1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
|
# Top-level build of packages for Novena PVT-1.
#
# Author: Rob Austein
# Copyright (c) 2015, SUNET
#
# Redistribution and use in source and binary forms, with or
# without modification, are permitted provided that the following
# conditions are met:
#
# 1. Redistributions of source code must retain the above copyright
# notice, this list of conditions and the following disclaimer.
#
# 2. Redistributions in binary form must reproduce the above copyright
# notice, this list of conditions and the following disclaimer in
# the documentation and/or other materials provided with the
# distribution.
#
# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
# FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
# COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
# INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
# BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
# STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
# ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
# Building source and binary packages separately isn't strictly
# necessary, but simplifies fault isolation.
#
# This code optionally supports automatic generation of
# debian/changelog files. Whether this is useful or not depends on
# the intended purpose of the resulting packages: if we're doing
# snapshots under cron, automatic changelogs are useful; if we're
# doing real releases, not so much. Play this one by ear.
#
# We don't sign anything yet. This will need fixing.
# Version of the software in human terms (major.minor)
export CRYPTECH_VERSION := 1.0
# Version suffix to add to package names. The extra fields come from
# HEAD of the git superrepository. The date field is primarily to
# make sure that versions sort into the correct order when fed to
# reprepro; the commit hash uniquely identifies the (base) version of
# the superrepository that generated the packages. This won't help if
# somebody publishes packages generated with a modified version of the
# superrepository, so don't do that (add check for uncommitted # changes?)
HEAD_TIME := $(shell git show -s --format=%ct HEAD)
HEAD_HASH := $(shell git rev-parse HEAD)
CRYPTECH_PACKAGE_VERSION := ${CRYPTECH_VERSION}~${HEAD_TIME}~${HEAD_HASH}
# Command to generate a new changelog containing one entry.
# Does nothing if the changelog already exists.
DCH = test -f debian/changelog || \
EDITOR=true VISUAL=true TZ=UTC DEBEMAIL='APT Builder Robot <aptbot@cryptech.is>' \
dch --create --package cryptech-novena-$(1) --newversion '${CRYPTECH_PACKAGE_VERSION}' \
'Version ${CRYPTECH_VERSION} of Cryptech $(2) for the Novena PVT-1 development board.'
# Parameters controlling maintenance of the reprepro repository. The
# "reprepro" target initializes the repository if it doesn't exist.
#
# Support for multiple distributions (codenames) not implemented yet.
# Not sure if there's any way to do it without generating separate
# packages for each codename (which would be rather tedious,
# particularly for the RTL package).
#
# gpg whines about ownership of aptbot's home directory not matching
# the userid of the release engineer running this Makefile. We could
# suppress this with another reprepro configuration tweak, but all
# it's really telling us is that gpg doesn't trust group access. Fair
# enough, but in this case (dedicated build VM) the risk is lower than
# the risk of running builds as root or of trying to synchronize
# separate copies of the release tree for each release engineer.
#
# The alternative to would be to pull a fresh copy of the published
# tree via rsync each time, modify that, then rsync the changes back.
REPOSITORY := /home/aptbot/novena
GNUPGHOME := /home/aptbot/gnupg
CODENAME := wheezy
REPO_UMASK := 002
UPLOAD_USER := aptbot
UPLOAD_URI := rsync://apt.cryptech.is/novena/
export GNUPGHOME
all: init sw rtl
enchilada: all reprepro upload
init:
git submodule update --init --recursive
clean:
git clean -dfx
git submodule foreach 'git clean -dfx'
sw:
cd sw; $(call DCH,sw,software tools)
cd sw; debuild -S -uc -us
cd sw; debuild -b -uc -us -aarmhf
rtl:
cd core; $(call DCH,rtl,RTL bitstream)
cd core; debuild -S -uc -us
cd core; debuild -b -uc -us -aarmhf
reprepro: ${REPOSITORY}/conf/distributions ${REPOSITORY}/conf/options
umask ${REPO_UMASK}; for f in *.changes; do reprepro -b ${REPOSITORY} include ${CODENAME} $$f; done
${REPOSITORY}/conf/distributions ${REPOSITORY}/conf/options:
install -D reprepro-conf/$(notdir $@) ${REPOSITORY}/conf/$(notdir $@)
RSYNC := rsync --rsh 'ssh -l ${UPLOAD_USER}' --archive --itemize-changes
upload:
${RSYNC} --ignore-existing ${REPOSITORY}/ ${UPLOAD_URI}
${RSYNC} --delete --delete-delay ${REPOSITORY}/ ${UPLOAD_URI}
.PHONY: all init clean sw rtl reprepro upload enchilada
|