buildbot.git
3 years agoGitLab CI integration
Petr Štetiar [Tue, 2 Mar 2021 12:39:19 +0000 (13:39 +0100)]
GitLab CI integration

For improved automation, further QA etc.

Signed-off-by: Petr Štetiar <ynezz@true.cz>
3 years agodocker: buildslave: make TLS working
Petr Štetiar [Sat, 6 Mar 2021 05:45:38 +0000 (06:45 +0100)]
docker: buildslave: make TLS working

It seems like twisted actually needs SSL in the connection string,
otherwise it will get stuck in the following endless loop:

 [buildbot_worker.pb.BotFactory#info] Starting factory <buildbot_worker.pb.BotFactory object at 0x7ff40f19e080>
 [twisted.application.internet.ClientService#info] Scheduling retry 1 to connect <twisted.internet.endpoints._WrapperEndpoint object at 0x7ff410352978> in 2.1271975799063436 seconds.

Signed-off-by: Petr Štetiar <ynezz@true.cz>
3 years agobuiltmaster,phase1: add missing services dict
Petr Štetiar [Fri, 5 Mar 2021 12:06:21 +0000 (13:06 +0100)]
builtmaster,phase1: add missing services dict

Fixes following error:

 2021-03-05 11:00:54+0000 [-] error while parsing config file:
 ...
        builtins.KeyError: 'services'

Signed-off-by: Petr Štetiar <ynezz@true.cz>
3 years agobuildmaster: replace horizons with JanitorConfigurator
Petr Štetiar [Fri, 5 Mar 2021 11:42:05 +0000 (12:42 +0100)]
buildmaster: replace horizons with JanitorConfigurator

The old c['logHorizon'] way of configuring is not supported anymore, we
should use JanitorConfigurator. A new __Janitor builder will be created
to help keep an eye on the cleanup activities and for that we need
buildbot-worker package as well.

Signed-off-by: Petr Štetiar <ynezz@true.cz>
3 years agobuildmaster: fix permissions
Petr Štetiar [Fri, 5 Mar 2021 08:14:55 +0000 (09:14 +0100)]
buildmaster: fix permissions

Otherwise buildbot wouldn't be able to access config.ini or certs and thus fail
to start:

 2021-03-05 08:08:18+0000 [-] Loading configuration from '/phase1/master.cfg'
 2021-03-05 08:08:18+0000 [-] error while parsing config file:
 ...
 configparser.NoSectionError: No section: 'general'

Signed-off-by: Petr Štetiar <ynezz@true.cz>
3 years agodocker: fix Python cryptography build failure
Petr Štetiar [Tue, 2 Mar 2021 14:13:22 +0000 (15:13 +0100)]
docker: fix Python cryptography build failure

It seems like recent Python cryptography package versions need Rust
compiler present for OpenSSL wrapper, which leads to following error:

 generating cffi module 'build/temp.linux-x86_64-3.7/_openssl.c'
 running build_rust
 ...
 error: Can not find Rust compiler

There is following note regarding this issue in the documentation:

 If you are on RHEL/CentOS/Fedora/Debian/Ubuntu or another distribution
 derived from the preceding list, then you should upgrade pip (in a
 virtual environment!) and attempt to install cryptography again before
 trying to install the Rust toolchain. These platforms will receive a
 binary wheel and require no compiler if you have an updated pip!

So fix this by recommended pip update.

References: https://cryptography.io/en/latest/installation.html#rust
Signed-off-by: Petr Štetiar <ynezz@true.cz>
3 years agophase1,2: fix missing tmp dir
Petr Štetiar [Thu, 14 Jan 2021 17:32:33 +0000 (18:32 +0100)]
phase1,2: fix missing tmp dir

Silence the missing tmp dir warning in the source.git.

Signed-off-by: Petr Štetiar <ynezz@true.cz>
3 years agodocker: make TLS working
Petr Štetiar [Thu, 14 Jan 2021 16:27:49 +0000 (17:27 +0100)]
docker: make TLS working

Fixes following errors during setup:

 buildslave-phase2_1   | Failed to load application: name 'optionsForClientTLS' is not defined

 [-] while starting BuildMaster
 ...
 builtins.ModuleNotFoundError: No module named 'OpenSSL'

Signed-off-by: Petr Štetiar <ynezz@true.cz>
3 years agophase1: make change links clickable
Paul Spooren [Sat, 9 Jan 2021 21:41:53 +0000 (11:41 -1000)]
phase1: make change links clickable

Adding a `revlink` allows to click on changes leading to the
git.openwrt.org commit package. This feature works automatically for
pages like GitHub, however requires this manual step for custom urls.

