ci: try fix ext

try setting file extension
testing
2023-12-06 18:20:56 +01:00 · 2023-12-06 18:19:08 +01:00 · 2023-12-06 18:15:10 +01:00 · 2023-12-06 18:10:56 +01:00 · 2023-12-06 18:00:50 +01:00 · 2023-12-06 17:47:57 +01:00
12 changed files with 301 additions and 222 deletions
--- a/.github/workflows/lint.yaml
+++ b/.github/workflows/lint.yaml
@@ -0,0 +1,28 @@
+name: Artools shellcheck
+run-name: ${{ gitea.actor }}
+on:
+  push:
+    branches:
+      - ci
+    tags:
+      - 0.*
+
+jobs:
+  lint:
+    runs-on: ubuntu-latest
+    steps:
+      - name: checkout repo
+        uses: actions/checkout@main
+      - name: Run ShellCheck shell-linter
+        uses: azohra/shell-linter@latest
+        with:
+          path: "src/base/*.in,src/pkg/*.in,src/iso/*.in"
+          severity: "error"
+      - name: Run ShellCheck action-shellcheck
+        uses: ludeeus/action-shellcheck@master
+        env:
+          SHELLCHECK_OPTS: -x -s bash
+        with:
+          additional_files: "src/base/*.in*"
+          #scandir: 'src/base'
+
--- a/2
+++ b/2
@@ -1,6 +1,6 @@
 SHELL=/bin/bash

-V=0.31
+V=0.32
 BUILDTOOLVER ?= $(V)

 CHROOTVER=0.12
--- a/config/makepkg/x86_64.conf
+++ b/config/makepkg/x86_64.conf
@@ -44,7 +44,8 @@ CFLAGS="-march=x86-64 -mtune=generic -O2 -pipe -fno-plt -fexceptions \
        -Wp,-D_FORTIFY_SOURCE=2 -Wformat -Werror=format-security \
        -fstack-clash-protection -fcf-protection"
 CXXFLAGS="$CFLAGS -Wp,-D_GLIBCXX_ASSERTIONS"
-LDFLAGS="-Wl,-O1,--sort-common,--as-needed,-z,relro,-z,now"
+LDFLAGS="-Wl,-O1 -Wl,--sort-common -Wl,--as-needed -Wl,-z,relro -Wl,-z,now \
+         -Wl,-z,pack-relative-relocs"
 LTOFLAGS="-flto=auto"
 RUSTFLAGS=""
 #-- Make Flags: change this for DistCC/SMP systems
--- a/src/lib/pkg/git/config.sh
+++ b/src/lib/pkg/git/config.sh
@@ -43,7 +43,8 @@ artixpkg_git_config_usage() {

    EXAMPLES
        $ ${COMMAND} --maintainer libfoo
-        $ ${COMMAND} --agent galaxy libfoo
+        $ ${COMMAND} --agent=galaxy libfoo
+        $ ${COMMAND} -a galaxy libfoo
        $ ${COMMAND} --drop libfoo
        $ ${COMMAND} *
 _EOF_
--- a/src/lib/pkg/repo.sh
+++ b/src/lib/pkg/repo.sh
@@ -11,31 +11,13 @@ source "${LIBDIR}"/pkg/db/db.sh
 set -e


-check_pkgbuild_validity() {
-    # shellcheck source=contrib/makepkg/PKGBUILD.proto
-    . ./PKGBUILD
-
-    # skip when there are no sources available
-    if (( ! ${#source[@]} )); then
-        return
-    fi
-
-    # validate sources hash algo is at least > sha1
-    local bad_algos=("cksums" "md5sums" "sha1sums")
-    local good_hash_algo=false
-
-    # from makepkg libmakepkg/util/schema.sh
-    for integ in "${known_hash_algos[@]}"; do
-        local sumname="${integ}sums"
-        if [[ -n ${!sumname} ]] && ! in_array "${sumname}" "${bad_algos[@]}"; then
-            good_hash_algo=true
-            break
-        fi
-    done
-
-    if ! $good_hash_algo; then
-        die "PKGBUILD lacks a secure cryptographic checksum, insecure algorithms: ${bad_algos[*]}"
+show_agent() {
+    local agent="orion"
+    msg "Checking agent ..."
+    if grep @galaxy "${REPO_CI}" &>/dev/null; then
+        agent="taurus"
    fi
+    msg2 "agent: %s" "$agent"
 }

 has_remote_changes() {
--- a/src/lib/pkg/repo/add.sh
+++ b/src/lib/pkg/repo/add.sh
@@ -8,6 +8,30 @@ ARTOOLS_INCLUDE_REPO_ADD_SH=1
 set -e


