#!/usr/bin/perl -w # dgit # Integration between git and Debian-style archives # # Copyright (C)2013-2015 Ian Jackson # # This program is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation, either version 3 of the License, or # (at your option) any later version. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program. If not, see . use strict; use Debian::Dgit; setup_sigwarn(); use IO::Handle; use Data::Dumper; use LWP::UserAgent; use Dpkg::Control::Hash; use File::Path; use File::Temp qw(tempdir); use File::Basename; use Dpkg::Version; use POSIX; use IPC::Open2; use Digest::SHA; use Digest::MD5; use Debian::Dgit; our $our_version = 'UNRELEASED'; ###substituted### our @rpushprotovsn_support = qw(3 2); our $protovsn; our $isuite = 'unstable'; our $idistro; our $package; our @ropts; our $sign = 1; our $dryrun_level = 0; our $changesfile; our $buildproductsdir = '..'; our $new_package = 0; our $ignoredirty = 0; our $rmonerror = 1; our @deliberatelies; our %previously; our $existing_package = 'dpkg'; our $cleanmode; our $changes_since_version; our $quilt_mode; our $quilt_modes_re = 'linear|smash|auto|nofix|nocheck'; our $we_are_responder; our $initiator_tempdir; our %format_ok = map { $_=>1 } ("1.0","3.0 (native)","3.0 (quilt)"); our $suite_re = '[-+.0-9a-z]+'; our $cleanmode_re = 'dpkg-source(?:-d)?|git|git-ff|check|none'; our (@git) = qw(git); our (@dget) = qw(dget); our (@curl) = qw(curl -f); our (@dput) = qw(dput); our (@debsign) = qw(debsign); our (@gpg) = qw(gpg); our (@sbuild) = qw(sbuild -A); our (@ssh) = 'ssh'; our (@dgit) = qw(dgit); our (@dpkgbuildpackage) = qw(dpkg-buildpackage -i\.git/ -I.git); our (@dpkgsource) = qw(dpkg-source -i\.git/ -I.git); our (@dpkggenchanges) = qw(dpkg-genchanges); our (@mergechanges) = qw(mergechanges -f); our (@changesopts) = (''); our %opts_opt_map = ('dget' => \@dget, # accept for compatibility 'curl' => \@curl, 'dput' => \@dput, 'debsign' => \@debsign, 'gpg' => \@gpg, 'sbuild' => \@sbuild, 'ssh' => \@ssh, 'dgit' => \@dgit, 'git' => \@git, 'dpkg-source' => \@dpkgsource, 'dpkg-buildpackage' => \@dpkgbuildpackage, 'dpkg-genchanges' => \@dpkggenchanges, 'ch' => \@changesopts, 'mergechanges' => \@mergechanges); our %opts_opt_cmdonly = ('gpg' => 1, 'git' => 1); our %opts_cfg_insertpos = map { $_, scalar @{ $opts_opt_map{$_} } } keys %opts_opt_map; sub finalise_opts_opts(); our $keyid; autoflush STDOUT 1; our $supplementary_message = ''; END { local ($@, $?); print STDERR "! $_\n" foreach $supplementary_message =~ m/^.+$/mg; } our $remotename = 'dgit'; our @ourdscfield = qw(Dgit Vcs-Dgit-Master); our $csuite; our $instead_distro; sub lbranch () { return "$branchprefix/$csuite"; } my $lbranch_re = '^refs/heads/'.$branchprefix.'/([^/.]+)$'; sub lref () { return "refs/heads/".lbranch(); } sub lrref () { return "refs/remotes/$remotename/".server_branch($csuite); } sub rrref () { return server_ref($csuite); } sub lrfetchrefs () { return "refs/dgit-fetch/$csuite"; } sub stripepoch ($) { my ($vsn) = @_; $vsn =~ s/^\d+\://; return $vsn; } sub srcfn ($$) { my ($vsn,$sfx) = @_; return "${package}_".(stripepoch $vsn).$sfx } sub dscfn ($) { my ($vsn) = @_; return srcfn($vsn,".dsc"); } our $us = 'dgit'; initdebug(''); our @end; END { local ($?); foreach my $f (@end) { eval { $f->(); }; warn "$us: cleanup: $@" if length $@; } }; sub badcfg { print STDERR "$us: invalid configuration: @_\n"; exit 12; } sub no_such_package () { print STDERR "$us: package $package does not exist in suite $isuite\n"; exit 4; } sub fetchspec () { local $csuite = '*'; return "+".rrref().":".lrref(); } sub changedir ($) { my ($newdir) = @_; printdebug "CD $newdir\n"; chdir $newdir or die "chdir: $newdir: $!"; } sub deliberately ($) { my ($enquiry) = @_; return !!grep { $_ eq "--deliberately-$enquiry" } @deliberatelies; } sub deliberately_not_fast_forward () { foreach (qw(not-fast-forward fresh-repo)) { return 1 if deliberately($_) || deliberately("TEST-dgit-only-$_"); } } #---------- remote protocol support, common ---------- # remote push initiator/responder protocol: # $ dgit remote-push-build-host ... ... # where is ,... ... # < dgit-remote-push-ready # # > file parsed-changelog # [indicates that output of dpkg-parsechangelog follows] # > data-block NBYTES # > [NBYTES bytes of data (no newline)] # [maybe some more blocks] # > data-end # # > file dsc # [etc] # # > file changes # [etc] # # > param