Signed-off-by: Paul Spooren <mail@aparcar.org>
3 years agodocker,worker: install qemu-utils
Paul Spooren [Sun, 10 Jan 2021 20:27:58 +0000 (10:27 -1000)]
docker,worker: install qemu-utils

To convert x86 images to VDI/VMDK the `qemu-img` tools is required,
which is part of Debians `qemu-utils` package. The goal is to remove the
ancient in-tree `qemu-img` version and replace it with a recent host
installed package.

Related: https://github.com/openwrt/openwrt/pull/3739/

Signed-off-by: Paul Spooren <mail@aparcar.org>
[rebased]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
3 years agoscripts: remove migrated dumpinfo.pl script
Paul Spooren [Sat, 9 Jan 2021 21:24:15 +0000 (11:24 -1000)]
scripts: remove migrated dumpinfo.pl script

The script was moved over to openwrt.git and is called
`dump-target-info.pl`

Signed-off-by: Paul Spooren <mail@aparcar.org>
[fixed script path in the master build script]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
3 years agodocker: alphabetical sorting of packages
Petr Štetiar [Thu, 14 Jan 2021 15:22:17 +0000 (16:22 +0100)]
docker: alphabetical sorting of packages

So it's easier to follow.

Signed-off-by: Petr Štetiar <ynezz@true.cz>
3 years agodocker: update to 2.10.1
Petr Štetiar [Fri, 8 Jan 2021 16:47:12 +0000 (17:47 +0100)]
docker: update to 2.10.1

Removing the mixing with the testing as it seems, that it's not needed
anymore. We can easily just use buildbot from pip.

Signed-off-by: Petr Štetiar <ynezz@true.cz>
3 years agophase1: fix gitcheckout with corrupted .git
Petr Štetiar [Tue, 9 Feb 2021 21:21:15 +0000 (22:21 +0100)]
phase1: fix gitcheckout with corrupted .git

When the container running `git clone` is killed it will leave the .git
directory in unusable state which then leads in the following errors:

 if [ -d .git ]; then git checkout -f master; git branch --set-upstream-to origin/master; else exit 0; fi
 error: pathspec 'master' did not match any file(s) known to git.
 fatal: branch 'master' does not exist

Fix it by removing .git completely if this happens, otherwise it might
simply leave shared build directory in the unusable state.

Signed-off-by: Petr Štetiar <ynezz@true.cz>
3 years agophase1: dont include stderr output in stageroot variable
Petr Štetiar [Tue, 8 Sep 2020 06:47:34 +0000 (08:47 +0200)]
phase1: dont include stderr output in stageroot variable

Otherwise it can result in strange error messages which are hard to
debug.

Ref: http://lists.openwrt.org/pipermail/openwrt-devel/2020-August/030826.html
Signed-off-by: Petr Štetiar <ynezz@true.cz>
4 years agophase2: use full git history for reproducibility
Paul Spooren [Fri, 13 Nov 2020 07:06:03 +0000 (21:06 -1000)]
phase2: use full git history for reproducibility

The SOURCE_DATE_EPOCH variable is used to set reproducible time stamps
for built artifact. As packages get rebuild without changing, they
require individual epochs which are independent of the main tree. To
archive that the git log for each package source path is used.

This mechanism can only work if the full git history is available. Until
now only a shallow copy (--depth 1) would be cloned. With this commit
the `feeds.conf.default` is changed to use the full git repository.

Signed-off-by: Paul Spooren <mail@aparcar.org>
[do not modify feeds.conf.default]
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
4 years agophase1: add separate option for kmod repo embedding
Jo-Philipp Wich [Fri, 13 Nov 2020 14:03:45 +0000 (15:03 +0100)]
phase1: add separate option for kmod repo embedding

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
4 years agophase1: treat "kmod_archive" as bool option
Jo-Philipp Wich [Sat, 7 Nov 2020 19:31:36 +0000 (20:31 +0100)]
phase1: treat "kmod_archive" as bool option

Fixes: 9ad60fa ("phase1: add config option to enable/disable kmod archive")
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
4 years agorsync.sh: set pipefail
Thibaut VARÈNE [Fri, 28 Feb 2020 23:59:45 +0000 (00:59 +0100)]
rsync.sh: set pipefail

to capture rsync failures when piped through pv

Signed-off-by: Thibaut VARÈNE <hacks@slashdirt.org>
4 years agophase1: add config option to enable/disable kmod archive
Jo-Philipp Wich [Sat, 7 Nov 2020 19:11:13 +0000 (20:11 +0100)]
phase1: add config option to enable/disable kmod archive

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
4 years agophase1: add JSON merge step
Paul Spooren [Tue, 30 Jun 2020 23:28:02 +0000 (13:28 -1000)]
phase1: add JSON merge step

The refactored JSON info files require a final merge step which sums up
all created JSON info files of a target into a single `profiles.json`
files.

