aboutsummaryrefslogtreecommitdiff
path: root/buildtools
diff options
context:
space:
mode:
Diffstat (limited to 'buildtools')
-rw-r--r--buildtools/build-freebsd-ports.py204
-rw-r--r--buildtools/freebsd-skeleton/rpki-ca/Makefile20
-rw-r--r--buildtools/freebsd-skeleton/rpki-ca/pkg-plist0
-rw-r--r--buildtools/freebsd-skeleton/rpki-ca/pkg-upgrade18
-rw-r--r--buildtools/freebsd-skeleton/rpki-rp/Makefile30
-rw-r--r--buildtools/freebsd-skeleton/rpki-rp/pkg-plist0
-rw-r--r--buildtools/freebsd-skeleton/rpki-rp/pkg-upgrade18
7 files changed, 107 insertions, 183 deletions
diff --git a/buildtools/build-freebsd-ports.py b/buildtools/build-freebsd-ports.py
index b560498c..c422f02f 100644
--- a/buildtools/build-freebsd-ports.py
+++ b/buildtools/build-freebsd-ports.py
@@ -1,46 +1,64 @@
-# Construct FreeBSD ports templates given the name of a Subversion
-# working directory.
-#
# $Id$
#
-# Copyright (C) 2012-2013 Internet Systems Consortium ("ISC")
-#
+# Copyright (C) 2014 Dragon Research Labs ("DRL")
+# Portions copyright (C) 2012-2013 Internet Systems Consortium ("ISC")
+#
# Permission to use, copy, modify, and distribute this software for any
# purpose with or without fee is hereby granted, provided that the above
-# copyright notice and this permission notice appear in all copies.
-#
-# THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
-# REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
-# AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
-# INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
-# LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
-# OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
+# copyright notices and this permission notice appear in all copies.
+#
+# THE SOFTWARE IS PROVIDED "AS IS" AND DRL AND ISC DISCLAIM ALL
+# WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED
+# WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL DRL OR
+# ISC BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL
+# DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA
+# OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER
+# TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
# PERFORMANCE OF THIS SOFTWARE.
+"""
+Construct FreeBSD port directories.
+
+This is a script because we need to generate package lists and update
+version numbers in the Makefiles.
+"""
+
import sys
import os
+import re
import subprocess
import errno
import glob
import shutil
-
-try:
- svndir = sys.argv[1]
-except IndexError:
- sys.exit("Usage: %s subversion-working-directory" % sys.argv[0])
-
-if not os.path.isdir(svndir):
- sys.exit("Usage: %s subversion-working-directory" % sys.argv[0])
-
-svnversion = subprocess.check_output(("svnversion", "-c", svndir)).strip().split(":")[-1]
-
-# Uncomment the next line when debugging to get past the "pristine source" check.
-svnversion = svnversion.translate(None, "M")
+import argparse
+
+def check_dir(s):
+ if not os.path.isdir(s):
+ raise argparse.ArgumentTypeError("%r is not a directory" % s)
+ return s
+
+parser = argparse.ArgumentParser(description = __doc__)
+parser.add_argument("--allow-dirty", action = "store_true",
+ help = "don't insist on pristine subversion checkout")
+parser.add_argument("--make-package", action = "store_true",
+ help = "build binary package")
+parser.add_argument("--no-clean", action = "store_true",
+ help = "don't clean port after staging etc (implies --no-tarball)")
+parser.add_argument("--no-tarball", action = "store_true",
+ help = "don't create tarball of generated port")
+parser.add_argument("svndir", metavar = "subversion-working-directory", type = check_dir,
+ help = "directory containing subversion working tree")
+args = parser.parse_args()
+
+svnversion = subprocess.check_output(("svnversion", "-c", args.svndir)).strip().split(":")[-1]
+
+if args.allow_dirty:
+ svnversion = svnversion.translate(None, "M")
if not svnversion.isdigit():
sys.exit("Sources don't look pristine, not building (%r)" % svnversion)
-branch = os.path.basename(svndir.rstrip(os.path.sep))
+branch = os.path.basename(args.svndir.rstrip(os.path.sep))
if branch != "trunk" and (branch[:2] != "tk" or not branch[2:].isdigit()):
sys.exit("Could not parse branch from working directory name, not building (%r)" % branch)
@@ -53,13 +71,20 @@ url = "http://download.rpki.net/" + tarball
portsdir = os.path.abspath("freebsd-ports")
portsdir_old = portsdir + ".old"
+# Could perhaps use distutils.sysconfig.get_python_lib() instead of
+# this regexp hack, but would be just as complicated in its own way,
+# so just go with this for the moment.
