From 8a69daa5c29a3fe7b28d7f1bf3da6503ebae1c12 Mon Sep 17 00:00:00 2001 From: robojerk Date: Fri, 5 Sep 2025 09:26:08 -0700 Subject: [PATCH] Update control file with correct Debian dependencies - Add proper Debian package dependencies based on Fedora analysis - Map libc6, libgcc-s1, libssl3t64, systemd to correct versions - Update both control file creation locations in CI workflow - Fix yamllint errors and improve code formatting --- .forgejo/workflows/ci.yml | 465 ++++++++++++++++++++++---------------- 1 file changed, 274 insertions(+), 191 deletions(-) diff --git a/.forgejo/workflows/ci.yml b/.forgejo/workflows/ci.yml index 5b30cd4..3141568 100644 --- a/.forgejo/workflows/ci.yml +++ b/.forgejo/workflows/ci.yml @@ -1,10 +1,11 @@ +--- name: Build bootupd with systemd-boot on: push: - branches: [ main ] + branches: [main] pull_request: - branches: [ main ] + branches: [main] env: CARGO_TERM_COLOR: always @@ -13,200 +14,282 @@ env: jobs: build: runs-on: ubuntu-latest - + steps: - - name: Checkout code - uses: actions/checkout@v4 - - - name: Setup apt-cacher-ng - run: | - echo "Setting up apt-cacher-ng for faster builds..." - - # Try apt-cacher-ng first, fallback to standard mirrors - echo "Checking for apt-cacher-ng availability..." - - # Quick check with timeout to avoid hanging - if timeout 10 curl -s --connect-timeout 5 http://192.168.1.101:3142/acng-report.html > /dev/null 2>&1; then - echo "✅ apt-cacher-ng is available, configuring Docker to use proxy..." - - # Create Docker daemon configuration for apt-cacher-ng - sudo mkdir -p /etc/docker - echo '{ - "proxies": { - "default": { - "httpProxy": "http://192.168.1.101:3142", - "httpsProxy": "http://192.168.1.101:3142", - "noProxy": "localhost,127.0.0.1" + - name: Checkout code + uses: actions/checkout@v4 + + - name: Setup apt-cacher-ng + run: | + echo "Setting up apt-cacher-ng for faster builds..." + + # Try apt-cacher-ng first, fallback to standard mirrors + echo "Checking for apt-cacher-ng availability..." + + # Quick check with timeout to avoid hanging + if timeout 10 curl -s --connect-timeout 5 \ + http://192.168.1.101:3142/acng-report.html > /dev/null 2>&1; then + echo "✅ apt-cacher-ng is available, configuring Docker proxy..." + + # Create Docker daemon configuration for apt-cacher-ng + sudo mkdir -p /etc/docker + echo '{ + "proxies": { + "default": { + "httpProxy": "http://192.168.1.101:3142", + "httpsProxy": "http://192.168.1.101:3142", + "noProxy": "localhost,127.0.0.1" + } } - } - }' | sudo tee /etc/docker/daemon.json - - # Restart Docker to apply proxy settings - sudo systemctl restart docker - - echo "Using apt-cacher-ng proxy for faster Docker builds" - else - echo "⚠️ apt-cacher-ng not available, using standard mirrors..." - echo "Using standard Debian mirrors for Docker builds" - fi - - - name: Build Docker image - run: | - docker build --build-arg release-name=unstable -f Dockerfile -t bootupd-sdboot:latest . - - - name: Build bootupd inside container - run: | - docker run --rm -v $(pwd):/workspace bootupd-sdboot:latest bash -c " - # Setup apt-cacher-ng inside container if available - if timeout 5 curl -s --connect-timeout 3 http://192.168.1.101:3142/acng-report.html > /dev/null 2>&1; then - echo '✅ Using apt-cacher-ng for package downloads...' - echo 'deb http://192.168.1.101:3142/ftp.debian.org/debian unstable main contrib non-free' > /etc/apt/sources.list - echo 'deb-src http://192.168.1.101:3142/ftp.debian.org/debian unstable main contrib non-free' >> /etc/apt/sources.list + }' | sudo tee /etc/docker/daemon.json + + # Restart Docker to apply proxy settings + sudo systemctl restart docker + + echo "Using apt-cacher-ng proxy for faster Docker builds" else - echo '⚠️ Using standard Debian mirrors...' - echo 'deb