This patch adds the extra step to run `make json_overview_image_info`
just before calculating the checksums so the `profiles.json` files is
signed as well.

Signed-off-by: Paul Spooren <mail@aparcar.org>
[allow the step to fail to satisfy 18.06 builders]
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
4 years agobuildslave: update to Debian 10, introduce TLS support
Jo-Philipp Wich [Sat, 11 Apr 2020 22:16:26 +0000 (00:16 +0200)]
buildslave: update to Debian 10, introduce TLS support

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
4 years agodocker: add example certificates
Jo-Philipp Wich [Sat, 11 Apr 2020 22:15:43 +0000 (00:15 +0200)]
docker: add example certificates

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
4 years agobuildmaster: update to v2.4.1
Jo-Philipp Wich [Sat, 11 Apr 2020 22:15:26 +0000 (00:15 +0200)]
buildmaster: update to v2.4.1

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
4 years agophase1, phase2: sort and move imports to the top of the file
Jo-Philipp Wich [Mon, 3 Feb 2020 15:57:12 +0000 (16:57 +0100)]
phase1, phase2: sort and move imports to the top of the file

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
4 years agoscripts: cleanup.sh: adapt to buildbot v2 api
Jo-Philipp Wich [Mon, 3 Feb 2020 15:50:47 +0000 (16:50 +0100)]
scripts: cleanup.sh: adapt to buildbot v2 api

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
4 years agophase1, phase2: implement force scheduler logic
Jo-Philipp Wich [Mon, 3 Feb 2020 15:50:06 +0000 (16:50 +0100)]
phase1, phase2: implement force scheduler logic

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
4 years agophase1, phase2: update master to Debian 10 / Buildbot 2.0.1
Jo-Philipp Wich [Sun, 2 Feb 2020 18:22:41 +0000 (19:22 +0100)]
phase1, phase2: update master to Debian 10 / Buildbot 2.0.1

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
4 years agoscripts: signall.sh store usign.key as usign.sec
Paul Spooren [Thu, 14 Nov 2019 07:55:30 +0000 (21:55 -1000)]
scripts: signall.sh store usign.key as usign.sec

The signall.sh script signs all files inside a tar via GPG and
signify-openbsd (similar to usign)e and attaches the signatures to the
same archive.

Using more recent versions of signify-openbsd requires a specific naming
schema for keys, private ending with .sec and public with .pub. This was
introduced at 763e1148f68f03cb2fa85d022500acf8c66af222[0].

This patch renames the stored key as usign.sec instead of usign.key. As
of the temporary nature of the key storing, this very unlikely breaks
any existing setups.

[0]: https://github.com/openbsd/src/commit/763e1148f68f03cb2fa85d022500acf8c66af222

Signed-off-by: Paul Spooren <mail@aparcar.org>
[adjusted commit subject]
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
5 years agophase1: make buildinfo failures "green"
Jo-Philipp Wich [Fri, 18 Oct 2019 14:39:11 +0000 (16:39 +0200)]
phase1: make buildinfo failures "green"

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
5 years agophase1: allow buildinfo target to fail
Jo-Philipp Wich [Fri, 18 Oct 2019 14:16:30 +0000 (16:16 +0200)]
phase1: allow buildinfo target to fail

Not all observed branches provide this target.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
5 years agoadd helper script to (re)build docker images
Jo-Philipp Wich [Fri, 18 Oct 2019 06:53:41 +0000 (08:53 +0200)]
add helper script to (re)build docker images

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
5 years agophase1: use buildinfo instead of prepare
Paul Spooren [Sun, 13 Oct 2019 21:00:39 +0000 (11:00 -1000)]
phase1: use buildinfo instead of prepare

Prepare target is used to compile tools and toolchain, however buildbot
only uses it to create the buildinfo files. This[0] PR splits prepare
and buildinfo allowing the buildbots to run the buildinfo creation only.

