mirror of
https://git.savannah.gnu.org/git/gnuboot.git
synced 2025-01-03 23:07:39 +01:00
Denis 'GNUtoo' Carikli
c6d776f2dc
The goal of this script is similar to Linux's checkpatch.pl: it is
meant to check patch before sending them.
Right now it only tests if a signed-off-by is missing, and if the
commit information (commit message, author, date, etc but not the
diff) is too big as a workaround to the bug #66268[1], but over time
more checks can be added.
The report of the bug #66268[1] mention that what tend to trigger the
issue is commits "with a large (4kB) commit message".
[1]https://debbugs.gnu.org/cgi/bugreport.cgi?bug=66268
So we want to avoid such commits to avoid breaking "guix git
authenticate" in the future.
To do that, checkpatch.scm reports an error if the size of the patch
from the beginning of the patch file until the point where the diff
starts is less than 2500 Bytes.
A lower threshold has been chosen as the commit object size can be
bigger than the patch file without the diff, as there are at least
signatures inside the commit objects.
The last commit GNUtoo signed at the time of writing is the commit
|
||
---|---|---|
.. | ||
history | ||
hwdumps | ||
img | ||
pages | ||
.gitignore | ||
autogen.sh | ||
build.sh | ||
check.sh | ||
configure.ac | ||
COPYING | ||
force-bordeaux-substitute.scm | ||
index.html.tmpl | ||
lighttpd.conf.tmpl | ||
Makefile.am | ||
README | ||
serve.sh | ||
site.cfg.tmpl |
+==============+ | Introduction | +==============+ This directory contains both the website in pages/ and build code to easily build and deploy the GNU Boot website with very few commands. +==============+ | Dependencies | +==============+ Without Guix ------------- If you don't want to install Guix just to test the website, you will need to install the following dependencies (tested under Trisquel 11): * autoconf * automake * coreutils * gawk * git * graphicsmagick * graphviz * grep * gzip * lighttpd * make * pandoc * sed * tar * texinfo * texlive-binaries * texlive-plain-generic You can then use the following commands to build the website: $ ./autogen.sh $ ./configure --disable-guix $ make serve With Guix --------- And if you want to use Guix instead you only need the following dependencies instead: * autoconf * automake * coreutils * guix * make * tar But for making sure that the build doesn't take days with Guix, you will also need to make sure that bordeaux.guix.gnu.org is in the list of substitutes (binary packages servers for Guix). This is needed because some older Guix packages (like the ones on Trisquel 11 or PureOS) don't have bordeaux enabled while installation through the guix-install.sh instead have it enabled if you enable substitutes (binary packages), and without it Guix will start to build haskell (which is a dependency of pandoc) and this takes a few days to complete on a ThinkPad X200. If your Guix installation is recent enough it should already have it and the following command should print 'bordeaux.guix.gnu.org is enabled': $ guix repl force-bordeaux-substitute.scm check If instead you need to add it, it will print 'bordeaux.guix.gnu.org is disabled'. If you are in the same directory than this README, you can add bordeaux.guix.gnu.org with the following command: $ sudo guix archive --authorize < ../resources/distros/guix/bordeaux.guix.gnu.org.pub Or if you do not want to blindly trust the file above, you could simply update Guix and get the file from Guix instead, but updating Guix the first time can be quite long to do: $ guix pull $ sudo guix archive --authorize < ~/.config/guix/current/share/guix/bordeaux.guix.gnu.org.pub You will then need to make it possible for the build system to check if bordeaux is enabled as some people might want to bulid everything themselves for security reasons, so we don't (and can't) use bordeaux if it is not already authorized: $ sudo chmod +r /etc/guix/acl Once bordeaux is enabled you can use the following commands to build the website: $ ./autogen.sh $ ./configure $ make serve The first time it will be longer in the case you have a Guix older than 1.4.0 (as it will also download Guix 1.4.0 in the process). +=====================+ | Testing the website | +=====================+ Here's how to deploy the website in a local webserver: $ ./autogen.sh $ ./configure $ make serve If you don't use Guix, remember to do ./configure --disable-guix instead. Then you can point a browser to http://localhost:8086/software/gnuboot/web/ or to http://localhost:PORT/software/gnuboot/web/ if you changed the port through ./configure options. The GNU Boot website build system takes care of some of the dependencies for you (for instance the static website generator that is not packaged in any distributions) so you have less work to do to install or use them on your side. If you want to test your own modifications to the dependencies of this build code, you either need to use the configure options to use external repositories that have your modifications, or you could also modify the build.sh script to use different git repositories and/or revisions. +=================================================+ | Deployment on https://gnu.org/software/gnuboot/ | +=================================================+ The deployment to https://gnu.org/software/gnuboot/ uses rsync. As gnu.org machine is behind a firewall, so you need to workaround that. A way to do that is to get a shell account on fencepost.gnu.org, and use SSH to forward the connection to gnu.org. This can be done with something like that in your SSH configuration: Host fencepost.gnu.org User USERNAME Host gnu.org User wwwcvs ProxyJump fencepost.gnu.org In the example above you will need to adjust the fencepost USERNAME, and modify it to suit your SSH setup if needed (for instance if you use keys in different locations, etc). Of course, you'll have to get access to gnu.org ssh server too. See https://www.gnu.org/software/README.accounts.html for more details about Fencepost accounts, the SSH fingerprints, etc. For gnu.org, it's easier if you use an ED25519 key for gnu.org as I have the fingerprints below. See [1] for other options. To check that everything is setup you can then SSH into gnu.org: $ ssh gnu.org The authenticity of host '[127.0.0.1]:2224 ([127.0.0.1]:2224)' can't be established. ED25519 key fingerprint is SHA256:pmCf0NrBzSSYfg6DdgmlMzPWZzGpXXcPEz6LP1+o5Jc. This host key is known by the following other names/addresses: ~/.ssh/known_hosts:306: [127.0.0.1]:4444 Are you sure you want to continue connecting (yes/no/[fingerprint])? You can then confirm by pasting the fingerprint like that[2]: Are you sure you want to continue connecting (yes/no/[fingerprint])? SHA256:pmCf0NrBzSSYfg6DdgmlMzPWZzGpXXcPEz6LP1+o5Jc Warning: Permanently added '[127.0.0.1]:2224' (ED25519) to the list of known hosts. Note that it is normal for the connection to gnu.org to block at this point. You can exit it with the Ctrl+D or Ctrl+C key combinations. At this point everything is setup. To deploy the website, use the following commands from the website directory: $ ./autogen.sh $ ./configure $ make publish Then you can point a browser to https://gnu.org/software/gnuboot/web/ References: ----------- [1]If you want to use RSA the easiest way is probably to contact the FSF system administrator that will install your key on #fsfsys and also ask that person for the server fingerprint. In that case it would be a good idea to also contribute a patch to add the fingerprint here. [2]The 'SHA256:pmCf0NrBzSSYfg6DdgmlMzPWZzGpXXcPEz6LP1+o5Jc' fingerprint was confirmed to me the 24 October 2023 on the #fsfsys IRC channel on liberachat by Ian Kelling, a system administrator that has access to the gnu.org machine: "18:07 < iank> i see that SHA256:pmCf0NrBzSSYfg6DdgmlMzPWZzGpXXcPEz6LP1+o5Jc exists on the server". +=========+ | License | +=========+ This project is free software: - For the files that are in website/pages and the the site.cfg file in the same directory than this README see website/pages/license.md for the license. - For all the other files in the same directory than this README, you can redistribute them and/or modify them under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.