[tor-commits] [gitian-builder/tor-browser-builder-3] ensure guest upgrade occurs before attempting to get manifest
gk at torproject.org
gk at torproject.org
Fri Jan 22 10:24:24 UTC 2016
commit 5c81bf36119dbecc17e55568ef3bc9f30dce0cff
Author: Devrandom <c1.devrandom at niftybox.net>
Date: Mon Mar 23 20:47:39 2015 -0700
ensure guest upgrade occurs before attempting to get manifest
fixes #85
---
.gitignore | 1 +
RELEASE_NOTES | 13 +++++++++++++
bin/gbuild | 9 ++++++++-
target-bin/grab-packages.sh | 6 +++---
target-bin/upgrade-system.sh | 15 +++++++++++++++
5 files changed, 40 insertions(+), 4 deletions(-)
diff --git a/.gitignore b/.gitignore
index 54df527..696aae0 100644
--- a/.gitignore
+++ b/.gitignore
@@ -9,3 +9,4 @@ inputs
base*
*.qcow2
sigs
+target-bin/bootstrap-fixup
diff --git a/RELEASE_NOTES b/RELEASE_NOTES
index 514cfdc..7662703 100644
--- a/RELEASE_NOTES
+++ b/RELEASE_NOTES
@@ -1,3 +1,16 @@
+2015-03-23
+----------
+
+Now ensuring that `apt-get dist-upgrade` occurs at least once before package manifest
+is computed. This is because distributions usually don't store old versions of packages
+in the repos, so we can't download the exact package version we have installed if it's
+out of date.
+
+gbuild now has a --upgrade flag that forces an upgrade after the first one.
+
+Other Notes
+===========
+
Important:
We are planning on switching from using lxc-start to using lxc-execute. lxc-execute requires lxc-init (or init.lxc) to be available on the guest at one of the expected places. You might have to manually install lxc on your base VM image or recreate the image.
diff --git a/bin/gbuild b/bin/gbuild
index da49d50..d256986 100755
--- a/bin/gbuild
+++ b/bin/gbuild
@@ -92,7 +92,11 @@ def build_one_configuration(suite, arch, build_desc, reference_datetime)
info "Installing additional packages (log in var/install.log)"
system! "on-target -u root -e DEBIAN_FRONTEND=noninteractive apt-get --no-install-recommends -y install #{build_desc["packages"].join(" ")} > var/install.log 2>&1"
- info "Grabbing package manifest"
+ if @options[:upgrade] || system("on-target -u root '[ ! -e /var/cache/gitian/initial-upgrade ]'")
+ info "Upgrading system, may take a while"
+ system! "on-target -u root bash < target-bin/upgrade-system.sh > var/install.log 2>&1"
+ end
+ info "Creating package manifest"
system! "on-target -u root bash < target-bin/grab-packages.sh > var/base-#{suitearch}.manifest"
info "Creating build script (var/build-script)"
@@ -130,6 +134,9 @@ OptionParser.new do |opts|
opts.on("-i", "--skip-image", "reuse current target image") do |v|
@options[:skip_image] = v
end
+ opts.on("--upgrade", "upgrade guest with latest packages") do |v|
+ @options[:upgrade] = v
+ end
opts.on("-q", "--quiet", "be quiet") do |v|
@options[:quiet] = v
end
diff --git a/target-bin/grab-packages.sh b/target-bin/grab-packages.sh
index adf8e34..2fef08e 100644
--- a/target-bin/grab-packages.sh
+++ b/target-bin/grab-packages.sh
@@ -6,7 +6,7 @@ set -e
cd /var/cache/apt/archives
-#apt-get clean
-
-dpkg-query -W -f '${Package}\n' | xargs -n 50 apt-get install --reinstall -y -d > /dev/null
+# make sure all packages with installed versions are downloaded
+dpkg-query -W -f '${Package}=${Version}\n' | xargs -n 50 apt-get install -q --reinstall -y -d > /tmp/download.log
+grep "cannot be downloaded" /tmp/download.log && { echo Could not download some packages, please run gbuild --upgrade 1>&2 ; exit 1 ; }
sha256sum *.deb | sort --key 2
diff --git a/target-bin/upgrade-system.sh b/target-bin/upgrade-system.sh
new file mode 100644
index 0000000..9384229
--- /dev/null
+++ b/target-bin/upgrade-system.sh
@@ -0,0 +1,15 @@
+#!/bin/sh
+
+# Upgrade system
+
+set -e
+
+mkdir -p /var/cache/gitian
+
+# remove obsolete grub, it causes package dependency issues
+apt-get -q -y purge grub > /dev/null 2>&1 || true
+
+# upgrade packages
+DEBIAN_FRONTEND=noninteractive apt-get -y dist-upgrade > /dev/null > /var/cache/gitian/upgrade.log 2>&1
+
+touch /var/cache/gitian/initial-upgrade
More information about the tor-commits
mailing list