1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
|
#!/bin/sh
#
# This script tests whether sbuild can work with a very minimal chroot (only
# build-essential and apt), whether unshare mode works and whether signing
# works.
#
# After bugs #977674 and #981021 are fixed, also test --source-only-changes
set -exu
if [ -z ${AUTOPKGTEST_TMP+x} ]; then
echo "AUTOPKGTEST_TMP is unset" >&2
exit 1
fi
release=$(./debian/tests/get_default_release.py)
if [ -z "$release" ]; then
echo "cannot get default release" >&2
exit 1
fi
nativearch=$(dpkg --print-architecture)
# only run the cross-tests on amd64 crossing for arm64 as per
# https://lists.debian.org/msgid-search/173156754864.3649146.10791472176546387428@localhost
foreignarch=
if [ "$nativearch" = amd64 ]; then
foreignarch=arm64
fi
mkdir -p "${AUTOPKGTEST_TMP}/gpghome"
chmod 700 "${AUTOPKGTEST_TMP}/gpghome"
export GNUPGHOME="${AUTOPKGTEST_TMP}/gpghome"
verify_orig() {
echo "verifying test-pkg_1.0.tar.xz" >&2
cat << END | base64 -d | xz -cd > "${AUTOPKGTEST_TMP}/expected"
/Td6WFoAAATm1rRGAgAhARwAAAAQz1jM4Cf/BCJdADoZSs4dfiUjFYSOxzYxnd+/m6AlVEVOGf2j
nT6NK0F9XZ7LLydbY3I//WjMOM2RFpGUqZ8R8Q8lLmydB5SLN5ZQSPW3OJjHlzxVQmv2v3KUyPxo
V5uvr2rp1j0gfmjB4O+m6SMxUWGmCOp3mrA13iUy99dt9OK9tRQagXItob106li/2LWmOsXR3/5M
8m/JLF/6KIaYolPsvzut8mTFmik8s22eXjugZufC7CQwXJ7KVb8/LPYgLzHo8tKwkrieBonYFwD+
R17Q1wsK/wbdQCw78oh4JrairZPz0NY1WsY/6GXQZOeo0Wl3dgG0PmrQtgPH133asZz5XgrtfDwU
KqaSBmKWIGrht7IqByDr5Bf+XyzpU9vwiE30hIVmvzCQDnNIrcaO5wZJQgujJreb4k1BKKmZJ4dT
B46ae4yTd8zLLGH7YwFWk145SHCQJOBakSuVGjej3zElgoNsTwYTAK5J3wQX/BEszByCX+5AKUP3
v4ZGs1oyM65MyvWjQNqYmMYK2juki3pvUV+d+XhR7S3wrmLuq5P2PHAU6chrOs+n9HewOOE//L6O
gq5jJFLEtMRzAXUSpKERHuwdzt0MfiKSWDfeqRUy5Pfoh+pNrpYdA/jsiH37EhzSR3evlu92fwVP
gTO+5GV7wgpDvI24RMwTK5oXtcJHShfeBe61HUHF/BIDx1hbuV2SjMoYVT8Q3A09bdpEjI7tqyfM
evjoP8WJ3fGJfj02LBCQF2Rzp7rOSWjjFfpTaepgIBfuU9BBJ6VecWgsidQ/kJSyL2+ZQ9EFTUET
YU4/yQ7G+GDJFNij3h0vSuhc2zblAmUvfWNpzZUWORDZhJCIGQnczbbEhzuCILGsnq/8Rw48mMun
jKxq2HbQrl50uPSnYu94sgaSq9ev3ZXA/ORE9wxzK74nBnurW8KGcUbZyLv0JdBF99d8QdCD50u/
8JuSVlMB7RBQkH6azuMlObRnPmi1dnUKUwAK3HSSSlxyELIGRgj4dm6BHhtFdTsKDziaNUeE5Cna
lj7rmf50f/N9LR6HX/+8vtEk7J+R4uLoSlAYi1UUHICfsGeItmOWneGZZ1mEsmhVIRw8IlS17Za9
