303 lines
10 KiB
YAML
303 lines
10 KiB
YAML
devices:
|
|
eth0:
|
|
name: eth0
|
|
network: lxdbr0
|
|
type: nic
|
|
root:
|
|
path: /
|
|
pool: virtual
|
|
type: disk
|
|
config:
|
|
user.user-data: |
|
|
#cloud-config
|
|
packages:
|
|
- python3-pip
|
|
- tox
|
|
- dh-python
|
|
- sbuild-debian-developer-setup
|
|
- devscripts
|
|
- piuparts
|
|
- equivs
|
|
write_files:
|
|
- path: /root/scripts/setup.sh
|
|
permissions: '0755'
|
|
owner: root:root
|
|
content: |
|
|
#!bin/bash
|
|
sudo apt update --allow-releaseinfo-change
|
|
sudo apt -y purge sosreport
|
|
- path: /root/.sbuildrc
|
|
owner: root:root
|
|
content: |
|
|
$chroot_mode = 'unshare';
|
|
#$run_autopkgtest = 1;
|
|
$autopkgtest_root_args = '';
|
|
$autopkgtest_opts = [ '--apt-upgrade', '--', 'unshare', '--release', '%r', '--arch', '%a' ];
|
|
- path: /root/data/.sbuildrc_sbuild
|
|
owner: root:root
|
|
content: |
|
|
# Build arch-all by default.
|
|
$build_arch_all = 1;
|
|
|
|
$build_source = 1;
|
|
|
|
# --source-only-changes (applicable for dput. irrelevant for dgit push-source).
|
|
$source_only_changes = 1;
|
|
|
|
# By default, the -s option only includes the .orig.tar.gz when needed
|
|
# (i.e. when the Debian revision is 0 or 1). By setting this option
|
|
# to 1, the .orig.tar.gz will always be included when -s is used.
|
|
# This is equivalent to --force-orig-source.
|
|
$force_orig_source = 0;
|
|
|
|
# Verbose (-v)
|
|
$verbose = 1;
|
|
|
|
# Parallel build
|
|
$ENV{'DEB_BUILD_OPTIONS'} = 'parallel=4';
|
|
|
|
# Time to wait for a source dependency lock. The default is 1 minute.
|
|
my $srcdep_lock_wait = 1; # 1 minute
|
|
|
|
$run_lintian = 1;
|
|
$lintian_opts = ['-v', '-i', '-I', '-E', '--pedantic', '--profile=debian'];
|
|
|
|
$run_piuparts = 1;
|
|
$piuparts_opts = ['--schroot', '%r-%a-sbuild', '--no-eatmydata'];
|
|
|
|
$run_autopkgtest = 1;
|
|
$autopkgtest_root_args = '';
|
|
$autopkgtest_opts = [ '--', 'schroot', '%r-%a-sbuild' ];
|
|
|
|
# When to purge the build directory afterwards; possible values are "never",
|
|
# "successful", and "always". "always" is the default. It can be helpful
|
|
# to preserve failing builds for debugging purposes. Switch these comments
|
|
# if you want to preserve even successful builds, and then use
|
|
# "schroot -e --all-sessions" to clean them up manually.
|
|
$purge_build_directory = 'successful';
|
|
$purge_session = 'successful';
|
|
$purge_build_deps = 'successful';
|
|
|
|
# Directory for writing build logs to
|
|
$log_dir=$ENV{HOME}."/Development/temporary/sbuild_logs";
|
|
|
|
# don't remove this, Perl needs it:
|
|
1;
|
|
- path: /root/data/.sbuildrc_unshare
|
|
owner: root:root
|
|
content: |
|
|
$chroot_mode = 'unshare';
|
|
$external_commands = { "build-failed-commands" => [ [ '%SBUILD_SHELL' ] ] };
|
|
|
|
# Build arch-all by default.
|
|
$build_arch_all = 1;
|
|
|
|
$build_source = 1;
|
|
|
|
# --source-only-changes (applicable for dput. irrelevant for dgit push-source).
|
|
$source_only_changes = 1;
