GitHub allows to reference https://github.com/<user>/<proj>/archive/<ver>.tar.gz
also as https://github.com/<user>/<proj>/archive/<ver>/<anything>.tar.gz.
moving files and directories from $pkgdir to $subpkgdir is a common
pattern, so make a helper function for this.
usage: amove FILESPEC...
FILESPEC is a list of files or patterns/globs that will be exanded by
the shell.
amove will clean up empty directories after moving the files/dirs.
Example usage:
amove 'usr/lib/lib*.a'
amove 'etc/*.d' # moves both etc/conf.d and etc/init.d
amove 'lib/*.so' 'usr/lib/*.so'
cd "$pkgdir"
find usr -name '*.h' | xargs amove
This is based on the work of Chloe Kudryavtsev:
https://github.com/alpinelinux/abuild/pull/92
- set PATH in the rootbld environment so ccache is actually used.
- drop the check for command -v ccache. ccache will be pulled in as
build dependency so we don't need to die if its missing.
- create ~/.ccache if missing rather than die. This directory will
normally be created by ccache itself, but we need to create it so we
can bind mount it incase of rootbld.
- don't die if ccache.conf is missing. ccache will create it.
avoid install ccache and bind mount ~/.ccache when USE_CCACHE is not
set.
This fixes bind mount error when ~/.ccache is missing and USE_CCACHE is
unset.
This introduces basic support for ccache, during packaging builds.
If you are building many packages, it is recommended to manually
increase the maximum size of the ccache cache. This is typically
achieved by modifying `~/.ccache/ccache.conf` and adjusting the
`max_size` setting.
Signed-off-by: Joseph Benden <joe@benden.us>
When you have `-dev` and install `-libs-static`, for example,
it helps to only need to add one to `makedepends` instead of both.
After a grep of the current aports, it turns out matching the
prefix of `subpkgname` will be more useful.
This functionality is no longer needed by the build servers and is broken as it
does not handle
* provides= tags
* automatic dependencies added by trace_apk_deps()
* inter-repository dependencies
* circular dependencies caused by the unit tests in check()
With a recent change in apk [1], virtual packages of the same name will
upgrade each other. Adjust abuild to this by not using the same virtual
package name for two types of dependencies.
This fixes the way crosscompilers are built in postmarketOS [2], which
is essentially the same as running this on Alpine's gcc aport:
$ cd aports/main/gcc
$ C_TARGET_ARCH=armhf CTARGET=armv6-alpine-linux-musleabihf \
BOOTSTRAP=nobuildbase CBUILDROOT=/ abuild -r
...
>>> gcc-armhf: Installing for host:
(1/24) Upgrading .makedepends-gcc-armhf (20190714.104731 -> 20190714.104741)
(2/24) Purging binutils-armhf (2.31.1-r2)
...
[1] apk-tools.git 37fbafcd928c466c82c892a7868d686d710e5d07
("add: make virtual packages upgradeable (ref #9957)")
[2] https://gitlab.com/postmarketOS/pmaports/blob/master/cross/gcc-armhf/APKBUILD
Fixes: https://gitlab.alpinelinux.org/alpine/apk-tools/issues/10649
Before this change an invalid licence= in an APKBUILD will pass `abuild
sanitycheck`. '/usr/share/spdx/license.lst' contains one licence per line.
`grep -x` will match partial lines whereas `grep -w` will only match whole
lines.
An simple demonstration is with 'GPL-3.0' which is not a valid SPDX licence
identifier. 'GPL-3.0-only' and 'GPL-3.0-or-later' are valid licences.
```
$ grep --help
BusyBox v1.30.1 (2019-04-26 06:26:16 UTC) multi-call binary.
Usage: grep [-HhnlLoqvsriwFE] [-m N] [-A/B/C N] PATTERN/-e PATTERN.../-f FILE [FILE]...
Search for PATTERN in FILEs (or stdin)
✂
-w Match whole words only
-x Match whole lines only
✂
$ grep -w -F GPL-3.0 /usr/share/spdx/license.lst
GPL-3.0-only
GPL-3.0-or-later
$ grep -x -F GPL-3.0 /usr/share/spdx/license.lst
$
```
Not allowing --allow-untrusted is obviously a good idea, but it can be
trivially bypassed if --keys-dir is allowed:
$ abuild-apk add foo-1-r0.apk
ERROR: foo-1-r0.apk: UNTRUSTED signature
$ abuild-apk --allow-untrusted add foo-1-r0.apk
abuild-apk: --allow-untrusted: not allowed option
$ cp -rp /etc/apk/keys /tmp/keys
$ cp untrusted.pub /tmp/keys
$ abuild-apk --keys-dir /tmp/keys add foo-1-r0.apk
(1/1) Installing foo (1-r0)
OK: 4319 MiB in 806 packages
If both --allow-untrusted and --keys-dir are not allowed, then it should
no longer be possible for an unprivileged member of the abuild group to
add an untrusted package.
$ abuild-apk --keys-dir /tmp/keys add foo-1-r0.apk
abuild-apk: --keys-dir: not allowed option
Replace text in usage description of fetch that claims to verify sources
with a suggestion to use 'abuild fetch verify', which will actually
verify them.
'abuild fetch' alone will not verify sources, as it only executes the
fetch() function.
