up

Signed-off-by: fbt <fbt@fleshless.org>

README.md

@@ -2,11 +2,64 @@ Spark autobuilder
 =================
 
 To use the build scripts, grab the latest Spark rootfs in one of the following ways:
- * `curl -sL https://spark.fleshless.org/rootfs/latest.tar.xz | podman import - localhost/spark`
- * `git clone https://code.fleshless.org/Spark/spark-rootfs.git; cd spark-rootfs; podman build --rm -t localhost/spark .`
+```
+curl -sL https://spark.fleshless.org/rootfs/latest.tar.xz | podman import - localhost/spark
+# or
+git clone https://code.fleshless.org/Spark/spark-rootfs.git; cd spark-rootfs; podman build --rm -t localhost/spark .
+```
 
-Then build a builder image from `./autobuilder`: `cd ./autobuilder; podman build --rm -t localhost/spark:autobuilder .`
+Then build a builder image from `./autobuilder`:
+```
+cd ./autobuilder; podman build --rm -t localhost/spark:autobuilder .
+```
 
-Examples:
- * `git clone https://code.fleshless.org/PKGBUILDs/ssm-git /tmp/ssm-git; cd /tmp/ssm-git; makepkg-podman -sL`
- * `podman-ci /tmp/artifacts; makepkg-ci https://code.fleshless.org/PKGBUILDs/ssm-git`
+Example for Arch images:
+```
+cd autobuilder
+podman build --build-arg BASEIMAGE=docker.io/archlinux:base-devel --rm -t localhost/arch:autobuilder .
+
+PODMAN_IMAGE=localhost/arch:autobuilder makepkg-ci /tmp/pkg https://code.fleshless.org/PKGBUILDs/ssm-git
+```
+
+makepkg-podman
+--------------
+
+Builds Arch packages using `podman`. Takes the image name in the `PODMAN_IMAGE` env var.
+
+Usage:
+```
+[PODMAN_IMAGE=<image>] makepkg-podman [makepkg_args]
+```
+
+Example:
+```
+git clone https://code.fleshless.org/PKGBUILDs/ssm-git /tmp/ssm-git
+cd /tmp/ssm-git
+makepkg-podman -sL
+```
+
+makepkg-ci
+----------
+
+Builds Arch packages from a git repo using `makepkg-podman` and puts the packages into `dest`.
+
+Usage:
+```
+[PODMAN_IMAGE=<image>] makepkg-ci <dest> <url>
+```
+
+Example:
+```
+makepkg-ci /tmp/artifacts https://code.fleshless.org/PKGBUILDs/ssm-git
+```
+
+pkgbuilder
+----------
+
+Tracks given git repos for changes and builds packages on updates.
+`pkgbuilder.conf` goes into `$XDG_CONFIG_HOME/pkgbuilder/config`
+
+Usage:
+```
+pkgbuilder
+```

autobuilder/Containerfile

@@ -1,9 +1,11 @@
-FROM localhost/spark
-RUN pacman -Suy --noconfirm base-devel
-
-RUN echo 'en_US.UTF-8 UTF-8' > /etc/locale.gen; locale-gen
+ARG BASEIMAGE=localhost/spark
+FROM $BASEIMAGE
 
+COPY ./mirrorlist /etc/pacman.d/mirrorlist
 COPY gnupg /.gnupg
 COPY ./build /build
 
+RUN pacman -Sy --noconfirm archlinux-keyring
+RUN pacman -Suy --noconfirm base-devel nodejs git
+
 RUN chmod 700 /.gnupg

autobuilder/build

@@ -1,20 +1,35 @@
 #!/usr/bin/env bash
-# The builder user is already created in the rootfs
+shopt -s nullglob
 
-export PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin
-export LC_ALL=en_US.UTF-8
+cleanup() {
+	chown -R root:root /buildroot
+}
 
 # Upgrade
 pacman -Suy --noconfirm
 
-# gnupg dir permissions
-chown -R "$BUILDUSER:$BUILDUSER" /.gnupg
+# Create a builder user
+useradd -U builder
+builder_uid=$(id -u builder)
+builder_gid=$(id -g builder)
+
+# dir permissions
+chown -R "$builder_uid:$builder_gid" /.gnupg /buildroot
+
+# Return the permissions on exit
+trap cleanup INT TERM EXIT
 
