From 53ceb249883ed0dafef2c30db6ff9bef621aba1e Mon Sep 17 00:00:00 2001 From: Christian Breunig Date: Sun, 22 Dec 2024 12:00:10 +0100 Subject: [PATCH] T6674: move patches to "package/" subfolder This prevents the accidental applying of a patch to multiple source directories defined in package.toml. Example FRR: Package consits of build instructions for libyang, rtrlib and frr itself. Previously patches in frr/patches folder got applied to libyang, rtrlib and frr which made no sense and could also fail a build. --- scripts/package-build/build.py | 3 +- .../0001-Enable-PAM-support.patch | 0 ...nable-PCRE2-in-Debian-package-builds.patch | 2 +- .../0003-Clear-Babel-Config-On-Stop.patch | 0 ...dd-support-for-raw-IP-interface-type.patch | 0 .../0002-Checkpoint-improved-patch.patch | 0 .../0003-fix-compilation-errors.patch | 0 ...pport-for-ARPHRD_NONE-interface-type.patch | 0 ...sysctl-arp_ignore-to-1-on-IPv6-VMACs.patch | 0 ...route-table-if-there-is-no-auto-rule.patch | 0 .../{ => ndppd}/0002-set-vyos-version.patch | 0 .../add-linux-6.7-compatibility-parsing.patch | 0 scripts/package-build/netfilter/build.py | 196 +----------------- ...-when-ICMP-ICMPv6-traffic-was-proces.patch | 0 ...nal-source-and-remote-overrides-for-.patch | 0 ...-send-certificates-for-ike-sa-events.patch | 0 ...port-for-individual-sa-state-changes.patch | 0 ...ions-enabled-by-Debian-that-are-unus.patch | 0 ...6-support-per-interface-client-DUIDs.patch | 0 .../0024-bind-to-single-socket.patch | 0 .../0025-option-to-prevent-ia-release.patch | 0 21 files changed, 3 insertions(+), 198 deletions(-) rename scripts/package-build/dropbear/patches/{ => dropbear}/0001-Enable-PAM-support.patch (100%) rename scripts/package-build/frr/patches/{ => frr}/0001-Enable-PCRE2-in-Debian-package-builds.patch (93%) rename scripts/package-build/frr/patches/{ => frr}/0003-Clear-Babel-Config-On-Stop.patch (100%) rename scripts/package-build/isc-dhcp/patches/{ => isc-dhcp}/0001-Add-support-for-raw-IP-interface-type.patch (100%) rename scripts/package-build/isc-dhcp/patches/{ => isc-dhcp}/0002-Checkpoint-improved-patch.patch (100%) rename scripts/package-build/isc-dhcp/patches/{ => isc-dhcp}/0003-fix-compilation-errors.patch (100%) rename scripts/package-build/isc-dhcp/patches/{ => isc-dhcp}/0004-add-support-for-ARPHRD_NONE-interface-type.patch (100%) rename scripts/package-build/keepalived/patches/{ => keepalived}/0001-vrrp-Set-sysctl-arp_ignore-to-1-on-IPv6-VMACs.patch (100%) rename scripts/package-build/ndppd/patches/{ => ndppd}/0001-skip-route-table-if-there-is-no-auto-rule.patch (100%) rename scripts/package-build/ndppd/patches/{ => ndppd}/0002-set-vyos-version.patch (100%) rename scripts/package-build/net-snmp/patches/{ => net-snmp}/add-linux-6.7-compatibility-parsing.patch (100%) mode change 100755 => 120000 scripts/package-build/netfilter/build.py rename scripts/package-build/pmacct/patches/{ => pmacct}/0001-fix-pmacctd-SEGV-when-ICMP-ICMPv6-traffic-was-proces.patch (100%) rename scripts/package-build/strongswan/patches/{ => strongswan}/0001-charon-add-optional-source-and-remote-overrides-for-.patch (100%) rename scripts/package-build/strongswan/patches/{ => strongswan}/0002-vici-send-certificates-for-ike-sa-events.patch (100%) rename scripts/package-build/strongswan/patches/{ => strongswan}/0003-vici-add-support-for-individual-sa-state-changes.patch (100%) rename scripts/package-build/strongswan/patches/{ => strongswan}/0004-VyOS-disable-options-enabled-by-Debian-that-are-unus.patch (100%) rename scripts/package-build/wide-dhcpv6/patches/{ => wide-dhcpv6}/0023-dhcpc6-support-per-interface-client-DUIDs.patch (100%) rename scripts/package-build/wide-dhcpv6/patches/{ => wide-dhcpv6}/0024-bind-to-single-socket.patch (100%) rename scripts/package-build/wide-dhcpv6/patches/{ => wide-dhcpv6}/0025-option-to-prevent-ia-release.patch (100%) diff --git a/scripts/package-build/build.py b/scripts/package-build/build.py index 