Skip to content

Commit

Permalink
Merge branch 'main' into deprecate-rpi-imager
Browse files Browse the repository at this point in the history
@HarveyDevel
HarveyDevel authored Nov 1, 2024
2 parents 9787adb + cd33ecd commit 979bc6b
Showing 4,563 changed files with 535,494 additions and 556,263 deletions.
The diff you're trying to view is too large. We only load the first 3000 changed files.
42 changes: 42 additions & 0 deletions .github/ISSUE_TEMPLATE/report-packaging-problems.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,42 @@
---
name: Packaging problem report
description: Report problems with a package. This includes build failures or other issues related to a package. This is *not* for bugs with installed software.
labels: ["Packaging Problem", "Priority: Normal"]
title: "packagename: problem with package"
body:
- type: checkboxes
id: search
attributes:
label: Please confirm there isn't an existing open report for this package
description: Before opening a new packaging problem report, please search [existing reports](https://github.com/getsolus/packages/labels/Package%20Problem%20Report) to ensure there is not an existing one.
options:
- label: I have searched through package problem reports
required: true
- type: input
id: name
attributes:
label: Name
description: Name of the package.
validations:
required: true
- type: input
id: version
attributes:
label: Version
description: Software version that has the problem.
- type: textarea
id: problem
attributes:
label: Summary of the problem
description: Describe what's wrong with the package. Does it fail to build? Is the metadata incorrect? Is there a missing dependency? Something else?
placeholder: ex. The foo package fails to build.
validations:
required: true
- type: textarea
id: details
attributes:
label: More information
description: Details about the problem. ex. Errors in make output.
placeholder: The errors when running go-task build *or* description of a packaging issue (e.g. "package foo is missing the bar dependency and crashes")
validations:
required: true
5 changes: 4 additions & 1 deletion .github/workflows/package_lint.yml
View file
Original file line number Diff line number Diff line change
@@ -15,4 +15,7 @@ jobs:
uses: actions/checkout@v4
with:
fetch-depth: 0
- run: common/CI/package_checks.py --base=origin/${{ github.event.pull_request.base.ref }}
- run: |
sudo apt-get update
sudo apt-get install python3-ruamel.yaml
common/CI/package_checks.py --base=origin/${{ github.event.pull_request.base.ref }}
2 changes: 1 addition & 1 deletion .github/workflows/script_lint.yml
View file
Original file line number Diff line number Diff line change
@@ -33,7 +33,7 @@ jobs:
with:
path: common/CI common/Hooks common/Scripts/worklog.py
python_version: "3.10"
requirements: types-PyYAML
requirements: ruamel.yaml types-PyYAML
ShellCheck:
name: ShellCheck
runs-on: ubuntu-latest
15 changes: 15 additions & 0 deletions SECURITY.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,15 @@
# Security Policy

Security is an important concern for Solus. Please report vulnerabilities if you believe that Solus is affected. We accept vulnerability reports for both software developed by the Solus project (ie. [github.com/getsolus](https://github.com/getsolus)) as well as vulnerabilities in software packaged by Solus.

## Reporting a Vulnerability

A vulnerability in can be reported in the following ways:

- By creating a security issue [on GitHub](https://github.com/getsolus/packages/security/advisories/new).
- By contacting security@getsol.us.

## Supported Versions

- **Packages**: both the *unstable* and *stable* ('shannon') releases of Solus are supported with security updates. Please report a security issue if you feel that a security issue is present in either release.
- **Software**: both the latest tagged release and master/main branch are supported.
18 changes: 12 additions & 6 deletions Taskfile.yml
View file
Original file line number Diff line number Diff line change
@@ -81,8 +81,8 @@ tasks:
cmds:
- |
[[ -d /var/lib/solbuild/local ]] && \
sudo eopkg index --skip-signing /var/lib/solbuild/local/ --output /var/lib/solbuild/local/eopkg-index.xml && \
sudo eopkg ur # Force eopkg to pick up the new index
sudo eopkg.bin index --skip-signing /var/lib/solbuild/local/ --output /var/lib/solbuild/local/eopkg-index.xml && \
sudo eopkg.bin ur # Force eopkg to pick up the new index
build-stable:
desc: Build the current package against the stable repo (do NOT use for official submissions!)
@@ -219,17 +219,23 @@ tasks:
clean-local:
desc: WARNING - Clean ALL eopkgs found in solbuild local repository /var/lib/solbuild/local
aliases: [rmlocal, rml]
prompt: This will clean ALL eopkgs found in solbuild local repository /var/lib/solbuild/local. Continue?
cmds:
- task: list-local
- task: list-local # first show all found .eopkg files
- task: delete-local # then prompt before deleting them
- task: build-localindex # ... and rebuild the index afterwards