|
|
|
|
# By default, the -s option only includes the .orig.tar.gz when needed
|
|
# (i.e. when the Debian revision is 0 or 1). By setting this option
|
|
# to 1, the .orig.tar.gz will always be included when -s is used.
|
|
# This is equivalent to --force-orig-source.
|
|
$force_orig_source = 0;
|
|
|
|
# Verbose (-v)
|
|
$verbose = 1;
|
|
|
|
# Parallel build
|
|
$ENV{'DEB_BUILD_OPTIONS'} = 'parallel=4';
|
|
|
|
# Time to wait for a source dependency lock. The default is 1 minute.
|
|
my $srcdep_lock_wait = 1; # 1 minute
|
|
|
|
$run_lintian = 1;
|
|
$lintian_opts = ['-v', '-i', '-I', '-E', '--pedantic', '--profile=debian'];
|
|
|
|
$run_piuparts = 1;
|
|
$piuparts_root_args = ['PATH=/usr/sbin:/usr/bin:/sbin:/bin', 'unshare', '--pid', '--fork', '--mount-proc', '--map-root-user', '--map-auto'];
|
|
$piuparts_opts = ["--basetgz=$HOME/.cache/sbuild/%r-%a.tar.zst", '--fake-essential-packages=systemd-sysv', '--distribution=%r'];
|
|
|
|
$run_autopkgtest = 1;
|
|
$autopkgtest_root_args = '';
|
|
$autopkgtest_opts = [ '--apt-upgrade', '--', 'unshare', '--release', '%r', '--arch', '%a' ];
|
|
|
|
# When to purge the build directory afterwards; possible values are "never",
|
|
# "successful", and "always". "always" is the default. It can be helpful
|
|
# to preserve failing builds for debugging purposes. Switch these comments
|
|
# if you want to preserve even successful builds, and then use
|
|
# "schroot -e --all-sessions" to clean them up manually.
|
|
$purge_build_directory = 'successful';
|
|
$purge_session = 'successful';
|
|
$purge_build_deps = 'successful';
|
|
|
|
# Directory for writing build logs to
|
|
$log_dir=$ENV{HOME}."/Development/temporary/sbuild_logs";
|
|
|
|
# don't remove this, Perl needs it:
|
|
1;
|
|
- path: /root/scripts/deb_build_check.sh
|
|
permissions: '0755'
|
|
owner: root:root
|
|
content: |
|
|
#!bin/bash
|
|
|
|
LICENSECHECK=1
|
|
PBUILDER=1
|
|
LINTIAN=1
|
|
REPROTEST=1
|
|
SBUILD=1
|
|
SBUILD_UNSHARE=1
|
|
|
|
prod="${1}"
|
|
build_dir="/root/build"
|
|
prod_build_dir="${build_dir}/${prod}"
|
|
log_dir="/root/logs"
|
|
|
|
rm -rf ~/.cache/sbuild
|
|
mkdir -p ~/.cache/sbuild ${prod_build_dir} ${log_dir}
|
|
|
|
cd ${prod_build_dir}
|
|
tar xfz ../${prod}.tgz
|
|
|
|
series=$(head -n 1 debian/changelog | awk '{print $3}' | sed 's/;//g' | awk -F'-' '{print $1}')
|
|
|
|
if [[ $LICENSECHECK -eq 1 ]] ; then
|
|
apt -y install licenserecon
|
|
lrc | tee ${log_dir}/license-check.log
|
|
fi
|
|
|
|
export EMAIL="Some One <some.one@canonical.com>"
|
|
export DEBEMAIL="Some One <some.one@canonical.com>"
|
|
|
|
uscan --download-current-version --rename
|
|
dpkg-buildpackage -S -d
|
|
mk-build-deps
|
|
apt -y install ./*-build-deps*.deb
|
|
dpkg-buildpackage -b -us -uc -rfakeroot -m
|
|
rm -rf ./*-build-deps*
|
|
|
|
if [[ $LINTIAN -eq 1 ]] ; then
|
|
apt -y install lintian
|
|
cd ${prod_build_dir}
|
|
lintian -v -i -I -E --pedantic --profile debian ../*.dsc \
|
|
| tee ${log_dir}/lintian-dsc.log
|
|
lintian -v -i -I -E --pedantic --profile debian ../*.changes \
|
|
| tee ${log_dir}/lintian-changes.log
|
|
lintian -v -i -I -E --pedantic --profile debian ../*.buildinfo \
|
|
| tee ${log_dir}/lintian-buildinfo.log
