Commit Graph

57 Commits

Author SHA1 Message Date
Norman Feske
b510394a6d depot/build_bin_archive: keep hash of ingredients
This patch records the content hashes of the src and api ingredients
used for creating a bin archive. This information allows for the
detection of possible inconsistencies between a bin archive and its
corresponding src archive within the depot.

Issue #5379
2024-11-20 08:55:49 +01:00
Norman Feske
4a5f80ddbf tool/depot/extract: annotate version with src hash
When extracting depot archives from the source tree, retain the content
hash of the extracted information along the archive in <version>.hash
file. The .hash files of src and api archives become thereby usable for
checking the consistency of bin archives with their ingredients.

Issue #5379
2024-11-20 08:55:49 +01:00
Ivan Loskutov
649653eb1c Fix getting pubkey_id from depot user pubkey
On systems with the option `use-keyboxd` enabled in config, option
`--no-keyring` in gpg command line doesn't work. The result of the
pubkey_id function will be the first key in the keybox keyring instead
of the id of pubkey from the depot user.

Fixes genodelabs/genode#5235
genodelabs/goa#92
2024-05-30 14:07:16 +02:00
Christian Prochaska
801c4aa72f depot: add support for debug info files
Fixes #5015
2023-11-28 14:45:29 +01:00
Norman Feske
5ae0dab6c5 mk: remove implicit build of shared libraries
This patch removes the implicit build of all shared libraries a target
depends on. Targets only depend on the respective ABIs instead. This
alleviates the need to locally build complex shared libraries (think of
Qt) when developing applications. Instead, application developers can
use binary depot archives.

The implementation splits the mk/lib.mk file into three files:
- mk/a.mk   for building one static library (.lib.a)
- mk/so.mk  for building one shared object  (.lib.so)
- mk/abi.mk for building one ABI stub       (.abi.so)

Furthermore, the commit moves messages and the collection of build
artifacts to var/libdeps, triggers the build of kernel-specific
ld-<kernel>.lib.so, and prunes the lib-dependency tree at ABIs.

Fixes #5061
2023-11-28 14:44:29 +01:00
Christian Helmuth
66c2c74147 depot/publish: let gpg overwrite .sig files
Without this change gpg aborted with

  gpg: Sorry, no terminal at all requested - can't get input

and after adding --batch onlye with

  gpg: signing failed: File exists
2023-10-25 08:58:52 +02:00
Josef Söntgen
bab90d4837 depot/download: let curl fail on 404 response
Downloading non-existent archives from 'depot.genode.org' leads to
files in the 'public' directory containing the 404 error website
delivered by the HTTP server. Specifying the '--fail' option results
in curl generating an exit-code that leads to the appropriate action
by the tool, e.g.:

 Error: failed to download 'https://depot.genode.org/user/pkg/x/version.tar.xz'

Issue #4865.
2023-05-30 12:03:27 +02:00
Christian Helmuth
5c501997ca tool/depot/publish: prevent empty .sig files
If GPG signing is aborted, e.g., by pressing CTRL-C, an empty .sig file
remained in PUBLIC_DIR because the file was created by the Bash
redirection. By using '--output $@', gpg maintains the .sig file.
2023-05-30 12:03:26 +02:00
Norman Feske
595660fb84 tool/depot: sanity check for presence of port hash
If a content.mk file wrongly refers to a non-existing directory in a
call of the 'port_dir' function, the 'content_env_missing_ports.mk' gets
stuck while invoking 'cat' without argument, which makes such mistakes
difficult to diagnose. This patch adds a sanity check for the existence
of the port hash file at the specified location before attempting to
'cat' the hash-file content.
2023-04-17 14:48:30 +02:00
Norman Feske
06a53abe68 tool/depot/publish: support system images
This patch equips the publish tool to handle system images.

