366 lines
13 KiB
Bash
Executable file
366 lines
13 KiB
Bash
Executable file
#!/bin/bash
|
|
#
|
|
# Copyright (C) 2025 Luis Guzmán <ark@switnet.org>
|
|
# Copyright (C) 2008-2020 Ruben Rodriguez <ruben@trisquel.info>
|
|
# Copyright (C) 2014 Santiago Rodriguez <santi@trisquel.info>
|
|
# Copyright (C) 2019 David Trudgian <dave@trudgian.net>
|
|
#
|
|
# This program is free software; you can redistribute it and/or modify
|
|
# it under the terms of the GNU General Public License as published by
|
|
# the Free Software Foundation; either version 2 of the License, or
|
|
# (at your option) any later version.
|
|
#
|
|
# This program is distributed in the hope that it will be useful,
|
|
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
# GNU General Public License for more details.
|
|
#
|
|
# You should have received a copy of the GNU General Public License
|
|
# along with this program; if not, write to the Free Software
|
|
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
|
|
#
|
|
|
|
set -e
|
|
set -o pipefail
|
|
|
|
export LANG=C LC_TIME=C
|
|
PACKAGE=$(echo $0 |/bin/sed s/make-//)
|
|
|
|
export DATE=$(date +'%a, %d %b %Y %T %z')
|
|
|
|
export DATA="$PWD/DATA/$PACKAGE"
|
|
if ! [ 1$COMPONENT = "1main" ]
|
|
then
|
|
COMPONENT=${COMPONENT:-universe}
|
|
export NO_PKG_MANGLE=1
|
|
fi
|
|
|
|
[ -d PACKAGES ] || mkdir PACKAGES
|
|
|
|
export DEBIAN_FRONTEND=noninteractive
|
|
export DEBEMAIL=trisquel-devel@listas.trisquel.info
|
|
export DEBFULLNAME="Trisquel GNU/Linux developers"
|
|
export CODENAME=aramo
|
|
export REVISION=11.0
|
|
export RELEASE=trisquel
|
|
export DOMAIN=trisquel.info
|
|
export UPSTREAM=jammy
|
|
export UPSTREAMRELEASE=22.04
|
|
MIRROR=http://archive.ubuntu.com/ubuntu
|
|
LOCALMIRROR=http://archive.trisquel.org/trisquel
|
|
LOCAL_APT=`mktemp -d`
|
|
if [[ "$PACKAGE" =~ ^linux(-hwe-[0-9]+\.[0-9]+)?$ && -n "$LP_VERSION" ]]; then
|
|
# Function to truncate the version string to the major version (e.g., 6.5.0)
|
|
truncate_version() {
|
|
full_version=$1
|
|
# Match the first three components of the version (X.Y.0)
|
|
echo "$full_version" | sed -E 's/^([^_]+_[0-9]+\.[0-9]+\.0).*/\1/'
|
|
}
|
|
LP_ARCHIVE_URL="https://launchpad.net/ubuntu/+archive/primary/+sourcefiles/${PACKAGE}/${LP_VERSION}"
|
|
TRUNCATED_VERSION=$(truncate_version "${PACKAGE}_${LP_VERSION}")
|
|
LP_TARBALL="${TRUNCATED_VERSION}.orig.tar.gz"
|
|
LP_DIFF_FILE="${PACKAGE}_${LP_VERSION}.diff.gz"
|
|
LP_DSC_FILE="${PACKAGE}_${LP_VERSION}.dsc"
|
|
fi
|
|
|
|
if [ -n "$BUILD_UNTIL" ] && (( $(echo "$BUILD_UNTIL $REVISION" | awk '{print ($1 > $2)}') )); then
|
|
echo "Skipping build of helper with BUILD_UNTIL=$BUILD_UNTIL > REVISION=$REVISION"
|
|
exit 0
|
|
fi
|
|
|
|
export RPL="$PWD/DATA/rpl"
|
|
rpl(){
|
|
$RPL "$@"
|
|
}
|
|
|
|
pkgversion(){
|
|
dpkg-parsechangelog --show-field Version
|
|
}
|
|
replace(){
|
|
find ${@:3} -type f -not -iregex '.*changelog.*' -not -iregex '.*copyright.*' -execdir /bin/sed --follow-symlinks -i s^"$1"^"$2"^g {} \;
|
|
}
|
|
changelog(){
|
|
head -n 1 debian/changelog | grep -q $UPSTREAM-security && REPO=$CODENAME-security || REPO=$CODENAME
|
|
[ "$SECURITY" = true ] && REPO=${CODENAME}-security
|
|
[ "$BACKPORT" = true ] || [ "$BACKPORTS" = true ] && REPO=${CODENAME}-backports
|
|
#Name convention issue "+" breaking packages build like console-setup, using "-" instead.