+
+py_lib = re.compile(r"^lib/python\d+\.\d+")
+py_sitelib = re.compile(r"^lib/python\d+\.\d+/site-packages")
+
if os.path.isdir(portsdir_old):
shutil.rmtree(portsdir_old)
if os.path.isdir(portsdir):
os.rename(portsdir, portsdir_old)
-shutil.copytree(os.path.join(svndir, "buildtools", "freebsd-skeleton"), portsdir)
+shutil.copytree(os.path.join(args.svndir, "buildtools", "freebsd-skeleton"), portsdir)
if os.path.exists(os.path.join(portsdir_old, tarball)):
os.link(os.path.join(portsdir_old, tarball), os.path.join(portsdir, tarball))
@@ -69,97 +94,52 @@ elif os.path.exists(os.path.join("/usr/ports/distfiles", tarball)):
if os.path.isdir(portsdir_old):
shutil.rmtree(portsdir_old)
-base_rp = os.path.join(portsdir, "rpki-rp")
-base_ca = os.path.join(portsdir, "rpki-ca")
+if args.make_package:
+ pkgdir = os.path.join(portsdir, "packages")
+ os.mkdir(pkgdir)
+
+formatdict = dict(SVNVERSION = svnversion, SVNBRANCH = branch)
-formatdict = dict(SVNVERSION = svnversion,
- SVNBRANCH = branch)
+keepdirs = ("usr", "etc", "bin", "var", "lib", "libexec", "sbin", "share", "etc/rc.d", "%%PYTHON_SITELIBDIR%%")
for port in ("rpki-rp", "rpki-ca"):
+ base = os.path.join(portsdir, port)
+ stage = os.path.join(base, "work", "stage")
fn = os.path.join(portsdir, port, "Makefile")
with open(fn, "r") as f:
template = f.read()
with open(fn, "w") as f:
f.write(template % formatdict)
-subprocess.check_call(("make", "makesum", "DISTDIR=" + portsdir), cwd = base_rp)
-subprocess.check_call(("make", "makesum", "DISTDIR=" + portsdir), cwd = base_ca)
-
-trust_anchors = [os.path.basename(fn)
- for fn in subprocess.check_output(("tar", "tf", os.path.join(portsdir, tarball))).splitlines()
- if "/rcynic/sample-trust-anchors/" in fn and fn.endswith(".tal")]
-
-with open(os.path.join(base_rp, "pkg-plist"), "w") as f:
-
- f.write('''\
-bin/find_roa
-bin/hashdir
-bin/print_roa
-bin/print_rpki_manifest
-bin/rcynic
-bin/rcynic-cron
-bin/rcynic-html
-bin/rcynic-svn
-bin/rcynic-text
-bin/rtr-origin
-bin/scan_roas
-bin/validation_status
-etc/rcynic.conf.sample
-''')
-
- for trust_anchor in sorted(trust_anchors):
- f.write("etc/rpki/trust-anchors/%s\n" % trust_anchor)
-
- f.write('''\
-@dirrm etc/rpki/trust-anchors
-@dirrmtry etc/rpki
-@dirrm www/apache%%APACHE_VERSION%%/data/rcynic
-@cwd /
-@dirrm var/rcynic/data
-@dirrm var/rcynic/rpki-rtr/sockets
-@dirrm var/rcynic/rpki-rtr
-@dirrm var/rcynic
-''')
-
-# "USE_GNOME=" gets rid of annoying whining due to empty or
-# non-existent pkg-plist. The (direct) Gnome dependency doesn't
-# matter while constructing the port skeleton, so it's simplest just
-# to disable it for this one command.