+check_pkgbuild_validity() {
+    # skip when there are no sources available
+    if (( ! ${#source[@]} )); then
+        return
+    fi
+
+    # validate sources hash algo is at least > sha1
+    local bad_algos=("cksums" "md5sums" "sha1sums")
+    local good_hash_algo=false
+
+    # from makepkg libmakepkg/util/schema.sh
+    for integ in "${known_hash_algos[@]}"; do
+        local sumname="${integ}sums"
+        if [[ -n ${!sumname} ]] && ! in_array "${sumname}" "${bad_algos[@]}"; then
+            good_hash_algo=true
+            break
+        fi
+    done
+
+    if ! $good_hash_algo; then
+        die "PKGBUILD lacks a secure cryptographic checksum, insecure algorithms: ${bad_algos[*]}"
+    fi
+}
+
 artixpkg_repo_add_usage() {
    local -r COMMAND=${_ARTOOLS_COMMAND:-${BASH_SOURCE[0]##*/}}
    cat <<- _EOF_
@@ -86,6 +110,8 @@ artixpkg_repo_add() {
            fi
            ( cd "${pkgbase}" || return

+                if ! has_remote_changes; then
+
                    if [[ ! -f PKGBUILD ]]; then
                        die "No PKGBUILD found in (%s)" "${pkgbase}"
                    fi
@@ -93,6 +119,10 @@ artixpkg_repo_add() {
                    # shellcheck source=contrib/makepkg/PKGBUILD.proto
                    source PKGBUILD

+                    check_pkgbuild_validity
+
+                    manage-pkgbuild-keys --export
+
                    update_yaml_base
                    update_yaml_add "${REBUILD}" "${ADD}" "${NOCHECK}" "${DEST}"

@@ -130,6 +160,8 @@ artixpkg_repo_add() {
                            warning "Could not query ${REPO_DB}"
                        fi
                    fi
+
+                fi
            )
        fi

--- a/src/lib/pkg/repo/import.sh
+++ b/src/lib/pkg/repo/import.sh
@@ -125,6 +125,7 @@ artixpkg_repo_import() {
                fi

                if ! has_remote_changes; then
+                    show_agent
                    msg "Querying ${pkgbase} ..."
                    if ! show_db; then
                        warning "Could not query ${REPO_DB}"
--- a/src/lib/pkg/repo/move.sh
+++ b/src/lib/pkg/repo/move.sh
@@ -80,6 +80,8 @@ artixpkg_repo_move() {
            fi
            ( cd "${pkgbase}" || return

+                if ! has_remote_changes; then
+
                    if [[ ! -f PKGBUILD ]]; then
                        die "No PKGBUILD found in (%s)" "${pkgbase}"
                    fi
@@ -130,15 +132,17 @@ artixpkg_repo_move() {

                        elif (( ret < 0 )); then

-                        error "invalid move: version $src_version < $dest_version!"
+                            error "${pkgbase}: invalid move: version $src_version < $dest_version!"

                        else
-                        error "invalid move: version $src_version = $dest_version!"
+                            error "${pkgbase}: invalid move: version $src_version = $dest_version!"

                        fi

                    else
-                    error "invalid move: version $src_version!"
+                        error "${pkgbase}: invalid move: version $src_version!"
+                    fi
+
                fi

            )
--- a/src/lib/pkg/repo/remove.sh
+++ b/src/lib/pkg/repo/remove.sh
@@ -73,6 +73,8 @@ artixpkg_repo_remove() {
            fi
            ( cd "${pkgbase}" || return

+                if ! has_remote_changes; then
+
                    if [[ ! -f PKGBUILD ]]; then
                        die "No PKGBUILD found in (%s)" "${pkgbase}"
                    fi
@@ -106,6 +108,8 @@ artixpkg_repo_remove() {
                        fi

                    fi
+
+                fi
            )
        fi

--- a/src/lib/pkg/repo/show.sh
+++ b/src/lib/pkg/repo/show.sh
@@ -77,6 +77,8 @@ artixpkg_repo_show() {
                        die "No PKGBUILD found in (%s)" "${pkgbase}"
                    fi

