Compare commits

..

No commits in common. "2560e543a1871b86cb1c29b31ce9141eaec94e8c" and "5bbf26be78a05fe504c5aeb989d16bfa44383253" have entirely different histories.

6 changed files with 44 additions and 56 deletions

View File

@ -43,14 +43,25 @@ else
endif endif
BIN_DIR := $(CACHE_DIR_ROOT)/bin BIN_DIR := $(CACHE_DIR_ROOT)/bin
SRC_DIR := src SRC_DIR := src
KEY_DIR := fetch/keys KEY_DIR := keys
OUT_DIR := out OUT_DIR := out
docker = docker docker = docker
include $(CONFIG_DIR)/toolchain.env
export $(shell sed 's/=.*//' $(CONFIG_DIR)/toolchain.env)
export export
include $(CONFIG_DIR)/make.env AUTOBUILD_TOOLCHAIN := true
export $(shell sed 's/=.*//' $(CONFIG_DIR)/make.env) ifeq ($(AUTOBUILD_TOOLCHAIN),true)
ifeq ("$(wildcard $(CACHE_DIR_ROOT)/make.env)","")
echo := $(info $(shell echo "Initializing toolchain."))
build_env := $(shell $(MAKE) AUTOBUILD_TOOLCHAIN=false toolchain )
endif
endif
ifneq (,$(wildcard $(CACHE_DIR_ROOT)/make.env))
include $(CACHE_DIR_ROOT)/make.env
export $(shell sed 's/=.*//' $(CACHE_DIR_ROOT)/make.env)
endif
## Use env vars from existing release if present ## Use env vars from existing release if present
ifneq (,$(wildcard $(DIST_DIR)/release.env)) ifneq (,$(wildcard $(DIST_DIR)/release.env))
@ -67,7 +78,8 @@ toolchain: \
$(BIN_DIR) \ $(BIN_DIR) \
$(OUT_DIR) \ $(OUT_DIR) \
$(CACHE_DIR_ROOT)/toolchain.state \ $(CACHE_DIR_ROOT)/toolchain.state \
$(CACHE_DIR_ROOT)/container.env $(CACHE_DIR_ROOT)/container.env \
$(CACHE_DIR_ROOT)/make.env
# Launch a shell inside the toolchain container # Launch a shell inside the toolchain container
.PHONY: toolchain-shell .PHONY: toolchain-shell
@ -76,21 +88,17 @@ toolchain-shell: toolchain
.PHONY: toolchain-update .PHONY: toolchain-update
toolchain-update: toolchain-update:
rm -rf \ rm \
$(CONFIG_DIR)/apt-pins-x86_64.list \ $(CONFIG_DIR)/apt-pins-x86_64.list \
$(CONFIG_DIR)/apt-sources-x86_64.list \ $(CONFIG_DIR)/apt-sources-x86_64.list \
$(CONFIG_DIR)/apt-hashes-x86_64.list \ $(CONFIG_DIR)/apt-hashes-x86_64.list
$(FETCH_DIR)/apt $(MAKE) $(CONFIG_DIR)/apt-hashes-x86_64.list \
$(MAKE) $(CONFIG_DIR)/apt-hashes-x86_64.list
$(CONFIG_DIR)/apt-base.list:
touch $(CONFIG_DIR)/apt-base.list
# Regenerate toolchain dependency packages to latest versions # Regenerate toolchain dependency packages to latest versions
$(CONFIG_DIR)/apt-base.list \
$(CONFIG_DIR)/apt-pins-x86_64.list \ $(CONFIG_DIR)/apt-pins-x86_64.list \
$(CONFIG_DIR)/apt-sources-x86_64.list \ $(CONFIG_DIR)/apt-sources-x86_64.list \
$(CONFIG_DIR)/apt-hashes-x86_64.list: \ $(CONFIG_DIR)/apt-hashes-x86_64.list:
$(CONFIG_DIR)/apt-base.list
mkdir -p $(FETCH_DIR)/apt \ mkdir -p $(FETCH_DIR)/apt \
&& docker run \ && docker run \
--rm \ --rm \
@ -106,7 +114,7 @@ $(CONFIG_DIR)/apt-base.list
/usr/local/bin/packages-update /usr/local/bin/packages-update
# Pin all packages in toolchain container to latest versions # Pin all packages in toolchain container to latest versions
$(FETCH_DIR)/apt/Packages.bz2: $(CONFIG_DIR)/apt-hashes-x86_64.list $(FETCH_DIR)/apt/Packages.gz:
docker run \ docker run \
--rm \ --rm \
--tty \ --tty \
@ -161,8 +169,9 @@ $(FETCH_DIR):
$(OUT_DIR): $(OUT_DIR):
mkdir -p $@ mkdir -p $@
$(CACHE_DIR_ROOT)/container.env: \ $(CACHE_DIR_ROOT)/make.env $(CACHE_DIR_ROOT)/container.env: \
$(CONFIG_DIR)/make.env \ $(CONFIG_DIR)/global.env \