|
|
echo | dch -D $REPO -v $FULLVERSION "$1"
|
|
|
|
# Make sure the changelog file is identical between archs
|
|
/bin/sed "/-- Trisquel/s/.*/ -- Trisquel GNU\/Linux developers <trisquel-devel@listas.trisquel.info> $DATE/" -i debian/changelog
|
|
}
|
|
|
|
|
|
#Setup local apt
|
|
|
|
trap "rm -rf ${LOCAL_APT}" 0 HUP INT QUIT ILL ABRT FPE SEGV PIPE TERM
|
|
|
|
mkdir -p ${LOCAL_APT}/var/lib/apt/partial
|
|
mkdir -p ${LOCAL_APT}/var/cache/apt/archives/partial
|
|
mkdir -p ${LOCAL_APT}/etc/apt/trusted.gpg.d
|
|
mkdir -p ${LOCAL_APT}/var/lib/dpkg
|
|
touch ${LOCAL_APT}/var/lib/dpkg/status
|
|
[ $UID = 0 ] && id _apt > /dev/null 2>&1 && chown _apt ${LOCAL_APT} -R
|
|
|
|
cat << EOF > ${LOCAL_APT}/etc/apt.conf
|
|
Dir::State "${LOCAL_APT}/var/lib/apt";
|
|
Dir::State::status "${LOCAL_APT}/var/lib/dpkg/status";
|
|
Dir::Etc::SourceList "${LOCAL_APT}/etc/apt/sources.list";
|
|
Dir::Etc::SourceParts "";
|
|
Dir::Cache "${LOCAL_APT}/var/cache/apt";
|
|
pkgCacheGen::Essential "none";
|
|
Dir::Etc::Trusted "${LOCAL_APT}/etc/apt/trusted.gpg.d/keyring.gpg";
|
|
Acquire::ForceIPv4 "true";
|
|
EOF
|
|
|
|
fetchkey(){
|
|
echo Fetching key $1 from hkps://keyserver.ubuntu.com:443
|
|
if ! gpg -q --no-default-keyring --keyring gnupg-ring:${LOCAL_APT}/etc/apt/trusted.gpg.d/keyring.gpg --keyserver hkps://keyserver.ubuntu.com:443 --recv-keys $1 ; then
|
|
echo "W: invalid key from keyserver.ubuntu.com, fetching from db.debian.org"
|
|
gpg -q --no-default-keyring --keyring gnupg-ring:${LOCAL_APT}/etc/apt/trusted.gpg.d/keyring.gpg --keyserver hkps://keyring.debian.org:443 --recv-keys $1
|
|
fi
|
|
}
|
|
|
|
cp DATA/keyring.gpg ${LOCAL_APT}/etc/apt/trusted.gpg.d/keyring.gpg
|
|
|
|
# Also import the repository key optionally listed in the helper
|
|
[ "1$REPOKEY" != "1" ] && fetchkey $REPOKEY
|
|
|
|
cat << EOF > ${LOCAL_APT}/etc/apt/sources.list
|
|
deb-src $MIRROR $UPSTREAM main universe
|
|
deb-src $MIRROR $UPSTREAM-updates main universe
|
|
deb-src $MIRROR $UPSTREAM-security main universe
|
|
|
|
EOF
|
|
|
|
# manage external repository sources. If origin is ubuntu or debian, add updates and security repositories too
|
|
if [ "1$EXTERNAL" != "1" ]; then
|
|
if eval echo "$EXTERNAL" | grep "archive.ubuntu.com" | grep -qv -e updates -e security -e backports -e proposed; then
|
|
RELNAME=$(eval echo "$EXTERNAL" | cut -d' ' -f 3)
|
|
COMPONENTS=$(eval echo "$EXTERNAL" | cut -d' ' -f 4-)
|
|