This should also fix the current issue with missing json info files:
prepare runs `target/compile` which removes all existing json info files
via `Device/Build`. Only `target/install` creates them via
`Device/Build/image`. However currently the buildbots run
`target/install` before (the second) `target/compile`.

[0]: https://github.com/openwrt/openwrt/pull/2492

Signed-off-by: Paul Spooren <mail@aparcar.org>
5 years agophase1: run prepare instead of diffconfig
Paul Spooren [Tue, 3 Sep 2019 09:59:29 +0000 (23:59 -1000)]
phase1: run prepare instead of diffconfig

This will not only create config.buildinfo as before, but also
version.buildinfo and feeds.buidinfo.

CC: Jo-Philipp Wich <jo@mein.io>
Signed-off-by: Paul Spooren <mail@aparcar.org>
[rename step from "prepare" to "buildinfo"]
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
5 years agophase2: fix copy-paste error in previous commit
Jo-Philipp Wich [Thu, 18 Jul 2019 13:40:11 +0000 (15:40 +0200)]
phase2: fix copy-paste error in previous commit

Fixes: c17b550 ("phase2: sanitize SDK host command symlinks")
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
5 years agophase2: sanitize SDK host command symlinks
Jo-Philipp Wich [Thu, 18 Jul 2019 13:30:31 +0000 (15:30 +0200)]
phase2: sanitize SDK host command symlinks

The SDK archive might contain symlinks like

  staging_dir/host/bin/gcc -> /builder/arc770_generic/ccache_cc.sh

which may result in host compile failures when a slave has been used
for both phase1 and phase2 builds.

Add a new step which purges such links when running the SDK until
buildroot is eventually fixed to not put suhc links into the archive
in the first place.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
5 years agoscripts: cleanup.sh: skip directory symlinks
Jo-Philipp Wich [Thu, 18 Jul 2019 13:02:11 +0000 (15:02 +0200)]
scripts: cleanup.sh: skip directory symlinks

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
5 years agorsync: remove pid file if it already exists
Jo-Philipp Wich [Thu, 18 Jul 2019 12:56:47 +0000 (14:56 +0200)]
rsync: remove pid file if it already exists

If the rsync container was forcibly shut down, it may still contain
a stale pid file entry.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
5 years agophase2: implement work dir sharing
Jo-Philipp Wich [Thu, 18 Jul 2019 12:42:14 +0000 (14:42 +0200)]
phase2: implement work dir sharing

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
5 years agotreewide: merge phase1 and phase2 cleanup procedures
Jo-Philipp Wich [Thu, 18 Jul 2019 12:29:43 +0000 (14:29 +0200)]
treewide: merge phase1 and phase2 cleanup procedures

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
5 years agoscripts: signall.sh: use absolute paths when invoking gpg from find
Jo-Philipp Wich [Wed, 17 Jul 2019 06:13:24 +0000 (08:13 +0200)]
scripts: signall.sh: use absolute paths when invoking gpg from find

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
5 years agophase2: disable slave side package signing
Jo-Philipp Wich [Tue, 16 Jul 2019 19:28:31 +0000 (21:28 +0200)]
phase2: disable slave side package signing

Since we do not expose secret using keys to buildslaves anymore,
we cannot sign the package indexes on the slave side either.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
5 years agophase1: enable shared work directory by default
Jo-Philipp Wich [Tue, 16 Jul 2019 17:18:08 +0000 (19:18 +0200)]
phase1: enable shared work directory by default

Enable work directory sharing for any slave having a concurrent build limit
of one job.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
5 years agophase1: forcibly checkout branch
Jo-Philipp Wich [Tue, 16 Jul 2019 17:14:08 +0000 (19:14 +0200)]
phase1: forcibly checkout branch

Pass the -f flag to git checkout in order to ensure that any potentially
existing local changes are overwritten.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
5 years agophase1: automatically setup shared work directory symlink
Jo-Philipp Wich [Tue, 16 Jul 2019 17:12:29 +0000 (19:12 +0200)]
phase1: automatically setup shared work directory symlink

Until now, the shared work directory symlinks had to be provisioned
manually, this commits automates the setup when work directory sharing
is enabled for the slave.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
5 years agophase1: checkout configured branch
Jo-Philipp Wich [Mon, 15 Jul 2019 08:36:15 +0000 (10:36 +0200)]
phase1: checkout configured branch

Also fixup the remote since the Git() step does not properly set
it in all cases.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
5 years agodocker: buildslave: properly recreate slave if state dir already exists
Jo-Philipp Wich [Mon, 15 Jul 2019 06:08:21 +0000 (08:08 +0200)]
docker: buildslave: properly recreate slave if state dir already exists