-
-subprocess.check_call(("make", "DISTDIR=" + portsdir, "USE_GNOME="), cwd = base_ca)
-
-tempdir = os.path.join(base_ca, "work", "temp-install", "")
-
-subprocess.check_call(("make", "install", "DESTDIR=" + os.path.abspath(tempdir)),
- cwd = os.path.join(base_ca, "work", tarname))
-
-with open(os.path.join(base_ca, "pkg-plist"), "w") as f:
-
- dont_remove = ("usr", "etc", "bin", "var", "lib", "libexec", "sbin", "share", "lib/python2.7", "lib/python2.7/site-packages")
-
- usr_local = None
-
- for dirpath, dirnames, filenames in os.walk(tempdir, topdown = False):
- dn = dirpath[len(tempdir):]
-
- if dn.startswith("usr/local"):
- if not usr_local and usr_local is not None:
- f.write("@cwd\n")
- usr_local = True
- dn = dn[len("usr/local/"):]
- else:
- if usr_local:
- f.write("@cwd /\n")
- usr_local = False
-
- for fn in filenames:
- f.write(os.path.join(dn, fn) + "\n")
-
- if dn and dn not in dont_remove:
- f.write("@dirrm %s\n" % dn)
-
-subprocess.check_call(("make", "clean"), cwd = base_ca)
-
-for port in ("rpki-rp", "rpki-ca"):
- subprocess.check_call(("tar", "czf", "%s-port.tgz" % port, port), cwd = portsdir)
+ subprocess.check_call(("make", "makesum", "stage", "DISTDIR=" + portsdir), cwd = base)
+
+ with open(os.path.join(base, "pkg-plist"), "w") as f:
+ usr_local = None
+ for dirpath, dirnames, filenames in os.walk(stage, topdown = False):
+ dn = dirpath[len(stage)+1:]
+ if dn.startswith("usr/local"):
+ if not usr_local and usr_local is not None:
+ f.write("@cwd\n")
+ usr_local = True
+ dn = dn[len("usr/local/"):]
+ dn = py_sitelib.sub("%%PYTHON_SITELIBDIR%%", dn)
+ if dn == "etc/rc.d":
+ continue
+ else:
+ if usr_local:
+ f.write("@cwd /\n")
+ usr_local = False
+ for fn in filenames:
+ f.write(os.path.join(dn, fn) + "\n")
+ if dn and dn not in keepdirs and not py_lib.match(dn):
+ f.write("@dirrm %s\n" % dn)
+
+ if args.make_package:
+ subprocess.check_call(("make", "clean", "package", "PKGREPOSITORY=" + pkgdir), cwd = base)
+
+ if not args.no_clean:
+ subprocess.check_call(("make", "clean"), cwd = base)
+
+ if not args.no_tarball and not args.no_clean:
+ subprocess.check_call(("tar", "czf", "%s-port.tgz" % port, port), cwd = portsdir)
diff --git a/buildtools/freebsd-skeleton/rpki-ca/Makefile b/buildtools/freebsd-skeleton/rpki-ca/Makefile
index 6cf890d6..71f38436 100644
--- a/buildtools/freebsd-skeleton/rpki-ca/Makefile
+++ b/buildtools/freebsd-skeleton/rpki-ca/Makefile
@@ -9,6 +9,7 @@ COMMENT= rpki.net RPKI CA tools
WWW= http://rpki.net/
GNU_CONFIGURE= yes
+NO_MTREE= yes
USE_PYTHON= 2.7+
USE_GNOME= libxml2 libxslt
USE_MYSQL= server
@@ -16,9 +17,12 @@ USE_APACHE_RUN= 22+
USE_RC_SUBR= rpki-ca
-# Disable a couple of recent whoopie cushions in the FreeBSD ports system
+# Disable parallel builds, they failed last time I tried and we don't really need them
MAKE_JOBS_UNSAFE= yes
-NO_STAGE = yes
+
+# We depend on our own relying party code. Perhaps this should require our own version number?