System images reside at <depot-user/image/. The directory contains an
index file that contains the meta information of the available images
in XML form, e.g.,

  <index>
    <image name="sculpt-pinephone-2023-01-19" board="pinephone">
       <info text="initial version"/>
    </image>
  </index>

To publish a new version of the index:

  ./tool/depot/publish <depot-user>/image/index

Each system image comes in two forms, a bootable disk image and an
archive of the boot directory. The bootable disk image can be used to
install a new system from scratch by copying the image directly ot a
block device. It contains raw block data. The archive of the boot
directory contains the content needed for an on-target system update to
this version. Within the depot, this archive a directory - named after
the image - that contains the designated content of the boot directory
on target. Depending on the board, it may contain only a single file
loaded by the boot loader (e.g., uImage), or several boot modules, or
even the boot-loader configuration.

To publish both forms:

  ./tool/depot/publish <depot-user>/image/<image-name>

This results in the following - accompanied by their respective .sig
files - in the public directory:

  <depot-user>/image/<image-name>.img.gz  (disk image)
  <depot-user>/image/<image-name>.tar.xz  (boot archive)
  <depot-user>/image/<image-name>.zip     (disk image)

The .zip file contains the .img file. It is provided for users who
download the image on a system with no support for .gz.

Fixes #4735
Issue #4744
2023-02-27 08:22:46 +01:00
Christian Helmuth
da673cfad7 tool/depot: replace wget by curl to support file:// URLs
File-scheme URLs permit users to host downloadable archives (which may
be sync'd by other means beforehand) on the local file system.

Fixes #4737
2023-01-24 12:18:16 +01:00
Roman Iten
17e4e2497f tool/depot: don't overwrite PATH variable
Issue #4725
2023-01-24 12:07:31 +01:00
Sebastian Sumpf
515854a19f tool/depot: adapt to .NOPARALLEL changes in GNU make 4.4
The semantic of .NOPARALLEL has changed in GNU Make 4.4

Quote:

New feature: .NOTPARALLEL accepts prerequisites If the .NOTPARALLEL
special target has prerequisites then all prerequisites of those targets
will be run serially (as if .WAIT was specified between each
prerequisite).

This means that only prerequisites are made sequential. Before
everything within a Makefile would be done in sequential order.

Therefore, we had to add the *.hash target (appears multiple times) to
the .NOPARALLEL prerequisites.

issue #4725
2023-01-24 12:07:31 +01:00
Norman Feske
0cffda3cfe tool/depot: pass make flags to dependencies cmd
This patch harmonizes the tool/depot/download with the version of the
Goa tool.
2022-05-25 12:22:10 +02:00
Norman Feske
2691f2073a tool/depot: minor documentation fixes 2022-05-25 12:22:10 +02:00
Norman Feske
1b96d01690 tool/depot: allow versioned entries in used_apis
Normally, the APIs listed in 'used_apis' files do not carry a version
but implictly refer to the current version. This patch allows for
specifiying an concrete version. This is a useful feature in the context
of the Goa tool.
2022-05-25 12:22:10 +02:00
Norman Feske
b081988e66 tool/depot: make DEPOT_TOOL_DIR customizable
By replacing the formerly hard-coded $(GENODE_DIR)/tool/depot/ by the
variable DEPOT_TOOL_DIR, the depot tools can be hosted outside the
Genode source tree, i.e., as part of the Goa tool.
2022-05-25 12:22:10 +02:00
Christian Helmuth
d182b20705 build: ensure rules with pipes might fail
.SHELLFLAGS is extended by option pipefail to make pipes fail if any pipe
element fails. As .SHELLFLAGS is exported into sub-make instances it
must be unexported before calling third-party build systems recursively.
2022-03-21 13:43:13 +01:00
Tomasz Gajewski
3bbe7d9d07 tool/depot/create: typo fix 2022-01-19 12:35:49 +01:00
Norman Feske
f1b46c3205 Move depot keys to repos/gems/sculpt/depot
This change keeps the version-controlled 'pubkey' and 'download' files
separate from files generated via depot/create or downloaded via
depot/download. So one can remove the entire depot/ directory without
interfering with git.

Furthermore, depot keys can now be hosted in supplemental repositories
independent from Genode's main repository.