head HEAD # # > want signed-tag # [indicates that signed tag is wanted] # < data-block NBYTES # < [NBYTES bytes of data (no newline)] # [maybe some more blocks] # < data-end # < files-end # # > want signed-dsc-changes # < data-block NBYTES [transfer of signed dsc] # [etc] # < data-block NBYTES [transfer of signed changes] # [etc] # < files-end # # > complete our $i_child_pid; sub i_child_report () { # Sees if our child has died, and reap it if so. Returns a string # describing how it died if it failed, or undef otherwise. return undef unless $i_child_pid; my $got = waitpid $i_child_pid, WNOHANG; return undef if $got <= 0; die unless $got == $i_child_pid; $i_child_pid = undef; return undef unless $?; return "build host child ".waitstatusmsg(); } sub badproto ($$) { my ($fh, $m) = @_; fail "connection lost: $!" if $fh->error; fail "protocol violation; $m not expected"; } sub badproto_badread ($$) { my ($fh, $wh) = @_; fail "connection lost: $!" if $!; my $report = i_child_report(); fail $report if defined $report; badproto $fh, "eof (reading $wh)"; } sub protocol_expect (&$) { my ($match, $fh) = @_; local $_; $_ = <$fh>; defined && chomp or badproto_badread $fh, "protocol message"; if (wantarray) { my @r = &$match; return @r if @r; } else { my $r = &$match; return $r if $r; } badproto $fh, "\`$_'"; } sub protocol_send_file ($$) { my ($fh, $ourfn) = @_; open PF, "<", $ourfn or die "$ourfn: $!"; for (;;) { my $d; my $got = read PF, $d, 65536; die "$ourfn: $!" unless defined $got; last if !$got; print $fh "data-block ".length($d)."\n" or die $!; print $fh $d or die $!; } PF->error and die "$ourfn $!"; print $fh "data-end\n" or die $!; close PF; } sub protocol_read_bytes ($$) { my ($fh, $nbytes) = @_; $nbytes =~ m/^[1-9]\d{0,5}$|^0$/ or badproto \*RO, "bad byte count"; my $d; my $got = read $fh, $d, $nbytes; $got==$nbytes or badproto_badread $fh, "data block"; return $d; } sub protocol_receive_file ($$) { my ($fh, $ourfn) = @_; printdebug "() $ourfn\n"; open PF, ">", $ourfn or die "$ourfn: $!"; for (;;) { my ($y,$l) = protocol_expect { m/^data-block (.*)$/ ? (1,$1) : m/^data-end$/ ? (0,) : (); } $fh; last unless $y; my $d = protocol_read_bytes $fh, $l; print PF $d or die $!; } close PF or die $!; } #---------- remote protocol support, responder ---------- sub responder_send_command ($) { my ($command) = @_; return unless $we_are_responder; # called even without $we_are_responder printdebug ">> $command\n"; print PO $command, "\n" or die $!; } sub responder_send_file ($$) { my ($keyword, $ourfn) = @_; return unless $we_are_responder; printdebug "]] $keyword $ourfn\n"; responder_send_command "file $keyword"; protocol_send_file \*PO, $ourfn; } sub responder_receive_files ($@) { my ($keyword, @ourfns) = @_; die unless $we_are_responder; printdebug "[[ $keyword @ourfns\n"; responder_send_command "want $keyword"; foreach my $fn (@ourfns) { protocol_receive_file \*PI, $fn; } printdebug "[[\$\n"; protocol_expect { m/^files-end$/ } \*PI; } #---------- remote protocol support, initiator ---------- sub initiator_expect (&) { my ($match) = @_; protocol_expect { &$match } \*RO; } #---------- end remote code ---------- sub progress { if ($we_are_responder) { my $m = join '', @_; responder_send_command "progress ".length($m) or die $!; print PO $m or die $!; } else { print @_, "\n"; } } our $ua; sub url_get { if (!$ua) { $ua = LWP::UserAgent->new(); $ua->env_proxy; } my $what = $_[$#_]; progress "downloading $what..."; my $r = $ua->get(@_) or die $!; return undef if $r->code == 404; $r->is_success or fail "failed to fetch $what: ".$r->status_line; return $r->decoded_content(charset => 'none'); } our ($dscdata,$dscurl,$dsc,$dsc_checked,$skew_warning_vsn); sub runcmd { debugcmd "+",@_; $!=0; $?=0; failedcmd @_ if system @_; } sub act_local () { return $dryrun_level <= 1; } sub act_scary () { return !$dryrun_level; } sub printdone { if (!$dryrun_level) { progress "dgit ok: @_"; } else { progress "would be ok: @_ (but dry run only)"; } } sub dryrun_report { printcmd(\*STDERR,$debugprefix."