weIGkrkKHYm22ZFaXWVcs+o0LIOjgnC5Ku8aQ3cEP3m/owWfpTnTelEw+J7NHqEz70rJVZ8NJUns
VUeOyzNuZSmDZvMpWJeYZ8uOAqDZ0nUy1HEbZS3HNapbnrUAQQDqU/tPPd9/JkRiPBP0njfdNji9
UFZAkgO2Z30T7P7oykXf2eNFRZzG76ncklkl+Vzs78q+DL88ET0D2Wo/ewO/w/xiTTKodbVAsW81
RRSWSLFFaiOQXmfzmIaMNzBPO/f9SoRQbBrzg4X2EEGAefzMnk8TKA+0SlKgv+ya6fN2taUA6dpL
ePIQMSAAAAAAAygPPa3qIk4AAb4IgFAAAJJ1AFKxxGf7AgAAAAAEWVo=
END
xz -cd < "${AUTOPKGTEST_TMP}/test-pkg_1.0.tar.xz" > "${AUTOPKGTEST_TMP}/test-pkg_1.0.tar"
diffoscope "${AUTOPKGTEST_TMP}/expected" "${AUTOPKGTEST_TMP}/test-pkg_1.0.tar"
rm "${AUTOPKGTEST_TMP}/expected" "${AUTOPKGTEST_TMP}/test-pkg_1.0.tar"
}
verify_deb() {
echo "verifying test-pkg_1.0_all.deb" >&2
data_tar=$(ar t "${AUTOPKGTEST_TMP}/test-pkg_1.0_all.deb" | grep "^data\.tar\.")
case "$data_tar" in
data.tar.xz)
cat << END | base64 -d > "${AUTOPKGTEST_TMP}/expected"
ITxhcmNoPgpkZWJpYW4tYmluYXJ5ICAgMTQ2NzMxMDUxMiAgMCAgICAgMCAgICAgMTAwNjQ0ICA0
ICAgICAgICAgYAoyLjAKY29udHJvbC50YXIueHogIDE0NjczMTA1MTIgIDAgICAgIDAgICAgIDEw
MDY0NCAgNDYwICAgICAgIGAK/Td6WFoAAATm1rRGBMCLA4BQIQEWAAAAAAAAABDCPtjgJ/8Bg10A
Fwu8HH0BlcAdSj55FcLMJqNUbvT+gy5sC9KUdfhWlMfx+HFB6yCe/fISQhBljyagwzHK2z0fjzyl
9Q5RM24IJQO/ldGzSmZVQWpU6KVdaPbRDHZuPdcqnL6anvCMgysm5qSPjjXVOwMVwj6jVZ5T2sCV
Fd/tSdNnW1XFUQn9644MqVzknw4SL9DaLW7i3+zDmOmKLa1uyfXLuKVwGKiN/XsSDaT3B5SeuLIF
zwuAJSCguYhU4uMPUxWJnyNUaQwmnOO3Xd+TOkvIqqSrdnOHGqbp12kRpSDYAwHfpmldwagZ/ASu
HwJhd7Lk9pL1pNzWZazJ9RoCkHx449h6+exGzkVLLw7R+Exmp1O27wZC9/RuDyQE0JOY4Y1jGp1A
fH5U9xynjVoRrP5/hETw+GrGZoDShN8D/Z7rG5ICtTEqnspW6LWJLCDwndpz6OplHPZTDKckJYp7
U6sXoF5ISdBIUEAc7XBEN61AQTJnfZ6L8d4L87WDLz5bFzwsk3o7cl5PzAXsAAAwfo4j+rTojAAB
pwOAUAAA0BcJAbHEZ/sCAAAAAARZWmRhdGEudGFyLnh6ICAgICAxNDY3MzEwNTEyICAwICAgICAw
ICAgICAxMDA2NDQgIDE2OCAgICAgICBgCv03elhaAAAE5ta0RgTAZ4BQIQEWAAAAAAAAAAA01v2+
4Cf/AF9dABcLvBx9AZXAHUo+eRXCzCajVG70/oMubAvSlHX4VpTH8fhxQesgnv3yEkIQZY8moMMx
yts9NQ8iYiRRZoI1x3LfpWOmroELBNZOWKNu6b83Vt4bhMs3qreRNcwuusQAAADYvYvhx4Mp4gAB
gwGAUAAAkAP057HEZ/sCAAAAAARZWg==
END
;;
data.tar.zst)
cat << END | base64 -d > "${AUTOPKGTEST_TMP}/expected"
ITxhcmNoPgpkZWJpYW4tYmluYXJ5ICAgMTQ2NzMxMDUxMiAgMCAgICAgMCAgICAgMTAwNjQ0ICA0
ICAgICAgICAgYAoyLjAKY29udHJvbC50YXIuenN0IDE0NjczMTA1MTIgIDAgICAgIDAgICAgIDEw
MDY0NCAgMzUwICAgICAgIGAKKLUv/WQAJ4UKAGaUPR8wr3OfaHLzW/rmP8HOkcTnBovOY5D8n9NV