 # Add sudo permissions for pacman to install dependencies
-printf '%s ALL=(ALL) NOPASSWD: /usr/bin/pacman\n' "$BUILDUSER" > /etc/sudoers.d/builduser
+printf '%s ALL=(ALL) NOPASSWD: /usr/bin/pacman\n' 'builder' > /etc/sudoers.d/builduser
 
 # Workdir
 cd /buildroot
 
+# Install all additional packages
+deps=( ./deps/* )
+[[ $deps ]] && pacman -U "${deps[@]}"
+
 # Build the damn thing
-sudo -u "$BUILDUSER" GNUPGHOME="/.gnupg" makepkg "$@"
+sudo -u builder GNUPGHOME="/.gnupg" makepkg "$@"
+
+chown -R root:root /buildroot/

autobuilder/build-container

@@ -0,0 +1,3 @@
+#!/usr/bin/env bash
+
+podman build . -t 'spark:autobuilder'

autobuilder/mirrorlist

@@ -0,0 +1,7 @@
+# Fleshless
+Server = https://mirror.fleshless.org/arch/$repo/os/$arch
+
+# Backup
+Server = https://mirror.pkgbuild.com/$repo/os/$arch
+Server = https://mirror.pseudoform.org/$repo/os/$arch
+Server = https://ftp.halifax.rwth-aachen.de/archlinux/$repo/os/$arch

makepkg-ci

@@ -1,18 +1,23 @@
 #!/usr/bin/env bash
 shopt -s nullglob
 
+cleanup() { rm -rf "$tmpdir"; }
+trap 'cleanup' EXIT
+
 did="pkg-build-$$.$SRANDOM"
-mkdir "/tmp/$did"
+tmpdir="/tmp/$did"
+mkdir "$tmpdir"
 
 pkg_dest=$1
 pkg_url=$2
 
-#podman run --userns=keep-id -u root --rm -v "/tmp/$did:/buildroot" "spark:autobuilder" /build
-git clone "$pkg_url" "/tmp/$did"
-cd "/tmp/$did"
-PODMAN_IMAGE='localhost/spark:autobuilder' makepkg-podman --noconfirm -sL
+mkdir -p "$pkg_dest" || exit 1
 
-artifacts=( "/tmp/$did/"*.pkg.* )
+git clone "$pkg_url" "$tmpdir"
+cd "$tmpdir"
+makepkg-podman --noconfirm -sL
+
+artifacts=( "$tmpdir/"*.pkg.* )
 for i in "${artifacts[@]}"; do
 	i_name="${i##*/}"
 
@@ -25,6 +30,3 @@ for i in "${artifacts[@]}"; do
 		cp -vn "$i" "$pkg_dest"
 	fi
 done
-
-# cleanup
-rm -rf "/tmp/$did"

makepkg-podman

@@ -4,7 +4,6 @@ image=${PODMAN_IMAGE:-localhost/spark:autobuilder}
 
 podman_cmd=(
 	podman run --rm -it -u root
-	--userns=keep-id
 	-v "$PWD:/buildroot"
 	--workdir /buildroot
 	--name "autobuilder.$$"

pkgbuilder.config

@@ -0,0 +1,16 @@
+# Example config for pkgbuilder
+
+spark_repos="$HOME/public"
+
+pkg_dests=(
+	[spark]="$spark_repos/spark/import"
+	[spark-extra]="$spark_repos/spark-extra/import"
+	[spark-testing]="$spark_repos/spark-testing/import"
+	[spark-updates]="$spark_repos/spark-updates/spark/import"
+)
+
+repos=(
+	spark         "https://code.fleshless.org/pkgbuilds/sinit-spark"
+	spark-extra   "https://code.fleshless.org/pkgbuilds/anope-services"
+	spark-testing "https://code.fleshless.org/pkgbuilds/ssm-git"
+)