#",@_); } sub runcmd_ordryrun { if (act_scary()) { runcmd @_; } else { dryrun_report @_; } } sub runcmd_ordryrun_local { if (act_local()) { runcmd @_; } else { dryrun_report @_; } } sub shell_cmd { my ($first_shell, @cmd) = @_; return qw(sh -ec), $first_shell.'; exec "$@"', 'x', @cmd; } our $helpmsg = < sign tag and package with instead of default --dry-run -n do not change anything, but go through the motions --damp-run -L like --dry-run but make local changes, without signing --new -N allow introducing a new package --debug -D increase debug level -c= set git config option (used directly by dgit too) END our $later_warning_msg = < 'debian', 'dgit.default.username' => '', 'dgit.default.archive-query-default-component' => 'main', 'dgit.default.ssh' => 'ssh', 'dgit.default.archive-query' => 'madison:', 'dgit.default.sshpsql-dbname' => 'service=projectb', 'dgit-distro.debian.archive-query' => 'ftpmasterapi:', 'dgit-distro.debian.git-check' => 'url', 'dgit-distro.debian.git-check-suffix' => '/info/refs', 'dgit-distro.debian.new-private-pushers' => 't', 'dgit-distro.debian/push.git-url' => '', 'dgit-distro.debian/push.git-host' => 'push.dgit.debian.org', 'dgit-distro.debian/push.git-user-force' => 'dgit', 'dgit-distro.debian/push.git-proto' => 'git+ssh://', 'dgit-distro.debian/push.git-path' => '/dgit/debian/repos', 'dgit-distro.debian/push.git-create' => 'true', 'dgit-distro.debian/push.git-check' => 'ssh-cmd', 'dgit-distro.debian.archive-query-url', 'https://api.ftp-master.debian.org/', # 'dgit-distro.debian.archive-query-tls-key', # '/etc/ssl/certs/%HOST%.pem:/etc/dgit/%HOST%.pem', # ^ this does not work because curl is broken nowadays # Fixing #790093 properly will involve providing providing the key # in some pacagke and maybe updating these paths. # # 'dgit-distro.debian.archive-query-tls-curl-args', # '--ca-path=/etc/ssl/ca-debian', # ^ this is a workaround but works (only) on DSA-administered machines 'dgit-distro.debian.git-url' => 'https://git.dgit.debian.org', 'dgit-distro.debian.git-url-suffix' => '', 'dgit-distro.debian.upload-host' => 'ftp-master', # for dput 'dgit-distro.debian.mirror' => 'http://ftp.debian.org/debian/', 'dgit-distro.debian.backports-quirk' => '(squeeze)-backports*', 'dgit-distro.debian-backports.mirror' => 'http://backports.debian.org/debian-backports/', 'dgit-distro.ubuntu.git-check' => 'false', 'dgit-distro.ubuntu.mirror' => 'http://archive.ubuntu.com/ubuntu', 'dgit-distro.test-dummy.ssh' => "$td/ssh", 'dgit-distro.test-dummy.username' => "alice", 'dgit-distro.test-dummy.git-check' => "ssh-cmd", 'dgit-distro.test-dummy.git-create' => "ssh-cmd", 'dgit-distro.test-dummy.git-url' => "$td/git", 'dgit-distro.test-dummy.git-host' => "git", 'dgit-distro.test-dummy.git-path' => "$td/git", 'dgit-distro.test-dummy.archive-query' => "ftpmasterapi:", 'dgit-distro.test-dummy.archive-query-url' => "file://$td/aq/", 'dgit-distro.test-dummy.mirror' => "file://$td/mirror/", 'dgit-distro.test-dummy.upload-host' => 'test-dummy', ); our %gitcfg; sub git_slurp_config () { local ($debuglevel) = $debuglevel-2; local $/="\0"; my @cmd = (@git, qw(config -z --get-regexp .*)); debugcmd "|",@cmd; open GITS, "-|", @cmd or failedcmd @cmd; while () { chomp or die; printdebug "=> ", (messagequote $_), "\n"; m/\n/ or die "$_ ?"; push @{ $gitcfg{$`} }, $'; #'; } $!=0; $?=0; close GITS or ($!==0 && $?==256) or failedcmd @cmd; } sub git_get_config ($) { my ($c) = @_; my $l = $gitcfg{$c}; printdebug"C $c ".(defined $l ? messagequote "'$l'" : "undef")."\n" if $debuglevel >= 4; $l or return undef; @$l==1 or badcfg "multiple values for $c" if @$l > 1; return $l->[0]; } sub cfg { foreach my $c (@_) { return undef if $c =~ /RETURN-UNDEF/; my $v = git_get_config($c); return $v if defined $v; my $dv = $defcfg{$c}; return $dv if defined $dv; } badcfg "need value for one of: @_\n". "$us: distro or suite appears not to be (properly) supported"; } sub access_basedistro () { if (defined $idistro) { return $idistro; } else { return cfg("dgit-suite.$isuite.distro", "dgit.default.distro"); } } sub access_quirk () { # returns (quirk name, distro to use instead or undef, quirk-specific info) my $basedistro = access_basedistro(); my $backports_quirk = cfg("dgit-distro.$basedistro.backports-quirk", 'RETURN-UNDEF'); if (defined $backports_quirk) { my $re = $backports_quirk; $re =~ s/[^-0-9a-z_\%*()]/\\$&/ig; $re =~ s/\*/.*/g; $re =~ s/\%/([-0-9a-z_]+)/ or $re =~ m/[()]/ or badcfg "backports-quirk needs \% or ( )"; if ($isuite =~ m/^$re$/) { return ('backports',"$basedistro-backports",$1); } } return ('none',undef); } our $access_forpush; sub parse_cfg_bool ($$$) { my ($what,$def,$v) = @_; $v //= $def; return $v =~ m/^[ty1]/ ? 1 : $v =~ m/^[fn0]/ ? 