From a89418653de61bac3f6a42d9b60b420342eba97b Mon Sep 17 00:00:00 2001 From: robojerk Date: Tue, 9 Sep 2025 22:22:06 -0700 Subject: [PATCH] Fix CI: Remove non-existent composefs package - Remove composefs from CI dependencies (not available in Debian) - Update package control file to remove composefs dependency - Update Dockerfile to remove composefs - Update CI summary to reflect correct dependencies --- .forgejo/workflows/ci-backup.yml | 566 ++++++++++++++++++++ .forgejo/workflows/ci-working.yml | 853 ++++++++++++++++++++++++++++++ .forgejo/workflows/ci.yml | 7 +- Dockerfile | 52 ++ 4 files changed, 1474 insertions(+), 4 deletions(-) create mode 100644 .forgejo/workflows/ci-backup.yml create mode 100644 .forgejo/workflows/ci-working.yml create mode 100644 Dockerfile diff --git a/.forgejo/workflows/ci-backup.yml b/.forgejo/workflows/ci-backup.yml new file mode 100644 index 0000000..0ddd392 --- /dev/null +++ b/.forgejo/workflows/ci-backup.yml @@ -0,0 +1,566 @@ +--- +name: Comprehensive CI/CD Pipeline + +on: + push: + branches: [main, develop] + pull_request: + branches: [main] + workflow_dispatch: + +env: + CARGO_TERM_COLOR: always + RUST_BACKTRACE: 1 + +jobs: + # Main build and test job + build-and-test: + name: Build and Test + runs-on: ubuntu-latest + container: + image: rust:trixie + + steps: + - name: Test secret priority + run: | + echo "Testing secret priority:" + echo "TEST_SECRET value: ${{ secrets.TEST_SECRET }}" + echo "User level: apple" + echo "Org level: pear" + echo "Repo level: pumpkin" + + echo "" + echo "Available environment variables:" + echo "FORGEJO_RUN_NUMBER: ${FORGEJO_RUN_NUMBER:-'NOT_SET'}" + echo "GITEA_RUN_NUMBER: ${GITEA_RUN_NUMBER:-'NOT_SET'}" + echo "ACTIONS_RUN_NUMBER: ${ACTIONS_RUN_NUMBER:-'NOT_SET'}" + echo "GITHUB_RUN_NUMBER: ${GITEA_RUN_NUMBER:-'NOT_SET'}" + echo "RUNNER_OS: ${RUNNER_OS:-'NOT_SET'}" + echo "GITEA_ACTOR: ${GITEA_ACTOR:-'NOT_SET'}" + + - name: Setup environment + run: | + # Try apt-cacher-ng first, fallback to Debian's automatic mirror selection + echo "Checking for apt-cacher-ng availability..." + + # Quick check with timeout to avoid hanging + if timeout 10 curl -s --connect-timeout 5 http://192.168.1.101:3142/acng-report.html > /dev/null 2>&1; then + echo "โœ… apt-cacher-ng is available, configuring proxy sources..." + echo "deb http://192.168.1.101:3142/ftp.debian.org/debian trixie main contrib non-free" > /etc/apt/sources.list + echo "deb-src http://192.168.1.101:3142/ftp.debian.org/debian trixie main contrib non-free" >> /etc/apt/sources.list + echo "Using apt-cacher-ng proxy for faster builds" + else + echo "โš ๏ธ apt-cacher-ng not available or slow, using Debian's automatic mirror selection..." + echo "deb http://httpredir.debian.org/debian trixie main contrib non-free" > /etc/apt/sources.list + echo "deb-src http://deb.debian.org/debian trixie main contrib non-free" >> /etc/apt/sources.list + echo "Using httpredir.debian.org for automatic mirror selection" + fi + + # APT Performance Optimizations (2-3x faster) + echo 'Acquire::Languages "none";' > /etc/apt/apt.conf.d/99translations + echo 'Acquire::GzipIndexes "true";' >> /etc/apt/apt.conf.d/99translations + echo 'Acquire::CompressionTypes::Order:: "gz";' >> /etc/apt/apt.conf.d/99translations + echo 'Dpkg::Use-Pty "0";' >> /etc/apt/apt.conf.d/99translations + + # Update package lists + apt update -y + + - name: Install dependencies + run: | + apt update -y + apt install -y --no-install-recommends \ + git curl pkg-config build-essential gnupg wget \ + libssl-dev libostree-dev libostree-1-1 ostree \ + podman qemu-utils parted grub-efi-amd64 systemd-boot \ + dracut composefs zstd cpio tar ca-certificates \ + devscripts debhelper dh-cargo libcurl4-gnutls-dev \ + libsystemd-dev libmount-dev libselinux1-dev libsepol-dev \ + libarchive-dev libgpgme-dev libavahi-client-dev \ + libavahi-common-dev libffi-dev libpcre2-dev libxml2-dev \ + zlib1g-dev liblz4-dev liblzma-dev nettle-dev libgmp-dev \ + libicu-dev libpython3-dev python3-dev python3-setuptools \ + python3-wheel python3-pip crossbuild-essential-amd64 \ + crossbuild-essential-arm64 gcc-aarch64-linux-gnu \ + g++-aarch64-linux-gnu gcc-arm-linux-gnueabihf \ + g++-arm-linux-gnueabihf + + - name: Checkout code + run: | + # Clone the repository manually + git clone https://git.raines.xyz/particle-os/apt-ostree-builder.git /tmp/apt-ostree-builder + cp -r /tmp/apt-ostree-builder/* . + cp -r /tmp/apt-ostree-builder/.* . 2>/dev/null || true + + - name: Verify Rust toolchain + run: | + # Rust is already installed in rust:trixie container + echo "Using pre-installed Rust version:" + rustc --version + cargo --version + + # Force clean Rust toolchain to avoid SIGSEGV bugs + echo "๐Ÿ”ง Forcing clean stable Rust toolchain..." + rustup default stable + rustup update stable + rustup toolchain install stable --force + echo "โœ… Now using clean stable Rust:" + rustc --version + cargo --version + + # Clear cargo cache to avoid corruption + echo "๐Ÿงน Clearing cargo cache..." + cargo clean + + - name: Build project + run: | + cargo build --release + + - name: Run tests + run: | + cargo test + + - name: Build Debian package + run: | + echo "Building Debian package..." + + # Get build information for versioning + BUILD_NUMBER="${FORGEJO_RUN_NUMBER:-${GITEA_RUN_NUMBER:-$(date +%Y%m%d%H%M%S)}}" + COMMIT_HASH=$(git rev-parse HEAD 2>/dev/null || echo "unknown") + SHORT_COMMIT=$(echo "$COMMIT_HASH" | cut -c1-10) + + # Extract version from Cargo.toml + extract_version() { + local version="" + if [ -f "Cargo.toml" ]; then + version=$(sed -nE 's/^version[[:space:]]*=[[:space:]]*"([^"]+)"/\1/p' Cargo.toml 2>/dev/null) + [ -n "$version" ] && echo "$version" && return 0 + fi + echo "0.1.0" + } + + PROJECT_VERSION=$(extract_version) + BUILD_VERSION="${PROJECT_VERSION}+build${BUILD_NUMBER}.${SHORT_COMMIT}" + + echo "Build Version: $BUILD_VERSION" + echo "Project Version: $PROJECT_VERSION" + echo "Build Number: $BUILD_NUMBER" + echo "Commit Hash: $SHORT_COMMIT" + + # Create simple Debian package structure + mkdir -p debian/apt-ostree-builder/usr/bin + mkdir -p debian/apt-ostree-builder/DEBIAN + + # Copy binary + cp target/release/apt-ostree-builder debian/apt-ostree-builder/usr/bin/ + chmod +x debian/apt-ostree-builder/usr/bin/apt-ostree-builder + + # Create control file + { + echo "Package: apt-ostree-builder" + echo "Version: $BUILD_VERSION" + echo "Section: admin" + echo "Priority: optional" + echo "Architecture: amd64" + echo "Maintainer: CI Build " + echo "Depends: libc6 (>= 2.39), libgcc-s1 (>= 3.0), libssl3t64 (>= 3.0.0)," + echo " libostree-1-1 (>= 2023.1), ostree (>= 2023.1), podman (>= 4.0)," + echo " qemu-utils (>= 7.0), parted (>= 3.0)," + echo " grub-efi-amd64 (>= 2.0) | systemd-boot (>= 250)," + echo " dracut (>= 055), composefs (>= 0.1)," + echo " zstd (>= 1.0), cpio (>= 2.0), tar (>= 1.0)" + echo "Description: Bootc container image to disk image converter" + echo " Bootc-image-builder converts bootc container images into bootable disk images." + echo " ." + echo " Features:" + echo " - Multi-format support (QCOW2, Raw, VMDK, ISO, AMI)" + echo " - Bootc container image support" + echo " - OSTree repository integration" + echo " - Composefs support" + echo " - Initramfs creation with dracut" + echo " - GRUB and systemd-boot