echo "deb-src http://archive.ubuntu.com/ubuntu/ $RELNAME $COMPONENTS" > ${LOCAL_APT}/etc/apt/sources.list
|
|
echo "deb-src http://archive.ubuntu.com/ubuntu/ ${RELNAME}-updates $COMPONENTS" >> ${LOCAL_APT}/etc/apt/sources.list
|
|
echo "deb-src http://archive.ubuntu.com/ubuntu/ ${RELNAME}-security $COMPONENTS" >> ${LOCAL_APT}/etc/apt/sources.list
|
|
elif eval echo "$EXTERNAL" | grep "ftp.debian.org" |grep -qv -e updates -e security -e backports -e testing -e sid -e unstable -e experimental -e proposed ; then
|
|
RELNAME=$(eval echo "$EXTERNAL" | cut -d' ' -f 3)
|
|
COMPONENTS=$(eval echo "$EXTERNAL" | cut -d' ' -f 4-)
|
|
echo "deb-src http://deb.debian.org/debian $RELNAME $COMPONENTS" > ${LOCAL_APT}/etc/apt/sources.list
|
|
echo "deb-src http://deb.debian.org/debian ${RELNAME}-updates $COMPONENTS" >> ${LOCAL_APT}/etc/apt/sources.list
|
|
echo "deb-src http://security.debian.org/debian-security/ ${RELNAME}-security $COMPONENTS" >> ${LOCAL_APT}/etc/apt/sources.list
|
|
else
|
|
eval echo "$EXTERNAL" > ${LOCAL_APT}/etc/apt/sources.list
|
|
fi
|
|
fi
|
|
|
|
#Cleanup
|
|
rm -rf PACKAGES/$PACKAGE
|
|
mkdir PACKAGES/$PACKAGE
|
|
cd PACKAGES/$PACKAGE
|
|
[ $UID = 0 ] && id _apt > /dev/null 2>&1 && chown _apt .
|
|
|
|
#Get package and uncompress it
|
|
if [[ "$PACKAGE" =~ ^linux(-hwe-[0-9]+\.[0-9]+)?$ && -n "$LP_VERSION" ]]; then
|
|
for file in "${LP_TARBALL}" "${LP_DIFF_FILE}" "${LP_DSC_FILE}"; do
|
|
echo "Downloading ${file} from ${LP_ARCHIVE_URL}"
|
|
if ! wget "${LP_ARCHIVE_URL}/${file}" -O "${file}"; then
|
|
echo "Error: Failed to download ${file}."
|
|
exit 1
|
|
fi
|
|
done
|
|
else
|
|
apt-get update -c $LOCAL_APT/etc/apt.conf
|
|
if [ -n "$FIXED_VER" ]; then
|
|
apt-get source --only-source $PACKAGE=$FIXED_VER --download-only -c ${LOCAL_APT}/etc/apt.conf
|
|
else
|
|
apt-get source --only-source $PACKAGE --download-only -c ${LOCAL_APT}/etc/apt.conf
|
|
fi
|
|
# Verify it first
|
|
if grep -q "BEGIN PGP SIGNATURE" *.dsc; then
|
|
KEY=$(gpg2 --keyid-format 0xlong --verify *.dsc 2>&1 | grep 0x | sed 's/.*0x//' || true)
|
|
[ -z "$KEY" ] && KEY=$(gpgv --keyring ${LOCAL_APT}/etc/apt/trusted.gpg.d/keyring *.dsc 2>&1 | egrep ".SA key" | sed 's/.*.SA key //' || true)
|
|
fetchkey $KEY
|
|
gpg2 --verify --keyring ${LOCAL_APT}/etc/apt/trusted.gpg.d/keyring.gpg *.dsc
|
|
[ -n SCHROOT_COMMAND ] && gpgconf --kill gpg-agent
|
|
else
|
|
echo WARNING! The dsc file is not gpg signed!