ChqKoIoEOAA2ADMAzopgga7cn9jayFtG8+YMBo4DRRCBEMVJW84nYFrPSdtPt2vWoLfmkaQoaqIH
GkiP05oGQVLTBEwTX2AjUHGM21UqnMGik5ELKa6Yih0Kr5JXEWZU/US5JdyFi3E/Mc36ccPrUYRr
GOeTnLBSfgS9fL3PvqvOkYV8fzWkHFC5Toxm2C0JLToh31d4Oe4O6auccHGx+cnSkE5IGc7K+nHD
PQ/NMZB5rpIrR1Zyue+Uq2V6vvq9V991hfscqc3iTh4367dnyayv8/WEYWTqsyWMDyMgoGbE6BwD
hwLivu4QntW4sszQa2iwIhcqWTtLH3LhYBas18yojQ3csbdKAYvwL9k62jmcZUHtgA22GpVdWRwP
aJJn6A4Gq+wPmHxdflhYgjAFMJ+wG3l8cGxkYXRhLnRhci56c3QgICAgMTQ2NzMxMDUxMiAgMCAg
ICAgMCAgICAgMTAwNjQ0ICA3OSAgICAgICAgYAootS/9ZAAnDQIA0sIJEMCnA7Qs/x3bV/QmIfh6
PwWjUsxVhqCTvrqW2V7Eot1IE/e77AEECSCQmwfPBhwGBrB/kHoYkACmAPOJugHP3myvCg==
END
;;
*)
echo "Unrecognized deb data archive format" >&2
return 1
;;
esac
diffoscope "${AUTOPKGTEST_TMP}/expected" "${AUTOPKGTEST_TMP}/test-pkg_1.0_all.deb"
rm "${AUTOPKGTEST_TMP}/expected"
}
verify_dsc() {
# we shouldn't have to manually pass the keyring because the path is an
# implementation detail of gnupg (it used to be named pubring.gpg in
# the past) but dscverify ignores GNUPGHOME, see Debian bug #981008
echo "verifying test-pkg_1.0.dsc" >&2
dscverify --keyring="${AUTOPKGTEST_TMP}/gpghome/pubring.kbx" \
"${AUTOPKGTEST_TMP}/test-pkg_1.0.dsc"
}
verify_bin_changes() {
echo "verifying test-pkg_1.0_${nativearch}.changes" >&2
dscverify --keyring="${AUTOPKGTEST_TMP}/gpghome/pubring.kbx" \
"${AUTOPKGTEST_TMP}/test-pkg_1.0_${nativearch}.changes"
}
verify_foreign_bin_changes() {
echo "verifying test-pkg_1.0_${foreignarch}.changes" >&2
dscverify --keyring="${AUTOPKGTEST_TMP}/gpghome/pubring.kbx" \
"${AUTOPKGTEST_TMP}/test-pkg_1.0_${foreignarch}.changes"
}
verify_src_changes() {
echo "verifying test-pkg_1.0_source.changes" >&2
dscverify --keyring="${AUTOPKGTEST_TMP}/gpghome/pubring.kbx" \
"${AUTOPKGTEST_TMP}/test-pkg_1.0_source.changes"
}
verify_commands_log() {
echo "verifying absolute path in --pre-build-commands" >&2
! grep -v / "${AUTOPKGTEST_TMP}/pre-build-commands.log"
}
verify() {
for thing in "$@"; do
"verify_$thing"
done
# remove verified files, so that we make sure not to accidentally
# verify anything from an earlier build
rm "${AUTOPKGTEST_TMP}/test-pkg_1.0_all.deb" \
"${AUTOPKGTEST_TMP}/test-pkg_1.0.tar.xz" \
"${AUTOPKGTEST_TMP}/test-pkg_1.0.dsc"
rm -f "${AUTOPKGTEST_TMP}/test-pkg_1.0_${nativearch}.changes" \
