search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Merge pull request #1108 from AladW/build-chroot-defaults
[aurutils.git] / lib / aur-build
blob660ac24e36ec45bebee01571108cc37bbf9c3cca
1 #!/bin/bash
2 # aur-build - build packages to a local repository
3 [[ -v AUR_DEBUG ]] && set -o xtrace
4 set -o errexit
5 shopt -s extglob
6 argv0=build
7 startdir=$PWD
8 PS4='+(${BASH_SOURCE}:${LINENO}): ${FUNCNAME[0]:+${FUNCNAME[0]}(): }'
9
10 # Avoid CDPATH screwing with cd (#1047)
11 unset -v CDPATH
12
13 # default options
14 chroot=0 no_sync=0 overwrite=0 sign_pkg=0 run_pkgver=0 truncate=1
15
16 # default arguments (empty)
17 chroot_args=() chroot_makepkg_args=() pacconf_args=() repo_args=() repo_add_args=()
18 pkglist_args=() makepkg_args=() makepkg_common_args=() read_args=()
19
20 # default arguments
21 gpg_args=(--detach-sign --no-armor --batch)
22
23 args_csv() {
24 # shellcheck disable=SC2155
25 local str=$(printf '%s,' "$@")
26 printf '%s' "${str%,}"
27 }
28
29 # Print diagnostic on non-moved packages (#794)
30 diag_moved_packages() {
31 echo >&2 'Note:'
32
33 cat <<EOF | pr -to 4 >&2
34 aur-$argv0 encountered an error before moving packages to the local repository.
35 This may happen when signing built packages with gpg (aur $argv0 --sign),
36 or with certain makepkg errors.
37
38 The following files were preserved:
39 EOF
40 printf '%s\n' "${@@Q}" | pr -to 8 >&2
41 }
42
43 get_local_upgrades() {
44 local repo=$1
45
46 # pacman prints diagnostics (::) to standard output, but does not accept
47 # repositories starting in `:: `. Redirect output accordingly.
48 LANG=C pacman -Sup --print-format '%r/%n' | awk -F/ -v repo="$repo" '
49 $1 ~ repo {print $2}
50 $1 ~ /^:: / {print $0 >"/dev/stderr"}
51 '
52 return "${PIPESTATUS[0]}"
53 }
54
55 trap_exit() {
56 if [[ ! -v AUR_DEBUG ]]; then
57 rm -rf -- "$tmp"
58
59 # Only remove package directory if all files were moved (#593)
60 if ! rm -df -- "$var_tmp"; then
61 diag_moved_packages "$var_tmp"/*
62 fi
63 else
64 printf >&2 'AUR_DEBUG: %s: temporary files at %s\n' "$argv0" "$tmp"
65 printf >&2 'AUR_DEBUG: %s: temporary files at %s\n' "$argv0" "$var_tmp"
66 fi
67 }
68
69 usage() {
70 printf >&2 'usage: %s [-acfNS] [-d repo] [--root path] [--margs makepkg_arg...]\n' "$argv0"
71 exit 1
72 }
73
74 # mollyguard for makepkg
75 if (( UID == 0 )) && [[ ! -v AUR_ASROOT ]]; then
76 printf >&2 'warning: aur-%s is not meant to be run as root.\n' "$argv0"
77 printf >&2 'warning: To proceed anyway, set the %s variable.\n' 'AUR_ASROOT'
78 exit 1
79 fi
80
81 ## option parsing
82 opt_short='a:d:D:U:AcCfnrsvzLNRST'
83 opt_long=('arg-file:' 'chroot' 'database:' 'force' 'root:' 'sign' 'gpg-sign'
84 'verify' 'directory:' 'no-sync' 'pacman-conf:' 'remove' 'pkgver'
85 'rmdeps' 'no-confirm' 'no-check' 'ignore-arch' 'log' 'new'
86 'makepkg-conf:' 'bind:' 'bind-rw:' 'prevent-downgrade' 'temp'
87 'syncdeps' 'clean' 'namcap' 'checkpkg' 'makepkg-args:' 'user:'
88 'margs:' 'buildscript:' 'null' 'dbext:')
89 opt_hidden=('dump-options' 'ignorearch' 'noconfirm' 'nocheck' 'nosync' 'repo:'
90 'results:' 'results-append:')
91
92 if opts=$(getopt -o "$opt_short" -l "$(args_csv "${opt_long[@]}" "${opt_hidden[@]}")" -n "$argv0" -- "$@"); then
93 eval set -- "$opts"
94 else
95 usage
96 fi
97
98 unset db_ext db_name db_path db_root makepkg_conf pacman_conf results_file pkgrel_incr queue
99 while true; do
100 case "$1" in
101 # build options
