forked from canonical/snapd
-
Notifications
You must be signed in to change notification settings - Fork 0
/
rules
executable file
·188 lines (167 loc) · 6.04 KB
/
rules
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
#!/usr/bin/make -f
# -*- makefile -*-
#export DH_VERBOSE=1
export DH_OPTIONS
export DH_GOPKG := github.com/snapcore/snapd
#export DEB_BUILD_OPTIONS=nocheck
export DH_GOLANG_EXCLUDES=tests
export DH_GOLANG_GO_GENERATE=1
export PATH:=${PATH}:${CURDIR}
# make sure that correct go version is found on trusty
export PATH:=/usr/lib/go-1.6/bin:${PATH}
include /etc/os-release
# this is overridden in the ubuntu/14.04 release branch
SYSTEMD_UNITS_DESTDIR="lib/systemd/system/"
# The go tool does not fully support vendoring with gccgo, but we can
# work around that by constructing the appropriate -I flag by hand.
GCCGO := $(shell go tool dist env > /dev/null 2>&1 && echo no || echo yes)
BUILDFLAGS:=-buildmode=pie -pkgdir=$(CURDIR)/_build/std
GCCGOFLAGS=
ifeq ($(GCCGO),yes)
GOARCH := $(shell go env GOARCH)
GOOS := $(shell go env GOOS)
BUILDFLAGS:=
GCCGOFLAGS=-gccgoflags="-I $(CURDIR)/_build/pkg/gccgo_$(GOOS)_$(GOARCH)/$(DH_GOPKG)/vendor"
export DH_GOLANG_GO_GENERATE=0
endif
# check if we need to include the testkeys in the binary
TAGS=
ifneq (,$(filter testkeys,$(DEB_BUILD_OPTIONS)))
TAGS=-tags withtestkeys
endif
# export DEB_BUILD_MAINT_OPTIONS = hardening=+all
# DPKG_EXPORT_BUILDFLAGS = 1
# include /usr/share/dpkg/buildflags.mk
# Currently, we enable confinement for Ubuntu only, not for derivatives,
# because derivatives may have different kernels that don't support all the
# required confinement features and we don't to mislead anyone about the
# security of the system. Discuss a proper approach to this for downstreams
# if and when they approach us
ifeq ($(shell dpkg-vendor --query Vendor),Ubuntu)
VENDOR_ARGS=--enable-nvidia-ubuntu
else
VENDOR_ARGS=--disable-apparmor
endif
%:
dh $@ --buildsystem=golang --with=golang --fail-missing --with systemd --builddirectory=_build
override_dh_fixperms:
dh_fixperms -Xusr/lib/snapd/snap-confine
override_dh_installdeb:
dh_apparmor --profile-name=usr.lib.snapd.snap-confine -psnapd
dh_installdeb
override_dh_clean:
ifneq (,$(TEST_GITHUB_AUTOPKGTEST))
# this will be set by the GITHUB webhook to trigger a autopkgtest
# we only need to run "govendor sync" here and then its ready
(export GOPATH="/tmp/go"; \
mkdir -p $$GOPATH/src/github.com/snapcore/; \
cp -ar . $$GOPATH/src/github.com/snapcore/snapd; \
go get -u github.com/kardianos/govendor; \
(cd $$GOPATH/src/github.com/snapcore/snapd ; $$GOPATH/bin/govendor sync); \
cp -ar $$GOPATH/src/github.com/snapcore/snapd/vendor/ .; \
)
endif
dh_clean
# XXX: hacky
$(MAKE) -C cmd distclean || true
override_dh_auto_build:
# usually done via `go generate` but that is not supported on powerpc
./mkversion.sh
# Build golang bits
mkdir -p _build/src/$(DH_GOPKG)/cmd/snap/test-data
cp -a cmd/snap/test-data/*.gpg _build/src/$(DH_GOPKG)/cmd/snap/test-data/
dh_auto_build -- $(BUILDFLAGS) $(TAGS) $(GCCGOFLAGS)
# Build C bits, sadly manually
cd cmd && ( autoreconf -i -f )