+                    show_agent
+
                    msg "Querying ${pkgbase} ..."
                    if ! show_db; then
                        warning "Could not query ${REPO_DB}"
--- a/src/pkg/export-pkgbuild-keys.in
+++ b/src/pkg/export-pkgbuild-keys.in
@@ -1,73 +0,0 @@
-#!/bin/bash
-#
-# SPDX-License-Identifier: GPL-3.0-or-later
-
-LIBDIR=${LIBDIR:-'@libdir@'}
-
-# shellcheck source=src/lib/base/message.sh
-source "${LIBDIR}"/base/message.sh
-
-usage() {
-    cat <<- _EOF_
-        Usage: ${BASH_SOURCE[0]##*/}
-
-        Export the PGP keys from a PKGBUILDs validpgpkeys array into the keys/pgp/
-        subdirectory. Useful for distributing packager validated source signing
-        keys alongside PKGBUILDs.
-
-        OPTIONS
-            -h, --help      Show this help text
-_EOF_
-}
-
-# option checking
-while (( $# )); do
-    case $1 in
-        -h|--help) usage; exit 0 ;;
-        *) die "invalid argument: %s" "$1" ;;
-    esac
-done
-
-if [[ ! -f PKGBUILD ]]; then
-    die "This must be run a directory containing a PKGBUILD."
-fi
-
-mapfile -t validpgpkeys < <(
-    # shellcheck source=contrib/makepkg/PKGBUILD.proto
-    . ./PKGBUILD
-    if (( ${#validpgpkeys[@]} )); then
-        printf "%s\n" "${validpgpkeys[@]}"
-    fi
-)
-
-msg "Exporting ${#validpgpkeys[@]} PGP keys..."
-if (( ${#validpgpkeys[@]} == 0 )); then
-    exit 0
-fi
-
-trap 'rm -rf $TEMPDIR' EXIT INT TERM QUIT
-TEMPDIR=$(mktemp -d --tmpdir export-pkgbuild-keys.XXXXXXXXXX)
-
-mkdir -p keys/pgp
-error=0
-
-for key in "${validpgpkeys[@]}"; do
-    gpg --output "$TEMPDIR/$key.asc" --armor --export --export-options export-minimal "$key" 2>/dev/null
-
-    # gpg does not give a non-zero return value if it fails to export...
-    if [[ -f $TEMPDIR/$key.asc ]]; then
-        msg2 "Exported $key"
-        mv "$TEMPDIR/$key.asc" "keys/pgp/$key.asc"
-    else
-        if [[ -f keys/pgp/$key.asc ]]; then
-            warning "Failed to update key: $key"
-        else
-            error "Key unavailable: $key"
-            error=1
-        fi
-    fi
-done
-
-if (( error )); then
-    die "Failed to export all \'validpgpkeys\' entries."
-fi
--- a/src/pkg/manage-pkgbuild-keys.in
+++ b/src/pkg/manage-pkgbuild-keys.in
@@ -0,0 +1,97 @@
+#!/bin/bash
+#
+# SPDX-License-Identifier: GPL-3.0-or-later
+
+LIBDIR=${LIBDIR:-'@libdir@'}
+
+# shellcheck source=src/lib/base/message.sh
+source "${LIBDIR}"/base/message.sh
+
+
+usage() {
+    cat <<- _EOF_
+        Usage: ${BASH_SOURCE[0]##*/}
+
+        Export or import the PGP keys from a PKGBUILDs validpgpkeys array into/from the keys/pgp/
+        subdirectory. Useful for distributing packager validated source signing
+        keys alongside PKGBUILDs.
+
+        OPTIONS
+            -i, --import    Import keys
+            -e, --export    Export keys
+            -h, --help      Show this help text
+_EOF_
+}
+
+action=
+
+# option checking
+while (( $# )); do
+    case $1 in
+        -i|--import) action="import"; shift ;;
+        -e|--export) action="export"; shift ;;
+        -h|--help) usage; exit 0 ;;
+        *) die "invalid argument: %s" "$1" ;;
+    esac
+done
+
+if [[ ! -f PKGBUILD ]]; then
+    die "This must be run a directory containing a PKGBUILD."
+fi
+
+mapfile -t validpgpkeys < <(
+    # shellcheck source=contrib/makepkg/PKGBUILD.proto
+    . ./PKGBUILD
+    if (( ${#validpgpkeys[@]} )); then
+        printf "%s\n" "${validpgpkeys[@]}"
+    fi
+)
+
+if [[ "$action" == 'export' ]]; then