0 : badcfg "$what needs t (true, y, 1) or f (false, n, 0) not \`$v'"; } sub access_forpush_config () { my $d = access_basedistro(); return 1 if $new_package && parse_cfg_bool('new-private-pushers', 0, cfg("dgit-distro.$d.new-private-pushers", 'RETURN-UNDEF')); my $v = cfg("dgit-distro.$d.readonly", 'RETURN-UNDEF'); $v //= 'a'; return $v =~ m/^[ty1]/ ? 0 : # force readonly, forpush = 0 $v =~ m/^[fn0]/ ? 1 : # force nonreadonly, forpush = 1 $v =~ m/^[a]/ ? '' : # auto, forpush = '' badcfg "readonly needs t (true, y, 1) or f (false, n, 0) or a (auto)"; } sub access_forpush () { $access_forpush //= access_forpush_config(); return $access_forpush; } sub pushing () { die "$access_forpush ?" if ($access_forpush // 1) ne 1; badcfg "pushing but distro is configured readonly" if access_forpush_config() eq '0'; $access_forpush = 1; $supplementary_message = <<'END' unless $we_are_responder; Push failed, before we got started. You can retry the push, after fixing the problem, if you like. END finalise_opts_opts(); } sub notpushing () { finalise_opts_opts(); } sub supplementary_message ($) { my ($msg) = @_; if (!$we_are_responder) { $supplementary_message = $msg; return; } elsif ($protovsn >= 3) { responder_send_command "supplementary-message ".length($msg) or die $!; print PO $msg or die $!; } } sub access_distros () { # Returns list of distros to try, in order # # We want to try: # 0. `instead of' distro name(s) we have been pointed to # 1. the access_quirk distro, if any # 2a. the user's specified distro, or failing that } basedistro # 2b. the distro calculated from the suite } my @l = access_basedistro(); my (undef,$quirkdistro) = access_quirk(); unshift @l, $quirkdistro; unshift @l, $instead_distro; @l = grep { defined } @l; if (access_forpush()) { @l = map { ("$_/push", $_) } @l; } @l; } sub access_cfg_cfgs (@) { my (@keys) = @_; my @cfgs; # The nesting of these loops determines the search order. We put # the key loop on the outside so that we search all the distros # for each key, before going on to the next key. That means that # if access_cfg is called with a more specific, and then a less # specific, key, an earlier distro can override the less specific # without necessarily overriding any more specific keys. (If the # distro wants to override the more specific keys it can simply do # so; whereas if we did the loop the other way around, it would be # impossible to for an earlier distro to override a less specific # key but not the more specific ones without restating the unknown # values of the more specific keys. my @realkeys; my @rundef; # We have to deal with RETURN-UNDEF specially, so that we don't # terminate the search prematurely. foreach (@keys) { if (m/RETURN-UNDEF/) { push @rundef, $_; last; } push @realkeys, $_ } foreach my $d (access_distros()) { push @cfgs, map { "dgit-distro.$d.$_" } @realkeys; } push @cfgs, map { "dgit.default.$_" } @realkeys; push @cfgs, @rundef; return @cfgs; } sub access_cfg (@) { my (@keys) = @_; my (@cfgs) = access_cfg_cfgs(@keys); my $value = cfg(@cfgs); return $value; } sub access_cfg_bool ($$) { my ($def, @keys) = @_; parse_cfg_bool($keys[0], $def, access_cfg(@keys, 'RETURN-UNDEF')); } sub string_to_ssh ($) { my ($spec) = @_; if ($spec =~ m/\s/) { return qw(sh -ec), 'exec '.$spec.' "$@"', 'x'; } else { return ($spec); } } sub access_cfg_ssh () { my $gitssh = access_cfg('ssh', 'RETURN-UNDEF'); if (!defined $gitssh) { return @ssh; } else { return string_to_ssh $gitssh; } } sub access_runeinfo ($) { my ($info) = @_; return ": dgit ".access_basedistro()." $info ;"; } sub access_someuserhost ($) { my ($some) = @_; my $user = access_cfg("$some-user-force", 'RETURN-UNDEF'); defined($user) && length($user) or $user = access_cfg("$some-user",'username'); my $host = access_cfg("$some-host"); return length($user) ? "$user\@$host" : $host; } sub access_gituserhost () { return access_someuserhost('git'); } sub access_giturl (;$) { my ($optional) = @_; my $url = access_cfg('git-url','RETURN-UNDEF'); my $suffix; if (!length $url) { my $proto = access_cfg('git-proto', 'RETURN-UNDEF'); return undef unless defined $proto; $url = $proto. access_gituserhost(). access_cfg('git-path'); } else { $suffix = access_cfg('git-url-suffix','RETURN-UNDEF'); } $suffix //= '.git'; return "$url/$package$suffix"; } sub parsecontrolfh ($$;$) { my ($fh, $desc, $allowsigned) = @_; our $dpkgcontrolhash_noissigned; my $c; for (;;) { my %opts = ('name' => $desc); $opts{allow_pgp}= $allowsigned || !