|
|
[ -z "$EXTERNAL" ] && exit 1
|
|
fi
|
|
fi
|
|
|
|
dpkg-source --no-check -x --skip-patches *.dsc source
|
|
|
|
find -maxdepth 1 -type f | xargs rm
|
|
cd source
|
|
|
|
UPSTREAMVERSION=$(dpkg-parsechangelog --show-field Version)
|
|
|
|
# This needs to be enabled (and reviewed) as first step of t12 release. Making it break here to force review
|
|
[ "$REVISION" == 12.0 ] && echo Review version string generation before building t12 packages! && exit 1
|
|
export FULLVERSION=$(dpkg-parsechangelog --show-field Version)+${REVISION}trisquel${VERSION}
|
|
[ "$PACKAGE" == "console-setup" ] && export FULLVERSION=$(dpkg-parsechangelog --show-field Version)-${REVISION}trisquel${VERSION}
|
|
|
|
# Use 3.0 (native) deb source format
|
|
[ -f debian/source/format ] && echo "3 (native)" > debian/source/format
|
|
[ -f debian/source/options ] && rm debian/source/options
|
|
|
|
grep -lr 'Maintainer:' debian*/control* | \
|
|
xargs sed -i "s_^Maintainer.*_Maintainer: $DEBFULLNAME <$DEBEMAIL>_g"
|
|
|
|
package(){
|
|
|
|
# Make sure the series file is formated correctly after removals
|
|
if [ -f debian/patches/series ]; then
|
|
grep -q [a-z] debian/patches/series || echo -n > debian/patches/series
|
|
fi
|
|
|
|
if [ 1$QUILT != 1skip ]; then
|
|
export QUILT_PATCHES=debian/patches
|
|
grep -qv '^#' debian/patches/series 2>/dev/null && quilt push -a
|
|
fi
|
|
|
|
cd ..
|
|
mv source $PACKAGE-$FULLVERSION
|
|
dpkg-source -b -I.falsefileextension99 $PACKAGE-$FULLVERSION
|
|
rm -rf ${LOCAL_APT}
|
|
echo -e "Trisquel source package built! - $(date -R)\n"
|
|
|
|
notify_found_distro_match_on_debian_rules
|
|
}
|
|
|
|
sedhelper2(){
|
|
FILE="$1"
|
|
EXPR="$2"";"
|
|
|
|
while [ 1"$EXPR" != 1 ];do
|
|
SUBEXPR=$(cut -d\; -f 1 <<< "$EXPR")
|
|
MD5=$(md5sum "$FILE")
|
|
echo Running modification-aware sed: sed "$SUBEXPR" -i "$FILE" 1>&2
|
|
/bin/sed "$SUBEXPR" -i "$FILE"
|
|
if [ "$MD5" = "$(md5sum "$FILE")" ]; then
|
|
echo File "$FILE" was not modified, stopping. 1>&2
|
|
exit 1
|
|
fi
|
|
EXPR=$(cut -d\; -f 2- <<< "$EXPR" )
|
|
echo $EXPR | egrep ';' -q || break
|
|
done
|
|
}
|
|
|
|
sedhelper(){
|
|
FILE="$1"
|
|
EXPR="$2"
|
|
|
|
MD5=$(md5sum "$FILE")
|
|
echo Running modification-aware sed: sed "$EXPR" -i "$FILE" 1>&2
|
|
/bin/sed "$EXPR" -i "$FILE"
|
|
if [ "$MD5" = "$(md5sum "$FILE")" ]; then
|
|
echo File "$FILE" was not modified, stopping. 1>&2
|
|
exit 1
|
|
fi
|
|
}
|
|
|
|
sed (){
|
|
if ! echo $@ | grep -qw '\-i'; then
|
|
echo Running fallback sed: /bin/sed "$@" 1>&2
|
|
/bin/sed "$@"
|
|
else
|
|
|
|
[ 1"$1" = "1-i" ] && shift
|
|
|
|
SEDEXPR="$1"
|
|
shift
|
|
for FILE in "$@"; do
|
|
[ 1"$FILE" = "1-i" ] && continue
|
|
if [ -f "$FILE" ]; then
|
|
sedhelper "$FILE" "$SEDEXPR"
|
|
else
|
|
echo File "$FILE" does not exist, stopping. 1>&2
|
|
exit 1
|
|
fi
|
|
done
|
|
fi
|
|
}
|
|
|
|
remove_patch(){
|
|
rm "$(find */patches -name "$1")"
|
|
sed -i "/$1/d" debian/patches/series
|
|
}
|
|
|
|
sed_csum() {
|
|
echo "> Checksum replace for $1 in progress..."