|
|
cd -
|
|
fi
|
|
|
|
if [[ $PBUILDER -eq 1 ]] ; then
|
|
apt install -y pbuilder
|
|
cd ${prod_build_dir}
|
|
pbuilder create --distribution ${series}
|
|
pbuilder build --distribution ${series} --twice ../*.dsc \
|
|
| tee ${log_dir}/pbuilder.log
|
|
cd -
|
|
fi
|
|
|
|
if [[ $REPROTEST -eq 1 ]] ; then
|
|
apt install -y reprotest
|
|
cd ${prod_build_dir}
|
|
chroot="${series}-amd64-sbuild"
|
|
sbuild-destroychroot ${chroot}
|
|
sbuild-createchroot --include=eatmydata,ccache ${series} /srv/chroot/${chroot}
|
|
|
|
reprotest --print-sudoers \
|
|
--variations=user_group.available+=guest-builder,domain_host.use_sudo=1 \
|
|
| EDITOR=tee visudo -f /etc/sudoers.d/local-reprotest
|
|
|
|
echo "/etc/sudoers.d/local-reprotest /etc/sudoers.d/local-reprotest none bind 0 0" \
|
|
| tee -a /srv/chroot/${chroot}/etc/fstab
|
|
|
|
cd -
|
|
reprotest --vary=-build_path,domain_host.use_sudo=1 --auto-build ../*.dsc -- schroot ${chroot} \
|
|
| tee ${log_dir}/reprotest.log
|
|
cd -
|
|
fi
|
|
|
|
if [[ $SBUILD -eq 1 ]] ; then
|
|
apt install -y sbuild mmdebstrap uidmap
|
|
chroot="${series}-amd64-sbuild"
|
|
sbuild-destroychroot ${chroot}
|
|
cd ${prod_build_dir}
|
|
cp /root/data/.sbuildrc_sbuild /root/.sbuildrc
|
|
|
|
mkdir -p /srv/chroot/${chroot}
|
|
sbuild-createchroot --include=eatmydata,ccache ${series} /srv/chroot/${chroot}
|
|
|
|
sbuild -d ${series} | tee ${log_dir}/sbuild.log
|
|
cd -
|
|
fi
|
|
|
|
if [[ $SBUILD_UNSHARE -eq 1 ]] ; then
|
|
apt install -y sbuild mmdebstrap uidmap
|
|
cd ${prod_build_dir}
|
|
cp /root/data/.sbuildrc_unshare /root/.sbuildrc
|
|
|
|
mmdebstrap --variant=buildd ${series} ~/.cache/sbuild/${series}-amd64.tar.zst
|
|
echo "$(id -un):120000:65536" | sudo tee -a /etc/subuid /etc/subgid
|
|
|
|
sbuild -d ${series} | tee ${log_dir}/sbuild_unshare.log
|
|
cd -
|
|
fi
|
|
|
|
cd ${log_dir}
|
|
tar cf build-logs-${prod}.tgz *.log
|
|
- path: /root/scripts/enable_proposed.sh
|
|
permissions: '0755'
|
|
owner: root:root
|
|
content: |
|
|
#!bin/bash
|
|
|
|
echo "Enabling proposed repo ..."
|
|
sudo sed -i 's/# suite disabled by cloud-init: //g' /etc/apt/sources.list
|
|
sudo apt update
|
|
- path: /root/scripts/run_avocado.sh
|
|
permissions: '0755'
|
|
owner: root:root
|
|
content: |
|
|
#!bin/bash
|
|
|
|
mkdir -p /root/sos
|
|
cd /root/sos
|
|
tar xfz ../sos.tgz
|
|
|
|
git config --global --add safe.directory /root/sos
|
|
|
|
mkdir -p /etc/sos
|
|
cp sos.conf /etc/sos/sos.conf
|
|
|
|
echo "Cleaning up any old .tox environments ..."
|
|
rm -rf .tox
|
|
|
|
echo "Running Unit Tests ..."
|
|
tox -e unit_tests
|
|
|
|
echo "Running Stage One Tests ..."
|
|
tox -e stageone_tests
|
|
|
|
echo "Running Stage Two Tests ..."
|
|
tox -e stagetwo_tests
|
|
- path: /root/scripts/run_sos.sh
|
|
permissions: '0755'
|
|
owner: root:root
|
|
content: |
|
|
#!bin/bash
|
|
|
|
sos report -a --all-logs --batch
|
|
- path: /etc/sysctl.conf.d/ipv6_disable.conf
|
|
permissions: '0644'
|
|
owner: root:root
|
|
content: |
|
|
net.ipv6.conf.all.disable_ipv6 = 1
|
|
net.ipv6.conf.default.disable_ipv6 = 1
|
|
net.ipv6.conf.lo.disable_ipv6 = 1
|
|
|
|
runcmd:
|
|
- [ 'sysctl', '-p' ]
|
|
- [ /root/setup.sh ]
|