$(CONFIG_DIR)/toolchain.env \
$(CACHE_DIR_ROOT)/toolchain.state $(CACHE_DIR_ROOT)/toolchain.state
docker run \ docker run \
--rm \ --rm \
@ -186,7 +195,6 @@ $(CACHE_DIR_ROOT)/container.env: \
--env DIST_DIR="$(DIST_DIR)" \ --env DIST_DIR="$(DIST_DIR)" \
--env FETCH_DIR="$(FETCH_DIR)" \ --env FETCH_DIR="$(FETCH_DIR)" \
--env KEY_DIR="$(KEY_DIR)" \ --env KEY_DIR="$(KEY_DIR)" \
--env BIN_DIR="$(BIN_DIR)" \
--env OUT_DIR="$(OUT_DIR)" \ --env OUT_DIR="$(OUT_DIR)" \
--env SRC_DIR="$(SRC_DIR)" \ --env SRC_DIR="$(SRC_DIR)" \
--env CACHE_DIR="$(CACHE_DIR)" \ --env CACHE_DIR="$(CACHE_DIR)" \
@ -198,16 +206,16 @@ $(CACHE_DIR_ROOT)/container.env: \
--volume $(TOOLCHAIN_VOLUME) \ --volume $(TOOLCHAIN_VOLUME) \
--workdir $(TOOLCHAIN_WORKDIR) \ --workdir $(TOOLCHAIN_WORKDIR) \
$(shell cat cache/toolchain.state 2> /dev/null) \ $(shell cat cache/toolchain.state 2> /dev/null) \
$(SRC_DIR)/toolchain/scripts/environment > $@ $(SRC_DIR)/toolchain/scripts/environment $(CACHE_DIR_ROOT)
$(CACHE_DIR_ROOT)/toolchain.tar: \ $(CACHE_DIR_ROOT)/toolchain.tar: \
$(CONFIG_DIR)/make.env \ $(CONFIG_DIR)/toolchain.env \
$(SRC_DIR)/toolchain/Dockerfile \ $(SRC_DIR)/toolchain/Dockerfile \
$(CONFIG_DIR)/apt-base.list \ $(CONFIG_DIR)/apt-base.list \
$(CONFIG_DIR)/apt-sources-$(ARCH).list \ $(CONFIG_DIR)/apt-sources-$(ARCH).list \
$(CONFIG_DIR)/apt-pins-$(ARCH).list \ $(CONFIG_DIR)/apt-pins-$(ARCH).list \
$(CONFIG_DIR)/apt-hashes-$(ARCH).list \ $(CONFIG_DIR)/apt-hashes-$(ARCH).list \
$(FETCH_DIR)/apt/Packages.bz2 $(FETCH_DIR)/apt/Packages.gz
mkdir -p $(CACHE_DIR) mkdir -p $(CACHE_DIR)
DOCKER_BUILDKIT=1 \ DOCKER_BUILDKIT=1 \
docker build \ docker build \
@ -252,33 +260,18 @@ define fetch_file
" "
endef endef
define git_archive
$(call git_clone,$(CACHE_DIR)/$(notdir $@),$(1),$(2)) \
&& tar \
-C $(CACHE_DIR)/$(notdir $@) \
--sort=name \
--mtime='@0' \
--owner=0 \
--group=0 \
--numeric-owner \
-cvf - \
. \
| gzip -n > $@ \
&& rm -rf $(CACHE_DIR)/$(notdir $@)
endef
define git_clone define git_clone
[ -d $(1) ] || \ [ -d $(1) ] || \
mkdir -p $(1).tmp && \ mkdir -p $(FETCH_DIR) && \
mkdir $(1).tmp && \
git -C $(1).tmp init && \ git -C $(1).tmp init && \
git -C $(1).tmp remote add origin $(2) && \ git -C $(1).tmp remote add origin $(2) && \
git -C $(1).tmp fetch origin $(3) && \ git -C $(1).tmp fetch origin $(3) && \
git -C $(1).tmp -c advice.detachedHead=false checkout $(3) && \ git -C $(1).tmp -c advice.detachedHead=false checkout $(3) && \
git -C $(1).tmp submodule update --init && \
git -C $(1).tmp rev-parse --verify HEAD | grep -q $(3) || { \ git -C $(1).tmp rev-parse --verify HEAD | grep -q $(3) || { \
echo 'Error: Git ref/branch collision.'; exit 1; \ echo 'Error: Git ref/branch collision.'; exit 1; \
} && \ } && \
mv $(1).tmp $(1) mv $(1).tmp $(1);
endef endef
define apply_patches define apply_patches
@ -307,7 +300,7 @@ define fetch_pgp_key
--recv-keys "$(1)" \ --recv-keys "$(1)" \
&& break; \ && break; \
done; \ done; \
gpg --export -a $(1) > $@; \ gpg --export -a $(1) > $(KEY_DIR)/$(1).asc; \
') ')
endef endef
@ -318,7 +311,6 @@ define toolchain
$(2) \ $(2) \
--env UID=$(UID) \ --env UID=$(UID) \
--env GID=$(GID) \ --env GID=$(GID) \
--env PATH_PREFIX=$(PATH_PREFIX) \
--platform=linux/$(ARCH) \ --platform=linux/$(ARCH) \
--privileged \ --privileged \
--cpus $(CPUS) \ --cpus $(CPUS) \