$dpkgcontrolhash_noissigned; $c = Dpkg::Control::Hash->new(%opts); $c->parse($fh,$desc) or die "parsing of $desc failed"; last if $allowsigned; last if $dpkgcontrolhash_noissigned; my $issigned= $c->get_option('is_pgp_signed'); if (!defined $issigned) { $dpkgcontrolhash_noissigned= 1; seek $fh, 0,0 or die "seek $desc: $!"; } elsif ($issigned) { fail "control file $desc is (already) PGP-signed. ". " Note that dgit push needs to modify the .dsc and then". " do the signature itself"; } else { last; } } return $c; } sub parsecontrol { my ($file, $desc) = @_; my $fh = new IO::Handle; open $fh, '<', $file or die "$file: $!"; my $c = parsecontrolfh($fh,$desc); $fh->error and die $!; close $fh; return $c; } sub getfield ($$) { my ($dctrl,$field) = @_; my $v = $dctrl->{$field}; return $v if defined $v; fail "missing field $field in ".$v->get_option('name'); } sub parsechangelog { my $c = Dpkg::Control::Hash->new(); my $p = new IO::Handle; my @cmd = (qw(dpkg-parsechangelog), @_); open $p, '-|', @cmd or die $!; $c->parse($p); $?=0; $!=0; close $p or failedcmd @cmd; return $c; } sub must_getcwd () { my $d = getcwd(); defined $d or fail "getcwd failed: $!"; return $d; } our %rmad; sub archive_query ($) { my ($method) = @_; my $query = access_cfg('archive-query','RETURN-UNDEF'); $query =~ s/^(\w+):// or badcfg "invalid archive-query method \`$query'"; my $proto = $1; my $data = $'; #'; { no strict qw(refs); &{"${method}_${proto}"}($proto,$data); } } sub pool_dsc_subpath ($$) { my ($vsn,$component) = @_; # $package is implict arg my $prefix = substr($package, 0, $package =~ m/^l/ ? 4 : 1); return "/pool/$component/$prefix/$package/".dscfn($vsn); } #---------- `ftpmasterapi' archive query method (nascent) ---------- sub archive_api_query_cmd ($) { my ($subpath) = @_; my @cmd = qw(curl -sS); my $url = access_cfg('archive-query-url'); if ($url =~ m#^https://([-.0-9a-z]+)/#) { my $host = $1; my $keys = access_cfg('archive-query-tls-key','RETURN-UNDEF') //''; foreach my $key (split /\:/, $keys) { $key =~ s/\%HOST\%/$host/g; if (!stat $key) { fail "for $url: stat $key: $!" unless $!==ENOENT; next; } fail "config requested specific TLS key but do not know". " how to get curl to use exactly that EE key ($key)"; # push @cmd, "--cacert", $key, "--capath", "/dev/enoent"; # # Sadly the above line does not work because of changes # # to gnutls. The real fix for #790093 may involve # # new curl options. last; } # Fixing #790093 properly will involve providing a value # for this on clients. my $kargs = access_cfg('archive-query-tls-curl-ca-args','RETURN-UNDEF'); push @cmd, split / /, $kargs if defined $kargs; } push @cmd, $url.$subpath; return @cmd; } sub api_query ($$) { use JSON; my ($data, $subpath) = @_; badcfg "ftpmasterapi archive query method takes no data part" if length $data; my @cmd = archive_api_query_cmd($subpath); my $json = cmdoutput @cmd; return decode_json($json); } sub canonicalise_suite_ftpmasterapi () { my ($proto,$data) = @_; my $suites = api_query($data, 'suites'); my @matched; foreach my $entry (@$suites) { next unless grep { my $v = $entry->{$_}; defined $v && $v eq $isuite; } qw(codename name); push @matched, $entry; } fail "unknown suite $isuite" unless @matched; my $cn; eval { @matched==1 or die "multiple matches for suite $isuite\n"; $cn = "$matched[0]{codename}"; defined $cn or die "suite $isuite info has no codename\n"; $cn =~ m/^$suite_re$/ or die "suite $isuite maps to bad codename\n"; }; die "bad ftpmaster api response: $@\n".Dumper(\@matched) if length $@; return $cn; } sub archive_query_ftpmasterapi () { my ($proto,$data) = @_; my $info = api_query($data, "dsc_in_suite/$isuite/$package"); my @rows; my $digester = Digest::SHA->new(256); foreach my $entry (@$info) { eval { my $vsn = "$entry->{version}"; my ($ok,$msg) = version_check $vsn; die "bad version: $msg\n" unless $ok; my $component = "$entry->{component}"; $component =~ m/^$component_re$/ or die "bad component"; my $filename = "$entry->{filename}"; $filename && $filename !~ m#[^-+:._~0-9a-zA-Z/]|^[/.]|/[/.]