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
5 years agodocker: merge phase1 and phase2 configs into one file
Jo-Philipp Wich [Wed, 3 Jul 2019 06:37:49 +0000 (08:37 +0200)]
docker: merge phase1 and phase2 configs into one file

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
5 years agophase2: move phase2 specific options into separate section
Jo-Philipp Wich [Wed, 3 Jul 2019 06:36:27 +0000 (08:36 +0200)]
phase2: move phase2 specific options into separate section

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
5 years agophase1: move phase1 specific options into separate section
Jo-Philipp Wich [Wed, 3 Jul 2019 06:36:12 +0000 (08:36 +0200)]
phase1: move phase1 specific options into separate section

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
5 years agodocker: containerize master and slaves
Jo-Philipp Wich [Tue, 2 Jul 2019 05:19:05 +0000 (07:19 +0200)]
docker: containerize master and slaves

Introduce docker builds for the buildmaster and slaves, and add
a docker-compose reference setup for quickly spinning up an
example build cluster.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
5 years agoscripts: sha2rsync.pl: handle usign signatures as well
Jo-Philipp Wich [Tue, 2 Jul 2019 16:25:00 +0000 (18:25 +0200)]
scripts: sha2pl: handle usign signatures as well

 - Also consider sha256sums.sig and Packages.sig files
 - Avoid operation on closed handle when remote list does not exist
 - Only add existing additional files to rsync list

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
5 years agophase1: use --contimeout parameter only for rsync daemon connections
Jo-Philipp Wich [Tue, 2 Jul 2019 10:49:00 +0000 (12:49 +0200)]
phase1: use --contimeout parameter only for rsync daemon connections

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
5 years agotreewide: rework signall.sh to read keys from config directly
Jo-Philipp Wich [Tue, 2 Jul 2019 09:13:11 +0000 (11:13 +0200)]
treewide: rework signall.sh to read keys from config directly

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
5 years agophase1: prevent ccache/gcc exec recursion when cc_version is unset
Jo-Philipp Wich [Mon, 1 Jul 2019 16:38:18 +0000 (18:38 +0200)]
phase1: prevent ccache/gcc exec recursion when cc_version is unset

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
5 years agophase2: allow overriding config.ini location with env var
Jo-Philipp Wich [Sun, 30 Jun 2019 19:24:22 +0000 (21:24 +0200)]
phase2: allow overriding config.ini location with env var

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
5 years agophase1: allow overriding config.ini location with env var
Jo-Philipp Wich [Sun, 30 Jun 2019 19:24:05 +0000 (21:24 +0200)]
phase1: allow overriding config.ini location with env var

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
5 years agophase1: move config.seed into config.ini
Jo-Philipp Wich [Sun, 30 Jun 2019 18:28:57 +0000 (20:28 +0200)]
phase1: move config.seed into config.ini

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
5 years agophase2: move cleanup.sh to shared script directory
Jo-Philipp Wich [Sun, 30 Jun 2019 18:24:38 +0000 (20:24 +0200)]
phase2: move cleanup.sh to shared script directory

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
5 years agophase1: move cleanup.sh to shared script directory
Jo-Philipp Wich [Sun, 30 Jun 2019 18:24:23 +0000 (20:24 +0200)]
phase1: move cleanup.sh to shared script directory

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
5 years agotreewide: rename home_dir to work_dir
Jo-Philipp Wich [Sun, 30 Jun 2019 17:51:57 +0000 (19:51 +0200)]
treewide: rename home_dir to work_dir

Also default to current directory.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
5 years agotreewide: rework GPG signing
Jo-Philipp Wich [Sun, 30 Jun 2019 17:45:01 +0000 (19:45 +0200)]
treewide: rework GPG signing

Specify the GPG signing key directly in config.ini and pass it via
environment variable to signall.sh.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
5 years agophase2: move usign handling to master
Jo-Philipp Wich [Sun, 30 Jun 2019 16:13:57 +0000 (18:13 +0200)]
phase2: move usign handling to master

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
5 years agophase1: move usign handling to master
Jo-Philipp Wich [Sun, 30 Jun 2019 16:13:44 +0000 (18:13 +0200)]
phase1: move usign handling to master

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
5 years agoscripts: signall.sh: add using support
Jo-Philipp Wich [Sun, 30 Jun 2019 16:13:26 +0000 (18:13 +0200)]
scripts: signall.sh: add using support

