Compare commits
4 Commits
testing-is
...
main
| Author | SHA1 | Date | |
|---|---|---|---|
1976a88e0b
|
|||
|
e4b0c55cd8
|
|||
|
5a28cc9b52
|
|||
|
0e42f49f1f
|
1
.gitignore
vendored
1
.gitignore
vendored
@@ -3,6 +3,7 @@ src/ascii-invaders**
|
||||
src/HelloWorld**
|
||||
pkg/
|
||||
testing.log
|
||||
wiki/
|
||||
|
||||
# Packaging outputs
|
||||
*.pkg.tar.zst
|
||||
|
||||
22
Makefile
22
Makefile
@@ -32,6 +32,17 @@ uninstall:
|
||||
test:
|
||||
./maat -h | grep -c Usage 1>/dev/null
|
||||
|
||||
checkperm:
|
||||
chown -R ${owner}: ${pkgdir}${serverRoot}/src
|
||||
chown -R ${owner}: ${pkgdir}${serverRoot}/pkg
|
||||
for i in ${list}; do chown -R ${owner}: "${installDir}/$$i"; sudo chmod ${perms} "${installDir}/$$i"; done
|
||||
|
||||
diff:
|
||||
for i in ${list}; do if [ -f ${installDir}/$$i ]; then diff "$$i" "${installDir}/$$i"; fi done
|
||||
|
||||
reverse:
|
||||
for i in ${list}; do if [ -f ${installDir}/$$i ]; then cp "${installDir}/$$i" "$$i"; fi done
|
||||
|
||||
extendedtest: clean
|
||||
sudo ./maat -u $$USER -T
|
||||
test -d src
|
||||
@@ -51,14 +62,3 @@ extendedtest: clean
|
||||
make clean
|
||||
@echo
|
||||
@echo Tests passed successfully.
|
||||
|
||||
diff:
|
||||
for i in ${list}; do if [ -f ${installDir}/$$i ]; then diff "$$i" "${installDir}/$$i"; fi done
|
||||
|
||||
reverse:
|
||||
for i in ${list}; do if [ -f ${installDir}/$$i ]; then cp "${installDir}/$$i" "$$i"; fi done
|
||||
|
||||
checkperm:
|
||||
chown -R ${owner}: ${pkgdir}${serverRoot}/src
|
||||
chown -R ${owner}: ${pkgdir}${serverRoot}/pkg
|
||||
for i in ${list}; do chown -R ${owner}: "${installDir}/$$i"; sudo chmod ${perms} "${installDir}/$$i"; done
|
||||
|
||||
6
PKGBUILD
6
PKGBUILD
@@ -9,14 +9,14 @@ pkgrel() {
|
||||
echo $(( `git log "$(git describe --tag --abbrev=0)"..HEAD | grep -c commit` + 1 ))
|
||||
}
|
||||
epoch="$(git log | grep -c commit)"
|
||||
pkgdesc="$(head -n 1 README)"
|
||||
pkgdesc="$(head -n 1 README.md)"
|
||||
arch=("x86_64")
|
||||
url="https://aninix.net/foundation/${pkgname}"
|
||||
url="$(git config remote.origin.url | sed 's/.git$//')"
|
||||
license=('custom')
|
||||
groups=()
|
||||
provides=("${pkgname}")
|
||||
conflicts=()
|
||||
replaces=("${pkgname,,}", "aninix-${pkgname,,}")
|
||||
replaces=("${pkgname,,}" "aninix-${pkgname,,}")
|
||||
backup=(usr/local/etc/Maat/aur.list)
|
||||
options=()
|
||||
install=installscript
|
||||
|
||||
@@ -5,7 +5,7 @@ Maat is named for [the Egyptian goddess of truth and order](https://en.wikipedia
|
||||
|
||||
# Relevant Files and Software
|
||||
|
||||
Maat runs as a [systemd.timer](https://man.archlinux.org/man/systemd.timer.5) nightly, invoking our build script. Adhoc builds can be requested from admins. Output gets published on the [landing page](https://maat.aninix.net) from our build pipeline -- there you can download packages, view build logs, see testing status, etc.
|
||||
Maat runs as a [systemd.timer](https://man.archlinux.org/man/systemd.timer.5) nightly, invoking our build script. Ad hoc builds can be requested from admins. Output gets published on the [landing page](https://maat.aninix.net) from our build pipeline -- there you can download packages, view build logs, see testing status, etc.