cd cmd && ( ./configure --prefix=/usr --libexecdir=/usr/lib/snapd $(VENDOR_ARGS))
$(MAKE) -C cmd all
override_dh_auto_test:
dh_auto_test -- $(GCCGOFLAGS)
# a tested default (production) build should have no test keys
ifeq (,$(filter nocheck,$(DEB_BUILD_OPTIONS)))
# check that only the main trusted account-key is included
[ $$(strings _build/bin/snapd|grep -c -E "public-key-sha3-384: [a-zA-Z0-9_-]{64}") -eq 1 ]
strings _build/bin/snapd|grep -c "^public-key-sha3-384: -CvQKAwRQ5h3Ffn10FILJoEZUXOv6km9FwA80-Rcj-f-6jadQ89VRswHNiEB9Lxk$$"
endif
ifeq (,$(filter nocheck,$(DEB_BUILD_OPTIONS)))
# run the snap-confine tests
$(MAKE) -C cmd check
endif
override_dh_systemd_enable:
# enable auto-import
dh_systemd_enable \
-psnapd \
data/systemd/snapd.autoimport.service
# we want the auto-update timer enabled by default
dh_systemd_enable \
-psnapd \
data/systemd/snapd.refresh.timer
# but the auto-update service disabled
dh_systemd_enable \
--no-enable \
-psnapd \
data/systemd/snapd.refresh.service
# enable snapd
dh_systemd_enable \
-psnapd \
data/systemd/snapd.socket
dh_systemd_enable \
-psnapd \
data/systemd/snapd.service
dh_systemd_enable \
-psnapd \
data/systemd/snapd.system-shutdown.service
override_dh_systemd_start:
# we want to start the auto-update timer
dh_systemd_start \
-psnapd \
data/systemd/snapd.refresh.timer
# but not start the service
dh_systemd_start \
--no-start \
-psnapd \
data/systemd/snapd.refresh.service
# start snapd
dh_systemd_start \
-psnapd \
data/systemd/snapd.socket
dh_systemd_start \
-psnapd \
data/systemd/snapd.service
# start autoimport
dh_systemd_start \
-psnapd \
data/systemd/snapd.autoimport.service
override_dh_install:
# we do not need this in the package, its just needed during build
rm -rf ${CURDIR}/debian/tmp/usr/bin/xgettext-go
# uboot-go is not shippable
rm -f ${CURDIR}/debian/tmp/usr/bin/uboot-go
# toolbelt is not shippable
rm -f ${CURDIR}/debian/tmp/usr/bin/toolbelt
# we do not like /usr/bin/snappy anymore
rm -f ${CURDIR}/debian/tmp/usr/bin/snappy
# i18n stuff
mkdir -p debian/snapd/usr/share
if [ -d share/locale ]; then \
cp -R share/locale debian/snapd/usr/share; \
fi
# install snapd's systemd units, done here instead of
# debian/snapd.install because the ubuntu/14.04 release
# branch adds/changes bits here
mkdir -p debian/snapd/$(SYSTEMD_UNITS_DESTDIR)
install --mode=0644 data/systemd/snapd.refresh.timer debian/snapd/$(SYSTEMD_UNITS_DESTDIR)
install --mode=0644 data/systemd/snapd.refresh.service debian/snapd/$(SYSTEMD_UNITS_DESTDIR)
install --mode=0644 data/systemd/snapd.autoimport.service debian/snapd/$(SYSTEMD_UNITS_DESTDIR)
install --mode=0644 data/systemd/*.socket debian/snapd/$(SYSTEMD_UNITS_DESTDIR)
install --mode=0644 data/systemd/snapd.service debian/snapd/$(SYSTEMD_UNITS_DESTDIR)
install --mode=0644 data/systemd/snapd.system-shutdown.service debian/snapd/$(SYSTEMD_UNITS_DESTDIR)
$(MAKE) -C cmd install DESTDIR=$(CURDIR)/debian/tmp
dh_install
override_dh_auto_install: snap.8
dh_auto_install -O--buildsystem=golang
snap.8:
$(CURDIR)/_build/bin/snap help --man > $@
override_dh_auto_clean:
dh_auto_clean -O--buildsystem=golang
rm -vf snap.8