repo-clean

@@ -1,83 +0,0 @@
-#!/usr/bin/bash
-shopt -s nullglob
-
-parse_pkg_filename() {
-	declare filename=$1
-	declare -a filename_array
-
-	IFS='-' read -r -a filename_array <<< "$filename"
-
-	for (( i=${#filename_array[@]}; i>=0; i-- )); do
-		printf '%s ' "${filename_array[$i]}"
-	done
-}
-
-is_latest() {
-	declare filename=$1 p
-
-	for p in "${latest[@]}"; do
-		if [[ "$filename" == "$p" ]]; then
-			return 0
-		fi
-	done
-
-	return 1
-}
-
-_pacsort() {
-	declare i
-
-	for i in *.pkg.tar.xz *.pkg.tar.zst; do
-		printf '%s\n' "$i"
-	done | pacsort -f
-}
-
-while (( $# )); do
-	case "$1" in
-		-r) flag_rm=1;;
-		-d) flag_debug=1;;
-	esac
-	shift
-done
-
-if ! (( flag_rm )); then
-	if ! [[ -d old ]]; then
-		mkdir -p old || {
-			return 1
-		}
-	fi
-fi
-
-read -d '' -r -a package_files < <( _pacsort )
-
-for f in "${package_files[@]}"; do
-	unset revision version end package_name
-
-	read -r end revision version _ < <(parse_pkg_filename "$f")
-	package_name=${f%%-$version-$revision*}
-
-	declare -g -A latest["$package_name"]="$package_name-$version-$revision-$end"
-done
-
-for f in ${package_files[@]}; do
-	if is_latest "$f"; then
-		(( flag_debug )) && printf '%s is the latest version available\n' "$f"
-	else
-		printf 'Removing: %s\n' "$f"
-
-		if (( flag_rm )); then
-			rm -f "$f" "${f}.sig"
-		else
-			mv "$f" old/
-
-			if [[ -f "${f}.sig" ]]; then
-				mv "${f}.sig" old/
-			fi
-		fi
-	fi
-done
-
-if [[ -d old ]]; then
-	cd old
-	exec bash "$0" -r
-fi

repo-maintenance

@@ -1,49 +0,0 @@
-#!/usr/bin/env bash
-shopt -s nullglob
-
-lockfile='.mainenance.lock'
-
-usage() { echo "$0 <repo_name>"; }
-
-spark_repo=$1
-[[ "$spark_repo" ]] || {
-	usage
-	exit 1
-}
-
-cleanup() { rm -f "$lockfile"; }
-
-lock() {
-	[[ -f "$lockfile" ]] && {
-		printf 'Lockfile found: %s\n' "$lockfile" >&2
-		return 1
-	}
-
-	echo $$ > "$lockfile"
-	lock_pid=$(<"$lockfile")
-	[[ $$ == "$lock_pid" ]] || return 1
-}
-
-cd "$HOME/public/$spark_repo" || exit $?
-
-lock || exit 1
-
-trap cleanup EXIT
-
-for f in import/*; do
-	f_name="${f##*/}"
-	if [[ -f "$f_name" ]]; then
-		printf 'Package already exists: %s, not overwriting\n' "$f_name" >&2
-		rm -vf "$f"
-	else
-		mv -vf "$f" ./
-		new_pkgs+=( "$f_name" )
-	fi
-done
-
-repo-sign
-repo-clean
-
-for p in "${new_pkgs[@]}"; do
-	repo-add -n "$spark_repo.db.tar.gz" "$p"
-done

repo-sign

@@ -1,15 +0,0 @@
-#!/usr/bin/bash
-shopt -s nullglob
-
-for i in *.pkg.*; do
-	if ! [[ "$i" == "${i%.*}.sig" ]]; then
-		if ! [[ -f "${i}.sig" ]]; then
-			unsigned_pkgs+=( "$i" )
-		fi
-	fi
-done
-
-for i in "${unsigned_pkgs[@]}"; do
-	echo $i
-	gpg --pinentry-mode loopback --passphrase-fd 0 --batch --no-tty --detach-sign --no-armor "$i" < ~/.gnupg/passphrase
-done