diff options
| -rw-r--r-- | .circleci/Dockerfile | 42 | ||||
| -rw-r--r-- | .circleci/README | 6 | ||||
| -rw-r--r-- | .circleci/config.yml | 144 | ||||
| -rw-r--r-- | modules/luci-base/htdocs/luci-static/resources/luci.js | 15 | ||||
| -rwxr-xr-x | modules/luci-base/root/usr/libexec/rpcd/luci | 16 | ||||
| -rw-r--r-- | modules/luci-base/root/usr/share/rpcd/acl.d/luci-base.json | 21 | ||||
| -rw-r--r-- | modules/luci-mod-system/htdocs/luci-static/resources/view/system/system.js | 20 |
7 files changed, 254 insertions, 10 deletions
diff --git a/.circleci/Dockerfile b/.circleci/Dockerfile new file mode 100644 index 0000000000..b3575b2066 --- /dev/null +++ b/.circleci/Dockerfile @@ -0,0 +1,42 @@ +FROM debian:9 + + +# Configuration version history +# v1.0 - Initial version by Etienne Champetier +# v1.0.1 - Run as non-root, add unzip, xz-utils +# v1.0.2 - Add bzr + +RUN apt update && apt install -y \ +build-essential \ +curl \ +jq \ +gawk \ +gettext \ +git \ +libncurses5-dev \ +libssl-dev \ +python \ +subversion \ +bzr \ +time \ +wget \ +zlib1g-dev \ +unzip \ +xz-utils \ +&& rm -rf /var/lib/apt/lists/* + +RUN useradd -c "OpenWrt Builder" -m -d /home/build -s /bin/bash build +USER build +ENV HOME /home/build + +# LEDE Build System (LEDE GnuPG key for unattended build jobs) +RUN curl 'https://git.openwrt.org/?p=keyring.git;a=blob_plain;f=gpg/626471F1.asc' | gpg --import \ + && echo '54CC74307A2C6DC9CE618269CD84BCED626471F1:6:' | gpg --import-ownertrust + +# LEDE Release Builder (17.01 "Reboot" Signing Key) +RUN curl 'https://git.openwrt.org/?p=keyring.git;a=blob_plain;f=gpg/D52BBB6B.asc' | gpg --import \ + && echo 'B09BE781AE8A0CD4702FDCD3833C6010D52BBB6B:6:' | gpg --import-ownertrust + +# OpenWrt Release Builder (18.06 Signing Key) +RUN curl 'https://git.openwrt.org/?p=keyring.git;a=blob_plain;f=gpg/17E1CE16.asc' | gpg --import \ + && echo '6768C55E79B032D77A28DA5F0F20257417E1CE16:6:' | gpg --import-ownertrust diff --git a/.circleci/README b/.circleci/README new file mode 100644 index 0000000000..8b26582ef3 --- /dev/null +++ b/.circleci/README @@ -0,0 +1,6 @@ +# Build/update the docker image + +docker pull debian:9 +docker build --rm -t docker.io/openwrtorg/packages-cci:latest . +docker tag <IMAGE ID> docker.io/openwrtorg/packages-cci:<VERSION-TAG> +docker push docker.io/openwrtorg/packages-cci diff --git a/.circleci/config.yml b/.circleci/config.yml new file mode 100644 index 0000000000..4702c4e27b --- /dev/null +++ b/.circleci/config.yml @@ -0,0 +1,144 @@ +version: 2.0 +jobs: + build: + docker: + - image: docker.io/openwrtorg/packages-cci:v1.0.2 + environment: + - SDK_HOST: "downloads.openwrt.org" + - SDK_PATH: "snapshots/targets/ath79/generic" + - SDK_FILE: "openwrt-sdk-ath79-generic_*.Linux-x86_64.tar.xz" + - BRANCH: "master" + steps: + - checkout: + path: ~/openwrt_luci + + - run: + name: Check changes / verify commits + working_directory: ~/openwrt_luci + command: | + cat >> $BASH_ENV <<EOF + echo_red() { printf "\033[1;31m\$*\033[m\n"; } + echo_green() { printf "\033[1;32m\$*\033[m\n"; } + echo_blue() { printf "\033[1;34m\$*\033[m\n"; } + EOF + source $BASH_ENV + + RET=0 + for commit in $(git rev-list HEAD ^origin/$BRANCH); do + echo_blue "=== Checking commit '$commit'" + if git show --format='%P' -s $commit | grep -qF ' '; then + echo_red "Pull request should not include merge commits" + RET=1 + fi + + author="$(git show -s --format=%aN $commit)" + if echo $author | grep -q '\S\+\s\+\S\+'; then + echo_green "Author name ($author) seems ok" + else + echo_red "Author name ($author) need to be your real name 'firstname lastname'" + RET=1 + fi + + subject="$(git show -s --format=%s $commit)" + if echo "$subject" | grep -q -e '^[0-9A-Za-z,+/_-]\+: ' -e '^Revert '; then + echo_green "Commit subject line seems ok ($subject)" + else + echo_red "Commit subject line MUST start with '<package name>: ' ($subject)" + RET=1 + fi + + body="$(git show -s --format=%b $commit)" + sob="$(git show -s --format='Signed-off-by: %aN <%aE>' $commit)" + if echo "$body" | grep -qF "$sob"; then + echo_green "Signed-off-by match author" + else + echo_red "Signed-off-by is missing or doesn't match author (should be '$sob')" + RET=1 + fi + done + + exit $RET + + - run: + name: Download the SDK + working_directory: ~/sdk + command: | + curl "https://$SDK_HOST/$SDK_PATH/sha256sums" -sS -o sha256sums + curl "https://$SDK_HOST/$SDK_PATH/sha256sums.asc" -sS -o sha256sums.asc + gpg --with-fingerprint --verify sha256sums.asc sha256sums + rsync -av "$SDK_HOST::downloads/$SDK_PATH/$SDK_FILE" . + sha256sum -c --ignore-missing sha256sums + + - run: + name: Prepare build_dir + working_directory: ~/build_dir + command: | + tar Jxf ~/sdk/$SDK_FILE --strip=1 + cat > feeds.conf <<EOF + src-git base https://github.com/openwrt/openwrt.git;$BRANCH + src-git packages https://github.com/openwrt/packages.git;$BRANCH + src-link luci $HOME/openwrt_luci + EOF + cat feeds.conf + ./scripts/feeds update -a > /dev/null + make defconfig > /dev/null + # enable BUILD_LOG + sed -i 's/# CONFIG_BUILD_LOG is not set/CONFIG_BUILD_LOG=y/' .config + + - run: + name: Download source, check package, compile + working_directory: ~/build_dir + command: | + set +o pipefail + PKGS=$(cd ~/openwrt_luci; git diff --diff-filter=d --name-only "origin/$BRANCH..." | awk -F/ '{ print $2 }' | uniq) + if [ -z "$PKGS" ] ; then + echo_blue "WARNING: No new or modified packages found!" + exit 0 + fi + + echo_blue "=== Found new/modified packages: $PKGS" + for PKG in $PKGS ; do + echo_blue "===+ Install: $PKG" + ./scripts/feeds install $PKG + + echo_blue "===+ Download: $PKG" + make "package/$PKG/download" V=s + + echo_blue "===+ Check package: $PKG" + make "package/$PKG/check" V=s 2>&1 | tee logtmp + RET=${PIPESTATUS[0]} + + if [ $RET -ne 0 ]; then + echo_red "=> Package check failed: $RET)" + exit $RET + fi + + badhash_msg="HASH does not match " + badhash_msg+="|HASH uses deprecated hash," + badhash_msg+="|HASH is missing," + if grep -qE "$badhash_msg" logtmp; then + echo_red "=> Package HASH check failed" + exit 1 + fi + echo_green "=> Package check OK" + done + + for PKG in $PKGS ; do + echo_blue "===+ Building: $PKG" + make "package/$PKG/compile" -j$(nproc) || make "package/$PKG/compile" V=s + done + + - store_artifacts: + path: ~/build_dir/logs + + - store_artifacts: + path: ~/build_dir/bin + +workflows: + version: 2 + buildpr: + jobs: + - build: + filters: + branches: + ignore: master diff --git a/modules/luci-base/htdocs/luci-static/resources/luci.js b/modules/luci-base/htdocs/luci-static/resources/luci.js index 93ecbac15f..1bb4673b0a 100644 --- a/modules/luci-base/htdocs/luci-static/resources/luci.js +++ b/modules/luci-base/htdocs/luci-static/resources/luci.js @@ -579,7 +579,9 @@ Promise.all([ domReady, this.require('ui'), - this.require('form') + this.require('rpc'), + this.require('form'), + Request.get('/ubus/').catch(function() { return { status: 0 } }) ]).then(this.setupDOM.bind(this)).catch(this.error); originalCBIInit = window.cbi_init; @@ -752,7 +754,16 @@ }, /* DOM setup */ - setupDOM: function(ev) { + setupDOM: function(res) { + var domEv = res[0], + uiClass = res[1], + rpcClass = res[2], + formClass = res[3], + ubusReply = res[4]; + + if (ubusReply.status == 400) + rpcClass.setBaseURL('/ubus/'); + Request.addInterceptor(function(res) { if (res.status != 403 || res.headers.get('X-LuCI-Login-Required') != 'yes') return; diff --git