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
5 years agoscripts: add usign secret to public key converter
Jo-Philipp Wich [Fri, 28 Jun 2019 11:09:56 +0000 (13:09 +0200)]
scripts: add usign secret to public key converter

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
5 years agotreewide: untangle phase1 and phase2 masters
Jo-Philipp Wich [Fri, 28 Jun 2019 11:05:58 +0000 (13:05 +0200)]
treewide: untangle phase1 and phase2 masters

 - Move shared scripts into a common scripts/ directory
 - Move SSH Git clone key directly into the configuration
 - Update configuration examples

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
5 years agophase1: add further Git clone/pull safety guards
Jo-Philipp Wich [Tue, 25 Jun 2019 18:38:44 +0000 (20:38 +0200)]
phase1: add further Git clone/pull safety guards

- Ensure that we're on a valid branch before invoking buildbot Git()
- Verify that we did end up on a proper branch or tag after clone/pull

Ref: http://lists.infradead.org/pipermail/openwrt-devel/2019-June/017809.html
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
5 years agophase1: fix GnuPG 2.x compatibility
Jo-Philipp Wich [Tue, 25 Jun 2019 04:40:38 +0000 (06:40 +0200)]
phase1: fix GnuPG 2.x compatibility

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
5 years agophase2: add version suffix to faillogs directory
Jo-Philipp Wich [Mon, 24 Jun 2019 04:31:06 +0000 (06:31 +0200)]
phase2: add version suffix to faillogs directory

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
5 years agophase2: add ability to clone feeds via SSH
Jo-Philipp Wich [Mon, 24 Jun 2019 04:12:31 +0000 (06:12 +0200)]
phase2: add ability to clone feeds via SSH

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
5 years agophase1: add ability to clone feeds via SSH
Jo-Philipp Wich [Mon, 24 Jun 2019 04:12:12 +0000 (06:12 +0200)]
phase1: add ability to clone feeds via SSH

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
5 years agophase1: make feed update and install errors fatal
Jo-Philipp Wich [Sat, 22 Jun 2019 07:11:43 +0000 (09:11 +0200)]
phase1: make feed update and install errors fatal

Do not continue building if the feed cloning failed.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
5 years agophase2: improve source archive uploading
Jo-Philipp Wich [Fri, 21 Jun 2019 06:56:24 +0000 (08:56 +0200)]
phase2: improve source archive uploading

Only upload source archives which have been updated sicne the begin
of the build.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
5 years agophase1: improve source archive uploading
Jo-Philipp Wich [Fri, 21 Jun 2019 06:55:18 +0000 (08:55 +0200)]
phase1: improve source archive uploading

Only upload source archives which have been updated sicne the begin
of the build.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
5 years agophase2: use a more reliable method to find the target version
Jo-Philipp Wich [Thu, 20 Jun 2019 15:50:21 +0000 (17:50 +0200)]
phase2: use a more reliable method to find the target version

Replace the slave name based target version detection by a more reliable
approach using SDK provided version information.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
5 years agophase1: honour version prefix when fetching sha256sums
Jo-Philipp Wich [Thu, 20 Jun 2019 15:42:17 +0000 (17:42 +0200)]
phase1: honour version prefix when fetching sha256sums

This is requires for non-master builds which use a slightly different
directory layout on the rsync host.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
5 years agophase2: make feed update and install errors fatal
Jo-Philipp Wich [Mon, 17 Jun 2019 13:20:14 +0000 (15:20 +0200)]
phase2: make feed update and install errors fatal

Do not continue building if the feed cloning failed.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
5 years agophase2: report disk usage at end of build
Jo-Philipp Wich [Mon, 17 Jun 2019 13:19:23 +0000 (15:19 +0200)]
phase2: report disk usage at end of build

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
6 years agophase2: clear staged failure logs as well
Jo-Philipp Wich [Sat, 10 Nov 2018 14:14:15 +0000 (15:14 +0100)]
phase2: clear staged failure logs as well

This should prevent persistent slaves from re-uploading stale error logs.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
6 years agophase2: reset error log list on each build
Jo-Philipp Wich [Sat, 10 Nov 2018 13:05:00 +0000 (14:05 +0100)]
phase2: reset error log list on each build

The OpenWrt buildroot only ever appends to error.txt, but never clears it.