http://deb.debian.org/debian unstable main contrib non-free' > /etc/apt/sources.list - echo 'deb-src http://deb.debian.org/debian unstable main contrib non-free' >> /etc/apt/sources.list + echo "⚠️ apt-cacher-ng not available, using standard mirrors..." + echo "Using standard Debian mirrors for Docker builds" fi + + - name: Build Docker image + run: | + docker build --build-arg release-name=unstable -f Dockerfile \ + -t bootupd-sdboot:latest . + + - name: Build bootupd inside container + run: | + docker run --rm -v $(pwd):/workspace bootupd-sdboot:latest bash -c " + # Setup apt-cacher-ng inside container if available + if timeout 5 curl -s --connect-timeout 3 \ + http://192.168.1.101:3142/acng-report.html > /dev/null 2>&1; then + echo '✅ Using apt-cacher-ng for package downloads...' + echo "deb http://192.168.1.101:3142/ftp.debian.org/debian unstable main contrib non-free" > /etc/apt/sources.list + echo "deb-src http://192.168.1.101:3142/ftp.debian.org/debian unstable main contrib non-free" >> /etc/apt/sources.list + else + echo '⚠️ Using standard Debian mirrors...' + echo "deb http://deb.debian.org/debian unstable main contrib non-free" > /etc/apt/sources.list + echo "deb-src http://deb.debian.org/debian unstable main contrib non-free" >> /etc/apt/sources.list + fi + + # Update package lists + apt update -y + + # Clone and build bootupd + git clone https://github.com/p5/coreos-bootupd.git bootupd && \ + cd bootupd && \ + git fetch --all && \ + git switch origin/sdboot-support -d && \ +/root/.cargo/bin/cargo build --release --bins --features systemd-boot && \ +install -Dpm0755 -t /usr/bin ./target/release/bootupd && \ + ln -s ./bootupd /usr/bin/bootupctl && \ + cp /usr/bin/bootupd /workspace/ && \ + cp /usr/bin/bootupctl /workspace/ + " + + - name: Create Debian packaging structure + run: | + echo "Creating Debian packaging structure..." + + # Create debian directory structure + mkdir -p debian + touch debian/changelog + touch debian/control + touch debian/copyright + touch debian/bootupd.dirs + + # Get build information + BUILD_NUMBER="${FORGEJO_RUN_NUMBER:-${GITEA_RUN_NUMBER:-$(date +%Y%m%d%H%M%S)}}" + COMMIT_HASH=$(git rev-parse HEAD 2>/dev/null || echo "unknown") + SHORT_COMMIT=$(echo "$COMMIT_HASH" | cut -c1-10) + + # Create changelog + printf 'bootupd (0.1.0+%s+%s) unstable; urgency=medium\n\n' \ + "$BUILD_NUMBER" "$SHORT_COMMIT" > debian/changelog + printf ' * CI build %s\n * Commit: %s\n' \ + "$BUILD_NUMBER" "$SHORT_COMMIT" >> debian/changelog + printf ' * Built with systemd-boot support\n\n' >> debian/changelog + printf " -- CI Build %s\n" \ + "$(date -R)" >> debian/changelog + + # Create control file + printf "Source: bootupd\nSection: admin\nPriority: optional\n" \ + > debian/control + printf 'Maintainer: CI Build \n' >> debian/control + printf "Build-Depends: debhelper (>= 13), cargo, rustc\n" >> debian/control + printf 'Standards-Version: 4.6.2\n' >> debian/control + printf 'Homepage: https://github.com/p5/coreos-bootupd\n\n' >> debian/control + printf 'Package: bootupd\nArchitecture: amd64\n' >> debian/control + printf 'Depends: libc6 (>= 2.39), libgcc-s1 (>= 3.0), ' >> debian/control + printf 'libssl3t64 (>= 3.0.0), systemd (>= 250)\n' >> debian/control + printf 'Description: Distribution-independent bootloader update tool ' >> debian/control + printf 'with systemd-boot support\n' >> debian/control + printf ' Bootupd is a distribution-independent tool for managing ' >> debian/control + printf 'bootloader updates.\n' >> debian/control + printf ' This package includes systemd-boot support.\n .