102 -a|--arg-file)
103 shift; queue=$1 ;;
104 -f|--force)
105 overwrite=1 ;;
106 -c|--chroot)
107 chroot=1 ;;
108 -d|--database|--repo)
109 shift; db_name=$1
110 repo_args+=(--repo "$1") ;;
111 --dbext)
112 shift; db_ext=$1 ;;
113 --buildscript)
114 shift; makepkg_common_args+=(-p "$1")
115 pkglist_args+=(-p "$1") ;;
116 --nosync|--no-sync)
117 no_sync=1 ;;
118 --makepkg-conf)
119 shift; makepkg_conf=$1 ;;
120 --pacman-conf)
121 shift; pacman_conf=$1 ;;
122 --pkgver)
123 run_pkgver=1; makepkg_args+=(--noextract)
124 chroot_args+=(--margs '--holdver') ;;
125 --root)
126 shift; db_root=$1
127 repo_args+=(--root "$1") ;;
128 -S|--sign|--gpg-sign)
129 sign_pkg=1; repo_add_args+=(-s) ;;
130 # chroot options
131 -D|--directory)
132 shift; chroot_args+=(--directory "$1") ;;
133 --bind)
134 shift; chroot_args+=(--bind "$1") ;;
135 --bind-rw)
136 shift; chroot_args+=(--bind-rw "$1") ;;
137 # XXX: different meaning between aur-build -U (--user) and aur-chroot -U (--update)
138 -U|--user)
139 shift; chroot_args+=(--user "$1") ;;
140 -N|--namcap)
141 chroot_args+=(--namcap) ;;
142 --checkpkg)
143 chroot_args+=(--checkpkg) ;;
144 -T|--temp)
145 chroot_args+=(-temp) ;;
146 # makepkg options (common)
147 -A|--ignorearch|--ignore-arch)
148 chroot_makepkg_args+=(--ignorearch)
149 makepkg_common_args+=(--ignorearch) ;;
150 -n|--noconfirm|--no-confirm)
151 makepkg_common_args+=(--noconfirm) ;;
152 -r|--rmdeps)
153 makepkg_common_args+=(--rmdeps) ;;
154 -s|--syncdeps)
155 makepkg_common_args+=(--syncdeps) ;;
156 # makepkg options (build)
157 -C|--clean)
158 makepkg_args+=(--clean) ;;
159 -L|--log)
160 makepkg_args+=(--log) ;;
161 --nocheck|--no-check)
162 chroot_makepkg_args+=(--nocheck)
163 makepkg_args+=(--nocheck) ;;
164 # XXX: cannot take arguments that contain commas (e.g. for file paths)
165 --makepkg-args|--margs)
166 shift; chroot_makepkg_args+=(--margs "$1")
167 IFS=, read -a arg -r <<< "$1"
168 makepkg_args+=("${arg[@]}") ;;
169 # repo-add options
170 -v|--verify)
171 repo_add_args+=(-v) ;;
172 -R|--remove)
173 repo_add_args+=(-R) ;;
174 --new)
175 repo_add_args+=(-n) ;;
176 --prevent-downgrade)
177 repo_add_args+=(-p) ;;
178 # other options
179 --results)
180 shift; results_file=$1 ;;
181 --results-append)
182 shift; results_file=$1; truncate=0 ;;
183 -z|--null)
184 read_args+=(-d $'\0') ;;
185 --dump-options)
186 printf -- '--%s\n' "${opt_long[@]}" ${AUR_DEBUG+"${opt_hidden[@]}"}
187 printf -- '%s' "${opt_short}" | sed 's/.:\?/-&\n/g'
188 exit ;;
189 --) shift; break ;;
190 esac
191 shift
192 done
193
194 # Assign environment variables
195 db_ext=${db_ext:-$AUR_DBEXT} db_name=${db_name:-$AUR_REPO} db_root=${db_root:-$AUR_DBROOT}
196
197 # shellcheck disable=SC2174
198 mkdir -pm 0700 -- "${TMPDIR:-/tmp}/aurutils-$UID"
199 tmp=$(mktemp -d --tmpdir "aurutils-$UID/$argv0.XXXXXXXX")
200
201 # shellcheck disable=SC2174
202 mkdir -pm 0700 -- "${TMPDIR:-/var/tmp}/aurutils-$UID"
203 var_tmp=$(mktemp -d --tmpdir="${TMPDIR:-/var/tmp/}" "aurutils-$UID/$argv0.XXXXXXXX")
204
205 trap 'trap_exit' EXIT
206 trap 'exit' INT
207
208 if (( chroot )); then
209 if [[ -v pacman_conf ]]; then
210 chroot_args+=(--pacman-conf "$pacman_conf")
211 elif [[ $db_name ]]; then
212 chroot_args+=(--suffix "$db_name")
213 fi
214 if [[ -v makepkg_conf ]]; then
215 chroot_args+=(--makepkg-conf "$makepkg_conf")
216 fi
217
218 # Retrieve the makepkg and pacman configuration used in the container.