delete-local:
desc: Ask before deleting all .eopkgs found in the local repo
dir: '{{ .TASKFILE_DIR }}'
prompt: This will delete ALL .eopkgs found in the solbuild local repository. Continue?
cmds:
- sudo rm /var/lib/solbuild/local/*.eopkg
- task: build-localindex

list-local:
desc: List all .eopkgs in the local repo (/var/lib/solbuild/local/*.eopkg)
aliases: [lslocal, lsl]
cmds:
- ls -lh /var/lib/solbuild/local/
- ls -AFcghlot /var/lib/solbuild/local/

clean-all:
desc: List all .eopkgs found in the monorepo, ask before deleting them.
26 changes: 24 additions & 2 deletions common/CI/config.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,26 @@
---
# Configuration for a repository freeze.
# Dates can be generated using `date --iso-8601=s`.
freeze:
start: null
end: null
start: "2024-09-27T23:59:59+00:00"
end: "2024-10-13T23:59:59+00:00"

# Configuration for including static libraries.
static_libs:
# These packages are allowed to include static libraries:
allowed_packages:
- gcc
- ghc
- glibc
- golang
- libboost
- libnss
- llvm
- llvm-15
- ocaml
- qt5-tools
- rocm-llvm
- vlc
# These files are allowed as static libraries:
allowed_files:
- /usr/lib64/ghc-*/**
101 changes: 91 additions & 10 deletions common/CI/package_checks.py
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,6 @@
#!/usr/bin/env python3
import argparse
import fnmatch
import glob
import json
import logging
@@ -10,12 +11,12 @@
from dataclasses import dataclass
from datetime import datetime, timezone
from enum import Enum
from ruamel.yaml import YAML
from ruamel.yaml.compat import StringIO
from typing import Any, Callable, Dict, List, Optional, TextIO, Tuple, Union
from urllib import request
from xml.etree import ElementTree

import yaml

"""Package is either a Package YML file or Pspec XML file."""
Package = Union['PackageYML', 'PspecXML']

@@ -29,7 +30,9 @@ class PackageYML:
"""Represents a Package YML file."""

def __init__(self, stream: Any):
self._data = dict(yaml.safe_load(stream))
yaml = YAML(typ='safe', pure=True)
yaml.default_flow_style = False
self._data = dict(yaml.load(stream))

@property
def name(self) -> str:
@@ -79,23 +82,37 @@ class FreezeConfig:
start: Optional[datetime]
end: Optional[datetime]

def __init__(self, start: Optional[Union[str | datetime]], end: Optional[Union[str | datetime]]):
self.start = datetime.fromisoformat(start) if isinstance(start, str) else start
self.end = datetime.fromisoformat(end) if isinstance(end, str) else end

def active(self) -> bool:
now = datetime.now(tz=timezone.utc)

return (self.start is not None and now > self.start and
(self.end is None or now < self.end))


@dataclass
class StaticLibsConfig:
"""Configuration for the 'StaticLibs' check."""
allowed_packages: List[str]
allowed_files: List[str]


@dataclass
class Config:
freeze: FreezeConfig
static_libs: StaticLibsConfig

@staticmethod
def load(stream: Any) -> 'Config':
return Config(**yaml.safe_load(stream))
yaml = YAML(typ='safe', pure=True)
return Config(**yaml.load(stream))

def __post_init__(self) -> None:
self.freeze = FreezeConfig(**self.freeze) # type: ignore
self.static_libs = StaticLibsConfig(**self.static_libs) # type: ignore


class Git:
@@ -268,11 +285,11 @@ def config(self) -> Config:

@property
def package_files(self) -> List[str]:
return self._filter_packages(self.files)
return self.filter_files(*self._package_files)

def _filter_packages(self, files: List[str]) -> List[str]:
return [f for f in files
if os.path.basename(f) in self._package_files]
def filter_files(self, *allowed: str) -> List[str]:
return [f for f in self.files
if os.path.basename(f) in allowed]

def _path(self, path: str) -> str:
return os.path.join(self.git.root, path)
@@ -284,6 +301,9 @@ def _read(self, path: str) -> str:
with self._open(path) as f:
return str(f.read())

def _exists(self, path: str) -> bool:
return os.path.exists(self._path(path))

def load_package_yml(self, file: str) -> PackageYML:
with self._open(file) as f:
return PackageYML(f)
@@ -395,7 +415,22 @@ def run(self) -> List[Result]:

def _includes_homepage(self, file: str) -> bool:
with self._open(file) as f:
return 'homepage' in yaml.safe_load(f)
yaml = YAML(typ='safe', pure=True)
yaml.default_flow_style = False
return 'homepage' in yaml.load(f)