View File

@ -55,8 +55,8 @@ us as desired.
3. Define any build/dev dependencies for toolchain container 3. Define any build/dev dependencies for toolchain container
``` ```
echo "libfaketime" >> config/apt-base.list echo "libfaketime" >> config/toolchain/packages-base.txt
echo "build-essential" >> config/apt-base.list echo "build-essential" >> config/toolchain/packages-base.txt
``` ```
4. Lock a base Debian container image hash 4. Lock a base Debian container image hash
@ -97,7 +97,7 @@ make reproduce
### Add and lock a new container dependency ### Add and lock a new container dependency
``` ```
echo "vim-nox" >> config/apt-base.list echo "vim-nox" >> config/toolchain/packages-base.txt
make toolchain-update make toolchain-update
``` ```

View File

@ -1,11 +1,12 @@
#!/bin/sh #!/bin/sh
CACHE_DIR_ROOT=${1?}
HOME=/home/build HOME=/home/build
CONFIG_DIR=/home/build/config CONFIG_DIR=/home/build/config
cat ${CONFIG_DIR}/make.env cat ${CONFIG_DIR}/toolchain.env > ${CACHE_DIR_ROOT}/container.env
cat <<- EOF cat <<- EOF >> ${CACHE_DIR_ROOT}/container.env
HOME=${HOME} HOME=${HOME}
PATH=${HOME}/${BIN_DIR}:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin PATH=${HOME}/${BIN_DIR}:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
TZ=UTC TZ=UTC
@ -38,6 +39,6 @@ cat <<- EOF
FETCH_DIR=${HOME}/${FETCH_DIR} FETCH_DIR=${HOME}/${FETCH_DIR}
EOF EOF
if [ -f "${CONFIG_DIR}/container.env" ]; then envsubst < ${CONFIG_DIR}/global.env > ${CACHE_DIR_ROOT}/make.env
envsubst < ${CONFIG_DIR}/container.env
fi cat ${CACHE_DIR_ROOT}/make.env >> ${CACHE_DIR_ROOT}/container.env

View File

@ -5,8 +5,6 @@ uid=${UID?}
gid=${GID?} gid=${GID?}
user=${USER:-"build"} user=${USER:-"build"}
export HOME="/home/${user}" export HOME="/home/${user}"
[ ! -z "$PATH_PREFIX" ] && \
export PATH="${PATH_PREFIX}:${PATH}"
# If running user is not root, pivot to custom user/group # If running user is not root, pivot to custom user/group
if [ "$uid" != "0" ]; then if [ "$uid" != "0" ]; then

View File

@ -5,10 +5,7 @@ set -e
ARCH=$(uname -m) ARCH=$(uname -m)
cp /config/apt-sources-x86_64.list /etc/apt/sources.list cp /config/* /etc/apt/
cp /config/apt-hashes-x86_64.list /etc/apt/
cp /config/apt-pins-x86_64.list /etc/apt/
rm /etc/apt/sources.list.d/*
apt update -o Acquire::Check-Valid-Until=false apt update -o Acquire::Check-Valid-Until=false
until apt-get install \ until apt-get install \
@ -34,4 +31,4 @@ mkdir -p /fetch/apt
mv /var/cache/apt/archives/*.deb /fetch/apt/ mv /var/cache/apt/archives/*.deb /fetch/apt/
apt-get install -y dpkg-dev apt-get install -y dpkg-dev
env -C /fetch dpkg-scanpackages apt | bzip2 > /fetch/apt/Packages.bz2 env -C /fetch dpkg-scanpackages apt | gzip > /fetch/apt/Packages.gz

View File

@ -3,7 +3,7 @@ set -e;
ARCH=$(uname -m) ARCH=$(uname -m)
cp -R /config/* /etc/apt/ cp /config/* /etc/apt/
cat <<-EOF > /etc/apt/sources.list cat <<-EOF > /etc/apt/sources.list
deb [trusted=yes] file:///fetch apt/ deb [trusted=yes] file:///fetch apt/