+    msg "Exporting ${#validpgpkeys[@]} PGP keys..."
+    if (( ${#validpgpkeys[@]} == 0 )); then
+        exit 0
+    fi
+
+    trap 'rm -rf $TEMPDIR' EXIT INT TERM QUIT
+    TEMPDIR=$(mktemp -d --tmpdir export-pkgbuild-keys.XXXXXXXXXX)
+
+    mkdir -p keys/pgp
+    error=0
+
+
+    for key in "${validpgpkeys[@]}"; do
+        gpg --output "$TEMPDIR/$key.asc" --armor --export --export-options export-minimal "$key" 2>/dev/null
+
+        # gpg does not give a non-zero return value if it fails to export...
+        if [[ -f $TEMPDIR/$key.asc ]]; then
+            msg2 "Exported $key"
+            mv "$TEMPDIR/$key.asc" "keys/pgp/$key.asc"
+        else
+            if [[ -f keys/pgp/$key.asc ]]; then
+                warning "Failed to update key: $key"
+            else
+                error "Key unavailable: $key"
+                error=1
+            fi
+        fi
+    done
+elif [[ "$action" == 'import' ]]; then
+    msg "Ensuring required PGP keys are present..."
+    for key in "${validpgpkeys[@]}"; do
+        msg2 "Checking for $key..."
+        if ! gpg --recv-keys $key || gpg --fingerprint $key; then
+            if [[ -f keys/pgp/$key.asc ]]; then
+                msg2 "Importing key from local..."
+                gpg --import keys/pgp/$key.asc
+            else
+                error "Key unavailable: $key"
+                error=1
+            fi
+        fi
+    done
+fi
+
+if (( error )); then
+    die "Failed to $action all \'validpgpkeys\' entries."
+fi
Author	SHA1	Message	Date
Artoo	e8e4aa553f	ci: try fix ext Some checks failed Artools shellcheck / lint (push) Failing after 23s Details	2023-12-06 18:20:56 +01:00
Artoo	d8b1038bd6	try setting file extension	2023-12-06 18:19:08 +01:00
Artoo	f9a2dc9dbe	testing All checks were successful Artools shellcheck / lint (push) Successful in 16s Details	2023-12-06 18:15:10 +01:00
Artoo	e04adbf5e6	ci: test linters All checks were successful Artools shellcheck / lint (push) Successful in 18s Details	2023-12-06 18:10:56 +01:00
Artoo	af1514ad5f	ci: change job name All checks were successful Artools shellcheck / lint (push) Successful in 13s Details	2023-12-06 18:00:50 +01:00
Artoo	32925a05c4	ci: fix branch Some checks failed Artools shellcheck / build (push) Failing after 27s Details	2023-12-06 17:47:57 +01:00
Artoo	77017f8009	ci: add lint.yaml	2023-12-06 17:45:18 +01:00
Artoo	645563b0c5	artixpkg: export keys on repo add	2023-12-06 17:31:04 +01:00
Artoo	fb8da6fedd	manage-pkgbuild-keys: small refactor	2023-12-06 01:08:19 +01:00
Artoo	c31acae021	manage-pkgbuild-keys: standardize msgs	2023-12-06 00:21:42 +01:00
Artoo	ca1082a8e5	pkg: add manage-pkgbuild-keys	2023-12-06 00:16:27 +01:00
Artoo	6f12273730	artixpkg: show agent on repo import	2023-12-05 21:23:00 +01:00
Artoo	b9b15f549d	artixpkg: add msgs to show_agent()	2023-12-05 21:18:31 +01:00
Artoo	c81b643fb2	artixpkg: add agent config to repo show cmd	2023-12-05 21:06:56 +01:00
Artoo	4362707456	makepkg.conf: backport arch diff	2023-12-04 17:55:51 +01:00
Artoo	5d8cdf19fe	artixpkg: refactor pkgbuild sourcing in repo add	2023-12-03 19:40:56 +01:00
Artoo	7084a086fa	artixpkg: move check_pkgbuild_validity() in add	2023-12-03 19:38:09 +01:00
Artoo	8744bb5355	artixpkg: check pkgbuild validity on add	2023-12-03 16:42:38 +01:00
Artoo	75747a7d9d	artixpkg: add remote changes check for add, move, remove	2023-12-03 16:39:05 +01:00
Artoo	75d1e7ce2a	start 0.32	2023-12-03 16:04:34 +01:00