\n' >> debian/control + printf ' Features:\n - systemd-boot support\n' >> debian/control + printf ' - Distribution-independent\n - Safe bootloader updates\n' >> debian/control - # Update package lists - apt update -y + # Create copyright file + printf 'Format: https://www.debian.org/doc/packaging-manuals/' > debian/copyright + printf 'copyright-format/1.0/\n' >> debian/copyright + printf 'Upstream-Name: bootupd\n' >> debian/copyright + printf 'Upstream-Contact: https://github.com/p5/coreos-bootupd\n' >> debian/copyright + printf 'Source: https://github.com/p5/coreos-bootupd\n\n' >> debian/copyright + printf 'Files: *\nCopyright: 2024 CI Build\nLicense: Apache-2.0\n' >> debian/copyright + printf ' Permission is hereby granted, free of charge, to any person ' >> debian/copyright + printf 'obtaining a copy\n' >> debian/copyright + printf ' of this software and associated documentation files (the "Software"), ' >> debian/copyright + printf 'to deal\n' >> debian/copyright + printf ' in the Software without restriction, including without limitation ' >> debian/copyright + printf 'the rights\n' >> debian/copyright + printf ' to use, copy, modify, merge, publish, distribute, sublicense, ' >> debian/copyright + printf 'and/or sell\n' >> debian/copyright + printf ' copies of the Software, and to permit persons to whom the Software is\n' >> debian/copyright + printf ' furnished to do so, subject to the following conditions:\n .\n' >> debian/copyright + printf ' The above copyright notice and this permission notice shall be ' >> debian/copyright + printf 'included in all\n' >> debian/copyright + printf ' copies or substantial portions of the Software.\n .\n' >> debian/copyright + printf ' THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, ' >> debian/copyright + printf 'EXPRESS OR\n' >> debian/copyright + printf ' IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF ' >> debian/copyright + printf 'MERCHANTABILITY,\n' >> debian/copyright + printf ' FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT ' >> debian/copyright + printf 'SHALL THE\n' >> debian/copyright + printf ' AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER\n' >> debian/copyright + printf ' LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ' >> debian/copyright + printf 'ARISING FROM,\n' >> debian/copyright + printf ' OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER ' >> debian/copyright + printf 'DEALINGS IN THE\n' >> debian/copyright + printf ' SOFTWARE.\n' >> debian/copyright - # Clone and build bootupd - git clone https://github.com/p5/coreos-bootupd.git bootupd && \ - cd bootupd && \ - git fetch --all && \ - git switch origin/sdboot-support -d && \ - /root/.cargo/bin/cargo build --release --bins --features systemd-boot && \ - install -Dpm0755 -t /usr/bin ./target/release/bootupd && \ - ln -s ./bootupd /usr/bin/bootupctl && \ - cp /usr/bin/bootupd /workspace/ && \ - cp /usr/bin/bootupctl /workspace/ - " - - - name: Create Debian package - run: | - echo "Creating Debian package for bootupd..." - - # Get build information - BUILD_NUMBER="${FORGEJO_RUN_NUMBER:-${GITEA_RUN_NUMBER:-$(date +%Y%m%d%H%M%S)}}" - COMMIT_HASH=$(git rev-parse HEAD 2>/dev/null || echo "unknown") - SHORT_COMMIT=$(echo "$COMMIT_HASH" | cut -c1-10) - - # Create package directory structure - mkdir -p bootupd-package/usr/bin - mkdir -p bootupd-package/DEBIAN - - # Copy binaries - cp bootupd bootupd-package/usr/bin/ - cp bootupctl bootupd-package/usr/bin/ - chmod +x bootupd-package/usr/bin/bootupd - chmod +x bootupd-package/usr/bin/bootupctl - - # Create control file - cat > bootupd-package/DEBIAN/control << EOF -Package: bootupd -Version: 0.1.0+${BUILD_NUMBER}+${SHORT_COMMIT} -Section: admin -Priority: optional -Architecture: amd64 -Maintainer: CI Build -Description: Distribution-independent bootloader update tool with systemd-boot support - Bootupd is a distribution-independent tool for managing bootloader updates. - This package