Bug#652527: pbuilder: No hook option for after .debs are written
Thorsten Glaser
tg at mirbsd.de
Sun Dec 18 15:13:27 UTC 2011
Philip Ashmore dixit:
>In each konsole window to pick up the new packages that the next one requires.
I just use a wrapper around cowbuilder for that. Have a look at:
https://evolvis.org/plugins/scmgit/cgi-bin/gitweb.cgi?p=shellsnippets/shellsnippets.git;a=blob;f=mksh/sysadmin/vcs2deb;h=c2db67e82027e04ca17da37500765c3fc89b214f;hb=HEAD
plus the other scripts in that directory. The order:
* vcs2deb (called)
- check out (svn and git are tested at work)
- do some basic sanity checks
- if $VERSION_AS_SNAPSHOT = "true":
make this a snapshot upload (append [~.]snapshot.%Y%m%d.%H%M%S)
- run dpkg-buildpackage -d -rfakeroot -S -us -uc
* call kuhbauer (in the same directory; name is a pun on cowbuilder)
with sudo (the jenkins user needs an appropriate sudoers entry)
- validate and escape arguments
- create hooks (here: add $companyname-keyring.deb, amend
sources.list, run a-g update before building; run lintian after)
- run cowbuilder, create logfile (*.holzscheit, pun on log)
!!! this sorta needs my /etc/pbuilderrc:
https://www.mirbsd.org/cvs.cgi/contrib/hosted/tg/deb/pbuilderrc?rev=HEAD
=> this allows to have multiple distros (multiple base.cow)
- take the result from the _temporary_ RESULTDIR
- copies the logfile to the cwd of invocation time
- if $ENABLE_UPLOAD = "true":
* call /opt/mvn-debs/mvndput.sh (in the same directory)
- validates changes file
- puts stuff in appropriate APT repository
* call mvndebri.sh (in the same directory)
- run dpkg-scanpackages, dpkg-scansources
- create Release file
- run gpg (in batch mode) to sign Release.gpg
- create debidx.htm, looks like this:
https://www.freewrt.org/~tg/debs/debidx.htm
- uses dput to copy the .changes file plus all files it
references to the cwd of invocation time (this fixes a
bug in {cow,p}builder to put e.g. the .dsc+.diff.gz into
RESULTDIR even for a --binary-arch --debbuildopts -B run)
- exit 0 ;-)
It cannot truly be used as-is, but with some very few changes,
i.e. set up the structure under /opt/mvn-debs (copy the two
scripts there, make it chmod 2775, chgrp to the user running
the builds; in our jenkins installations he's called maven,
hence the name), create a pgp key, put it into place, write
its password to /etc/tarent/maven.kpw (oh well, change that
directory name ;), edit labels in mvndebri.sh and make your
own keyring package; use this as base:
https://www.freewrt.org/~tg/debs/dists/etch/wtf/Pkgs/wtf-debian-keyring/wtf-debian-keyring_20110906.dsc
Put the keyring package to /var/cache/pbuilder/base.cow-*/tmp/
so that the hook can find (and dpkg -i) it, so Secure APT works.
Oh, and apt-get install mksh of course ;-)
Hope this helps,
//mirabilos
--
FWIW, I'm quite impressed with mksh interactively. I thought it was much
*much* more bare bones. But it turns out it beats the living hell out of
ksh93 in that respect. I'd even consider it for my daily use if I hadn't
wasted half my life on my zsh setup. :-) -- Frank Terbeck in #!/bin/mksh
More information about the Pbuilder-maint
mailing list