diff options
Diffstat (limited to 'tools')
| -rwxr-xr-x | tools/go_branch.sh | 26 | ||||
| -rw-r--r-- | tools/go_marshal/test/BUILD | 3 | ||||
| -rw-r--r-- | tools/go_marshal/test/external/BUILD | 4 | ||||
| -rw-r--r-- | tools/go_stateify/defs.bzl | 14 | ||||
| -rw-r--r-- | tools/go_stateify/main.go | 10 | ||||
| -rwxr-xr-x | tools/make_repository.sh | 67 | ||||
| -rwxr-xr-x | tools/tag_release.sh | 3 |
7 files changed, 82 insertions, 45 deletions
diff --git a/tools/go_branch.sh b/tools/go_branch.sh index ddb9b6e7b..f97a74aaf 100755 --- a/tools/go_branch.sh +++ b/tools/go_branch.sh @@ -17,9 +17,9 @@ set -eo pipefail # Discovery the package name from the go.mod file. -declare -r gomod="$(pwd)/go.mod" -declare -r module=$(cat "${gomod}" | grep -E "^module" | cut -d' ' -f2) -declare -r gosum="$(pwd)/go.sum" +declare -r module=$(cat go.mod | grep -E "^module" | cut -d' ' -f2) +declare -r origpwd=$(pwd) +declare -r othersrc=("go.mod" "go.sum" "AUTHORS" "LICENSE") # Check that gopath has been built. declare -r gopath_dir="$(pwd)/bazel-bin/gopath/src/${module}" @@ -65,10 +65,22 @@ git checkout -b go "${go_branch}" git merge --no-commit --strategy ours ${head} || \ git merge --allow-unrelated-histories --no-commit --strategy ours ${head} -# Sync the entire gopath_dir and go.mod. -rsync --recursive --verbose --delete --exclude .git --exclude README.md -L "${gopath_dir}/" . -cp "${gomod}" . -cp "${gosum}" . +# Sync the entire gopath_dir. +rsync --recursive --verbose --delete --exclude .git -L "${gopath_dir}/" . + +# Add additional files. +for file in "${othersrc[@]}"; do + cp "${origpwd}"/"${file}" . +done + +# Construct a new README.md. +cat > README.md <<EOF +# gVisor + +This branch is a synthetic branch, containing only Go sources, that is +compatible with standard Go tools. See the master branch for authoritative +sources and tests. +EOF # There are a few solitary files that can get left behind due to the way bazel # constructs the gopath target. Note that we don't find all Go files here diff --git a/tools/go_marshal/test/BUILD b/tools/go_marshal/test/BUILD index fa82f8e9b..d412e1ccf 100644 --- a/tools/go_marshal/test/BUILD +++ b/tools/go_marshal/test/BUILD @@ -1,9 +1,8 @@ load("@io_bazel_rules_go//go:def.bzl", "go_test") +load("//tools/go_marshal:defs.bzl", "go_library") package(licenses = ["notice"]) -load("//tools/go_marshal:defs.bzl", "go_library") - package_group( name = "gomarshal_test", packages = [ diff --git a/tools/go_marshal/test/external/BUILD b/tools/go_marshal/test/external/BUILD index 8fb43179b..9bb89e1da 100644 --- a/tools/go_marshal/test/external/BUILD +++ b/tools/go_marshal/test/external/BUILD @@ -1,7 +1,7 @@ -package(licenses = ["notice"]) - load("//tools/go_marshal:defs.bzl", "go_library") +package(licenses = ["notice"]) + go_library( name = "external", testonly = 1, diff --git a/tools/go_stateify/defs.bzl b/tools/go_stateify/defs.bzl index a7961c2fb..33267c074 100644 --- a/tools/go_stateify/defs.bzl +++ b/tools/go_stateify/defs.bzl @@ -43,13 +43,13 @@ def _go_stateify_impl(ctx): # Run the stateify command. args = ["-output=%s" % output.path] - args += ["-pkg=%s" % ctx.attr.package] - args += ["-arch=%s" % ctx.attr.arch] + args.append("-pkg=%s" % ctx.attr.package) + args.append("-arch=%s" % ctx.attr.arch) if ctx.attr._statepkg: - args += ["-statepkg=%s" % ctx.attr._statepkg] + args.append("-statepkg=%s" % ctx.attr._statepkg) if ctx.attr.imports: - args += ["-imports=%s" % ",".join(ctx.attr.imports)] - args += ["--"] + args.append("-imports=%s" % ",".join(ctx.attr.imports)) + args.append("--") for src in ctx.attr.srcs: args += [f.path for f in src.files.to_list()] ctx.actions.run( @@ -124,8 +124,8 @@ def go_library(name, srcs, deps = [], imports = [], **kwargs): imports = imports, package = name, arch = select({ - "@bazel_tools//src/conditions:linux_aarch64": "arm64", - "//conditions:default": "amd64", + "@bazel_tools//src/conditions:linux_aarch64": "arm64", + "//conditions:default": "amd64", }), out = name + "_state_autogen.go", ) diff --git a/tools/go_stateify/main.go b/tools/go_stateify/main.go index 47c8ea1d7..7d5d291e6 100644 --- a/tools/go_stateify/main.go +++ b/tools/go_stateify/main.go @@ -90,8 +90,9 @@ func matchtag(tag string, goarch string) bool { return tag == goarch } -// canBuild reports whether we can build this file for target platform by checking file name and build tags. -// The code is derived from the Go source cmd.dist.build.shouldbuild. +// canBuild reports whether we can build this file for target platform by +// checking file name and build tags. The code is derived from the Go source +// cmd.dist.build.shouldbuild. func canBuild(file, goTargetArch string) bool { name := filepath.Base(file) excluded := func(list []string, ok string) bool { @@ -120,11 +121,6 @@ func canBuild(file, goTargetArch string) bool { if p == "" { continue } - code := p - i := strings.Index(code, "//") - if i > 0 { - code = strings.TrimSpace(code[:i]) - } if !strings.HasPrefix(p, "//") { break } diff --git a/tools/make_repository.sh b/tools/make_repository.sh index 071f72b74..27ffbc9f3 100755 --- a/tools/make_repository.sh +++ b/tools/make_repository.sh @@ -17,13 +17,13 @@ # Parse arguments. We require more than two arguments, which are the private # keyring, the e-mail associated with the signer, and the list of packages. if [ "$#" -le 3 ]; then - echo "usage: $0 <private-key> <signer-email> <component> <packages...