class Monitoring(PullRequestCheck):
_error = '`monitoring.yml` is missing'
_level = Level.WARNING

def run(self) -> List[Result]:
return [Result(message=self._error, file=f, level=self._level)
for f in self.package_files
if not self._has_monitoring_yml(f)]

def _has_monitoring_yml(self, file: str) -> bool:
return self._exists(os.path.join(os.path.dirname(file), 'monitoring.yml'))


class PackageBumped(PullRequestCheck):
@@ -453,8 +488,18 @@ def _check_deps(self, deps: str, file: str) -> Optional[Result]:
exp = self._sorted(cur)

if cur != exp:
class Dumper(YAML):
def dump(self, data: Any, stream: Optional[StringIO] = None, **kw: int) -> Any:
self.default_flow_style = False
self.indent(offset=4, sequence=4)
self.prefix_colon = ' ' # type: ignore[assignment]
stream = StringIO()
YAML.dump(self, data, stream, **kw)
return stream.getvalue()

yaml = Dumper(typ='safe', pure=True)
return Result(file=file, level=self._level, line=self.file_line(file, '^' + deps + r'\s*:'),
message=f'{deps} are not in order, expected: \n' + yaml.safe_dump(exp))
message=f'{deps} are not in order, expected: \n' + yaml.dump(exp))

return None

@@ -631,6 +676,40 @@ def _xml_file(self, package_dir: str) -> PspecXML:
return self.load_pspec_xml(os.path.join(package_dir, 'pspec_x86_64.xml'))


class StaticLibs(PullRequestCheck):
"""
Checks if any static libraries have been included.
Static libraries can be allowed by adding them to the allow list.
"""
_error = 'A static library has been included in the package.'
_level = Level.ERROR

def run(self) -> List[Result]:
return [self._result(pspec, file)
for pspec in self.filter_files('pspec_x86_64.xml')
if not self._allowed_package(pspec)
for file in self.load_pspec_xml(pspec).files
if self._check(file)]

def _result(self, pspec: str, file: str) -> Result:
return Result(message=f'A static library has been included in the package: `{file}`. '
'Whitelist the package or file in `common/CI/config.yaml` if this is desired.',
file=pspec, line=self.file_line(pspec, f'.*{file}.*'), level=self._level)

def _check(self, file: str) -> bool:
return (file.startswith('/usr/lib') and
file.endswith('.a') and
not self._allowed_path(file))

def _allowed_package(self, file: str) -> bool:
return self.package_for(file) in self.config.static_libs.allowed_packages

def _allowed_path(self, file: str) -> bool:
return any([fnmatch.filter([file], pattern)
for pattern in self.config.static_libs.allowed_files])


class SystemDependencies(PullRequestCheck):
_components = ['system.base', 'system.devel']

@@ -719,13 +798,15 @@ class Checker:
CommitMessage,
FrozenPackage,
Homepage,
Monitoring,
PackageBumped,
PackageDependenciesOrder,
PackageDirectory,
PackageVersion,
Patch,
Pspec,
SPDXLicense,
StaticLibs,
SystemDependencies,
UnwantedFiles,
]
14 changes: 11 additions & 3 deletions common/Hooks/prepare-commit-msg.py
View file
Original file line number Diff line number Diff line change
@@ -4,7 +4,7 @@
import subprocess
import yaml

scope_help = "# Scope and title, eg: nano: Update to 1.2.3\n"
scope_help = "# Scope and title, eg: nano: Update to v1.2.3\n"
help_msg = """
**Summary**
@@ -29,8 +29,16 @@ def commit_scope(commit_dir: str) -> str:
stdout=subprocess.PIPE)
if "+version" in recipe_diff_result.stdout.decode('utf-8'):
with open(os.path.join(commit_dir, 'package.yml')) as recipe:
version = yaml.safe_load(recipe)['version']
return os.path.basename(commit_dir) + ': Update to ' + str(version)
data = yaml.safe_load(recipe)
if str(data['release']) == '1':
return os.path.basename(commit_dir) + ': Add at v' + str(data['version'])
return os.path.basename(commit_dir) + ': Update to v' + str(data['version'])

# Detect non-functional changes ([NFC])
staged_files_res = subprocess.run(['git', 'diff', '--name-only', '--staged', commit_dir],
stdout=subprocess.PIPE)
if 'pspec_x86_64.xml' not in staged_files_res.stdout.decode('utf-8'):
return "[NFC] " + os.path.basename(commit_dir) + ': '

return os.path.basename(commit_dir) + ': '

Loading
Oops, something went wrong.

0 comments on commit 979bc6b

Please sign in to comment.