The goal of this script is similar to Linux's checkpatch.pl: it is
meant to check patch before sending them.
Right now it only tests if a signed-off-by is missing, and if the
commit information (commit message, author, date, etc but not the
diff) is too big as a workaround to the bug #66268[1], but over time
more checks can be added.
The report of the bug #66268[1] mention that what tend to trigger the
issue is commits "with a large (4kB) commit message".
[1]https://debbugs.gnu.org/cgi/bugreport.cgi?bug=66268
So we want to avoid such commits to avoid breaking "guix git
authenticate" in the future.
To do that, checkpatch.scm reports an error if the size of the patch
from the beginning of the patch file until the point where the diff
starts is less than 2500 Bytes.
A lower threshold has been chosen as the commit object size can be
bigger than the patch file without the diff, as there are at least
signatures inside the commit objects.
The last commit GNUtoo signed at the time of writing is the commit
83f955870a ("website/docs/build: mark
the Trisquel bug as solved and clarify the Guix one") and this is done
with an RSA GPG key of 4096 bits and in this case the signature is
about 855 bytes. This was calculated with 'git cat-file -p 83f95587'.
As GNU Boot is looking for contributions, including contributions by
less technical users, we do not require its use by people sending
patches, however it is still a good idea to require its use by the GNU
Boot maintainers as we want to spot the most important issues that
cannot be fixed later on.
Thanks to neox for the research and the calculation on the git commit
signature size.
Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
Acked-by: Adrien 'neox' Bourmault <neox@gnu.org>
In GNU Boot, at the time of writing, we want to advise users to use
the GRUB images as they don't require users to modify their
distribtions.
However before the commit aec2e2f2bcf7693a05e416f9722e15b9d1854516
("Fix bug #65663 (No support for LVM2)."), most computers using LVM2
would not boot with these images.
The bug is now fixed by this commit, however since we ship a custom
grub.cfg and that it is very important to get it right, it's a good
idea to have some sort of automated testing for it.
It uses Trisquel (instead of other FSF certified distributions) for
several reasons:
- Trisquel can be used by less technical users, and so it's important
to make sure it works as less technical users tend to have harder
times finding workaround when things break.
- It's probably the GNU/Linux distribution that most current and
potential GNU Boot users use.
- It is also maintained by a community that welcome contributions, so
if we hit some issues, we can also contribute to get it fixed (we
also verified that multiple times by contributing to it).
Note that we also welcome tests that reuse other distributions as
well.
Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
neox: fixed typos in the commit message and fixed copyright notice
Acked-by: Adrien Bourmault <neox@gnu.org>
Before being merged with the commit
dc6e1f32c1 ("Import website-build to
build the GNU Boot website."), website-build was a separate git
repository.
And so, even after the merge, until the commit
20d122e94a ("website-build: use website
from local git repository."), it still worked in the same way and
still downloaded the website from git.
This prevented merging the website and website-build directories
together as the GNU Boot repository also needed to be a valid Untitled
website repository as well.
Now after this commit, the website is built from the same git tree, so
we can simply adjust the build scripts to be able to move things
around.
In addition of making things more clear for contributors, it also
simplify the migration to haunt as with haunt we typically have the
haunt.cfg (and the autotools build code if needed) code in the top
directory and the markdown files in a subdirectory.
Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
Acked-by: Adrien 'neox' Bourmault <neox@gnu.org>
Without that fix, shellcheck -x complains a lot:
In build.sh line 53:
mkdir -p "$(dirname ${dst_path})"
^---------^
SC2086 (info): Double quote to prevent globbing and word splitting.
In build.sh line 82:
git -C "${dst_path}" am $(realpath ${patch})
^------------------^
SC2046 (warning): Quote this to prevent word splitting.
git -C "${dst_path}" am $(realpath ${patch})
^------^
SC2086 (info): Double quote to prevent globbing and word splitting.
In build.sh line 112:
opt="$(eval echo \$$i)"
^--
SC2086 (info): Double quote to prevent globbing and word splitting.
In build.sh line 127:
untitled_path="$(eval echo \$$(expr $i + 1))"
^------------^
SC2046 (warning): Quote this to prevent word splitting.
untitled_path="$(eval echo \$$(expr $i + 1))"
^--^
SC2003 (style): expr is antiquated.
Consider rewriting this using $((..)), ${} or [[ ]].
untitled_path="$(eval echo \$$(expr $i + 1))"
^--
SC2086 (info): Double quote to prevent globbing and word splitting.
In build.sh line 128:
i="$(expr "$i" + 1)"
^--^
SC2003 (style): expr is antiquated.
Consider rewriting this using $((..)), ${} or [[ ]].
In build.sh line 136:
i="$(expr "$i" + 1)"
^--^
SC2003 (style): expr is antiquated.
Consider rewriting this using $((..)), ${} or [[ ]].
Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
Acked-by: Adrien 'neox' Bourmault <neox@gnu.org>
GNU Boot can be installed on some I945 ThinkPads without disassembling
them. To do that it requires both a patched flashrom and bucts.