a/modules/luci-base/root/usr/libexec/rpcd/luci b/modules/luci-base/root/usr/libexec/rpcd/luci index dba6df0cb9..55233d6d0a 100755 --- a/modules/luci-base/root/usr/libexec/rpcd/luci +++ b/modules/luci-base/root/usr/libexec/rpcd/luci @@ -37,14 +37,26 @@ local methods = { end }, - localtime = { + getLocaltime = { call = function(args) return { localtime = os.time() } end }, + setLocaltime = { + args = { localtime = 0 }, + call = function(args) + local sys = require "luci.sys" + local date = os.date("*t", args.localtime) + if date then + sys.call("date -s '%04d-%02d-%02d %02d:%02d:%02d' >/dev/null" %{ date.year, date.month, date.day, date.hour, date.min, date.sec }) + sys.call("/etc/init.d/sysfixtime restart >/dev/null") + end + return { localtime = args.localtime } + end + }, + timezone = { - args = { zonename = "UTC" }, call = function(args) local util = require "luci.util" local zones = require "luci.sys.zoneinfo" diff --git a/modules/luci-base/root/usr/share/rpcd/acl.d/luci-base.json b/modules/luci-base/root/usr/share/rpcd/acl.d/luci-base.json index ed7ad8aa8a..a9baef8f9c 100644 --- a/modules/luci-base/root/usr/share/rpcd/acl.d/luci-base.json +++ b/modules/luci-base/root/usr/share/rpcd/acl.d/luci-base.json @@ -7,5 +7,26 @@ "write": { "uci": [ "*" ] } + }, + "luci-access": { + "description": "Grant access to basic LuCI procedures", + "read": { + "ubus": { + "iwinfo": [ "info" ], + "luci": [ "boardjson", "duid_hints", "host_hints", "ifaddrs", "initList", "getLocaltime", "leases", "leds", "netdevs", "offload_support", "usb" ], + "network.device": [ "status" ], + "network.interface": [ "dump" ], + "network.wireless": [ "status" ], + "uci": [ "changes", "get" ] + }, + "uci": [ "*" ] + }, + "write": { + "ubus": { + "luci": [ "initCall", "setLocaltime", "timezone" ], + "uci": [ "add", "apply", "confirm", "delete", "order", "set" ] + }, + "uci": [ "*" ] + } } } diff --git a/modules/luci-mod-system/htdocs/luci-static/resources/view/system/system.js b/modules/luci-mod-system/htdocs/luci-static/resources/view/system/system.js index 4b833a3f83..6db973a8df 100644 --- a/modules/luci-mod-system/htdocs/luci-static/resources/view/system/system.js +++ b/modules/luci-mod-system/htdocs/luci-static/resources/view/system/system.js @@ -3,7 +3,8 @@ 'require rpc'; 'require form'; -var callInitList, callInitAction, callLocaltime, callTimezone, CBILocalTime; +var callInitList, callInitAction, callTimezone, + callGetLocaltime, callSetLocaltime, CBILocalTime; callInitList = rpc.declare({ object: 'luci', @@ -24,9 +25,16 @@ callInitAction = rpc.declare({ expect: { result: false } }); -callLocaltime = rpc.declare({ +callGetLocaltime = rpc.declare({ object: 'luci', - method: 'localtime', + method: 'getLocaltime', + expect: { localtime: 0 } +}); + +callSetLocaltime = rpc.declare({ + object: 'luci', + method: 'setLocaltime', + params: [ 'localtime' ], expect: { localtime: 0 } }); @@ -48,7 +56,7 @@ CBILocalTime = form.DummyValue.extend({ this.blur(); this.classList.add('spinning'); this.disabled = true; - callLocaltime(Math.floor(Date.now() / 1000)).then(L.bind(function() { + callSetLocaltime(Math.floor(Date.now() / 1000)).then(L.bind(function() { this.classList.remove('spinning'); this.disabled = false; }, this)); @@ -77,7 +85,7 @@ return L.view.extend({ callInitList('sysntpd'), callInitList('zram'), callTimezone(), - callLocaltime(), + callGetLocaltime(), uci.load('luci'), uci.load('system') ]); @@ -276,7 +284,7 @@ return L.view.extend({ return m.render().then(function(mapEl) { L.Poll.add(function() { - return callLocaltime().then(function(t) { + return callGetLocaltime().then(function(t) { mapEl.querySelector('#localtime').innerHTML = new Date(t * 1000).toLocaleString(); }); }); |