support" + echo " - UEFI and BIOS boot modes" + echo " - Secure boot support" + echo " - Cloud integration (AWS, Azure, GCP)" + } > debian/apt-ostree-builder/DEBIAN/control + + # Build package + dpkg-deb --build debian/apt-ostree-builder "apt-ostree-builder_${BUILD_VERSION}_amd64.deb" + + echo "โœ… Debian package created: apt-ostree-builder_${BUILD_VERSION}_amd64.deb" + ls -la *.deb + + - name: Test built package + run: | + echo "Testing built package..." + + DEB_PACKAGE=$(ls *.deb 2>/dev/null | head -1) + + if [ -n "$DEB_PACKAGE" ]; then + echo "โœ… Found package: $DEB_PACKAGE" + + # Test package installation + echo "Testing package installation..." + dpkg -i "$DEB_PACKAGE" || echo "Installation test failed (this is normal for CI)" + + # Check if binary is accessible + if which apt-ostree-builder >/dev/null 2>&1; then + echo "โœ… apt-ostree-builder installed successfully" + apt-ostree-builder --version || echo "Version check failed" + else + echo "โŒ apt-ostree-builder not found in PATH" + echo "Checking installation location:" + find /usr -name "apt-ostree-builder" 2>/dev/null || echo "Not found in /usr" + fi + else + echo "โŒ No main package found to test" + fi + + - name: Create build summary + run: | + echo "Creating build summary..." + + # Create a summary markdown file + echo '# Bootc-Image-Builder CI Summary' > CI_SUMMARY.md + echo '' >> CI_SUMMARY.md + echo '## Build Information' >> CI_SUMMARY.md + echo '- **Build Date**: '"$(date '+%Y-%m-%d %H:%M:%S UTC')" >> CI_SUMMARY.md + echo '- **Build ID**: '"$(date +%s)" >> CI_SUMMARY.md + echo '- **Commit**: '"$(git rev-parse --short HEAD 2>/dev/null || echo "Unknown")" >> CI_SUMMARY.md + echo '- **Branch**: '"$(git branch --show-current 2>/dev/null || echo "Unknown")" >> CI_SUMMARY.md + echo '' >> CI_SUMMARY.md + echo '## Build Status' >> CI_SUMMARY.md + echo '- **Status**: โœ… SUCCESS' >> CI_SUMMARY.md + echo '- **Container**: rust:trixie' >> CI_SUMMARY.md + echo '- **Rust Version**: '"$(rustc --version)" >> CI_SUMMARY.md + echo '- **Cargo Version**: '"$(cargo --version)" >> CI_SUMMARY.md + echo '' >> CI_SUMMARY.md + echo '## Built Packages' >> CI_SUMMARY.md + echo '' >> CI_SUMMARY.md + + # Add package information + if ls *.deb >/dev/null 2>&1; then + echo '### Debian Packages' >> CI_SUMMARY.md + for pkg in *.deb; do + PKG_NAME=$(dpkg-deb -f "$pkg" Package 2>/dev/null || echo "Unknown") + PKG_VERSION=$(dpkg-deb -f "$pkg" Version 2>/dev/null || echo "Unknown") + PKG_ARCH=$(dpkg-deb -f "$pkg" Architecture 2>/dev/null || echo "Unknown") + PKG_SIZE=$(du -h "$pkg" | cut -f1) + echo "- **$PKG_NAME** ($PKG_VERSION) [$PKG_ARCH] - $PKG_SIZE" >> CI_SUMMARY.md + done + fi + + # Add dependency information + echo '' >> CI_SUMMARY.md + echo '### Dependencies' >> CI_SUMMARY.md + echo '- libostree-dev โœ…' >> CI_SUMMARY.md + echo '- libssl-dev โœ…' >> CI_SUMMARY.md + echo '- podman โœ…' >> CI_SUMMARY.md + echo '- qemu-utils โœ…' >> CI_SUMMARY.md + echo '- dracut โœ…' >> CI_SUMMARY.md + echo '- composefs โœ…' >> CI_SUMMARY.md + echo '- All build dependencies satisfied โœ…' >> CI_SUMMARY.md + + echo "CI summary created: CI_SUMMARY.md" + echo "โœ… All CI jobs completed successfully! ๐ŸŽ‰" + + - name: Prepare artifacts for upload + run: | + echo "Preparing artifacts for upload..." + + # Create artifacts directory + mkdir -p artifacts + + # Copy all built packages + if ls *.deb >/dev/null 2>&1; then + echo "๐Ÿ“ฆ Copying Debian packages to artifacts directory..." + cp *.deb artifacts/ + echo "โœ… Packages copied:" + ls -la artifacts/*.deb + + # Show package details + echo "" + echo "๐Ÿ“‹ Package Details:" + for pkg in artifacts/*.deb; do + PKG_NAME=$(dpkg-deb -f "$pkg" Package 2>/dev/null || echo "Unknown") + PKG_VERSION=$(dpkg-deb -f "$pkg" Version 2>/dev/null || echo "Unknown") + PKG_ARCH=$(dpkg-deb -f "$pkg" Architecture 2>/dev/null || echo "Unknown") + PKG_SIZE=$(du -h "$pkg" | cut -f1) + echo " ๐ŸŽฏ $PKG_NAME ($PKG_VERSION) [$PKG_ARCH] - $PKG_SIZE" + done + else + echo "โŒ CRITICAL: No .deb packages found!" + exit 1 + fi + + # Copy build summary + if [ -f "CI_SUMMARY.md" ]; then + cp CI_SUMMARY.md artifacts/ + echo "Build summary copied to artifacts" + fi + + # Copy Rust build artifacts + if [ -d "target/release" ]; then + mkdir -p artifacts/rust-build + cp target/release/apt-ostree-builder artifacts/rust-build/ 2>/dev/null || echo "Binary copy failed" + fi + + echo "Artifacts prepared successfully!" + echo "Contents of artifacts directory:" + ls -la artifacts/ + + - name: Publish to Forgejo Debian Registry + run: | + echo "Publishing .deb packages to Forgejo Debian Registry..." + + # .deb files are MANDATORY - fail if none exist + if ! ls *.deb >/dev/null 2>&1; then + echo "โŒ CRITICAL: No .deb files found!" + exit 1 + fi + + # Get build info for registry + BUILD_NUMBER="${FORGEJO_RUN_NUMBER:-${GITEA_RUN_NUMBER:-$(date +%Y%m%d%H%M%S)}}" + COMMIT_HASH=$(git rev-parse HEAD 2>/dev/null || echo "unknown") + + echo "Publishing packages for build $BUILD_NUMBER (commit $COMMIT_HASH)" + + # Forgejo Debian Registry configuration + FORGEJO_OWNER="particle-os" + FORGEJO_DISTRIBUTION="trixie" + FORGEJO_COMPONENT="main" + + # Publish each .deb file + for deb_file in *.deb; do + echo "๐Ÿ“ฆ Publishing $deb_file..." + + # Extract package info + PKG_NAME=$(dpkg-deb -f "$deb_file" Package 2>/dev/null || echo "apt-ostree-builder") + PKG_VERSION=$(dpkg-deb -f "$deb_file" Version 2>/dev/null || echo "unknown") + PKG_ARCH=$(dpkg-deb -f "$deb_file" Architecture 2>/dev/null || echo "amd64") + + echo " Package: $PKG_NAME" + echo " Version: $PKG_VERSION" + echo " Architecture: $PKG_ARCH" + + # Forgejo Debian Registry upload URL + UPLOAD_URL="https://git.raines.xyz/api/packages/${FORGEJO_OWNER}/debian/pool/${FORGEJO_DISTRIBUTION}/${FORGEJO_COMPONENT}/upload" + + echo " Upload URL: $UPLOAD_URL" + + # Upload to Forgejo Debian Registry + if [ -n "${{ secrets.ACCESS_TOKEN }}" ]; then + echo " ๐Ÿ” Using authentication token..." + UPLOAD_RESULT=$(curl -s -w "%{http_code}" \ + --user "${FORGEJO_OWNER}:${{ secrets.ACCESS_TOKEN }}" \ + --upload-file "$deb_file" \ + "$UPLOAD_URL" 2>/dev/null) + + # Extract HTTP status code (last 3 characters) + HTTP_CODE=$(echo "$UPLOAD_RESULT" | tail -c 4) + # Extract response body (everything except last 3 characters) + RESPONSE_BODY=$(echo "$UPLOAD_RESULT" | head -c -4) + + case $HTTP_CODE in + 201) + echo " โœ… Successfully published to Forgejo Debian Registry!" + echo " ๐Ÿ“ฅ Install with: apt install $PKG_NAME" + ;; + 409) + echo " โš ๏ธ Package already exists (version conflict)" + echo " ๐Ÿ’ก Consider deleting old version first" + ;; + 400) + echo " โŒ Bad request - package validation failed" + ;; + *) + echo " โŒ Upload failed with HTTP $HTTP_CODE" + echo " Response: $RESPONSE_BODY" + ;; + esac + else + echo " โš ๏ธ No ACCESS_TOKEN secret available - skipping upload" + echo " ๐Ÿ’ก Set ACCESS_TOKEN secret in repository settings to enable automatic publishing" + fi + + echo "" + done + + echo "๐ŸŽฏ Debian package publishing complete!" + echo "๐Ÿ“ฆ Packages are now available in Forgejo Debian Registry" + echo "๐Ÿ”ง To install: apt install apt-ostree-builder" + + # Security check + security: + name: Security Audit + runs-on: ubuntu-latest + container: + image: rust:trixie + + steps: + - name: Setup environment + run: | + # Try apt-cacher-ng first, fallback to Debian's automatic mirror selection + echo "Checking for apt-cacher-ng availability..." + + # Quick check with timeout to avoid hanging + if timeout 10 curl -s --connect-timeout 5 http://192.168.1.101:3142/acng-report.html > /dev/null 2>&1; then + echo "โœ… apt-cacher-ng is available, configuring proxy sources..." + echo "deb http://192.168.1.101:3142/ftp.debian.org/debian trixie main contrib non-free" > /etc/apt/sources.list + echo "deb-src http://192.168.1.101:3142/ftp.debian.org/debian trixie main contrib non-free" >> /etc/apt/sources.list + echo "Using apt-cacher-ng proxy for faster builds" + else + echo "โš ๏ธ apt-cacher-ng not available or slow, using Debian's automatic mirror selection..." + echo "deb http://httpredir.debian.org/debian trixie main contrib non-free" > /etc/apt/sources.list + echo "deb-src http://deb.debian.org/debian trixie main contrib non-free" >> /etc/apt/sources.list + echo "Using httpredir.debian.org for automatic mirror selection" + fi + + apt update -y + + - name: Install security tools + run: | + apt install -y --no-install-recommends git cargo-audit + + - name: Checkout code + run: | + git clone https://git.raines.xyz/particle-os/apt-ostree-builder.git /tmp/apt-ostree-builder + cp -r /tmp/apt-ostree-builder/* . + cp -r /tmp/apt-ostree-builder/.* . 2>/dev/null || true + + - name: Run security audit + run: | + cargo audit || echo "Security audit completed (warnings are normal)" + + - name: Create security summary + run: | + echo "Security audit completed!" + echo "โœ… Security check completed! ๐Ÿ›ก๏ธ" + + # Package validation + package: + name: Package Validation + runs-on: ubuntu-latest + container: + image: rust:trixie + + steps: + - name: Setup environment + run: | + # Try apt-cacher-ng first, fallback to Debian's automatic mirror selection + echo "Checking for apt-cacher-ng availability..." + + # Quick check with timeout to avoid hanging + if timeout 10 curl -s --connect-timeout 5 http://192.168.1.101:3142/acng-report.html > /dev/null 2>&1; then + echo "โœ… apt-cacher-ng is available, configuring proxy sources..." + echo "deb http://192.168.1.101:3142/ftp.debian.org/debian trixie main contrib non-free" > /etc/apt/sources.list + echo "deb-src http://192.168.1.101:3142/ftp.debian.org/debian trixie main contrib non-free" >> /etc/apt/sources.list + echo "Using apt-cacher-ng proxy for faster builds" + else + echo "โš ๏ธ apt-cacher-ng not available or slow, using Debian's automatic mirror selection..." + echo "deb http://httpredir.debian.org/debian trixie main contrib non-free" > /etc/apt/sources.list + echo "deb-src http://deb.debian.org/debian trixie main contrib non-free" >> /etc/apt/sources.list + echo "Using httpredir.debian.org for automatic mirror selection" + fi + + apt update -y + + - name: Install package tools + run: | + apt install -y --no-install-recommends \ + git devscripts debhelper dh-cargo lintian + + - name: Checkout code + run: | + git clone https://git.raines.xyz/particle-os/apt-ostree-builder.git /tmp/apt-ostree-builder + cp -r /tmp/apt-ostree-builder/* . + cp -r /tmp/apt-ostree-builder/.* . 2>/dev/null || true + + - name: Validate package structure + run: | + echo "Validating package structure..." + + # Check for required files + [ -f "Cargo.toml" ] && echo "โœ… Cargo.toml found" || echo "โŒ Cargo.toml missing" + [ -d "src" ] && echo "โœ… src/ directory found" || echo "โŒ src/ directory missing" + + echo "Package validation completed!" + + - name: Run lintian quality checks + run: | + echo "Running lintian quality checks..." + + if command -v lintian >/dev/null 2>&1; then + echo "โœ… Lintian found, running quality checks..." + echo "Lintian quality checks completed!" + else + echo "โš ๏ธ Lintian not available, skipping quality checks" + fi + + - name: Create package summary + run: | + echo "Package validation completed!" + echo "โœ… Package check completed! ๐Ÿ“ฆ" + + # Final status report + status: + name: Status Report + runs-on: ubuntu-latest + container: + image: rust:trixie + needs: [build-and-test, security, package] + + steps: + - name: Setup environment + run: | + # Try apt-cacher-ng first, fallback to Debian's automatic mirror selection + echo "Checking for apt-cacher-ng availability..." + + # Quick check with timeout to avoid hanging + if timeout 10 curl -s --connect-timeout 5 http://192.168.1.101:3142/acng-report.html > /dev/null 2>&1; then + echo "โœ… apt-cacher-ng is available, configuring proxy sources..." + echo "deb http://192.168.1.101:3142/ftp.debian.org/debian trixie main contrib non-free" > /etc/apt/sources.list + echo "deb-src http://192.168.1.101:3142/ftp.debian.org/debian trixie main contrib non-free" >> /etc/apt/sources.list + echo "Using apt-cacher-ng proxy for faster builds" + else + echo "โš ๏ธ apt-cacher-ng not available or slow, using Debian's automatic mirror selection..." + echo "deb http://httpredir.debian.org/debian trixie main contrib non-free" > /etc/apt/sources.list + echo "deb-src http://deb.debian.org/debian trixie main contrib non-free" >> /etc/apt/sources.list + echo "Using httpredir.debian.org for automatic mirror selection" + fi + + apt update -y + apt install -y --no-install-recommends git + + - name: Checkout code + run: | + git clone https://git.raines.xyz/particle-os/apt-ostree-builder.git /tmp/apt-ostree-builder + cp -r /tmp/apt-ostree-builder/* . + cp -r /tmp/apt-ostree-builder/.* . 2>/dev/null || true + + - name: Create status report + run: | + echo "# CI Status Report" > STATUS_REPORT.md + echo "" >> STATUS_REPORT.md + echo "## Summary" >> STATUS_REPORT.md + echo "- **Build and Test**: โœ… Completed" >> STATUS_REPORT.md + echo "- **Security Audit**: โœ… Completed" >> STATUS_REPORT.md + echo "- **Package Validation**: โœ… Completed" >> STATUS_REPORT.md + echo "- **Enhanced Packaging**: โœ… Professional Debian packaging" >> STATUS_REPORT.md + echo "- **Quality Checks**: โœ… Lintian validation completed" >> STATUS_REPORT.md + echo "" >> STATUS_REPORT.md + echo "## Details" >> STATUS_REPORT.md + echo "- **Commit**: $(git rev-parse --short HEAD 2>/dev/null || echo 'Unknown')" >> STATUS_REPORT.md + echo "- **Branch**: $(git branch --show-current 2>/dev/null || echo 'Unknown')" >> STATUS_REPORT.md + echo "- **Date**: $(date '+%Y-%m-%d %H:%M:%S UTC')" >> STATUS_REPORT.md + echo "- **Container**: rust:trixie" >> STATUS_REPORT.md + echo "" >> STATUS_REPORT.md + echo "All CI jobs completed successfully! ๐ŸŽ‰" + echo "" >> STATUS_REPORT.md + echo "## Enhanced Packaging Features" >> STATUS_REPORT.md + echo "- **Professional Structure**: Complete Debian package with all dependencies" >> STATUS_REPORT.md + echo "- **Quality Assurance**: Lintian compliance and best practices" >> STATUS_REPORT.md + echo "- **Cross-Compilation**: Support for multiple architectures" >> STATUS_REPORT.md + echo "- **Build Scripts**: Automated package building and testing" >> STATUS_REPORT.md + + echo "Status report created: STATUS_REPORT.md" + echo "โœ… All CI jobs completed successfully!" diff --git a/.forgejo/workflows/ci-working.yml b/.forgejo/workflows/ci-working.yml new file mode 100644 index 0000000..95f471c --- /dev/null +++ b/.forgejo/workflows/ci-working.yml @@ -0,0 +1,853 @@ +--- +name: Comprehensive CI/CD Pipeline + +on: + push: + branches: [main, develop] + pull_request: + branches: [main] + workflow_dispatch: + +env: + CARGO_TERM_COLOR: always + RUST_BACKTRACE: 1 + +jobs: + # Main build and test job + build-and-test: + name: Build and Test + runs-on: ubuntu-latest + container: + image: rust:trixie + + steps: + - name: Test secret priority + run: | + echo "Testing secret priority:" + echo "TEST_SECRET value: ${{ secrets.TEST_SECRET }}" + echo "User level: apple" + echo "Org level: pear" + echo "Repo level: pumpkin" + + echo "" + echo "Available environment variables:" + echo "FORGEJO_RUN_NUMBER: ${FORGEJO_RUN_NUMBER:-'NOT_SET'}" + echo "GITEA_RUN_NUMBER: ${GITEA_RUN_NUMBER:-'NOT_SET'}" + echo "ACTIONS_RUN_NUMBER: ${ACTIONS_RUN_NUMBER:-'NOT_SET'}" + echo "GITHUB_RUN_NUMBER: ${GITHUB_RUN_NUMBER:-'NOT_SET'}" + echo "RUNNER_OS: ${RUNNER_OS:-'NOT_SET'}" + echo "GITEA_ACTOR: ${GITEA_ACTOR:-'NOT_SET'}" + + - name: Setup environment + run: | + # Try apt-cacher-ng first, fallback to Debian's automatic mirror selection + echo "Checking for apt-cacher-ng availability..." + + # Quick check with timeout to avoid hanging + if timeout 10 curl -s --connect-timeout 5 http://192.168.1.101:3142/acng-report.html > /dev/null 2>&1; then + echo "โœ… apt-cacher-ng is available, configuring proxy sources..." + echo "deb http://192.168.1.101:3142/ftp.debian.org/debian trixie main contrib non-free" > /etc/apt/sources.list + echo "deb-src http://192.168.1.101:3142/ftp.debian.org/debian trixie main contrib non-free" >> /etc/apt/sources.list + echo "Using apt-cacher-ng proxy for faster builds" + else + echo "โš ๏ธ apt-cacher-ng not available or slow, using Debian's automatic mirror selection..." + echo "deb http://httpredir.debian.org/debian trixie main contrib non-free" > /etc/apt/sources.list + echo "deb-src http://deb.debian.org/debian trixie main contrib non-free" >> /etc/apt/sources.list + echo "Using httpredir.debian.org for automatic mirror selection" + fi + + # APT Performance Optimizations (2-3x faster) + echo 'Acquire::Languages "none";' > /etc/apt/apt.conf.d/99translations + echo 'Acquire::GzipIndexes "true";' >> /etc/apt/apt.conf.d/99translations + echo 'Acquire::CompressionTypes::Order:: "gz";' >> /etc/apt/apt.conf.d/99translations + echo 'Dpkg::Use-Pty "0";' >> /etc/apt/apt.conf.d/99translations + + # Update package lists + apt update -y + + - name: Install dependencies + run: | + apt update -y + apt install -y --no-install-recommends \ + git curl pkg-config build-essential gnupg wget \ + libapt-pkg-dev libapt-pkg7.0 libostree-dev \ + libssl-dev libdbus-1-dev libglib2.0-dev \ + libpolkit-gobject-1-dev libzstd-dev devscripts debhelper dh-cargo \ + libcurl4-gnutls-dev libsystemd-dev libmount-dev \ + libselinux1-dev libsepol-dev libarchive-dev \ + libgpgme-dev libavahi-client-dev libavahi-common-dev \ + libffi-dev libpcre2-dev libxml2-dev zlib1g-dev \ + liblz4-dev liblzma-dev nettle-dev libgmp-dev \ + libicu-dev libpython3-dev python3-dev \ + python3-setuptools python3-wheel python3-pip \ + crossbuild-essential-amd64 crossbuild-essential-arm64 \ + gcc-aarch64-linux-gnu g++-aarch64-linux-gnu \ + gcc-arm-linux-gnueabihf g++-arm-linux-gnueabihf + + - name: Checkout code + run: | + # Clone the repository manually + git clone https://git.raines.xyz/robojerk/apt-ostree-builder.git /tmp/apt-ostree-builder + cp -r /tmp/apt-ostree-builder/* . + cp -r /tmp/apt-ostree-builder/.* . 2>/dev/null || true + + - name: Verify Rust toolchain + run: | + # Rust is already installed in rust:trixie container + echo "Using pre-installed Rust version:" + rustc --version + cargo --version + + # Force clean Rust toolchain to avoid SIGSEGV bugs + echo "๐Ÿ”ง Forcing clean stable Rust toolchain..." + rustup default stable + rustup update stable + rustup toolchain install stable --force + echo "โœ… Now using clean stable Rust:" + rustc --version + cargo --version + + # Clear cargo cache to avoid corruption + echo "๐Ÿงน Clearing cargo cache..." + cargo clean + + - name: Build project + run: | + cargo build --release + + - name: Run tests + run: | + cargo test + + - name: Build Debian package + run: | + echo "Building Debian package..." + + # Get build information for versioning + # Forgejo Actions uses FORGEJO_RUN_NUMBER, fallback to GITEA_RUN_NUMBER, then timestamp + BUILD_NUMBER="${FORGEJO_RUN_NUMBER:-${GITEA_RUN_NUMBER:-$(date +%Y%m%d%H%M%S)}}" + COMMIT_HASH=$(git rev-parse HEAD 2>/dev/null || echo "unknown") + + # Truncate commit hash to first 10 characters for better readability + SHORT_COMMIT=$(echo "$COMMIT_HASH" | cut -c1-10) + + # Dynamically get the project version with portable regex alternatives + extract_version() { + local version="" + + # Try debian/changelog first (most authoritative) + if [ -f "debian/changelog" ]; then + # Portable alternative to grep -oP: use sed with capture groups + version=$(sed -nE 's/.*\(([^)]+)\).*/\1/p' debian/changelog | head -n1) + [ -n "$version" ] && echo "$version" && return 0 + fi + + # Try debian/control + if [ -f "debian/control" ]; then + # Portable alternative: use awk for field extraction + version=$(awk '/^Version:/ {print $2; exit}' debian/control 2>/dev/null) + [ -n "$version" ] && echo "$version" && return 0 + fi + + # Try Cargo.toml + if [ -f "Cargo.toml" ]; then + # Portable alternative: use sed with simple pattern matching + version=$(sed -nE 's/^version[[:space:]]*=[[:space:]]*"([^"]+)"/\1/p' Cargo.toml 2>/dev/null) + [ -n "$version" ] && echo "$version" && return 0 + fi + + # Ultimate fallback + echo "0.1.0" + } + + PROJECT_VERSION=$(extract_version) + + # Validate version format (portable regex) + if ! echo "$PROJECT_VERSION" | grep -E '^[0-9]+\.[0-9]+\.[0-9]+(-[0-9]+)?$' >/dev/null; then + echo "Warning: Invalid version format '$PROJECT_VERSION', using fallback" + PROJECT_VERSION="0.1.0" + fi + + # Construct the full build version string + BUILD_VERSION="${PROJECT_VERSION}+build${BUILD_NUMBER}.${SHORT_COMMIT}" + + echo "Build Version: $BUILD_VERSION" + echo "Project Version: $PROJECT_VERSION" + echo "Build Number: $BUILD_NUMBER" + echo "Commit Hash: $SHORT_COMMIT" + + # Debug information about build number source + if [ -n "$FORGEJO_RUN_NUMBER" ]; then + echo "โœ… Using Forgejo CI build number: $FORGEJO_RUN_NUMBER" + elif [ -n "$GITEA_RUN_NUMBER" ]; then + echo "โœ… Using Gitea CI build number: $GITEA_RUN_NUMBER" + else + echo "โš ๏ธ No CI build number available, using timestamp fallback: $(date +%Y%m%d%H%M%S)" + fi + + # Check if we have the necessary files + if [ -f "Cargo.toml" ] && [ -d "debian" ]; then + echo "โœ… Found Cargo.toml and debian directory" + + # Ensure Debian scripts are executable + echo "Setting executable permissions on Debian scripts..." + chmod +x debian/*.postinst debian/*.prerm debian/*.postrm 2>/dev/null || true + chmod +x debian/build.sh 2>/dev/null || true + + # Build Debian package using enhanced packaging + if [ -f "debian/rules" ]; then + echo "โœ… Using enhanced debian/rules for build" + + # Update debian/changelog with build version + echo "apt-ostree-builder ($BUILD_VERSION) unstable; urgency=medium" > debian/changelog + echo "" >> debian/changelog + echo " * CI Build #$BUILD_NUMBER from commit $COMMIT_HASH" >> debian/changelog + echo " * Automated build with enhanced Debian packaging" >> debian/changelog + echo "" >> debian/changelog + echo " -- CI Bot $(date -R)" >> debian/changelog + + # Set environment variables for enhanced build + export DH_VERBOSE=1 + export DEB_BUILD_OPTIONS="parallel=$(nproc)" + + # Build Debian package with enhanced rules + dpkg-buildpackage -b -us -uc + else + # Fallback: create a simple package (should not happen with enhanced packaging) + echo "โš ๏ธ No debian/rules found, creating simple package..." + mkdir -p debian/apt-ostree-builder/usr/bin + cp target/release/apt-ostree-builder debian/apt-ostree-builder/usr/bin/ + chmod +x debian/apt-ostree-builder/usr/bin/apt-ostree-builder + + # Create control file with build version + mkdir -p debian/apt-ostree-builder/DEBIAN + echo "Package: apt-ostree-builder" > debian/apt-ostree-builder/DEBIAN/control + echo "Version: $BUILD_VERSION" >> debian/apt-ostree-builder/DEBIAN/control + echo "Architecture: amd64" >> debian/apt-ostree-builder/DEBIAN/control + echo "Maintainer: Robojerk " >> debian/apt-ostree-builder/DEBIAN/control + echo "Description: APT-OSTree package for Debian-based OSTree systems" >> debian/apt-ostree-builder/DEBIAN/control + echo " A tool for managing OSTree deployments with APT package management." >> debian/apt-ostree-builder/DEBIAN/control + echo " Provides atomic updates and rollback capabilities for Debian systems." >> debian/apt-ostree-builder/DEBIAN/control + + # Build package with build version + dpkg-deb --build debian/apt-ostree-builder "apt-ostree-builder_${BUILD_VERSION}_amd64.deb" + fi + + # Check if package was created (dpkg-buildpackage puts them in parent directory) + if ls ../*.deb >/dev/null 2>&1; then + echo "โœ… Debian package created successfully" + ls -la ../*.deb + + # Rename packages with build version to ensure uniqueness + echo "Renaming packages with build version..." + for pkg in ../*.deb; do + pkg_name=$(basename "$pkg") + + # Extract current version and replace with build version using sed + if echo "$pkg_name" | grep -q "^apt-ostree-builder_.*_.*\.deb$"; then + # Extract architecture (last part before .deb) + arch=$(echo "$pkg_name" | sed 's/.*_\([^.]*\)\.deb$/\1/') + new_name="apt-ostree-builder_${BUILD_VERSION}_${arch}.deb" + echo "Renaming: $pkg_name -> $new_name" + cp "$pkg" "$new_name" + else + # Fallback: just copy with original name + cp "$pkg" . + fi + done + + echo "โœ… Packages renamed and copied to current directory" + ls -la *.deb + else + echo "โŒ No Debian package found" + exit 1 + fi + else + echo "โŒ Missing required files:" + [ -f "Cargo.toml" ] || echo " - Cargo.toml" + [ -d "debian" ] || echo " - debian/ directory" + exit 1 + fi + + - name: Test built package + run: | + echo "Testing built package..." + + # Find the package (check both current and parent directory) + DEB_PACKAGE=$(ls *.deb 2>/dev/null | head -1) + if [ -z "$DEB_PACKAGE" ]; then + DEB_PACKAGE=$(ls ../*.deb 2>/dev/null | head -1) + if [ -n "$DEB_PACKAGE" ]; then + echo "Found package in parent directory, copying to current directory..." + cp ../*.deb . + DEB_PACKAGE=$(ls *.deb 2>/dev/null | head -1) + fi + fi + + if [ -n "$DEB_PACKAGE" ]; then + echo "โœ… Found package: $DEB_PACKAGE" + + # Test package installation + echo "Testing package installation..." + dpkg -i "$DEB_PACKAGE" || echo "Installation test failed (this is normal for CI)" + + # Check if binary is accessible + if which apt-ostree-builder >/dev/null 2>&1; then + echo "โœ… apt-ostree-builder installed successfully" + apt-ostree-builder --version || echo "Version check failed" + else + echo "โŒ apt-ostree-builder not found in PATH" + echo "Checking installation location:" + find /usr -name "apt-ostree-builder" 2>/dev/null || echo "Not found in /usr" + fi + else + echo "โŒ No main package found to test" + fi + + - name: Create build summary + run: | + echo "Creating build summary..." + + # Create a summary markdown file + echo '# APT-OSTree CI Summary' > CI_SUMMARY.md + echo '' >> CI_SUMMARY.md + echo '## Build Information' >> CI_SUMMARY.md + echo '- **Build Date**: '"$(date '+%Y-%m-%d %H:%M:%S UTC')" >> CI_SUMMARY.md + echo '- **Build ID**: '"$(date +%s)" >> CI_SUMMARY.md + echo '- **Commit**: '"$(git rev-parse --short HEAD 2>/dev/null || echo "Unknown")" >> CI_SUMMARY.md + echo '- **Branch**: '"$(git branch --show-current 2>/dev/null || echo "Unknown")" >> CI_SUMMARY.md + echo '' >> CI_SUMMARY.md + echo '## Build Status' >> CI_SUMMARY.md + echo '- **Status**: โœ… SUCCESS' >> CI_SUMMARY.md + echo '- **Container**: rust:trixie' >> CI_SUMMARY.md + echo '- **Rust Version**: '"$(rustc --version)" >> CI_SUMMARY.md + echo '- **Cargo Version**: '"$(cargo --version)" >> CI_SUMMARY.md + echo '' >> CI_SUMMARY.md + echo '## Built Packages' >> CI_SUMMARY.md + echo '' >> CI_SUMMARY.md + + # Add package information + if ls *.deb >/dev/null 2>&1; then + echo '### Debian Packages' >> CI_SUMMARY.md + for pkg in *.deb; do + PKG_NAME=$(dpkg-deb -f "$pkg" Package 2>/dev/null || echo "Unknown") + PKG_VERSION=$(dpkg-deb -f "$pkg" Version 2>/dev/null || echo "Unknown") + PKG_ARCH=$(dpkg-deb -f "$pkg" Architecture 2>/dev/null || echo "Unknown") + PKG_SIZE=$(du -h "$pkg" | cut -f1) + echo "- **$PKG_NAME** ($PKG_VERSION) [$PKG_ARCH] - $PKG_SIZE" >> CI_SUMMARY.md + done + fi + + # Add dependency information + echo '' >> CI_SUMMARY.md + echo '### Dependencies' >> CI_SUMMARY.md + echo '- libapt-pkg-dev โœ…' >> CI_SUMMARY.md + echo '- libssl-dev โœ…' >> CI_SUMMARY.md + echo '- libdbus-1-dev โœ…' >> CI_SUMMARY.md + echo '- libglib2.0-dev โœ…' >> CI_SUMMARY.md + echo '- All build dependencies satisfied โœ…' >> CI_SUMMARY.md + + echo "CI summary created: CI_SUMMARY.md" + echo "โœ… All CI jobs completed successfully! ๐ŸŽ‰" + + - name: Prepare artifacts for upload + run: | + echo "Preparing artifacts for upload..." + + # Create artifacts directory + mkdir -p artifacts + + # Copy all built packages (focus on .deb files) + if ls *.deb >/dev/null 2>&1; then + echo "๐Ÿ“ฆ Copying Debian packages to artifacts directory..." + cp *.deb artifacts/ + echo "โœ… Packages copied:" + ls -la artifacts/*.deb + + # Show package details + echo "" + echo "๐Ÿ“‹ Package Details:" + for pkg in artifacts/*.deb; do + PKG_NAME=$(dpkg-deb -f "$pkg" Package 2>/dev/null || echo "Unknown") + PKG_VERSION=$(dpkg-deb -f "$pkg" Version 2>/dev/null || echo "Unknown") + PKG_ARCH=$(dpkg-deb -f "$pkg" Architecture 2>/dev/null || echo "Unknown") + PKG_SIZE=$(du -h "$pkg" | cut -f1) + echo " ๐ŸŽฏ $PKG_NAME ($PKG_VERSION) [$PKG_ARCH] - $PKG_SIZE" + done + else + echo "โš ๏ธ No .deb packages found in current directory" + echo "๐Ÿ” Searching for .deb files in parent directories..." + + # Look for .deb files in parent directories (where dpkg-buildpackage puts them) + if ls ../*.deb >/dev/null 2>&1; then + echo "โœ… Found .deb files in parent directory, copying them..." + cp ../*.deb artifacts/ + echo "๐Ÿ“ฆ Packages copied:" + ls -la artifacts/*.deb + + # Show package details + echo "" + echo "๐Ÿ“‹ Package Details:" + for pkg in artifacts/*.deb; do + PKG_NAME=$(dpkg-deb -f "$pkg" Package 2>/dev/null || echo "Unknown") + PKG_VERSION=$(dpkg-deb -f "$pkg" Version 2>/dev/null || echo "Unknown") + PKG_ARCH=$(dpkg-deb -f "$pkg" Architecture 2>/dev/null || echo "Unknown") + PKG_SIZE=$(du -h "$pkg" | cut -f1) + echo " ๐ŸŽฏ $PKG_NAME ($PKG_VERSION) [$PKG_ARCH] - $PKG_SIZE" + done + else + echo "โŒ CRITICAL: No .deb packages found anywhere!" + echo "๐Ÿšจ .deb packages are REQUIRED - build must fail" + exit 1 # Fail the workflow - .deb files are mandatory + fi + fi + + # Copy build summary + if [ -f "CI_SUMMARY.md" ]; then + cp CI_SUMMARY.md artifacts/ + echo "Build summary copied to artifacts" + fi + + # Copy Rust build artifacts (optional) + if [ -d "target/release" ]; then + mkdir -p artifacts/rust-build + cp target/release/apt-ostree-builder artifacts/rust-build/ 2>/dev/null || echo "Binary copy failed (normal for CI)" + fi + + # Create artifacts manifest + echo "# APT-OSTree Build Artifacts" > artifacts/ARTIFACTS.md + echo "" >> artifacts/ARTIFACTS.md + echo "## Build Information" >> artifacts/ARTIFACTS.md + echo "- **Build Date**: $(date '+%Y-%m-%d %H:%M:%S UTC')" >> artifacts/ARTIFACTS.md + echo "- **Commit**: $(git rev-parse --short HEAD 2>/dev/null || echo 'Unknown')" >> artifacts/ARTIFACTS.md + echo "- **Branch**: $(git branch --show-current 2>/dev/null || echo 'Unknown')" >> artifacts/ARTIFACTS.md + echo "" >> artifacts/ARTIFACTS.md + echo "## Available Artifacts" >> artifacts/ARTIFACTS.md + echo "" >> artifacts/ARTIFACTS.md + + if ls artifacts/*.deb >/dev/null 2>&1; then + echo "### Debian Packages" >> artifacts/ARTIFACTS.md + for pkg in artifacts/*.deb; do + PKG_NAME=$(dpkg-deb -f "$pkg" Package 2>/dev/null || echo "Unknown") + PKG_VERSION=$(dpkg-deb -f "$pkg" Version 2>/dev/null || echo "Unknown") + PKG_ARCH=$(dpkg-deb -f "$pkg" Architecture 2>/dev/null || echo "Unknown") + PKG_SIZE=$(du -h "$pkg" | cut -f1) + echo "- **$PKG_NAME** ($PKG_VERSION) [$PKG_ARCH] - $PKG_SIZE" >> artifacts/ARTIFACTS.md + done + fi + + echo "" >> artifacts/ARTIFACTS.md + echo "### Other Files" >> artifacts/ARTIFACTS.md + echo "- CI_SUMMARY.md - Build summary and status" >> artifacts/ARTIFACTS.md + echo "- ARTIFACTS.md - This manifest file" >> artifacts/ARTIFACTS.md + + echo "Artifacts prepared successfully!" + echo "Contents of artifacts directory:" + ls -la artifacts/ + + # Create a compressed archive for easy download + echo "Creating downloadable archive..." + tar -czf apt-ostree-builder-build-$(date +%Y%m%d-%H%M%S).tar.gz artifacts/ + echo "Archive created: apt-ostree-builder-build-$(date +%Y%m%d-%H%M%S).tar.gz" + + # List all available downloads + echo "" + echo "๐ŸŽฏ DOWNLOADABLE ARTIFACTS:" + echo "==========================" + ls -la *.tar.gz 2>/dev/null || echo "No archives found" + echo "" + echo "๐Ÿ“ฆ PACKAGE CONTENTS:" + echo "====================" + ls -la artifacts/ + + # Create a final artifacts summary in the workspace root for easy access + echo "Creating final artifacts summary..." + echo "# ๐ŸŽฏ APT-OSTree Build Artifacts - READY FOR DOWNLOAD" > ARTIFACTS_README.md + echo "" >> ARTIFACTS_README.md + echo "## ๐Ÿ“ฅ Download Links" >> ARTIFACTS_README.md + echo "" >> ARTIFACTS_README.md + echo "Your build artifacts are ready! Download them from the CI logs:" >> ARTIFACTS_README.md + echo "" >> ARTIFACTS_README.md + + # List available archives + if ls *.tar.gz >/dev/null 2>&1; then + echo "### ๐Ÿ—œ๏ธ TAR.GZ Archives" >> ARTIFACTS_README.md + for archive in *.tar.gz; do + SIZE=$(du -h "$archive" | cut -f1) + echo "- **$archive** ($SIZE) - Complete build artifacts" >> ARTIFACTS_README.md + done + fi + + echo "" >> ARTIFACTS_README.md + echo "## ๐Ÿ“‹ What's Included" >> ARTIFACTS_README.md + echo "" >> ARTIFACTS_README.md + echo "- **Debian Packages** (.deb files) - Ready to install" >> ARTIFACTS_README.md + echo "- **Build Summary** - Complete CI results and status" >> ARTIFACTS_README.md + echo "- **Rust Binary** - Compiled apt-ostree-builder executable" >> ARTIFACTS_README.md + echo "- **Artifacts Manifest** - Detailed contents listing" >> ARTIFACTS_README.md + echo "" >> ARTIFACTS_README.md + echo "## ๐Ÿš€ How to Download" >> ARTIFACTS_README.md + echo "" >> ARTIFACTS_README.md + echo "1. **From CI Logs**: Copy the archive files from the build output above" >> ARTIFACTS_README.md + echo "2. **From Workspace**: Archives are created in the build workspace" >> ARTIFACTS_README.md + echo "3. **Install Packages**: Use `dpkg -i *.deb` to install the built packages" >> ARTIFACTS_README.md + echo "" >> ARTIFACTS_README.md + echo "---" >> ARTIFACTS_README.md + echo "*Generated by APT-OSTree CI/CD Pipeline*" >> ARTIFACTS_README.md + + echo "โœ… Final artifacts summary created: ARTIFACTS_README.md" + echo "" + echo "๐ŸŽ‰ BUILD COMPLETE! Your artifacts are ready for download!" + echo "๐Ÿ“ Check the CI logs above for the downloadable archive files." + + - name: Publish to Forgejo Debian Registry + run: | + echo "Publishing .deb packages to Forgejo Debian Registry..." + + # .deb files are MANDATORY - fail if none exist + if ! ls *.deb >/dev/null 2>&1; then + echo "โš ๏ธ No .deb files found in current directory" + echo "๐Ÿ” Searching for .deb files in parent directories..." + + # Look for .deb files in parent directories (where dpkg-buildpackage puts them) + if ls ../*.deb >/dev/null 2>&1; then + echo "โœ… Found .deb files in parent directory, copying them..." + cp ../*.deb ./ + echo "๐Ÿ“ฆ Copied packages:" + ls -la *.deb + else + echo "โŒ CRITICAL: No .deb files found anywhere!" + echo "๐Ÿšจ .deb packages are REQUIRED - build must fail" + exit 1 # Fail the workflow - .deb files are mandatory + fi + fi + + # Get build info for registry + # Forgejo Actions uses FORGEJO_RUN_NUMBER, fallback to GITEA_RUN_NUMBER, then timestamp + BUILD_NUMBER="${FORGEJO_RUN_NUMBER:-${GITEA_RUN_NUMBER:-$(date +%Y%m%d%H%M%S)}}" + COMMIT_HASH=$(git rev-parse HEAD 2>/dev/null || echo "unknown") + + echo "Publishing packages for build $BUILD_NUMBER (commit $COMMIT_HASH)" + + # Forgejo Debian Registry configuration + FORGEJO_OWNER="particle-os" # Your organization/username + FORGEJO_DISTRIBUTION="trixie" # Debian distribution + FORGEJO_COMPONENT="main" # Package component + + # Publish each .deb file + for deb_file in *.deb; do + echo "๐Ÿ“ฆ Publishing $deb_file..." + + # Extract package info + PKG_NAME=$(dpkg-deb -f "$deb_file" Package 2>/dev/null || echo "apt-ostree-builder") + PKG_VERSION=$(dpkg-deb -f "$deb_file" Version 2>/dev/null || echo "unknown") + PKG_ARCH=$(dpkg-deb -f "$deb_file" Architecture 2>/dev/null || echo "amd64") + + echo " Package: $PKG_NAME" + echo " Version: $PKG_VERSION" + echo " Architecture: $PKG_ARCH" + + # Forgejo Debian Registry upload URL + UPLOAD_URL="https://git.raines.xyz/api/packages/${FORGEJO_OWNER}/debian/pool/${FORGEJO_DISTRIBUTION}/${FORGEJO_COMPONENT}/upload" + + echo " Upload URL: $UPLOAD_URL" + + # Upload to Forgejo Debian Registry using GitHub Actions secrets syntax + if [ -n "${{ secrets.ACCESS_TOKEN }}" ]; then + echo " ๐Ÿ” Using authentication token..." + UPLOAD_RESULT=$(curl -s -w "%{http_code}" \ + --user "${FORGEJO_OWNER}:${{ secrets.ACCESS_TOKEN }}" \ + --upload-file "$deb_file" \ + "$UPLOAD_URL" 2>/dev/null) + + # Extract HTTP status code (last 3 characters) + HTTP_CODE=$(echo "$UPLOAD_RESULT" | tail -c 4) + # Extract response body (everything except last 3 characters) + RESPONSE_BODY=$(echo "$UPLOAD_RESULT" | head -c -4) + + case $HTTP_CODE in + 201) + echo " โœ… Successfully published to Forgejo Debian Registry!" + echo " ๐Ÿ“ฅ Install with: apt install $PKG_NAME" + ;; + 409) + echo " โš ๏ธ Package already exists (version conflict)" + echo " ๐Ÿ’ก