This build them and also integrate Guix in GNU Boot as a dependency to
build them.
This will enable us to later on ship these utilities and then update
the installation instructions to use them somehow.
It also makes sure that we have proper authorship of the patch used
for flashrom and also unify the two flashrom patches not to require
two different flashrom binaries.
Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
Acked-by: Adrien 'neox' Bourmault <neox@gnu.org>
The goal here is to be able to add configure options later on.
Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
Acked-by: Adrien 'neox' Bourmault <neox@gnu.org>
Without this fix, running shellcheck -x on
resources/scripts/misc/guix.sh returns many errors.
For each guix version declaration we have something like that:
In resources/scripts/misc/guix.sh line 21:
guix_v0_0="6365068393254e1131ab80eb0d68a759e7fd2256"
^-------^ SC2034 (warning): guix_v0_0 appears unused.
Verify use (or export if used externally).
and here the variables are actually used in this code:
guix_version_commit()
{
version="$1"
eval echo "$(echo \$guix_"${version}" | sed 's#\.#_#g')"
}
so we workaround by disabling that test for each version declaration.
Then shellcheck cannot find "$GUIX_PROFILE"/etc/profile:
In resources/scripts/misc/guix.sh line 91:
. "$GUIX_PROFILE"/etc/profile
^-------------------------^ SC1091 (info):
Not following: ./etc/profile: openBinaryFile:
does not exist (No such file or directory)
so we disabled that test for this line.
After that we have many issues with quoting like this one:
In resources/scripts/misc/guix.sh line 104:
eval echo $(echo \$guix_"${version}" | sed 's#\.#_#g')
^-- SC2046 (warning):
Quote this to prevent word splitting.
or this one:
In resources/scripts/misc/guix.sh line 233:
major="$(echo ${version} | awk -F . '{print $1}')"
^--------^ SC2086 (info):
Double quote to prevent globbing and word splitting.
these were fixed.
We also improved a test by using grep -q:
In resources/scripts/misc/guix.sh line 272:
elif [ -n "$(echo ${revision} | grep '\.')" ] ; then
^-- SC2143 (style):
Use grep -q instead of comparing output with [ -n .. ]
And finally in guix_version_commit a sed was avoided by using bash
replacement, and when that was not possible (in guix_next_version),
the shellcheck test for that was disabled.
Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
Acked-by: Adrien 'neox' Bourmault <neox@gnu.org>
For some reason, 'make release' produces the following files:
- release/roms/gnuboot-lbwww-20211122-328-gafe01fb_default.tar.xz
- release/roms/gnuboot-lbwww-20211122-328-gafe01fb_fam15h_rdimm.tar.xz
- release/roms/gnuboot-lbwww-20211122-328-gafe01fb_fam15h_udimm.tar.xz
This commit works around that issue.
Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
Acked-by: Adrien 'neox' Bourmault <neox@gnu.org>
In the commit 4744953f73 ("u-boot-libre:
move to different tasks."), the distclean task of u-boot-libre was
removed, so this broke the lint tests as that file was not removed
from the list of files to check in tests/lint.
Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
Acked-by: Adrien 'neox' Bourmault <neox@gnu.org>
This helps avoiding duplicate lines and make it easier to find things.
Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
Acked-by: Adrien 'neox' Bourmault <neox@gnu.org>
Without that fix we have the following issue on PureOS byzantium:
$ resources/packages/coreboot/distclean
resources/packages/coreboot/distclean: 19:
resources/packages/coreboot/../../scripts/tasks/distclean.sh:
Bad substitution
resources/packages/coreboot/distclean: 20: .:
cannot open /../../..//resources/scripts/misc/sysexits.sh:
No such file
This happens because packages/coreboot/distclean uses #!/bin/sh and
that the default sh shell isn't using bash:
$ readlink $(which sh)
dash
and using bash instead works fine:
$ bash resources/packages/coreboot/distclean ; echo $?
0
all the other distclean scripts in packages/*/ have exactly the same
issue. The tests/distlean script is also affected since it also
sources the distclean task.
So we use #!/usr/bin/env bash as it work with both Guix and regular
more or less FHS compliant distributions.
This issue was introduced by the commit
c7e28dc660 ("packages: Add distclean").
Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
Acked-by: Adrien 'neox' Bourmault <neox@gnu.org>
Without that fix, running 'shellcheck -x build' produces the following
errors/warnings:
In update line 81:
case "${option}" in
^-- SC1009 (info):
The mentioned syntax error was in this case expression.
In update line 82:
list)
^-- SC1073 (error):
Couldn't parse this case item. Fix to allow more checks.
In update line 92:
all)
^-- SC1072 (error):
Fix any mentioned problems and try again.
^-- SC1074 (error):
Did you forget the ;; after the previous case item?
After fixing these and rerunning 'shellcheck -x build', we then have
the following errors/warnings:
In update line 23:
[ "x${DEBUG+set}" = 'xset' ] && set -v
^-------------^ SC2268 (style):
Avoid x-prefix in comparisons as it no longer serves a purpose.