|
||||
|
||||
Our CI/CD pipeline attempts to pull directly from Git sources, either from the AniNIX or the curated AUR, build those packages, and make the available to systems downstream. The `/usr/local/etc/Maat/aur.list` file allows the admin to control which AUR packages are pulled and built -- output files from builds can help identify issues like missing public GPG keys or dependency issues.
|
||||
|
||||
@@ -13,3 +13,7 @@ Maat also consumes a GPG key. The admin will need to set up this key and publish
|
||||
|
||||
# Available Clients
|
||||
As Maat is a pipeline for ArchLinux systems, the primary client is [Pacman](https://wiki.archlinux.org/title/Pacman). You can see how to subscribe your host to Maat in [this configuration snippet](https://aninix.net/AniNIX/Ubiqtorate/src/branch/main/roles/ShadowArch/files/pacman.conf#L103).
|
||||
|
||||
# Equivalents or Competition
|
||||
|
||||
General equivalents are Jenkins or GitLab CI/CD Runners. We chose to write our own because these are resource-intensive and often insecure. AniNIX/Maat enacts exactly the steps as detailed by Arch and only offers a noninteractive dashboard -- users are only able to see the artifacts and all changes must be done in upstream.
|
||||
|
||||
27
maat
27
maat
@@ -16,7 +16,7 @@ pkgExt=".pkg.tar.zst"
|
||||
deprivuser="maat"
|
||||
|
||||
### Printing defaults
|
||||
passCell="<td style='color:green;'>PASS</td>";
|
||||
passCell="<td style='color:#72ff72;'>PASS</td>";
|
||||
failCell="<td style='color:red;'>FAIL</td>";
|
||||
warnCell="<td style='color:yellow;'>N/A</td>";
|
||||
tableHead="<table style='text-align: left;'>\n<tr><th>Package</th><th>Testing Status</th><th>Build Status</th><th>Latest Build</th><th>Time and Log of Run</th></tr>";
|
||||
@@ -34,7 +34,7 @@ function Usage() {
|
||||
|
||||
### Put the initial content in the webfile
|
||||
function SeedWebFile() {
|
||||
printf '<html>\n<head>\n<title>AniNIX/Maat -- Build Results</title>\n<link rel="icon" type="image/png" href="/MaatIcon.png" />\n<link rel="icon" type="image/png" href="/MaatIcon.png">\n<meta name="apple-mobile-web-app-capable" content="yes" />\n<link rel="stylesheet" type="text/css" href="https://aninix.net/assets/css/theme-aninix.css">\n<link rel="apple-touch-icon" sizes="180x180" href="/MaatIcon.png" />\n</head>\n<body>\n<h1>AniNIX/Maat -- Build Status</h1>\nWEBSTATSGOHERE\n<h2>AnINIX Packages</h2>\n<p>These are packages written by the AniNIX. Their source is in <a href="https://aninix.net/" alt=AniNIX/Foundation>AniNIX/Foundation</a>.</p>\n' > "$webfile"
|
||||
printf '<html lang="en">\n<head>\n<title>AniNIX/Maat -- Build Results</title>\n<link rel="icon" type="image/png" href="/MaatIcon.png" />\n<link rel="icon" type="image/png" href="/MaatIcon.png">\n<meta name="apple-mobile-web-app-capable" content="yes" />\n<link rel="stylesheet" type="text/css" href="https://aninix.net/assets/css/theme-aninix.css">\n<link rel="apple-touch-icon" sizes="180x180" href="/MaatIcon.png" />\n</head>\n<body>\n<h1>AniNIX/Maat -- Build Status</h1>\nWEBSTATSGOHERE\n<h2>AnINIX Packages</h2>\n<p>These are packages written by the AniNIX. Their source is in <a href="https://aninix.net/" alt=AniNIX/Foundation>AniNIX/Foundation</a>.</p>\n' > "$webfile"
|
||||
printf "$tableHead" >> "$webfile"
|
||||
}
|
||||
|
||||
@@ -61,6 +61,7 @@ function BuildPackage() {
|
||||
for pkg in `find . -type f | grep -E "${pkgExt}""\$"`; do
|
||||
printf "<a href=\"/$suffix/$pkg\">$pkg</a><br/>" >> "$webfile"
|
||||
pkgname="$(basename "$pkg" | cut -f 1 -d '.' | sed 's/-[[:digit:]]\+$//')"
|
||||
# Remove old copies
|
||||
find "${pkgdir}/${suffix}/" -name "${pkgname}-[0-9]*" -exec rm {} \;
|
||||
mv "$pkg" "$pkgdir"/"$suffix";
|
||||
mv "$pkg"".sig" "$pkgdir"/"$suffix";
|
||||
@@ -95,11 +96,11 @@ function BuildRepo() {
|
||||
for pkgbuild in `find . -type f -name PKGBUILD`; do
|
||||
cd "$(dirname "$pkgbuild")"