# or die "bad filename"; my $sha256sum = "$entry->{sha256sum}"; $sha256sum =~ m/^[0-9a-f]+$/ or die "bad sha256sum"; push @rows, [ $vsn, "/pool/$component/$filename", $digester, $sha256sum ]; }; die "bad ftpmaster api response: $@\n".Dumper($entry) if length $@; } @rows = sort { -version_compare($a->[0],$b->[0]) } @rows; return @rows; } #---------- `madison' archive query method ---------- sub archive_query_madison { return map { [ @$_[0..1] ] } madison_get_parse(@_); } sub madison_get_parse { my ($proto,$data) = @_; die unless $proto eq 'madison'; if (!length $data) { $data= access_cfg('madison-distro','RETURN-UNDEF'); $data //= access_basedistro(); } $rmad{$proto,$data,$package} ||= cmdoutput qw(rmadison -asource),"-s$isuite","-u$data",$package; my $rmad = $rmad{$proto,$data,$package}; my @out; foreach my $l (split /\n/, $rmad) { $l =~ m{^ \s*( [^ \t|]+ )\s* \| \s*( [^ \t|]+ )\s* \| \s*( [^ \t|/]+ )(?:/([^ \t|/]+))? \s* \| \s*( [^ \t|]+ )\s* }x or die "$rmad ?"; $1 eq $package or die "$rmad $package ?"; my $vsn = $2; my $newsuite = $3; my $component; if (defined $4) { $component = $4; } else { $component = access_cfg('archive-query-default-component'); } $5 eq 'source' or die "$rmad ?"; push @out, [$vsn,pool_dsc_subpath($vsn,$component),$newsuite]; } return sort { -version_compare($a->[0],$b->[0]); } @out; } sub canonicalise_suite_madison { # madison canonicalises for us my @r = madison_get_parse(@_); @r or fail "unable to canonicalise suite using package $package". " which does not appear to exist in suite $isuite;". " --existing-package may help"; return $r[0][2]; } #---------- `sshpsql' archive query method ---------- sub sshpsql ($$$) { my ($data,$runeinfo,$sql) = @_; if (!length $data) { $data= access_someuserhost('sshpsql').':'. access_cfg('sshpsql-dbname'); } $data =~ m/:/ or badcfg "invalid sshpsql method string \`$data'"; my ($userhost,$dbname) = ($`,$'); #'; my @rows; my @cmd = (access_cfg_ssh, $userhost, access_runeinfo("ssh-psql $runeinfo"). " export LC_MESSAGES=C; export LC_CTYPE=C;". " ".shellquote qw(psql -A), $dbname, qw(-c), $sql); debugcmd "|",@cmd; open P, "-|", @cmd or die $!; while (

) { chomp or die; printdebug(">|$_|\n"); push @rows, $_; } $!=0; $?=0; close P or failedcmd @cmd; @rows or die; my $nrows = pop @rows; $nrows =~ s/^\((\d+) rows?\)$/$1/ or die "$nrows ?"; @rows == $nrows+1 or die "$nrows ".(scalar @rows)." ?"; @rows = map { [ split /\|/, $_ ] } @rows; my $ncols = scalar @{ shift @rows }; die if grep { scalar @$_ != $ncols } @rows; return @rows; } sub sql_injection_check { foreach (@_) { die "$_ $& ?" if m{[^-+=:_.,/0-9a-zA-Z]}; } } sub archive_query_sshpsql ($$) { my ($proto,$data) = @_; sql_injection_check $isuite, $package; my @rows = sshpsql($data, "archive-query $isuite $package", <[0],$b->[0]) } @rows; my $digester = Digest::SHA->new(256); @rows = map { my ($vsn,$component,$filename,$sha256sum) = @$_; [ $vsn, "/pool/$component/$filename",$digester,$sha256sum ]; } @rows; return @rows; } sub canonicalise_suite_sshpsql ($$) { my ($proto,$data) = @_; sql_injection_check $isuite; my @rows = sshpsql($data, "canonicalise-suite $isuite", <[0] } @rows; fail "unknown suite $isuite" unless @rows; die "ambiguous $isuite: @rows ?" if @rows>1; return $rows[0]; } #---------- `dummycat' archive query method ---------- sub canonicalise_suite_dummycat ($$) { my ($proto,$data) = @_; my $dpath = "$data/suite.$isuite"; if (!open C, "<", $dpath) { $!==ENOENT or die "$dpath: $!"; printdebug "dummycat canonicalise_suite $isuite $dpath ENOENT\n"; return $isuite; } $!=0; $_ = ; chomp or die "$dpath: $!"; close C; printdebug "dummycat canonicalise_suite $isuite $dpath = $_\n"; return $_; } sub archive_query_dummycat ($$) { my ($proto,$data) = @_; canonicalise_suite(); my $dpath = "$data/package.$csuite.$package"; if (!open C, "<", $dpath) { $!==ENOENT or die "$dpath: $!"; printdebug "dummycat query $csuite $package $dpath ENOENT\n"; return (); } my @rows; while () { next if m/^\#/; next unless m/\S/; die unless chomp; printdebug "dummycat query $csuite $package $dpath | $_\n"; my @row = split /\s+/, $_; @row==2 or die "$dpath: $_ ?"; push @rows, \@row; } C->error and die "$dpath: $!"; close C; return sort { -version_compare($a->[0],$b->[0]); } @rows; } #---------- archive query entrypoints and rest of program ---------- sub canonicalise_suite () { return if defined $csuite; fail "cannot operate on $isuite suite" if $isuite eq 'UNRELEASED'; $csuite = archive_query('canonicalise_suite'); if ($isuite ne $csuite) { progress "canonical suite name for $isuite is $csuite"; } } sub get_archive_dsc () { canonicalise_suite(); my @vsns = archive_query('archive_query'); foreach my $vinfo (@vsns) { my ($vsn,$subpath,$digester,$digest) = @$vinfo; $dscurl = access_cfg('mirror').