+BUILD_DEPENDS+= rpki-rp>0:${PORTSDIR}/net/rpki-rp
+RUN_DEPENDS+= rpki-rp>0:${PORTSDIR}/net/rpki-rp
# For OpenSSL, not needed otherwise
USE_PERL5_BUILD=yes
@@ -26,9 +30,6 @@ USE_PERL5_BUILD=yes
# For building OpenSSL, not needed otherwise
BUILD_DEPENDS+= makedepend>0:${PORTSDIR}/devel/makedepend
-# Needed at build to keep ./configure from complaining.
-BUILD_DEPENDS+= rsync>0:${PORTSDIR}/net/rsync
-
RPKID_DEPENDS= ${PYTHON_PKGNAMEPREFIX}lxml>0:${PORTSDIR}/devel/py-lxml \
${PYTHON_PKGNAMEPREFIX}MySQLdb>0:${PORTSDIR}/databases/py-MySQLdb \
${PYTHON_PKGNAMEPREFIX}django>=1.3.7:${PORTSDIR}/www/py-django \
@@ -40,17 +41,14 @@ RPKID_DEPENDS= ${PYTHON_PKGNAMEPREFIX}lxml>0:${PORTSDIR}/devel/py-lxml
BUILD_DEPENDS+= ${RPKID_DEPENDS}
RUN_DEPENDS+= ${RPKID_DEPENDS}
-RUN_DEPENDS+= ${APACHE_PKGNAMEPREFIX}mod_wsgi>3:${PORTSDIR}/www/mod_wsgi3
+RUN_DEPENDS+= ${APACHE_PKGNAMEPREFIX}mod_wsgi3>0:${PORTSDIR}/www/mod_wsgi3
# Try to use system OpenSSL if we can.
CONFIGURE_ENV= CFLAGS="-I${LOCALBASE}/include" LDFLAGS="-L${LOCALBASE}/lib"
-CONFIGURE_ARGS= --disable-target-installation --disable-rp-tools APACHE_VERSION=${APACHE_VERSION}
+CONFIGURE_ARGS= --disable-target-installation --disable-runtime-dependencies --disable-rp-tools APACHE_VERSION=${APACHE_VERSION}
pre-install:
- PKG_PREFIX=${PREFIX} ${SH} ${PKGINSTALL} ${PKGNAME} PRE-INSTALL
-
-post-install:
- PKG_PREFIX=${PREFIX} ${SH} ${PKGINSTALL} ${PKGNAME} POST-INSTALL
+ @test -d ${STAGEDIR}${PREFIX}/etc/rc.d || mkdir -p ${STAGEDIR}${PREFIX}/etc/rc.d
.include <bsd.port.mk>
diff --git a/buildtools/freebsd-skeleton/rpki-ca/pkg-plist b/buildtools/freebsd-skeleton/rpki-ca/pkg-plist
deleted file mode 100644
index e69de29b..00000000
--- a/buildtools/freebsd-skeleton/rpki-ca/pkg-plist
+++ /dev/null
diff --git a/buildtools/freebsd-skeleton/rpki-ca/pkg-upgrade b/buildtools/freebsd-skeleton/rpki-ca/pkg-upgrade
deleted file mode 100644
index f569a3d6..00000000
--- a/buildtools/freebsd-skeleton/rpki-ca/pkg-upgrade
+++ /dev/null
@@ -1,18 +0,0 @@
-#!/bin/sh -
-
-echo 1>&2 "pkg-upgrade invoked with arguments \"$*\"."
-
-case $2 in
-
-PRE-UPGRADE)
- ;;
-
-POST-UPGRADE)
- ;;
-
-*)
- echo "No clue what this script is meant to do when invoked with arguments \"$*\"."