In update line 32:
ls -d resources/packages/*/update/ | \
^-- SC2012 (info):
Use find instead of ls to better handle non-alphanumeric filenames.
In update line 40:
ls -d resources/packages/"${package}"/update/* | \
^-- SC2012 (info):
Use find instead of ls to better handle non-alphanumeric filenames.
In update line 95:
resources/packages/"${package}"/update/"${option}" $@
^-- SC2068 (error):
Double quote array expansions to avoid re-splitting elements.
In update line 102:
"${pkg_dir}"/update/"${option}" $@
^-- SC2068 (error):
Double quote array expansions to avoid re-splitting elements.
so we fix them as well.
Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
Acked-by: Adrien 'neox' Bourmault <neox@gnu.org>
Without that fix, running 'shellcheck -x build' produces the following
errors/warnings:
In download line 26:
[ "x${DEBUG+set}" = 'xset' ] && set -v
^-------------^ SC2268 (style):
Avoid x-prefix in comparisons as it no longer serves a purpose.
In download line 37:
[ "x${NODELETE+set}" = 'xset' ] && deleteblobs="false"
^----------------^ SC2268 (style):
Avoid x-prefix in comparisons as it no longer serves a purpose.
In download line 102:
NODELETE= "${script}"
^-- SC1007 (warning):
Remove space after = if trying to assign a value (for empty string,
use var='' ... ).
In download line 117:
NODELETE= resources/packages/"${package}"/download
^-- SC1007 (warning):
Remove space after = if trying to assign a value (for empty string,
use var='' ... ).
In download line 123:
NODELETE= resources/packages/"${package}"/download $@
^-- SC1007 (warning):
Remove space after = if trying to assign a value (for empty string,
use var='' ... ).
^-- SC2068 (error):
Double quote array expansions to avoid re-splitting elements.
In download line 125:
resources/packages/"${package}"/download $@
^-- SC2068 (error):
Double quote array expansions to avoid re-splitting elements.
In download line 131:
./.gitcheck clean
^---------------^ SC2317 (info):
Command appears to be unreachable. Check usage (or ignore if invoked
indirectly).
Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
Acked-by: Adrien 'neox' Bourmault <neox@gnu.org>
Without that fix, running 'shellcheck -x build' produces the following
errors/warnings:
In modify line 23:
[ "x${DEBUG+set}" = 'xset' ] && set -v
^-------------^ SC2268 (style):
Avoid x-prefix in comparisons as it no longer serves a purpose.
In modify line 106:
resources/packages/"${package}"/modify/"${option}" $@
^-- SC2068 (error):
Double quote array expansions to avoid re-splitting elements.
In modify line 113:
"${pkg_dir}"/modify/"${option}" $@
^-- SC2068 (error):
Double quote array expansions to avoid re-splitting elements.
Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
Acked-by: Adrien 'neox' Bourmault <neox@gnu.org>
Without that fix, running 'shellcheck -x build' produces the following
errors/warnings:
In build line 25:
[ "x${DEBUG+set}" = 'xset' ] && set -v
^-------------^ SC2268 (style): Avoid x-prefix in comparisons
as it no longer serves a purpose.
In build line 131:
resources/packages/"${package}"/"${task}" $@
^-- SC2068 (error):
Double quote array expansions to avoid re-splitting elements.
In build line 138:
"${pkg_dir}"/"${task}" $@
^-- SC2068 (error):
Double quote array expansions to avoid re-splitting elements.
Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
Acked-by: Adrien 'neox' Bourmault <neox@gnu.org>
The various scripts present in GNU Boot are very fragile, so it's a
good idea to have a pristine GNU Boot source code for making releases.
The issue is that 'git clean -dfx' doesn't remove existing git
repositories like coreboot/ grub/ etc, so we need additional code to
take care of that.
Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
Acked-by: Adrien 'neox' Bourmault <neox@gnu.org>
The various build scripts are scattered around in multiple
places. This make it hard for contributors to understand what they
need to modify.
Most GNU Boot users are interested in running GNU/Linux or BSD
operating systems. And the way to install software on these
operating systems is through a package manager. So most users and
contributors already know the package manager abstraction.
So using that abstraction makes it easier to find where things are.
The scripts to install dependencies don't really fit the new structure
but for now we move them in to make sure that everything works
fine. This could be fixed later on and migrated to a single
dependencies packages by auto-detecting the distribution with
/etc/os-release.
Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
Acked-by: Adrien 'neox' Bourmault <neox@gnu.org>
Signed-off-by: Adrien 'neox' Bourmault <neox@gnu.org>
This should enable various distributions and build system to reuse
the generated script to deblob u-boot releases themselves.
Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
This should enable various distributions and build system to reuse
that blob to deblob u-boot releases themselves.
Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
The tar options come from the tutorial to remove archives metadata at
reproducible-builds.org[1].
[1]https://reproducible-builds.org/docs/archives/
Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