Fixes #4364
2022-01-19 12:35:49 +01:00
Martin Stein
0074a7c4ac tool/depot: fix forwarding of CCACHE
The depot tool 'build_bin_archive' used to ask only whether CCACHE is empty or
not and, if it wasn't empty, the tool added 'CCACHE := yes' to the build.conf
of the temporary build dir. This caused the sub-build processes to use ccache
even when the top-level CCACHE variable was set to a bogus value.

Also adds documentation of the CCACHE variable to the help message of the
'build' and 'build_bin_archive' tool.

Ref #4212
2021-07-28 11:24:56 +02:00
Martin Stein
139a2cfae9 tool: use local LC_ALL=C instead of LC_COLLATE=C
We used to export 'LC_COLLATE=C' for the environment of Genode tools. This was
meant to ensure that sorting is always done C-style and not dependent on the
users locale settings. This is required, for instance, to ensure that the same
archive always yields the same hash.

However, 'export LC_COLLATE=C' is not sufficient. It can be outruled by an
'LC_ALL' setting in the users environment. The manual of 'sort' recommends to
set 'LC_ALL=C' locally if you want reliable results and this is what this
commit does. Furthermore it removes the former 'export LC_COLLATE=C'
directives.

Note that I couldn't find a way to set 'LC_ALL' local to 'exec ... sort' in
TCL. This is why I set it global instead using TCLs 'env' array.

Note that the Make directive '$(sort ...)' and the TCL directive 'lsort',
unlike the Shell directive 'sort', are not affected by the users locale
settings.

Fixes #4144
2021-05-28 14:15:26 +02:00
Norman Feske
3d0ed5992d tool/depot/create: add CCACHE=1 option
This commit complements issue #4004 with support for the depot/create
tool. If CCACHE=1 is specified at the command line, the build directory
for building a binary archive is configured with 'CCACHE := yes'.
2021-03-12 12:01:38 +01:00
Josef Söntgen
4c8369ab1b tool/depot/publish: support multiple threads in xz
Introduce 'XZ_THREADS' to override the default number of threads used
for compression, which is still set to '1'. As using multiple threads
will increase the amount of memory needed during the compression and
potentially influences the size of the created archive, setting the
variable limits the impact.

Fixes #3431.
2019-07-09 08:58:38 +02:00
Martin Stein
95ece89cf8 tool/depot: improve handling of missing ports
* The extract tool determines and reports all missing ports at once.
* The extract tool automatically prepares all missing ports if PREPARE_PORTS=1.
* The missing_ports tool prints a list of missing ports for given archives.

Fixes #3353
2019-05-27 14:52:52 +02:00
Christian Helmuth
71a8dcca08 tool/depot: use nullglob on stale archive removal
nullglob is needed to get an empty shell glob in case no matching binary
archive (path) exists. Otherwise, the original glob string including the
* is returned and used in the for loop.
2019-04-09 12:30:35 +02:00
Norman Feske
a3411c8e96 run: add --depot-auto-update feature
If enabled, this option triggers the automated management of depot
content according to the needs of a run script.

Fixes #3270
2019-04-09 12:30:34 +02:00
Norman Feske
4b0b4928f5 tool/depot: rm binary archives if versions collide
This patch handles version collisions of binary archives. If a binary
archive for an (automatically) updated src-archive version already
exists in the depot, the extract tool removes the binary archive because
its existing content may stem from another src content (a version from a
different topic branch). This ensures that the new version is always
built, not skipped, when 'UPDATE_VERSIONS=1 REBUILD=' is specified.

Fixes #3267
2019-04-01 19:33:52 +02:00
Christian Helmuth
8c2235c9a7 depot: delete signature file if signing failed
In cases where the signing failed (maybe the passphrase for the key was
not available at this time), there remained an empty .sig file, which is
newer than the to-be-signed file and, therefore, prevents subsequent
signing processes.
2019-03-01 15:43:50 +01:00
Norman Feske
1b518965cc depot/sculpt: support for index files
The input for the pkg index is located at gems/run/sculpt/index.

The sculpt.run script uses this input for generating the depot index
file at depot/<user>/index/<version>.