>" + echo "usage: $0 <private-key> <signer-email> <component> <root> <packages...>" exit 1 fi -declare -r private_key=$(readlink -e "$1") -declare -r signer="$2" -declare -r component="$3" -shift; shift; shift +declare -r private_key=$(readlink -e "$1"); shift +declare -r signer="$1"; shift +declare -r component="$1"; shift +declare -r root="$1"; shift # Verbose from this point. set -xeo pipefail @@ -40,7 +40,7 @@ cleanup() { trap cleanup EXIT gpg --no-default-keyring --keyring "${keyring}" --import "${private_key}" >&2 -# Copy the packages, and ensure permissions are correct. +# Copy the packages into the root. for pkg in "$@"; do name=$(basename "${pkg}" .deb) name=$(basename "${name}" .changes) @@ -48,32 +48,61 @@ for pkg in "$@"; do if [[ "${name}" == "${arch}" ]]; then continue # Not a regular package. fi - mkdir -p "${tmpdir}"/"${component}"/binary-"${arch}" - cp -a "${pkg}" "${tmpdir}"/"${component}"/binary-"${arch}" + if [[ "${pkg}" =~ ^.*\.deb$ ]]; then + # Extract from the debian file. + version=$(dpkg --info "${pkg}" | grep -E 'Version:' | cut -d':' -f2) + elif [[ "${pkg}" =~ ^.*\.changes$ ]]; then + # Extract from the changes file. + version=$(grep -E 'Version:' "${pkg}" | cut -d':' -f2) + else + # Unsupported file type. + echo "Unknown file type: ${pkg}" + exit 1 + fi + version=${version// /} # Trim whitespace. + mkdir -p "${root}"/pool/"${version}"/binary-"${arch}" + cp -a "${pkg}" "${root}"/pool/"${version}"/binary-"${arch}" done -find "${tmpdir}" -type f -exec chmod 0644 {} \; -# Ensure there are no symlinks hanging around; these may be remnants of the -# build process. They may be useful for other things, but we are going to build -# an index of the actual packages here. -find "${tmpdir}" -type l -exec rm -f {} \; +# Ensure all permissions are correct. +find "${root}"/pool -type f -exec chmod 0644 {} \; # Sign all packages. -for file in "${tmpdir}"/"${component}"/binary-*/*.deb; do +for file in "${root}"/pool/*/binary-*/*.deb; do dpkg-sig -g "--no-default-keyring --keyring ${keyring}" --sign builder "${file}" >&2 done # Build the package list. -for dir in "${tmpdir}"/"${component}"/binary-*; do - (cd "${dir}" && apt-ftparchive packages . | gzip > Packages.gz) +declare arches=() +for dir in "${root}"/pool/*/binary-*; do + name=$(basename "${dir}") + arch=${name##binary-} + arches+=("${arch}") + repo_packages="${tmpdir}"/"${component}"/"${name}" + mkdir -p "${repo_packages}" + (cd "${root}" && apt-ftparchive --arch "${arch}" packages pool > "${repo_packages}"/Packages) + (cd "${repo_packages}" && cat Packages | gzip > Packages.gz) + (cd "${repo_packages}" && cat Packages | xz > Packages.xz) done # Build the release list. -(cd "${tmpdir}" && apt-ftparchive release . > Release) +cat > "${tmpdir}"/apt.conf <<EOF +APT { + FTPArchive { + Release { + Architectures "${arches[@]}"; + Components "${component}"; + }; + }; +}; +EOF +(cd "${tmpdir}" && apt-ftparchive -c=apt.conf release . > Release) +rm "${tmpdir}"/apt.conf # Sign the release. -(cd "${tmpdir}" && gpg --no-default-keyring --keyring "${keyring}" --clearsign -o InRelease Release >&2) -(cd "${tmpdir}" && gpg --no-default-keyring --keyring "${keyring}" -abs -o Release.gpg Release >&2) +declare -r digest_opts=("--digest-algo" "SHA512" "--cert-digest-algo" "SHA512") +(cd "${tmpdir}" && gpg --no-default-keyring --keyring "${keyring}" --clearsign "${digest_opts[@]}" -o InRelease Release >&2) +(cd "${tmpdir}" && gpg --no-default-keyring --keyring "${keyring}" -abs "${digest_opts[@]}" -o Release.gpg Release >&2) # Show the results. echo "${tmpdir}" diff --git a/tools/tag_release.sh b/tools/tag_release.sh index 9d5a60583..f33b902d6 100755 --- a/tools/tag_release.sh +++ b/tools/tag_release.sh @@ -64,5 +64,6 @@ fi # Tag the given commit (annotated, to record the committer). declare -r tag="release-${release}" -(git tag -a "${tag}" "${commit}" && git push origin tag "${tag}") || \ +(git tag -m "Release ${release}" -a "${tag}" "${commit}" && \ + git push origin tag "${tag}") || \ (git tag -d "${tag}" && false) |