers/repo.py,
which only work with one of those.
Refactoring:
* pmb/helpers/pmaports.py: add a get_list() function, which lists all
aports and use it instead of writing the same glob loop over and over
* add pmb.helpers.pmaports.get(), which finds an APKBUILD and parses it
in one step.
* rename pmb.build._package.check_arch to ...check_arch_abort to
distinguish it from the other check_arch function
Move find_aport() and find_aport_guess_main() from pmb/build/other.py
to the new file pmb/helpers/pmaports.py.
Finding aports is not only needed when building packages, hence it
makes sense to move it out of pmb.build. The pmb/helpers/pmaports.py
file will have more pmaports related functions in a follow up commit.
Target arch is the system the package will run on. Host arch is the
system the package is compiled on.
For example kernel packages can be compiled on host arch x86_64 and
intended to run on target arch armhf. A build is necessary check
against host arch will always return True. The correct way is to check if
the package needs to be built for target arch.
Do not try to build and install dependencies for the package's
architecture when compiling in the "native" mode. That mode is
described here in detail:
https://wiki.postmarketos.org/wiki/Build_internals#Cross-compile_types
This makes it possible to cross compile kernels again, which need to
be built with GCC6. We have switched to Alpine's GCC6 package, but it is
not available for armhf/aarch64 on edge yet, because Alpine's build bots
are stuck (right now armhf is not even listed):
http://build.alpinelinux.org/
Huge thanks to ryang2478/Decatf for posting this patch in pmaports#138!
Clearly state which version is being used, and also display the message
when using build --force.
- Old:
WARNING: Package 'ubuntu-app-launch' in your aports folder has version
0_git20180604-r0, but the binary package repositories already have version
0_p20181101174257-r0! See also: <https://postmarketos.org/warning-repo2>
- New:
WARNING: package hello-world: aport version 1-r4 is lower than 1-r5 from
the binary repository. 1-r5 will be used when installing hello-world.
See also: <https://postmarketos.org/warning-repo2>
Find the main package by assuming it is a prefix of the subpkgname. We
do that, because in some APKBUILDs the subpkgname="" variable gets
filled with a shell loop and the APKBUILD parser in pmbootstrap can't
parse this right. (Intentionally, we don't want to implement a full
shell parser.)
* aportgen: modify code to allow generating gcc6-armhf and other gcc6
cross compiler packages
* package: when 'gcc6' is in the depends of a package, and the cross
compiling mode is "native" (as we do it with kernels), install the
gcc6 cross compiler instead of the usual one (gcc8)
Related: pmaports#103
Overview:
Since Alpine updated to distcc 3.3 last week, pmbootstrap wasn't able to use
distcc for cross compilation anymore. It always falled back to running the
compiler in QEMU (which works, but is a lot slower). The reason for that is,
that distcc requires all compilers that are being used in a whitelist now.
This partially fixes CVE-2004-2687 in distccd, which allowed trivial remote
code execution by any process connecting to the distccd server. We only run
distccd on localhost, but still this can be used for privilege escalation of
sandboxed processes running on the host system (not part of pmbootstrap
chroots).
Because the CVE is only partially fixed (see the comment in
`pmb/chroot/distccd.py` for details), we make sure that only the building
chroots can talk to the distcc server by running distcc over ssh.
Details:
* Completely refactored `pmb/chroot/distccd.py` to run distcc over ssh
* Store the running distcc server's arguments as JSON now, not as INI
* Make debugging distcc issues easy:
* Set DISTCC_BACKOFF_PERIOD=0, so the distcc client will not ignore the
server after errors happened (this masks the original error!)
* New pmbootstrap parameters:
* `--distcc-nofallback`: avoids falling back to compiling with QEMU and not
throwing an error
* `--ccache-disable`: avoid ccache (when the compiler output is cached,
distcc does not get used)
* `--verbose` prints verbose output of the distcc too
* New test case, that uses the new pmbootstrap parameters to force
compilation through distcc, and shows the output of distcc and distccd in
verbose mode on error (as well as the log of sshd)
Alpine's `abuild` will uninstall all dependencies by default, when a
package build fails.
Leaving this configuration unchanged leads to unexpected behavior with
pmbootstrap: when executing `pmbootstrap build --strict` and pressing
`^C` during the build, pmbootstrap will stop, but an `apk` process
will be started in the background to remove the dependency packages.
Running `pmbootstrap shutdown` at this time will not work, because the
`apk` process is still running.
With this commit, dependencies don't get cleaned up from the chroots.
* Travis and Coveralls badges
* aports: instead of <https://github.com/postmarketOS>, use
<https://postmarketos.org>
* References to full URLs to issues and pull requests replaced with
a hash and the number
* grsec check: simplify error message, remove link to github issue
(nobody is using that anymore anyway)
The linux APKBUILDs write the kernel config either to `$builddir`
(default from the template) or `$srcdir/build` (legacy, and I reverted
to that in #1556, which was not the proper fix for this regression).
With this commit, `pmbootstrap kconfig edit` is able to edit both
versions, and prints a note when the APKBUILD is still using the old
style.