"${AUTOPKGTEST_TMP}/test-pkg_1.0_source.changes" \
"${AUTOPKGTEST_TMP}/test-pkg_1.0_${nativearch}.buildinfo" \
"${AUTOPKGTEST_TMP}/test-pkg_1.0_source.buildinfo" \
"${AUTOPKGTEST_TMP}/pre-build-commands.log"
}
sqop generate-key "sbuild fake uploader <fake-uploader@debian.org>" > "${AUTOPKGTEST_TMP}/key.asc"
gpg --batch --allow-secret-key-import --import - < "${AUTOPKGTEST_TMP}/key.asc"
# Ensure umask is consistent with the blobs above; Debian is already 022 but
# Ubuntu defaults to 002
umask 022
mkdir -p "${AUTOPKGTEST_TMP}/test-pkg-1.0/debian/source"
cat << END > "${AUTOPKGTEST_TMP}/test-pkg-1.0/debian/control"
Source: test-pkg
Section: debug
Priority: optional
Maintainer: sbuild maintainers <sbuild@packages.debian.org>
Uploaders: sbuild fake uploader <fake-uploader@debian.org>
Standards-Version: 4.5.1
Package: test-pkg
Architecture: all
Description: test package
This is a test package for debugging purposes, with a fake description
to cheat linters into believing this contains some actual valuable text
that the reader can make some sense of.
END
cat << END > "${AUTOPKGTEST_TMP}/test-pkg-1.0/debian/changelog"
test-pkg (1.0) unstable; urgency=low
* Entry. Closes: #12345
-- sbuild fake uploader <fake-uploader@debian.org> Thu, 30 Jun 2016 20:15:12 +0200
END
cat << END > "${AUTOPKGTEST_TMP}/test-pkg-1.0/debian/copyright"
Format: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/
Files: *
Copyright:
Copyright © 2021 sbuild maintainers <sbuild@packages.debian.org>
License: GPL-2+
This program is free software; you can redistribute it and/or modify it under
the terms of the GNU General Public License as published by the Free Software
Foundation; either version 2 of the License, or (at your option) any later
version.
.
On Debian systems, the full text of the GNU General Public License version 2
can be found in the file /usr/share/common-licenses/GPL-2.
END
cat << END > "${AUTOPKGTEST_TMP}/test-pkg-1.0/debian/rules"
#!/usr/bin/make -f
clean:
rm -rf debian/files debian/tmp
build-indep:
build-arch:
build: build-indep build-arch
binary-indep: build-indep
rm -rf debian/tmp
mkdir -p debian/tmp/DEBIAN
dpkg-gencontrol
dpkg-deb --root-owner-group --build debian/tmp ..