This causes slaves with persistent build environments to keep uploading
build logs of suceeding packages over and over, even if they've long been
fixed already.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
6 years agophase1: build toolchain without ccache
Jo-Philipp Wich [Tue, 25 Sep 2018 14:02:21 +0000 (16:02 +0200)]
phase1: build toolchain without ccache

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
6 years agophase1: rework MakeEnv()
Jo-Philipp Wich [Tue, 25 Sep 2018 13:57:28 +0000 (15:57 +0200)]
phase1: rework MakeEnv()

Always set CCC and CCXX since ./staging_dir/host/bin/{gcc,g++} might be
symlinked to the ccache wrapper which uses $CCC / $CCXX to refer to the
actual compiler, even when we intend to invoke the build without ccache.

While being at it, shuffle the code around somewhat to reduce some
redundancy and to make the function a bit shorter.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
6 years agophase1: fix disk size reporting command
Jo-Philipp Wich [Tue, 25 Sep 2018 13:19:12 +0000 (15:19 +0200)]
phase1: fix disk size reporting command

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
6 years agophase1: use ccache wrappers for all HOSTCC/HOSTCXX uses
Thibaut VARÈNE [Tue, 24 Jul 2018 10:41:16 +0000 (12:41 +0200)]
phase1: use ccache wrappers for all HOSTCC/HOSTCXX uses

Signed-off-by: Thibaut VARÈNE <hacks@slashdirt.org>
6 years agophase1: correct PATH order for ccachestat
Thibaut VARÈNE [Sat, 21 Jul 2018 16:38:37 +0000 (18:38 +0200)]
phase1: correct PATH order for ccachestat

prefer host-wide first

Signed-off-by: Thibaut VARÈNE <hacks@slashdirt.org>
6 years agophase1: report both buildir and homedir disk usage
Thibaut VARÈNE [Fri, 29 Jun 2018 16:20:56 +0000 (18:20 +0200)]
phase1: report both buildir and homedir disk usage

Signed-off-by: Thibaut VARÈNE <hacks@slashdirt.org>
6 years agophase1: regroup common rsync options
Thibaut VARÈNE [Fri, 29 Jun 2018 16:13:14 +0000 (18:13 +0200)]
phase1: regroup common rsync options

"-4 -v --timeout=120 --contimeout=20"

Signed-off-by: Thibaut VARÈNE <hacks@slashdirt.org>
6 years agophase1: use wrappers for ccache
Thibaut VARÈNE [Fri, 29 Jun 2018 10:39:01 +0000 (12:39 +0200)]
phase1: use wrappers for ccache

750174c0cee95925dd322f37c211577d0ebc0dc4 attempted to inject ccache
into the CC environment, but that doesn't work as the CC/CXX variables
are processed by the build system, in order to extract the path to an
executable file.

This commit works around that situation by creating two simple wrapper
scripts on the slave. The remaining logic is unchanged:

When tryccache is False, CC/CXX point to the regular compilers and no
ccache injection is performed.

When tryccache is True, CC/CXX point to their respective wrapper, and
CCACHE is set to the path to ccache (if it exists, empty otherwise),
CCC/CCXX point to the original compilers, and the wrappers will execute
'${CCACHE} ${CCC} "$@"' or '${CCACHE} ${CCXX} "$@"'. If ${CCACHE} is
unset, this falls back to plain compilers.

i.e. ccache is only used if tryccache=True AND ccache has been found on
the slave.

Use 'exec' to avoid lingering shell during execution.

Signed-off-by: Thibaut VARÈNE <hacks@slashdirt.org>
6 years agophase1: set rsync timeouts
Thibaut VARÈNE [Thu, 28 Jun 2018 10:22:52 +0000 (12:22 +0200)]
phase1: set rsync timeouts

Regardless of the timeout settings of buildbot or the use of 'pv' to
circumvent them, it is desirable to ensure that rsync will fail if the
connection hangs or cannot be established for any reason.

Otherwise, we might end up with builders stuck on network transfers.

This commit sets data transfer timeout to 120s and connection timeout
to 20s.

Signed-off-by: Thibaut VARÈNE <hacks@slashdirt.org>
6 years agophase1: use sha2rsync.pl for 'targetupload'
Thibaut VARÈNE [Wed, 27 Jun 2018 16:19:12 +0000 (18:19 +0200)]
phase1: use sha2rsync.pl for 'targetupload'

This patch uses sha2rsync.pl to build a list of files to upload
to the remote server via rsync.

Because --files-from is taken as a literal list of files to consider by
rsync (the file list generation is skipped), it will not delete files on
the receiver.