7212b6cf..d64a7378 100755 --- a/scripts/package-build/build.py +++ b/scripts/package-build/build.py @@ -58,7 +58,6 @@ def apply_patches(repo_dir: Path, patch_dir: Path) -> None: series.write(patch.name + '\n') print(f"I: Applied patch: {patch.name}") - def prepare_package(repo_dir: Path, install_data: str) -> None: """Prepare a package""" if not install_data: @@ -95,7 +94,7 @@ def build_package(package: list, patch_dir: Path) -> None: # Apply patches if any if (repo_dir / 'patches'): - apply_patches(repo_dir, patch_dir) + apply_patches(repo_dir, patch_dir / repo_name) # Sanitize the commit ID and build a tarball for the package commit_id_sanitized = package['commit_id'].replace('/', '_') diff --git a/scripts/package-build/dropbear/patches/0001-Enable-PAM-support.patch b/scripts/package-build/dropbear/patches/dropbear/0001-Enable-PAM-support.patch similarity index 100% rename from scripts/package-build/dropbear/patches/0001-Enable-PAM-support.patch rename to scripts/package-build/dropbear/patches/dropbear/0001-Enable-PAM-support.patch diff --git a/scripts/package-build/frr/patches/0001-Enable-PCRE2-in-Debian-package-builds.patch b/scripts/package-build/frr/patches/frr/0001-Enable-PCRE2-in-Debian-package-builds.patch similarity index 93% rename from scripts/package-build/frr/patches/0001-Enable-PCRE2-in-Debian-package-builds.patch rename to scripts/package-build/frr/patches/frr/0001-Enable-PCRE2-in-Debian-package-builds.patch index c31c4a85..545e7d5e 100644 --- a/scripts/package-build/frr/patches/0001-Enable-PCRE2-in-Debian-package-builds.patch +++ b/scripts/package-build/frr/patches/frr/0001-Enable-PCRE2-in-Debian-package-builds.patch @@ -15,7 +15,7 @@ index 43e5d7e61..1f971ab22 100755 --enable-vty-group=frrvty \ --enable-configfile-mask=0640 \ --enable-logfile-mask=0640 \ -+ --enable-pcre2posix \ ++ --enable-pcre2posix \ # end override_dh_auto_install: diff --git a/scripts/package-build/frr/patches/0003-Clear-Babel-Config-On-Stop.patch b/scripts/package-build/frr/patches/frr/0003-Clear-Babel-Config-On-Stop.patch similarity index 100% rename from scripts/package-build/frr/patches/0003-Clear-Babel-Config-On-Stop.patch rename to scripts/package-build/frr/patches/frr/0003-Clear-Babel-Config-On-Stop.patch diff --git a/scripts/package-build/isc-dhcp/patches/0001-Add-support-for-raw-IP-interface-type.patch b/scripts/package-build/isc-dhcp/patches/isc-dhcp/0001-Add-support-for-raw-IP-interface-type.patch similarity index 100% rename from scripts/package-build/isc-dhcp/patches/0001-Add-support-for-raw-IP-interface-type.patch rename to scripts/package-build/isc-dhcp/patches/isc-dhcp/0001-Add-support-for-raw-IP-interface-type.patch diff --git a/scripts/package-build/isc-dhcp/patches/0002-Checkpoint-improved-patch.patch b/scripts/package-build/isc-dhcp/patches/isc-dhcp/0002-Checkpoint-improved-patch.patch similarity index 100% rename from scripts/package-build/isc-dhcp/patches/0002-Checkpoint-improved-patch.patch rename to scripts/package-build/isc-dhcp/patches/isc-dhcp/0002-Checkpoint-improved-patch.patch diff --git a/scripts/package-build/isc-dhcp/patches/0003-fix-compilation-errors.patch b/scripts/package-build/isc-dhcp/patches/isc-dhcp/0003-fix-compilation-errors.patch similarity index 100% rename from scripts/package-build/isc-dhcp/patches/0003-fix-compilation-errors.patch rename to scripts/package-build/isc-dhcp/patches/isc-dhcp/0003-fix-compilation-errors.patch diff --git a/scripts/package-build/isc-dhcp/patches/0004-add-support-for-ARPHRD_NONE-interface-type.patch b/scripts/package-build/isc-dhcp/patches/isc-dhcp/0004-add-support-for-ARPHRD_NONE-interface-type.patch similarity index 100% rename from scripts/package-build/isc-dhcp/patches/0004-add-support-for-ARPHRD_NONE-interface-type.patch rename to scripts/package-build/isc-dhcp/patches/isc-dhcp/0004-add-support-for-ARPHRD_NONE-interface-type.patch diff --git a/scripts/package-build/keepalived/patches/0001-vrrp-Set-sysctl-arp_ignore-to-1-on-IPv6-VMACs.patch