binary-arch: build-arch
binary: binary-indep binary-arch
.PHONY: clean build-indep build-arch build binary-indexp binary-arch binary
END
chmod +x "${AUTOPKGTEST_TMP}/test-pkg-1.0/debian/rules"
cat << END > "${AUTOPKGTEST_TMP}/test-pkg-1.0/debian/source/format"
3.0 (native)
END
if ! mmdebstrap --mode=unshare --variant=apt \
--include=ca-certificates \
--architecture="$nativearch,$foreignarch" \
--debug \
--hook-dir=/usr/share/mmdebstrap/hooks/copy-host-apt-sources-and-preferences \
--hook-dir=/usr/share/mmdebstrap/hooks/file-mirror-automount \
--skip=cleanup/apt/lists \
"" \
"${AUTOPKGTEST_TMP}/chroot.tar"; then
echo "Creating chroot with mmdebstrap failed: cannot continue test" >&2
exit 77
fi
env --chdir="${AUTOPKGTEST_TMP}/test-pkg-1.0/" dpkg-buildpackage --sign-keyfile="${AUTOPKGTEST_TMP}/key.asc" --build=full
env --chdir="${AUTOPKGTEST_TMP}/test-pkg-1.0/" dpkg-buildpackage --sign-keyfile="${AUTOPKGTEST_TMP}/key.asc" --target=clean
verify orig deb dsc bin_changes
run_sbuild() {
workingdir=$1
shift
env --chdir="${AUTOPKGTEST_TMP}/$workingdir/" sbuild \
--no-source-only-changes --nolog \
--bd-uninstallable-explainer=apt \
--chroot="${AUTOPKGTEST_TMP}/chroot.tar" \
--keyid="sbuild fake uploader <fake-uploader@debian.org>" \
--pre-build-commands="echo %SBUILD_DSC > ${AUTOPKGTEST_TMP}/pre-build-commands.log" \
--no-run-lintian --no-run-autopkgtest \
--no-apt-upgrade --no-apt-distupgrade --no-apt-update \
"$@"
}
# Test running sbuild from the unpacked source
run_sbuild test-pkg-1.0 --source
verify orig deb dsc bin_changes commands_log
run_sbuild test-pkg-1.0
verify orig deb bin_changes commands_log
# disable cross-builds until #1088971 is fixed in autopkgtest
if false; then
if [ "$nativearch" = amd64 ]; then
run_sbuild test-pkg-1.0 --build="$nativearch" --host="$foreignarch" --arch-all
verify orig deb foreign_bin_changes
fi
fi
# Test running sbuild on the dsc
env --chdir="${AUTOPKGTEST_TMP}/test-pkg-1.0/" dpkg-source --build .
run_sbuild '' --source -d "$release" test-pkg_1.0.dsc
verify orig deb dsc bin_changes commands_log
env --chdir="${AUTOPKGTEST_TMP}/test-pkg-1.0/" dpkg-source --build .
run_sbuild '' -d "$release" test-pkg_1.0.dsc
verify orig deb bin_changes commands_log
# Test symlinked .dsc (see https://bugs.debian.org/1012856)
env --chdir="${AUTOPKGTEST_TMP}/test-pkg-1.0/" dpkg-source --build .
mv "${AUTOPKGTEST_TMP}/test-pkg_1.0.dsc" "${AUTOPKGTEST_TMP}/test-pkg_1.0_symlink.txt"
ln -s test-pkg_1.0_symlink.txt "${AUTOPKGTEST_TMP}/test-pkg_1.0.dsc"
run_sbuild '' -d "$release" test-pkg_1.0.dsc
verify orig deb bin_changes commands_log
gpgconf --kill all || :
rm -r -- "${AUTOPKGTEST_TMP}/gpghome/" "${AUTOPKGTEST_TMP}/key.asc"
rm "${AUTOPKGTEST_TMP}/test-pkg-1.0/debian/changelog" \
"${AUTOPKGTEST_TMP}/test-pkg-1.0/debian/control" \
"${AUTOPKGTEST_TMP}/test-pkg-1.0/debian/source/format" \
"${AUTOPKGTEST_TMP}/test-pkg-1.0/debian/rules" \
"${AUTOPKGTEST_TMP}/test-pkg-1.0/debian/copyright"
rmdir "${AUTOPKGTEST_TMP}/test-pkg-1.0/debian/source" \
"${AUTOPKGTEST_TMP}/test-pkg-1.0/debian" \
"${AUTOPKGTEST_TMP}/test-pkg-1.0"
rm "${AUTOPKGTEST_TMP}/chroot.tar"
|