To work around that without implementing a broken client-side upload
queue management system, 'targetupload' is split in two: the first step
uploads and updates new and existing files using rsync standard
mechanism, and the second step does nothing but delete files that are
present on the receiver but not on the sender.

As a side effect, this implements a '--delete-after' deletion style where
files are only deleted after uploads/updates finished successfully.

Signed-off-by: Thibaut VARÈNE <hacks@slashdirt.org>
6 years agophase1: add sha2rsync.pl
Thibaut VARÈNE [Thu, 28 Jun 2018 10:07:55 +0000 (12:07 +0200)]
phase1: add sha2rsync.pl

This script is meant to produce a list of files that are different
on the builder (vs server) without incurring the overhead of using
"rsync --checksum"

Signed-off-by: Thibaut VARÈNE <hacks@slashdirt.org>
6 years agophase1: move kmod archive after 'checksums'
Thibaut VARÈNE [Wed, 27 Jun 2018 16:12:39 +0000 (18:12 +0200)]
phase1: move kmod archive after 'checksums'

We don't want the special kmod archive to show up in checksums output.

Signed-off-by: Thibaut VARÈNE <hacks@slashdirt.org>
6 years agophase1: disable --size-only for targetupload and kmodupload
Thibaut VARÈNE [Wed, 27 Jun 2018 16:23:35 +0000 (18:23 +0200)]
phase1: disable --size-only for targetupload and kmodupload

This was causing trouble with some files.

Signed-off-by: Thibaut VARÈNE <hacks@slashdirt.org>
6 years agophase1: name all download and git steps
Thibaut VARÈNE [Tue, 26 Jun 2018 18:29:47 +0000 (20:29 +0200)]
phase1: name all download and git steps

Signed-off-by: Thibaut VARÈNE <hacks@slashdirt.org>
6 years agophase1: remove ccache helper
Thibaut VARÈNE [Tue, 26 Jun 2018 18:20:17 +0000 (20:20 +0200)]
phase1: remove ccache helper

Signed-off-by: Thibaut VARÈNE <hacks@slashdirt.org>
6 years agophase1: rsync --info is supported from rsync 3.1.0
Thibaut VARÈNE [Tue, 26 Jun 2018 17:20:43 +0000 (19:20 +0200)]
phase1: rsync --info is supported from rsync 3.1.0

upload server runs rsync 3.0.9, until it is updated this feature is
disabled

Signed-off-by: Thibaut VARÈNE <hacks@slashdirt.org>
6 years agophase1: restore 'build' directory after expiry
Thibaut VARÈNE [Tue, 26 Jun 2018 15:48:08 +0000 (17:48 +0200)]
phase1: restore 'build' directory after expiry

expire.sh wipes the salve 'build' directory, which throws the next step
out of its track as os.path.exists() and os.makedirs() do not agree.

Recreate the 'build' directory after expire has deleted everything.

Signed-off-by: Thibaut VARÈNE <hacks@slashdirt.org>
6 years agophase1: remove renderable locks: not supported in 0.8.9
Thibaut VARÈNE [Tue, 26 Jun 2018 14:29:48 +0000 (16:29 +0200)]
phase1: remove renderable locks: not supported in 0.8.9

Support for renderable locks was only added in buildbot 0.9.0

0.8.9 fails with:

  File "/usr/lib/python2.7/dist-packages/buildbot/process/buildstep.py", line 266, in startStep
    for access in self.locks]
exceptions.TypeError: '_Renderer' object is not iterable

Signed-off-by: Thibaut VARÈNE <hacks@slashdirt.org>
6 years agophase1: use Interpolate instead of WithProperties
Thibaut VARÈNE [Mon, 25 Jun 2018 10:27:00 +0000 (12:27 +0200)]
phase1: use Interpolate instead of WithProperties

WithProperties is marked as deprecated since buildbot 0.8.7.

Trying to make the config future-proof, this patch replaces every
instance of WithProperties() by the corresponding Interpolate()
equivalent.

As of buildbot 0.8.9 it appears that Interpolate() doesn't correctly
handle integer format with parameters that call a function, so make
GetNumJobs() return a string:

  File "phase1/master.cfg", line 672, in <module>
    command = ["make", Interpolate("-j%(kw:jobs)d", jobs=GetNumJobs), "tools/tar/compile", "V=s"],
    fmtstring % dd
exceptions.TypeError: %d format: a number is required, not str
Configuration Errors:
  error while parsing config file: %d format: a number is required, not str (traceback in logfile)

Signed-off-by: Thibaut VARÈNE <hacks@slashdirt.org>