$subpath; $dscdata = url_get($dscurl); if (!$dscdata) { $skew_warning_vsn = $vsn if !defined $skew_warning_vsn; next; } if ($digester) { $digester->reset(); $digester->add($dscdata); my $got = $digester->hexdigest(); $got eq $digest or fail "$dscurl has hash $got but". " archive told us to expect $digest"; } my $dscfh = new IO::File \$dscdata, '<' or die $!; printdebug Dumper($dscdata) if $debuglevel>1; $dsc = parsecontrolfh($dscfh,$dscurl,1); printdebug Dumper($dsc) if $debuglevel>1; my $fmt = getfield $dsc, 'Format'; fail "unsupported source format $fmt, sorry" unless $format_ok{$fmt}; $dsc_checked = !!$digester; return; } $dsc = undef; } sub check_for_git (); sub check_for_git () { # returns 0 or 1 my $how = access_cfg('git-check'); if ($how eq 'ssh-cmd') { my @cmd = (access_cfg_ssh, access_gituserhost(), access_runeinfo("git-check $package"). " set -e; cd ".access_cfg('git-path').";". " if test -d $package.git; then echo 1; else echo 0; fi"); my $r= cmdoutput @cmd; if ($r =~ m/^divert (\w+)$/) { my $divert=$1; my ($usedistro,) = access_distros(); # NB that if we are pushing, $usedistro will be $distro/push $instead_distro= cfg("dgit-distro.$usedistro.diverts.$divert"); $instead_distro =~ s{^/}{ access_basedistro()."/" }e; progress "diverting to $divert (using config for $instead_distro)"; return check_for_git(); } failedcmd @cmd unless $r =~ m/^[01]$/; return $r+0; } elsif ($how eq 'url') { my $prefix = access_cfg('git-check-url','git-url'); my $suffix = access_cfg('git-check-suffix','git-suffix', 'RETURN-UNDEF') // '.git'; my $url = "$prefix/$package$suffix"; my @cmd = (qw(curl -sS -I), $url); my $result = cmdoutput @cmd; $result =~ s/^\S+ 200 .*\n\r?\n//; # curl -sS -I with https_proxy prints # HTTP/1.0 200 Connection established $result =~ m/^\S+ (404|200) /s or fail "unexpected results from git check query - ". Dumper($prefix, $result); my $code = $1; if ($code eq '404') { return 0; } elsif ($code eq '200') { return 1; } else { die; } } elsif ($how eq 'true') { return 1; } elsif ($how eq 'false') { return 0; } else { badcfg "unknown git-check \`$how'"; } } sub create_remote_git_repo () { my $how = access_cfg('git-create'); if ($how eq 'ssh-cmd') { runcmd_ordryrun (access_cfg_ssh, access_gituserhost(), access_runeinfo("git-create $package"). "set -e; cd ".access_cfg('git-path').";". " cp -a _template $package.git"); } elsif ($how eq 'true') { # nothing to do } else { badcfg "unknown git-create \`$how'"; } } our ($dsc_hash,$lastpush_hash); our $ud = '.git/dgit/unpack'; sub prep_ud () { rmtree($ud); mkpath '.git/dgit'; mkdir $ud or die $!; } sub mktree_in_ud_here () { runcmd qw(git init -q); rmtree('.git/objects'); symlink '../../../../objects','.git/objects' or die $!; } sub git_write_tree () { my $tree = cmdoutput @git, qw(write-tree); $tree =~ m/^\w+$/ or die "$tree ?"; return $tree; } sub remove_stray_gits () { my @gitscmd = qw(find -name .git -prune -print0); debugcmd "|",@gitscmd; open GITS, "-|", @gitscmd or failedcmd @gitscmd; { local $/="\0"; while () { chomp or die; print STDERR "$us: warning: removing from source package: ", (messagequote $_), "\n"; rmtree $_; } } $!=0; $?=0; close GITS or failedcmd @gitscmd; } sub mktree_in_ud_from_only_subdir () { # changes into the subdir my (@dirs) = <*/.>; die unless @dirs==1; $dirs[0] =~ m#^([^/]+)/\.$# or die; my $dir = $1; changedir $dir; remove_stray_gits(); mktree_in_ud_here(); my $format=get_source_format(); if (madformat($format)) { rmtree '.pc'; } runcmd @git, qw(add -Af); my $tree=git_write_tree(); return ($tree,$dir); } sub dsc_files_info () { foreach my $csumi (['Checksums-Sha256','Digest::SHA', 'new(256)'], ['Checksums-Sha1', 'Digest::SHA', 'new(1)'], ['Files', 'Digest::MD5', 'new()']) { my ($fname, $module, $method) = @$csumi; my $field = $dsc->{$fname}; next unless defined $field; eval "use $module; 1;" or die $@; my @out; foreach (split /\n/, $field) { next unless m/\S/; m/^(\w+) (\d+) (\S+)$/ or fail "could not parse .dsc $fname line \`$_'"; my $digester = eval "$module"."->$method;" or die $@; push @out, { Hash => $1, Bytes => $2, Filename => $3, Digester => $digester, }; } return @out; } fail "missing any supported Checksums-* or Files field in ". $dsc->get_option('name'); } sub dsc_files () { map { $_->{Filename} } dsc_files_info(); } sub is_orig_file ($;$) { local ($_) = $_[0]; my $base = $_[1]; m/\.orig(?:-\w+)?