|
|
grep -rl "$1" "${3:-"./"}" | xargs -r /bin/sed -i "s|$1|$2|"
|
|
}
|
|
|
|
patch_p1() {
|
|
echo "> Applying $(echo $1|xargs basename):"
|
|
patch --no-backup-if-mismatch -p1 < $1
|
|
}
|
|
|
|
patch_Rp1() {
|
|
echo "> Rolling back $(echo $1|xargs basename):"
|
|
patch --no-backup-if-mismatch -R -p1 < $1
|
|
}
|
|
|
|
notify_found_distro_match_on_debian_rules() {
|
|
DPKG_VENDOR="dpkg-vendor"
|
|
EXCLUDE_DERIVES_UBUNTU="--derives-from Ubuntu"
|
|
|
|
# Search for matching debian* folders
|
|
SEARCH_DIRS=$(find . -type d -name "*debian*" -printf "%p ")
|
|
|
|
# Set files found on debian directories
|
|
FILES=()
|
|
for DIR in $SEARCH_DIRS; do
|
|
while IFS= read -r -d '' FILE; do
|
|
FILES+=("$FILE")
|
|
done < <(find "$DIR" -type f \( -name "rules" -o -path "*/rules.d/*" \) -print0)
|
|
done
|
|
|
|
# Trim to relative path function
|
|
trim_path() {
|
|
echo "$1" | awk -F'/' '{sub("./[^/]+/", "", $0); print $0}'
|
|
}
|
|
|
|
FILES_WITH_DPKG_VENDOR=()
|
|
FILES_WITH_UPSTREAM=()
|
|
|
|
# Parse every file found for dpkg-vendor and upstream distro codename.
|
|
for FILE in "${FILES[@]}"; do
|
|
if grep -q -E "^\\s*[^#]*\\b$DPKG_VENDOR\\b" "$FILE"; then
|
|
MATCHES_DPKG_VENDOR=()
|
|
while IFS= read -r line; do
|
|
if [[ "$line" =~ $DPKG_VENDOR && ! "$line" =~ "$EXCLUDE_DERIVES_UBUNTU" ]]; then
|
|
MATCHES_DPKG_VENDOR+=("$line")
|
|
fi
|
|
done < "$FILE"
|
|
if [ ${#MATCHES_DPKG_VENDOR[@]} -gt 0 ]; then
|
|
FILES_WITH_DPKG_VENDOR+=("$FILE")
|
|
echo "> Note: The string $DPKG_VENDOR is present in $(trim_path "$FILE") with the following matches:"
|
|
printf ' - %s\n' "${MATCHES_DPKG_VENDOR[@]}"
|
|
echo "A distro-related behavior might be in place. You should consider reviewing it."
|
|
fi
|
|
fi
|
|
|
|
if grep -q -E "^\\s*[^#]*\\b$UPSTREAM\\b" "$FILE"; then
|
|
MATCHES_UPSTREAM=()
|
|
while IFS= read -r line; do
|
|
if [[ "$line" =~ "$UPSTREAM" && ! "$line" =~ "$CODENAME" && ! "$line" =~ ^[[:space:]]*# ]]; then
|
|
MATCHES_UPSTREAM+=("$line")
|
|
fi
|
|
done < "$FILE"
|
|
if [ ${#MATCHES_UPSTREAM[@]} -gt 0 ]; then
|
|
FILES_WITH_UPSTREAM+=("$FILE")
|
|
echo "> Note: The string $UPSTREAM is present in $(trim_path "$FILE") with the following matches:"
|
|
printf ' - %s\n' "${MATCHES_UPSTREAM[@]}"
|
|
echo "A distro-related behavior might be in place. You should consider reviewing it."
|
|
fi
|
|
fi
|
|
done
|
|
}
|
|
|
|
# Set function to apply patches from known directory.
|
|
apply_patch_changes() {
|
|
for patch in $(ls -v ${DATA}/patch_changes/*.patch)
|
|
do
|
|
patch_p1 $patch
|
|
done
|
|
}
|