219 { IFS=: read -r _ _
220 IFS=: read -r _ pacman_conf
221 IFS=: read -r _ makepkg_conf
222 } < <(aur chroot "${chroot_args[@]}" --status)
223 wait "$!"
224
225 # Ensure PKGEXT defined in the container makepkg.conf is used for
226 # makepkg calls on the host (`makepkg --packagelist`).
227 unset PKGEXT
228 fi
229
230 # Propagate `makepkg` configuration to other tools.
231 if [[ -v makepkg_conf ]]; then
232 makepkg_common_args+=(--config "$makepkg_conf")
233 pkglist_args+=(--config "$makepkg_conf")
234 fi
235
236 # Automatically choose the local repository based on `pacman`
237 # configuration. With container builds, this repository is not
238 # necessarily configured on the host.
239 if [[ -v pacman_conf ]]; then
240 pacconf_args+=(--config "$pacman_conf")
241 fi
242
243 if [[ $db_name ]] && [[ $db_root ]]; then
244 db_path=$db_root/$db_name.${db_ext:-db}
245 db_path=$(realpath -- "$db_path")
246 else
247 { IFS=: read -r _ db_name
248 IFS=: read -r _ db_root
249 IFS=: read -r _ db_path # canonicalized
250 } < <(aur repo --status "${repo_args[@]}" "${pacconf_args[@]}")
251 wait "$!"
252 fi
253 db_root=$(realpath -- "$db_root")
254
255 # Check that a valid database extension was retrieved (#700, #1038)
256 if [[ -z $AUR_DBEXT ]] && [[ $db_path =~ \.db$ ]]; then
257 printf >&2 '%s: %s does not have a valid database archive extension\n' "$argv0" "$db_path"
258 # TODO: this usually happens on file systems not supporting symbolic links
259 # (SMB/CIFS). Add a diagnostic to point towards AUR_DBEXT in this case
260 exit 2
261 fi
262
263 # File permission checks
264 # XXX: read permissions not necessarily required for chroot builds
265 if [[ ! -f $db_path ]]; then
266 printf >&2 '%s: %s: not a regular file\n' "$argv0" "$db_path"
267 exit 2
268 elif [[ ! -w $db_path ]]; then
269 printf >&2 '%s: %s: permission denied\n' "$argv0" "$db_path"
270 exit 13
271 elif [[ -v pacman_conf ]] && [[ ! -r $pacman_conf ]]; then
272 printf >&2 '%s: %s: permission denied\n' "$argv0" "$pacman_conf"
273 exit 13
274 elif [[ -v makepkg_conf ]] && [[ ! -r $makepkg_conf ]]; then
275 printf >&2 '%s: %s: permission denied\n' "$argv0" "$makepkg_conf"
276 exit 13
277 fi
278
279 # Write successfully built packages to file (#437, #980)
280 if [[ -v results_file ]]; then
281 results_file=$(realpath -- "$results_file")
282 (( truncate )) && true | tee "$results_file"
283 fi
284
285 if [[ -v queue ]]; then
286 exec {fd}< "$queue"
287 else
288 exec {fd}< <(echo "$startdir")
289 fi
290
291 # Early consistency check for signed database
292 if (( ! sign_pkg )); then
293 db_sigs=("$db_root/$db_name".sig "$db_root/$db_name".files.sig)
294
295 if [[ -f ${db_sigs[0]} ]]; then
296 printf >&2 '%s: database signature found, but signing is disabled\n' "$argv0"
297
298 printf '%q\n' >&2 "${db_sigs[@]}"
299 exit 1
300 fi
301
302 elif [[ -v GPGKEY ]]; then
303 #shellcheck disable=SC2086
304 ${AUR_GPG:-gpg} --list-keys "$GPGKEY"
305 gpg_args+=(-u "$GPGKEY")
306 fi
307
308 if (( chroot )); then
309 # Update pacman and makepkg configuration for the chroot build
310 # queue. A full system upgrade is run on the /root container to
311 # avoid lenghty upgrades for makechrootpkg -u.
312 aur chroot "${chroot_args[@]}" --create --update
313 fi
314
315 while IFS= read "${read_args[@]}" -ru "$fd" path; do
316 cd -- "$startdir"
317 [[ $path ]] && cd -- "$path"
318
319 # Allow running repo-add(8) on existing packages (#839)
320 create_package=1
321 pkglist=()
322
323 # Run pkgver function before --packagelist (#500)
324 if (( run_pkgver )); then
325 #shellcheck disable=SC2086
326 ${AUR_MAKEPKG:-makepkg} -od "${makepkg_common_args[@]}" >&2
327 fi
328
329 # Retrieve list of potential package paths. This is used to (optionally)
330 # check if package paths are already available in the local repository
331 # before builds. If so, the build is skipped and the path is passed to
332 # repo-add (create_package=0). If no paths are available, the package is
333 # assumed to not exist and the build proceeds as usual (create_package=1).