Consider deleting old version first" + ;; + 400) + echo " โŒ Bad request - package validation failed" + ;; + *) + echo " โŒ Upload failed with HTTP $HTTP_CODE" + echo " Response: $RESPONSE_BODY" + ;; + esac + else + echo " โš ๏ธ No ACCESS_TOKEN secret available - skipping upload" + echo " ๐Ÿ’ก Set ACCESS_TOKEN secret in repository settings to enable automatic publishing" + echo " ๐Ÿ“‹ Manual upload command:" + echo " curl --user your_username:your_token \\" + echo " --upload-file $deb_file \\" + echo " $UPLOAD_URL" + fi + + echo "" + done + + echo "๐ŸŽฏ Debian package publishing complete!" + echo "๐Ÿ“ฆ Packages are now available in Forgejo Debian Registry" + echo "๐Ÿ”ง To install: apt install apt-ostree-builder" + + # Security check + security: + name: Security Audit + runs-on: ubuntu-latest + container: + image: rust:trixie + + steps: + - name: Setup environment + run: | + # Try apt-cacher-ng first, fallback to Debian's automatic mirror selection + echo "Checking for apt-cacher-ng availability..." + + # Quick check with timeout to avoid hanging + if timeout 10 curl -s --connect-timeout 5 http://192.168.1.101:3142/acng-report.html > /dev/null 2>&1; then + echo "โœ… apt-cacher-ng is available, configuring proxy sources..." + echo "deb http://192.168.1.101:3142/ftp.debian.org/debian trixie main contrib non-free" > /etc/apt/sources.list + echo "deb-src http://192.168.1.101:3142/ftp.debian.org/debian trixie main contrib non-free" >> /etc/apt/sources.list + echo "Using apt-cacher-ng proxy for faster builds" + else + echo "โš ๏ธ apt-cacher-ng not available or slow, using Debian's automatic mirror selection..." + echo "deb http://httpredir.debian.org/debian trixie main contrib non-free" > /etc/apt/sources.list + echo "deb-src http://deb.debian.org/debian trixie main contrib non-free" >> /etc/apt/sources.list + echo "Using httpredir.debian.org for automatic mirror selection" + fi + + apt update -y + + - name: Install security tools + run: | + apt install -y --no-install-recommends git cargo-audit + + - name: Checkout code + run: | + git clone https://git.raines.xyz/robojerk/apt-ostree-builder.git /tmp/apt-ostree-builder + cp -r /tmp/apt-ostree-builder/* . + cp -r /tmp/apt-ostree-builder/.* . 2>/dev/null || true + + - name: Run security audit + run: | + cargo audit || echo "Security audit completed (warnings are normal)" + + - name: Create security summary + run: | + echo "Security audit completed!" + echo "โœ… Security check completed! ๐Ÿ›ก๏ธ" + + # Package validation + package: + name: Package Validation + runs-on: ubuntu-latest + container: + image: rust:trixie + + steps: + - name: Setup environment + run: | + # Try apt-cacher-ng first, fallback to Debian's automatic mirror selection + echo "Checking for apt-cacher-ng availability..." + + # Quick check with timeout to avoid hanging + if timeout 10 curl -s --connect-timeout 5 http://192.168.1.101:3142/acng-report.html > /dev/null 2>&1; then + echo "โœ… apt-cacher-ng is available, configuring proxy sources..." + echo "deb http://192.168.1.101:3142/ftp.debian.org/debian trixie main contrib non-free" > /etc/apt/sources.list + echo "deb-src http://192.168.1.101:3142/ftp.debian.org/debian trixie main contrib non-free" >> /etc/apt/sources.list + echo "Using apt-cacher-ng proxy for faster builds" + else + echo "โš ๏ธ apt-cacher-ng not available or slow, using Debian's automatic mirror selection..." + echo "deb http://httpredir.debian.org/debian trixie main contrib non-free" > /etc/apt/sources.list + echo "deb-src http://deb.debian.org/debian trixie main contrib non-free" >> /etc/apt/sources.list + echo "Using httpredir.debian.org for automatic mirror selection" + fi + + apt update -y + + - name: Install package tools + run: | + apt install -y --no-install-recommends \ + git devscripts debhelper dh-cargo lintian + + - name: Checkout code + run: | + git clone https://git.raines.xyz/robojerk/apt-ostree-builder.git /tmp/apt-ostree-builder + cp -r /tmp/apt-ostree-builder/* . + cp -r /tmp/apt-ostree-builder/.* . 2>/dev/null || true + + - name: Validate package structure + run: | + echo "Validating package structure..." + + # Check for required files + [ -f "Cargo.toml" ] && echo "โœ… Cargo.toml found" || echo "โŒ Cargo.toml missing" + [ -d "debian" ] && echo "โœ… debian/ directory found" || echo "โŒ debian/ directory missing" + + if [ -d "debian" ]; then + [ -f "debian/control" ] && echo "โœ… debian/control found" || echo "โŒ debian/control missing" + [ -f "debian/rules" ] && echo "โœ… debian/rules found" || echo "โŒ debian/rules missing" + [ -f "debian/copyright" ] && echo "โœ… debian/copyright found" || echo "โŒ debian/copyright missing" + [ -f "debian/changelog" ] && echo "โœ… debian/changelog found" || echo "โŒ debian/changelog missing" + [ -f "debian/compat" ] && echo "โœ… debian/compat found" || echo "โŒ debian/compat missing" + + # Check enhanced packaging files + [ -f "debian/apt-ostree-builder.1" ] && echo "โœ… debian/apt-ostree-builder.1 (man page) found" || echo "โŒ debian/apt-ostree-builder.1 missing" + [ -f "debian/apt-ostree-builder.bash-completion" ] && echo "โœ… bash completion found" || echo "โŒ bash completion missing" + [ -f "debian/apt-ostree-builder.zsh-completion" ] && echo "โœ… zsh completion found" || echo "โŒ zsh completion missing" + [ -f "debian/apt-ostree-builder.postinst" ] && echo "โœ… postinst script found" || echo "โŒ postinst script missing" + [ -f "debian/apt-ostree-builder.prerm" ] && echo "โœ… prerm script found" || echo "โŒ prerm script missing" + [ -f "debian/apt-ostree-builder.postrm" ] && echo "โœ… postrm script found" || echo "โŒ postrm script missing" + [ -f "debian/apt-ostree-builder.triggers" ] && echo "โœ… triggers file found" || echo "โŒ triggers file missing" + [ -f "debian/apt-ostree-builder.lintian-overrides" ] && echo "โœ… lintian overrides found" || echo "โŒ lintian overrides missing" + + # Check source package configuration + [ -d "debian/source" ] && echo "โœ… debian/source directory found" || echo "โŒ debian/source directory missing" + if [ -d "debian/source" ]; then + [ -f "debian/source/format" ] && echo "โœ… source format found" || echo "โŒ source format missing" + [ -f "debian/source/options" ] && echo "โœ… source options found" || echo "โŒ source options missing" + fi + + # Check build script + [ -f "debian/build.sh" ] && echo "โœ… build script found" || echo "โŒ build script missing" + [ -f "debian/README.Debian" ] && echo "โœ… README.Debian found" || echo "โŒ README.Debian missing" + fi + + # Check Rust project + [ -d "src" ] && echo "โœ… src/ directory found" || echo "โŒ src/ directory missing" + + echo "Enhanced package validation completed!" + + - name: Run lintian quality checks + run: | + echo "Running lintian quality checks..." + + if [ -d "debian" ]; then + echo "Checking Debian packaging quality..." + + # Run lintian on the debian directory + if command -v lintian >/dev/null 2>&1; then + echo "โœ… Lintian found, running quality checks..." + + # Check debian directory structure + lintian --allow-root --no-tag-display-limit debian/ || echo "Lintian found issues (this is normal for development)" + + # Check specific files + if [ -f "debian/control" ]; then + echo "Checking control file..." + lintian --allow-root --no-tag-display-limit debian/control || echo "Control file has issues" + fi + + if [ -f "debian/rules" ]; then + echo "Checking rules file..." + lintian --allow-root --no-tag-display-limit debian/rules || echo "Rules file has issues" + fi + + echo "Lintian quality checks completed!" + else + echo "โš ๏ธ Lintian not available, skipping quality checks" + fi + else + echo "โŒ No debian directory found for lintian checks" + fi + + - name: Test enhanced build script + run: | + echo "Testing enhanced build script..." + + if [ -f "debian/build.sh" ]; then + echo "โœ… Enhanced build script found" + + # Test build script help + if [ -x "debian/build.sh" ]; then + echo "โœ… Build script is executable" + echo "Testing build script help:" + ./debian/build.sh --help || echo "Help test failed (this is normal for CI)" + else + echo "โš ๏ธ Build script not executable, making it executable..." + chmod +x debian/build.sh + echo "Testing build script help:" + ./debian/build.sh --help || echo "Help test failed (this is normal for CI)" + fi + else + echo "โŒ Enhanced build script not found" + fi + + echo "Enhanced build script test completed!" + + - name: Create package summary + run: | + echo "Enhanced package validation completed!" + echo "โœ… Package check completed! ๐Ÿ“ฆ" + + # Final status report + status: + name: Status Report + runs-on: ubuntu-latest + container: + image: rust:trixie + needs: [build-and-test, security, package] + + steps: + - name: Setup environment + run: | + # Try apt-cacher-ng first, fallback to Debian's automatic mirror selection + echo "Checking for apt-cacher-ng availability..." + + # Quick check with timeout to avoid hanging + if timeout 10 curl -s --connect-timeout 5 http://192.168.1.101:3142/acng-report.html > /dev/null 2>&1; then + echo "โœ… apt-cacher-ng is available, configuring proxy sources..." + echo "deb http://192.168.1.101:3142/ftp.debian.org/debian trixie main contrib non-free" > /etc/apt/sources.list + echo "deb-src http://192.168.1.101:3142/ftp.debian.org/debian trixie main contrib non-free" >> /etc/apt/sources.list + echo "Using apt-cacher-ng proxy for faster builds" + else + echo "โš ๏ธ apt-cacher-ng not available or slow, using Debian's automatic mirror selection..." + echo "deb http://httpredir.debian.org/debian trixie main contrib non-free" > /etc/apt/sources.list + echo "deb-src http://deb.debian.org/debian trixie main contrib non-free" >> /etc/apt/sources.list + echo "Using httpredir.debian.org for automatic mirror selection" + fi + + apt update -y + apt install -y --no-install-recommends git + + - name: Checkout code + run: | + git clone https://git.raines.xyz/robojerk/apt-ostree-builder.git /tmp/apt-ostree-builder + cp -r /tmp/apt-ostree-builder/* . + cp -r /tmp/apt-ostree-builder/.* . 2>/dev/null || true + + - name: Create status report + run: | + echo "# CI Status Report" > STATUS_REPORT.md + echo "" >> STATUS_REPORT.md + echo "## Summary" >> STATUS_REPORT.md + echo "- **Build and Test**: โœ… Completed" >> STATUS_REPORT.md + echo "- **Security Audit**: โœ… Completed" >> STATUS_REPORT.md + echo "- **Package Validation**: โœ… Completed" >> STATUS_REPORT.md + echo "- **Enhanced Packaging**: โœ… Professional Debian packaging" >> STATUS_REPORT.md + echo "- **Quality Checks**: โœ… Lintian validation completed" >> STATUS_REPORT.md + echo "" >> STATUS_REPORT.md + echo "## Details" >> STATUS_REPORT.md + echo "- **Commit**: $(git rev-parse --short HEAD 2>/dev/null || echo 'Unknown')" >> STATUS_REPORT.md + echo "- **Branch**: $(git branch --show-current 2>/dev/null || echo 'Unknown')" >> STATUS_REPORT.md + echo "- **Date**: $(date '+%Y-%m-%d %H:%M:%S UTC')" >> STATUS_REPORT.md + echo "- **Container**: rust:trixie" >> STATUS_REPORT.md + echo "" >> STATUS_REPORT.md + echo "All CI jobs completed successfully! ๐ŸŽ‰" + echo "" >> STATUS_REPORT.md + echo "## Enhanced Packaging Features" >> STATUS_REPORT.md + echo "- **Professional Structure**: Man pages, shell completions, and configuration files" >> STATUS_REPORT.md + echo "- **Quality Assurance**: Lintian compliance and best practices" >> STATUS_REPORT.md + echo "- **Cross-Compilation**: Support for multiple architectures" >> STATUS_REPORT.md + echo "- **Build Scripts**: Automated package building and testing" >> STATUS_REPORT.md + + echo "Status report created: STATUS_REPORT.md" + echo "โœ… All CI jobs completed successfully!" diff --git a/.forgejo/workflows/ci.yml b/.forgejo/workflows/ci.yml index 7879fc8..293c039 100644 --- a/.forgejo/workflows/ci.yml +++ b/.forgejo/workflows/ci.yml @@ -72,7 +72,7 @@ jobs: git curl pkg-config build-essential gnupg wget \ libssl-dev libostree-dev libostree-1-1 ostree \ podman qemu-utils parted grub-efi-amd64 systemd-boot \ - dracut composefs zstd cpio tar ca-certificates \ + dracut zstd cpio tar ca-certificates \ devscripts debhelper dh-cargo libcurl4-gnutls-dev \ libsystemd-dev libmount-dev libselinux1-dev libsepol-dev \ libarchive-dev libgpgme-dev libavahi-client-dev \ @@ -229,8 +229,7 @@ jobs: echo " libostree-1-1 (>= 2023.1), ostree (>= 2023.1), podman (>= 4.0)," >> debian/bootc-image-builder/DEBIAN/control echo " qemu-utils (>= 7.0), parted (>= 3.0)," >> debian/bootc-image-builder/DEBIAN/control echo " grub-efi-amd64 (>= 2.0) | systemd-boot (>= 250)," >> debian/bootc-image-builder/DEBIAN/control - echo " dracut (>= 055), composefs (>= 0.1)," >> debian/bootc-image-builder/DEBIAN/control - echo " zstd (>= 1.0), cpio (>= 2.0), tar (>= 1.0)" >> debian/bootc-image-builder/DEBIAN/control + echo " dracut (>= 055), zstd (>= 1.0), cpio (>= 2.0), tar (>= 1.0)" >> debian/bootc-image-builder/DEBIAN/control echo "Description: Bootc container image to disk image converter" >> debian/bootc-image-builder/DEBIAN/control echo " Bootc-image-builder converts bootc container images into bootable disk images." >> debian/bootc-image-builder/DEBIAN/control echo " ." >> debian/bootc-image-builder/DEBIAN/control @@ -362,7 +361,7 @@ jobs: echo '- podman โœ…' >> CI_SUMMARY.md echo '- qemu-utils โœ…' >> CI_SUMMARY.md echo '- dracut โœ…' >> CI_SUMMARY.md - echo '- composefs โœ…' >> CI_SUMMARY.md + echo '- zstd โœ…' >> CI_SUMMARY.md echo '- All build dependencies satisfied โœ…' >> CI_SUMMARY.md echo "CI summary created: CI_SUMMARY.md" diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 0000000..a826988 --- /dev/null +++ b/Dockerfile @@ -0,0 +1,52 @@ +FROM debian:unstable-slim + +# Set build arguments +ARG release_name=unstable + +# Set environment variables +ENV DEBIAN_FRONTEND=noninteractive +ENV RUST_BACKTRACE=1 +ENV CARGO_TERM_COLOR=always + +# Install Rust toolchain +RUN apt update && \ + apt install -y curl ca-certificates && \ + curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y && \ + . $HOME/.cargo/env && \ + rustup default stable && \ + rustup target add x86_64-unknown-linux-gnu + +# Install build dependencies +RUN apt update && \ + apt install -y \ + build-essential \ + pkg-config \ + libssl-dev \ + libostree-dev \ + libostree-1-1 \ + ostree \ + podman \ + qemu-utils \ + parted \ + grub-efi-amd64 \ + systemd-boot \ + dracut \ + zstd \ + cpio \ + tar \ + curl \ + git \ + ca-certificates \ + && rm -rf /var/lib/apt/lists/* + +# Set working directory +WORKDIR /workspace + +# Copy source code +COPY . . + +# Set PATH to include Rust +ENV PATH="/root/.cargo/bin:${PATH}" + +# Default command +CMD ["bash"]