- #exit 1
- ;;
-
-esac
diff --git a/buildtools/freebsd-skeleton/rpki-rp/Makefile b/buildtools/freebsd-skeleton/rpki-rp/Makefile
index be88adc0..adae6ef0 100644
--- a/buildtools/freebsd-skeleton/rpki-rp/Makefile
+++ b/buildtools/freebsd-skeleton/rpki-rp/Makefile
@@ -9,6 +9,7 @@ COMMENT= rpki.net RPKI relying party tools
WWW= http://rpki.net/
GNU_CONFIGURE= yes
+NO_MTREE= yes
USE_PYTHON= 2.7+
USE_GNOME= libxml2 libxslt
USE_APACHE_RUN= 22+
@@ -35,37 +36,18 @@ RUN_DEPENDS+= rrdtool>0:${PORTSDIR}/databases/rrdtool
# Just want relying party tools, try to use system OpenSSL if we can.
-CONFIGURE_ARGS= --disable-ca-tools APACHE_VERSION=${APACHE_VERSION}
+CONFIGURE_ARGS= --disable-target-installation --disable-runtime-dependencies --disable-ca-tools APACHE_VERSION=${APACHE_VERSION}
CONFIGURE_ENV= CFLAGS="-I${LOCALBASE}/include" LDFLAGS="-L${LOCALBASE}/lib"
-# Disable a couple of recent whoopie cushions in the FreeBSD ports system
+# Disable parallel builds, they failed the last time I tried and we don't really need them
MAKE_JOBS_UNSAFE= yes
-NO_STAGE = yes
# rcynic's Makefile constructs an rcynic.conf for us if it doesn't
# find one already installed. This turns out to be exactly what
-# FreeBSD's rules want us to install as rcynic.conf.sample, so we
-# shuffle things around a bit just before and just after installation
-# to make this all come out right.
-#
-# If I ever teach rcynic to construct a .conf.sample file per the
-# FreeBSD way of doing things, this will need to change to match.
-
-pre-install:
- PKG_PREFIX=${PREFIX} ${SH} ${PKGINSTALL} ${PKGNAME} PRE-INSTALL
- @if test -f ${PREFIX}/etc/rcynic.conf; \
- then \
- ${MV} -f ${PREFIX}/etc/rcynic.conf ${PREFIX}/etc/rcynic.conf.real; \
- fi
+# FreeBSD's rules want us to install as rcynic.conf.sample, so we just
+# rename it.
post-install:
- PKG_PREFIX=${PREFIX} ${SH} ${PKGINSTALL} ${PKGNAME} POST-INSTALL
- @if test -f ${PREFIX}/etc/rcynic.conf.real; \
- then \
- ${MV} -f ${PREFIX}/etc/rcynic.conf ${PREFIX}/etc/rcynic.conf.sample; \
- ${MV} -f ${PREFIX}/etc/rcynic.conf.real ${PREFIX}/etc/rcynic.conf; \
- else \
- ${CP} -p ${PREFIX}/etc/rcynic.conf ${PREFIX}/etc/rcynic.conf.sample; \
- fi
+ ${MV} -vf ${STAGEDIR}${PREFIX}/etc/rcynic.conf ${STAGEDIR}${PREFIX}/etc/rcynic.conf.sample
.include <bsd.port.mk>
diff --git a/buildtools/freebsd-skeleton/rpki-rp/pkg-plist b/buildtools/freebsd-skeleton/rpki-rp/pkg-plist
deleted file mode 100644
index e69de29b..00000000
--- a/buildtools/freebsd-skeleton/rpki-rp/pkg-plist
+++ /dev/null
diff --git a/buildtools/freebsd-skeleton/rpki-rp/pkg-upgrade b/buildtools/freebsd-skeleton/rpki-rp/pkg-upgrade
deleted file mode 100644
index f569a3d6..00000000
--- a/buildtools/freebsd-skeleton/rpki-rp/pkg-upgrade
+++ /dev/null
@@ -1,18 +0,0 @@
-#!/bin/sh -
-
-echo 1>&2 "pkg-upgrade invoked with arguments \"$*\"."
-
-case $2 in
-
-PRE-UPGRADE)
- ;;
-
-POST-UPGRADE)
- ;;
-
-*)
- echo "No clue what this script is meant to do when invoked with arguments \"$*\"."
- #exit 1
- ;;
-
-esac
generated by cgit v1.2.3 (git 2.25.1) at 2025-05-10 23:12:46 +0000