334 if (( ! overwrite )); then
335 exists=()
336 #shellcheck disable=SC2086
337 while read -r pkgpath; do
338 [[ -f $pkgpath ]] && exists+=("$pkgpath")
339 done < <(PKGDEST="$db_root" ${AUR_BUILD_PKGLIST:-aur build--pkglist} "${pkglist_args[@]}")
340
341 if ! wait "$!"; then
342 printf >&2 '%s: warning: failed to retrieve package list\n' "$argv0"
343 fi
344
345 if (( ${#exists[@]} )); then
346 printf >&2 '%s: warning: skipping existing package (use -f to overwrite)\n' "$argv0"
347 create_package=0
348
349 printf '%q\n' >&2 "${exists[@]}"
350 pkglist=("${exists[@]}")
351 fi
352
353 if (( ${#exists[@]} )) && [[ -v results_file ]]; then
354 printf "exist:file://%s\n" "${exists[@]}" | tee -a "$results_file" >/dev/null
355 fi
356 fi
357
358 if (( create_package )); then
359 if (( chroot )); then
360 PKGDEST="$var_tmp" aur chroot "${chroot_args[@]}" --build "${chroot_makepkg_args[@]}"
361 else
362 #shellcheck disable=SC2086
363 PKGDEST="$var_tmp" LOGDEST="${LOGDEST:-$PWD}" \
364 ${AUR_MAKEPKG:-makepkg} "${makepkg_common_args[@]}" "${makepkg_args[@]}"
365 fi
366
367 cd -- "$var_tmp"
368 pkglist=(!(*.sig)) # discard makepkg --sign from package list (#410)
369 else
370 cd -- "$var_tmp"
371 # pkglist has paths to $db_root/<pkg>
372 fi
373
374 # Sign any packages without signatures, even if the packages are existing.
375 siglist=()
376
377 for p in "${pkglist[@]}"; do
378 # Package basename (equals $p if create_package=1)
379 p_base=${p##*/}
380
381 # Signature from makepkg --sign
382 if [[ -f $p_base.sig ]]; then
383 siglist+=("$p_base".sig)
384
385 # Skipped package build with signature
386 elif [[ -f $db_root/$p_base.sig ]] && [[ ! -f $p_base ]]; then
387 printf >&2 '%s: existing signature file %q\n' "$argv0" "$db_root/$p_base.sig"
388
389 # No candidate signature, generate one
390 elif (( sign_pkg )); then
391 #shellcheck disable=SC2086
392 ${AUR_GPG:-gpg} "${gpg_args[@]}" --output "$p_base".sig "$p"
393
394 printf >&2 '%s: created signature file %q\n' "$argv0" "$p_base".sig
395 siglist+=("$p_base".sig)
396 fi
397 done
398
399 if (( create_package )); then
400 mv -f "${siglist[@]}" "${pkglist[@]}" "$db_root"
401
402 if [[ -v results_file ]]; then
403 printf "build:file://$db_root/%s\n" "${pkglist[@]}" | tee -a "$results_file" >/dev/null
404 fi
405
406 elif (( ${#siglist[@]} )); then
407 mv -f "${siglist[@]}" "$db_root"
408 fi
409
410 # Update database
411 #shellcheck disable=SC2086
412 env -C "$db_root" LANG=C ${AUR_REPO_ADD:-repo-add} "${repo_add_args[@]}" "$db_path" "${pkglist[@]}"
413
414 if (( chroot )) || (( no_sync )); then
415 continue
416 else
417 #shellcheck disable=SC2086
418 ${AUR_PACMAN_AUTH:-sudo} pacsync "$db_name"
419 #shellcheck disable=SC2086
420 ${AUR_PACMAN_AUTH:-sudo} pacsync "$db_name" --dbext=.files
421
422 # Retrieve upgrade targets in local repository. May error in case of
423 # conflicts or dependency errors.
424 mapfile -t targets < <(get_local_upgrades "$db_name")
425 wait "$!"
426
427 if (( ${#targets[@]} )); then
428 printf >&2 "%s: upgrading packages in repository '%s'\n" "$argv0" "$db_name"
429 #shellcheck disable=SC2086
430 printf '%s\n' "${targets[@]}" | ${AUR_PACMAN_AUTH:-sudo} pacman -S --noconfirm -
431 fi
432 fi
433 done
434
435 exec {fd}<&-
436
437 # vim: set et sw=4 sts=4 ft=sh:
aurutils - helper tools for the aur