includes systemd-boot support. - . - Features: - - systemd-boot support - - Distribution-independent - - Safe bootloader updates -EOF - - # Build Debian package - dpkg-deb --build bootupd-package bootupd_0.1.0+${BUILD_NUMBER}+${SHORT_COMMIT}_amd64.deb - - echo "✅ Debian package created: bootupd_0.1.0+${BUILD_NUMBER}+${SHORT_COMMIT}_amd64.deb" - - - name: Upload to Forgejo Debian Registry - run: | - echo "Uploading to Forgejo Debian Registry..." - - # Set Forgejo configuration - FORGEJO_OWNER="particle-os" - FORGEJO_DISTRIBUTION="trixie" - FORGEJO_COMPONENT="main" - - # Find the .deb file - DEB_FILE=$(ls bootupd_*.deb | head -1) - - if [ -z "$DEB_FILE" ]; then - echo "❌ No .deb file found for upload" - exit 1 - fi - - echo "📦 Uploading package: $DEB_FILE" - - # Extract package info - PKG_NAME=$(dpkg-deb -f "$DEB_FILE" Package 2>/dev/null || echo "bootupd") - PKG_VERSION=$(dpkg-deb -f "$DEB_FILE" Version 2>/dev/null || echo "unknown") - PKG_ARCH=$(dpkg-deb -f "$DEB_FILE" Architecture 2>/dev/null || echo "amd64") - - echo " Package: $PKG_NAME" - echo " Version: $PKG_VERSION" - echo " Architecture: $PKG_ARCH" - - # Forgejo Debian Registry upload URL - UPLOAD_URL="https://git.raines.xyz/api/packages/${FORGEJO_OWNER}/debian/pool/${FORGEJO_DISTRIBUTION}/${FORGEJO_COMPONENT}/upload" - - echo " Upload URL: $UPLOAD_URL" - - # Upload to Forgejo Debian Registry - if [ -n "${{ secrets.ACCESS_TOKEN }}" ]; then - echo " 🔐 Using authentication token..." - UPLOAD_RESULT=$(curl -s -w "%{http_code}" \ - --user "${FORGEJO_OWNER}:${{ secrets.ACCESS_TOKEN }}" \ - --upload-file "$DEB_FILE" \ - "$UPLOAD_URL" 2>/dev/null) + # Create dirs file + echo "usr/bin" > debian/bootupd.dirs - # Extract HTTP status code (last 3 characters) - HTTP_CODE=$(echo "$UPLOAD_RESULT" | tail -c 4) - # Extract response body (everything except last 3 characters) - RESPONSE_BODY=$(echo "$UPLOAD_RESULT" | head -c -4) + echo "✅ Debian packaging structure created" + + - name: Create Debian package + run: | + echo "Creating Debian package for bootupd..." - case $HTTP_CODE in - 201) - echo " ✅ Successfully published to Forgejo Debian Registry!" - echo " 📥 Install with: apt install $PKG_NAME" - ;; - 409) - echo " ⚠️ Package already exists (version conflict)" - echo " 💡 Consider deleting old version first" - ;; - 400) - echo " ❌ Bad request - package validation failed" - ;; - *) - echo " ❌ Upload failed with HTTP $HTTP_CODE" - echo " Response: $RESPONSE_BODY" - ;; - esac - else - echo " ⚠️ No ACCESS_TOKEN secret available - skipping upload" - echo " 💡 Set ACCESS_TOKEN secret in repository settings to enable automatic publishing" - echo " 📋 Manual upload command:" - echo " curl --user your_username:your_token \\" - echo " --upload-file $DEB_FILE \\" - echo " $UPLOAD_URL" - fi - - echo "" - echo "🎯 Debian package publishing complete!" - echo "📦 Package is now available in Forgejo Debian Registry" - echo "🔧 To install: apt install bootupd" - - - name: Upload artifacts - uses: actions/upload-artifact@v4 - with: - name: bootupd-binaries - path: | - bootupd - bootupctl - bootupd_*.deb \ No newline at end of file + # Get build information + BUILD_NUMBER="${FORGEJO_RUN_NUMBER:-${GITEA_RUN_NUMBER:-$(date +%Y%m%d%H%M%S)}}" + COMMIT_HASH=$(git rev-parse HEAD 2>/dev/null || echo "unknown") + SHORT_COMMIT=$(echo "$COMMIT_HASH" | cut -c1-10) + + # Create package directory structure + mkdir -p bootupd-package/usr/bin + mkdir -p bootupd-package/DEBIAN + + # Copy binaries + cp bootupd bootupd-package/usr/bin/ + cp bootupctl bootupd-package/usr/bin/ + chmod +x bootupd-package/usr/bin/bootupd + chmod +x bootupd-package/usr/bin/bootupctl + + # Create control file + printf 'Package: bootupd\nVersion: 0.1.0+%s+%s\nSection: admin\n' \ + "$BUILD_NUMBER" "$SHORT_COMMIT" > bootupd-package/DEBIAN/control + printf 'Priority: optional\nArchitecture: amd64\n' >> bootupd-package/DEBIAN/control + printf 'Maintainer: CI Build \n' >> bootupd-package/DEBIAN/control + printf 'Depends: libc6 (>= 2.39), libgcc-s1 (>= 3.0), ' >> bootupd-package/DEBIAN/control + printf 'libssl3t64 (>= 3.0.0), systemd (>= 250)\n' >> bootupd-package/DEBIAN/control + printf 'Description: Distribution-independent bootloader update tool ' >> bootupd-package/DEBIAN/control + printf 'with systemd-boot support\n' >> bootupd-package/DEBIAN/control + printf ' Bootupd is a distribution-independent tool for managing ' >> bootupd-package/DEBIAN/control + printf 'bootloader updates.\n' >> bootupd-package/DEBIAN/control + printf ' This package includes systemd-boot support.\n .\n' >> bootupd-package/DEBIAN/control + printf ' Features:\n - systemd-boot support\n' >> bootupd-package/DEBIAN/control + printf ' - Distribution-independent\n - Safe bootloader updates\n' >> bootupd-package/DEBIAN/control + + # Build Debian package + dpkg-deb --build bootupd-package \ + bootupd_0.1.0+${BUILD_NUMBER}+${SHORT_COMMIT}_amd64.deb + + echo "✅ Debian package created: bootupd_0.1.0+${BUILD_NUMBER}+${SHORT_COMMIT}_amd64.deb" + + - name: Upload to Forgejo Debian Registry + run: | + echo "Uploading to Forgejo Debian Registry..." + + # Set Forgejo configuration + FORGEJO_OWNER="particle-os" + FORGEJO_DISTRIBUTION="trixie" + FORGEJO_COMPONENT="main" + + # Find the .deb file + DEB_FILE=$(ls bootupd_*.deb | head -1) + + if [ -z "$DEB_FILE" ]; then + echo "❌ No .deb file found for upload" + exit 1 + fi + + echo "📦 Uploading package: $DEB_FILE" + + # Extract package info + PKG_NAME=$(dpkg-deb -f "$DEB_FILE" Package 2>/dev/null || echo "bootupd") + PKG_VERSION=$(dpkg-deb -f "$DEB_FILE" Version 2>/dev/null || echo "unknown") + PKG_ARCH=$(dpkg-deb -f "$DEB_FILE" Architecture 2>/dev/null || echo "amd64") + + echo " Package: $PKG_NAME" + echo " Version: $PKG_VERSION" + echo " Architecture: $PKG_ARCH" + + # Forgejo Debian Registry upload URL + UPLOAD_URL="https://git.raines.xyz/api/packages/${FORGEJO_OWNER}/debian/pool/${FORGEJO_DISTRIBUTION}/${FORGEJO_COMPONENT}/upload" + + echo " Upload URL: $UPLOAD_URL" + + # Upload to Forgejo Debian Registry + if [ -n "${{ secrets.ACCESS_TOKEN }}" ]; then + echo " 🔐 Using authentication token..." + UPLOAD_RESULT=$(curl -s -w "%{http_code}" \ + --user "${FORGEJO_OWNER}:${{ secrets.ACCESS_TOKEN }}" \ + --upload-file "$DEB_FILE" \ + "$UPLOAD_URL" 2>/dev/null) + + # Extract HTTP status code (last 3 characters) + HTTP_CODE=$(echo "$UPLOAD_RESULT" | tail -c 4) + # Extract response body (everything except last 3 characters) + RESPONSE_BODY=$(echo "$UPLOAD_RESULT" | head -c -4) + + case $HTTP_CODE in + 201) + echo " ✅ Successfully published to Forgejo Debian Registry!" + echo " 📥 Install with: apt install $PKG_NAME" + ;; + 409) + echo " ⚠️ Package already exists (version conflict)" + echo " 💡 Consider deleting old version first" + ;; + 400) + echo " ❌ Bad request - package validation failed" + ;; + *) + echo " ❌ Upload failed with HTTP $HTTP_CODE" + echo " Response: $RESPONSE_BODY" + ;; + esac + else + echo " ⚠️ No ACCESS_TOKEN secret available - skipping upload" + echo " 💡 Set ACCESS_TOKEN secret in repository settings to enable automatic publishing" + echo " 📋 Manual upload command:" + echo " curl --user your_username:your_token \\" + echo " --upload-file $DEB_FILE \\" + echo " $UPLOAD_URL" + fi + + echo "" + echo "🎯 Debian package publishing complete!" + echo "📦 Package is now available in Forgejo Debian Registry" + echo "🔧 To install: apt install bootupd" + + - name: Upload artifacts + uses: actions/upload-artifact@v4 + with: + name: bootupd-binaries + path: | + bootupd + bootupctl + bootupd_*.deb