The tool/depot/publish tool support arguments of the form
<user>/index/<version> where <version> corresponds to the Sculpt
version.

Issue #3172
2019-02-28 11:34:06 +01:00
Norman Feske
1d0a1e7937 depot/extract: feed file names into version hash
Fixes #3178
2019-02-26 14:47:02 +01:00
Christian Helmuth
56650e7f79 depot: prevent warning with newer GPG versions
gpg: WARNING: no command supplied.  Trying to guess what you mean ...
2019-01-07 12:33:56 +01:00
Alexander Boettcher
9f4801363c tool: use static analyzer with depot creation tool
Convince wrapper to make static analyzer working with tool/depot/* tools.

Issue #3022
2018-11-29 11:46:02 +01:00
Roman Iten
f65a7650c5 depot: allow to inject version command
Issue #2991
2018-09-24 11:18:23 +02:00
Alexander Boettcher
9eabe316bf depot: support for gpg command override
Fixes #2981
2018-09-21 15:49:52 +02:00
Emery Hemingway
b51ee34b11 Depot: support for GPG command line override
Allow the gpg utility to be overridden on the command line. For
example, './tool/depot/publish GPG="ssh 10.0.1.3 gpg" ...' would invoke
a remote gpg over SSH.

Fix #2981
2018-09-17 14:11:37 +02:00
Pirmin Duss
6bb5b7190c depot: verify that runtime file is valid
issue #2894
2018-08-02 14:36:34 +02:00
Christian Helmuth
a7dadd9dae depot: ignore some files on pkg generation
Now, the typical gitignore patterns

  *~ *.rej *.orig *.swp

are not added to the pkg.
2018-05-31 17:07:21 +02:00
Roman Iten
058b92ca99 depot: tool for publishing current versions
In order to simplify the automation of publishing archives, this tool
publishes the current version as specified in the recipes.

Fixes #2799
2018-05-03 16:11:53 +02:00
Christian Helmuth
2eb13c9047 depot: execute content rules sequentially 2018-03-08 12:05:09 +01:00
Christian Helmuth
ad56976131 tool/publish: fix help for PUBLIC_DIR 2018-02-28 11:05:03 +01:00
Norman Feske
7670f048c1 tool/depot: publish missing archives only
The timestamp-based rules of make do not work well for the publish tool
because depot archives are often re-created with the same content but a
different modification time, in particular when creating archives via
'FORCE'. This way, those archives are re-published every time, which
becomes a time-consuming operation since all archives must be signed.

This patch filters the targets based on the content that is already
present in the public/ location. All existing archives are skipped.
2018-02-14 20:41:04 +01:00
Norman Feske
dcce0a1032 depot: force SHA256 digest for signing archives 2018-02-09 13:34:14 +01:00
Josef Söntgen
114af00913 depot: make DEPOT_DIR overridable 2018-01-17 12:14:40 +01:00
Norman Feske
2f7217b29f depot: add REBUILD argument to create, build tools
Fixes #2617
2017-12-21 15:01:50 +01:00
Norman Feske
17bf2564fa depot: improved args check in dependencies tool
This patch lets the dependencies tool give better feedback to the user
whenever an argument lacks the needed version information.
2017-12-21 15:01:45 +01:00
Norman Feske
a52541de18 depot: move versions to subdirectory
This patch changes the depot layout such that each archive is
represented as a directory that contains the versions of the archive as
subdirectories.

Issue #2610
2017-12-21 15:01:45 +01:00
Norman Feske
2d041f0e9c depot: switch from .tgz to .tar.xz
Issue #2610
2017-12-21 15:01:44 +01:00
Christian Helmuth
18fcbbe1a1 depot: support path names including spaces
Related to #2582
2017-11-30 11:23:09 +01:00
Martin Stein
f6dd1f9b9c tool/depot: user-friendly error on missing port
In general, make the message conform to the according message of the
common build system. Adds instruction how to fix the missing/outdated
port.

Fixes #2573
2017-11-30 11:23:03 +01:00