b/scripts/package-build/keepalived/patches/keepalived/0001-vrrp-Set-sysctl-arp_ignore-to-1-on-IPv6-VMACs.patch similarity index 100% rename from scripts/package-build/keepalived/patches/0001-vrrp-Set-sysctl-arp_ignore-to-1-on-IPv6-VMACs.patch rename to scripts/package-build/keepalived/patches/keepalived/0001-vrrp-Set-sysctl-arp_ignore-to-1-on-IPv6-VMACs.patch diff --git a/scripts/package-build/ndppd/patches/0001-skip-route-table-if-there-is-no-auto-rule.patch b/scripts/package-build/ndppd/patches/ndppd/0001-skip-route-table-if-there-is-no-auto-rule.patch similarity index 100% rename from scripts/package-build/ndppd/patches/0001-skip-route-table-if-there-is-no-auto-rule.patch rename to scripts/package-build/ndppd/patches/ndppd/0001-skip-route-table-if-there-is-no-auto-rule.patch diff --git a/scripts/package-build/ndppd/patches/0002-set-vyos-version.patch b/scripts/package-build/ndppd/patches/ndppd/0002-set-vyos-version.patch similarity index 100% rename from scripts/package-build/ndppd/patches/0002-set-vyos-version.patch rename to scripts/package-build/ndppd/patches/ndppd/0002-set-vyos-version.patch diff --git a/scripts/package-build/net-snmp/patches/add-linux-6.7-compatibility-parsing.patch b/scripts/package-build/net-snmp/patches/net-snmp/add-linux-6.7-compatibility-parsing.patch similarity index 100% rename from scripts/package-build/net-snmp/patches/add-linux-6.7-compatibility-parsing.patch rename to scripts/package-build/net-snmp/patches/net-snmp/add-linux-6.7-compatibility-parsing.patch diff --git a/scripts/package-build/netfilter/build.py b/scripts/package-build/netfilter/build.py deleted file mode 100755 index d15b5770..00000000 --- a/scripts/package-build/netfilter/build.py +++ /dev/null @@ -1,195 +0,0 @@ -#!/usr/bin/env python3 -# -# Copyright (C) 2024 VyOS maintainers and contributors -# -# This program is free software; you can redistribute it and/or modify -# it under the terms of the GNU General Public License version 2 or later as -# published by the Free Software Foundation. -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program. If not, see . -# - -import glob -import shutil -import toml -import os - -from argparse import ArgumentParser -from pathlib import Path -from subprocess import run, CalledProcessError - - -def ensure_dependencies(dependencies: list) -> None: - """Ensure Debian build dependencies are met""" - if not dependencies: - print("I: No additional dependencies to install") - return - - print("I: Ensure Debian build dependencies are met") - run(['sudo', 'apt-get', 'update'], check=True) - run(['sudo', 'apt-get', 'install', '-y'] + dependencies, check=True) - - -def apply_patches(repo_dir: Path, patch_dir: Path, package_name: str) -> None: - """Apply patches from the patch directory to the repository""" - package_patch_dir = patch_dir / package_name - if package_patch_dir.exists() and package_patch_dir.is_dir(): - patches = list(package_patch_dir.glob('*')) - else: - print(f"I: No patch directory found for {package_name} in {patch_dir}") - return - - # Filter out directories from patches list - patches = [patch for patch in patches if patch.is_file()] - - if not patches: - print(f"I: No patches found in {package_patch_dir}") - return - - debian_patches_dir = repo_dir / 'debian/patches' - debian_patches_dir.mkdir(parents=True, exist_ok=True) - - series_file = debian_patches_dir / 'series' - with series_file.open('a') as series: - for patch in patches: - patch_dest = debian_patches_dir / patch.name - try: - # Ensure the patch file exists before copying - if patch.exists(): - shutil.copy(patch, patch_dest) - series.write(patch.name + '\n') - print(f"I: Applied patch: {patch.name}") - else: - print(f"W: Patch file {patch} not found, skipping") - except FileNotFoundError: - print(f"W: Patch file {patch} not found, skipping") - - -def prepare_package(repo_dir: Path, install_data: str) -> None: - """Prepare a package""" - if not install_data: - print("I: No install data provided, skipping package preparation") - return - - try: - install_file = repo_dir / 'debian/install' - install_file.parent.mkdir(parents=True, exist_ok=True) - install_file.write_text(install_data) - print("I: Prepared package") - except Exception as e: - print(f"Failed to prepare package: {e}") - raise - - -def build_package(package: dict, dependencies: list, patch_dir: Path) -> None: - """Build a package from the repository - - Args: - package (dict): Package information - dependencies (list): List of additional dependencies - patch_dir (Path): Directory containing patches - """ - repo_name = package['name'] - repo_dir = Path(repo_name) - - try: - # Clone the repository if it does not exist - if not repo_dir.exists(): - run(['git', 'clone', package['scm_url'], str(repo_dir)], check=True) - - # Check out the specific commit - run(['git', 'checkout', package['commit_id']], cwd=repo_dir, check=True) - - # Ensure dependencies - ensure_dependencies(dependencies) - - # Apply patches if any - apply_patches(repo_dir, patch_dir, repo_name) - - # Sanitize the commit ID and build a tarball for the package - commit_id_sanitized = package['commit_id'].replace('/', '_') - tarball_name = f"{repo_name}_{commit_id_sanitized}.tar.gz" - run(['tar', '-czf', tarball_name, '-C', str(repo_dir.parent), repo_name], check=True) - print(f"I: Tarball created: {tarball_name}") - - # Prepare the package if required - if package.get('prepare_package', False): - prepare_package(repo_dir, package.get('install_data', '')) - - # Build dependency package and install it - if (repo_dir / 'debian/control').exists(): - try: - run('sudo mk-build-deps --install --tool "apt-get --yes --no-install-recommends"', cwd=repo_dir, check=True, shell=True) - run('sudo dpkg -i *build-deps*.deb', cwd=repo_dir, check=True, shell=True) - except CalledProcessError as e: - print(f"Failed to build package {repo_name}: {e}") - - # Build the package, check if we have build_cmd in the package.toml - build_cmd = package.get('build_cmd', 'dpkg-buildpackage -uc -us -tc -b') - run(build_cmd, cwd=repo_dir, check=True, shell=True) - - except CalledProcessError as e: - print(f"Failed to build package {repo_name}: {e}") - finally: - # Clean up repository directory - # shutil.rmtree(repo_dir, ignore_errors=True) - pass - - -def cleanup_build_deps(repo_dir: Path) -> None: - """Clean up build dependency packages""" - try: - if repo_dir.exists(): - for file in glob.glob(str(repo_dir / '*build-deps*.deb')): - os.remove(file) - print("Cleaned up build dependency packages") - except Exception as e: - print(f"Error cleaning up build dependencies: {e}") - - -def copy_packages(repo_dir: Path) -> None: - """Copy generated .deb packages to the parent directory""" - try: - deb_files = glob.glob(str(repo_dir / '*.deb')) - for deb_file in deb_files: - shutil.copy(deb_file, repo_dir.parent) - print(f'I: copy generated "{deb_file}" package') - except Exception as e: - print(f"Error copying packages: {e}") - - -if __name__ == '__main__': - # Prepare argument parser - arg_parser = ArgumentParser() - arg_parser.add_argument('--config', - default='package.toml', - help='Path to the package configuration file') - arg_parser.add_argument('--patch-dir', - default='patches', - help='Path to the directory containing patches') - args = arg_parser.parse_args() - - # Load package configuration - with open(args.config, 'r') as file: - config = toml.load(file) - - packages = config['packages'] - patch_dir = Path(args.patch_dir) - - for package in packages: - dependencies = package.get('dependencies', {}).get('packages', []) - - # Build the package - build_package(package, dependencies, patch_dir) - - # Clean up build dependency packages after build - cleanup_build_deps(Path(package['name'])) - - # Copy generated .deb packages to parent directory - copy_packages(Path(package['name'])) diff --git a/scripts/package-build/netfilter/build.py b/scripts/package-build/netfilter/build.py new file mode 120000 index 00000000..3c76af73 --- /dev/null +++ b/scripts/package-build/netfilter/build.py @@ -0,0 +1 @@ +../build.py \ No newline at end of file diff --git a/scripts/package-build/pmacct/patches/0001-fix-pmacctd-SEGV-when-ICMP-ICMPv6-traffic-was-proces.patch b/scripts/package-build/pmacct/patches/pmacct/0001-fix-pmacctd-SEGV-when-ICMP-ICMPv6-traffic-was-proces.patch similarity index 100% rename from scripts/package-build/pmacct/patches/0001-fix-pmacctd-SEGV-when-ICMP-ICMPv6-traffic-was-proces.patch rename to scripts/package-build/pmacct/patches/pmacct/0001-fix-pmacctd-SEGV-when-ICMP-ICMPv6-traffic-was-proces.patch diff --git a/scripts/package-build/strongswan/patches/0001-charon-add-optional-source-and-remote-overrides-for-.patch b/scripts/package-build/strongswan/patches/strongswan/0001-charon-add-optional-source-and-remote-overrides-for-.patch similarity index 100% rename from scripts/package-build/strongswan/patches/0001-charon-add-optional-source-and-remote-overrides-for-.patch rename to scripts/package-build/strongswan/patches/strongswan/0001-charon-add-optional-source-and-remote-overrides-for-.patch diff --git a/scripts/package-build/strongswan/patches/0002-vici-send-certificates-for-ike-sa-events.patch b/scripts/package-build/strongswan/patches/strongswan/0002-vici-send-certificates-for-ike-sa-events.patch similarity index 100% rename from scripts/package-build/strongswan/patches/0002-vici-send-certificates-for-ike-sa-events.patch rename to scripts/package-build/strongswan/patches/strongswan/0002-vici-send-certificates-for-ike-sa-events.patch diff --git a/scripts/package-build/strongswan/patches/0003-vici-add-support-for-individual-sa-state-changes.patch b/scripts/package-build/strongswan/patches/strongswan/0003-vici-add-support-for-individual-sa-state-changes.patch similarity index 100% rename from scripts/package-build/strongswan/patches/0003-vici-add-support-for-individual-sa-state-changes.patch rename to scripts/package-build/strongswan/patches/strongswan/0003-vici-add-support-for-individual-sa-state-changes.patch diff --git a/scripts/package-build/strongswan/patches/0004-VyOS-disable-options-enabled-by-Debian-that-are-unus.patch b/scripts/package-build/strongswan/patches/strongswan/0004-VyOS-disable-options-enabled-by-Debian-that-are-unus.patch similarity index 100% rename from scripts/package-build/strongswan/patches/0004-VyOS-disable-options-enabled-by-Debian-that-are-unus.patch rename to scripts/package-build/strongswan/patches/strongswan/0004-VyOS-disable-options-enabled-by-Debian-that-are-unus.patch diff --git a/scripts/package-build/wide-dhcpv6/patches/0023-dhcpc6-support-per-interface-client-DUIDs.patch b/scripts/package-build/wide-dhcpv6/patches/wide-dhcpv6/0023-dhcpc6-support-per-interface-client-DUIDs.patch similarity index 100% rename from scripts/package-build/wide-dhcpv6/patches/0023-dhcpc6-support-per-interface-client-DUIDs.patch rename to scripts/package-build/wide-dhcpv6/patches/wide-dhcpv6/0023-dhcpc6-support-per-interface-client-DUIDs.patch diff --git a/scripts/package-build/wide-dhcpv6/patches/0024-bind-to-single-socket.patch b/scripts/package-build/wide-dhcpv6/patches/wide-dhcpv6/0024-bind-to-single-socket.patch similarity index 100% rename from scripts/package-build/wide-dhcpv6/patches/0024-bind-to-single-socket.patch rename to scripts/package-build/wide-dhcpv6/patches/wide-dhcpv6/0024-bind-to-single-socket.patch diff --git a/scripts/package-build/wide-dhcpv6/patches/0025-option-to-prevent-ia-release.patch b/scripts/package-build/wide-dhcpv6/patches/wide-dhcpv6/0025-option-to-prevent-ia-release.patch similarity index 100% rename from scripts/package-build/wide-dhcpv6/patches/0025-option-to-prevent-ia-release.patch rename to scripts/package-build/wide-dhcpv6/patches/wide-dhcpv6/0025-option-to-prevent-ia-release.patch