|
||||
# Tell the status file about it.
|
||||
printf '<tr style="border: 1px solid #FFF;"><td>'"<a href='$repo'>$repodir</a> -- $pkgbuild"'</td>' >> "$webfile"
|
||||
printf '<tr style="border: 1px solid #FFF;"><td>'"<a href='$(echo "$repo" | sed 's#aur.archlinux.org#aur.archlinux.org/packages#' | sed 's/.git//')'>$repodir</a> -- $pkgbuild"'</td>' >> "$webfile"
|
||||
if [ -f Makefile ] && [ `grep -E -c '^test:' Makefile` -ge 1 ]; then
|
||||
# Have to try to install dependencies first
|
||||
for dep in $(grep makedepends PKGBUILD | cut -f 2 -d '(' | cut -f 1 -d ')' | sed "s/'//g"); do
|
||||
pacman -Sy "$dep" --noconfirm --needed
|
||||
pacman -S "$dep" --noconfirm --needed
|
||||
done
|
||||
# Check test status.
|
||||
timeout --preserve-status "$timeout" sudo -u "$deprivuser" /bin/bash -l -c "cd $PWD; make test" &>> "$pkgdir"/"$repodir".txt
|
||||
@@ -129,7 +130,6 @@ function UpdateLocalRepo() {
|
||||
set -x
|
||||
cd "$pkgdir"
|
||||
chown -R "$deprivuser": .
|
||||
# TODO Add deduplication of updated files -- keep latest 3 versions.
|
||||
rm -Rf AniNIX.[db,files]*
|
||||
sudo -u "$deprivuser" repo-add --sign ./AniNIX.db.tar.zst `ls -1 *"${pkgExt}"`
|
||||
cd aur/
|
||||
@@ -138,6 +138,20 @@ function UpdateLocalRepo() {
|
||||
set +x
|
||||
}
|
||||
|
||||
### Clean source tracking
|
||||
function CleanSrcTracking() {
|
||||
searchbase="${homedir}/src"
|
||||
for path in `find "$searchbase" -maxdepth 1 -mindepth 1 -type d`; do
|
||||
cd "$path"
|
||||
giturl="$(git config remote.origin.url)"
|
||||
if ! grep "$giturl" "$aurconf"; then
|
||||
cd "$searchbase"
|
||||
rm -Rf "$path"
|
||||
fi
|
||||
done
|
||||
}
|
||||
|
||||
|
||||
# Clear variables
|
||||
aurconf='/usr/local/etc/Maat/aur.list'
|
||||
baseurl='https://aninix.net/AniNIX'
|
||||
@@ -210,7 +224,8 @@ SeedWebFile
|
||||
if [ -n "$MAATTESTINGVAR" ]; then
|
||||
BuildRepo "$baseurl"/HelloWorld
|
||||
else
|
||||
for AniNIXrepo in `curl -s "$baseurl" | grep 'class="name"' | cut -f 4 -d \" | sed "s#^#https://$(echo "$baseurl" | cut -f 3 -d /)#" | sed 's/$/.git/'`; do
|
||||
CleanSrcTracking
|
||||
for AniNIXrepo in `curl -s "$baseurl" | grep 'class="text primary name"' | cut -f 4 -d \" | sed "s#^#https://$(echo "$baseurl" | cut -f 3 -d /)#" | sed 's/$/.git/'`; do
|
||||
BuildRepo "$AniNIXrepo" '.'
|
||||
done
|
||||
fi
|
||||
|
||||
Reference in New Issue
Block a user