\.tar\.\w+$/ or return 0; defined $base or return 1; return $` eq $base; } sub make_commit ($) { my ($file) = @_; return cmdoutput @git, qw(hash-object -w -t commit), $file; } sub clogp_authline ($) { my ($clogp) = @_; my $author = getfield $clogp, 'Maintainer'; $author =~ s#,.*##ms; my $date = cmdoutput qw(date), '+%s %z', qw(-d), getfield($clogp,'Date'); my $authline = "$author $date"; $authline =~ m/^[^<>]+ \<\S+\> \d+ [-+]\d+$/ or fail "unexpected commit author line format \`$authline'". " (was generated from changelog Maintainer field)"; return $authline; } sub vendor_patches_distro ($$) { my ($checkdistro, $what) = @_; return unless defined $checkdistro; my $series = "debian/patches/\L$checkdistro\E.series"; printdebug "checking for vendor-specific $series ($what)\n"; if (!open SERIES, "<", $series) { die "$series $!" unless $!==ENOENT; return; } while () { next unless m/\S/; next if m/^\s+\#/; print STDERR <error; close SERIES; } sub check_for_vendor_patches () { # This dpkg-source feature doesn't seem to be documented anywhere! # But it can be found in the changelog (reformatted): # commit 4fa01b70df1dc4458daee306cfa1f987b69da58c # Author: Raphael Hertzog # Date: Sun Oct 3 09:36:48 2010 +0200 # dpkg-source: correctly create .pc/.quilt_series with alternate # series files # # If you have debian/patches/ubuntu.series and you were # unpacking the source package on ubuntu, quilt was still # directed to debian/patches/series instead of # debian/patches/ubuntu.series. # # debian/changelog | 3 +++ # scripts/Dpkg/Source/Package/V3/quilt.pm | 4 +++- # 2 files changed, 6 insertions(+), 1 deletion(-) use Dpkg::Vendor; vendor_patches_distro($ENV{DEB_VENDOR}, "DEB_VENDOR"); vendor_patches_distro(Dpkg::Vendor::get_current_vendor(), "Dpkg::Vendor \`current vendor'"); vendor_patches_distro(access_basedistro(), "distro being accessed"); } sub generate_commit_from_dsc () { prep_ud(); changedir $ud; foreach my $fi (dsc_files_info()) { my $f = $fi->{Filename}; die "$f ?" if $f =~ m#/|^\.|\.dsc$|\.tmp$#; link_ltarget "../../../$f", $f or $!==&ENOENT or die "$f $!"; complete_file_from_dsc('.', $fi) or next; if (is_orig_file($f)) { link $f, "../../../../$f" or $!==&EEXIST or die "$f $!"; } } my $dscfn = "$package.dsc"; open D, ">", $dscfn or die "$dscfn: $!"; print D $dscdata or die "$dscfn: $!"; close D or die "$dscfn: $!"; my @cmd = qw(dpkg-source); push @cmd, '--no-check' if $dsc_checked; push @cmd, qw(-x --), $dscfn; runcmd @cmd; my ($tree,$dir) = mktree_in_ud_from_only_subdir(); check_for_vendor_patches() if madformat($dsc->{format}); runcmd qw(sh -ec), 'dpkg-parsechangelog >../changelog.tmp'; my $clogp = parsecontrol('../changelog.tmp',"commit's changelog"); my $authline = clogp_authline $clogp; my $changes = getfield $clogp, 'Changes'; open C, ">../commit.tmp" or die $!; print C <>../changelogold.tmp'; my $oldclogp = parsecontrol('../changelogold.tmp','previous changelog'); my $oversion = getfield $oldclogp, 'Version'; my $vcmp = version_compare($oversion, $cversion); if ($vcmp < 0) { # git upload/ is earlier vsn than archive, use archive open C, ">../commit2.tmp" or die $!; print C < 0) { print STDERR <{Filename}; my $tf = "$dstdir/$f"; my $downloaded = 0; if (stat_exists $tf) { progress "using existing $f"; } else { my $furl = $dscurl; $furl =~ s{/[^/]+$}{}; $furl .= "/$f"; die "$f ?" unless $f =~ m/^\Q${package}\E_/; die "$f ?" if $f =~ m#/#; runcmd_ordryrun_local @curl,qw(-o),$tf,'--',"$furl"; return 0 if !act_local(); $downloaded = 1; } open F, "<", "$tf" or die "$tf: $!"; $fi->{Digester}->reset(); $fi->{Digester}->addfile(*F); F->error and die $!; my $got = $fi->{Digester}->hexdigest(); $got eq $fi->{Hash} or fail "file $f has hash $got but .dsc". " demands hash $fi->{Hash} ". ($downloaded ? "(got wrong file from archive!)" : "(perhaps you should delete this file?)"); return 1; } sub ensure_we_have_orig () { foreach my $fi (dsc_files_info()) { my $f = $fi->{Filename}; next unless is_orig_file($f); complete_file_from_dsc('..', $fi) or next; } } sub git_fetch_us () { my @specs = (fetchspec()); push @specs, map { "+refs/$_/*:".lrfetchrefs."/$_/*" } qw(tags heads); runcmd_ordryrun_local @git, qw(fetch -p -n -q), access_giturl(), @specs; my %here; my $tagpat = debiantag('*',access_basedistro); git_for_each_ref("refs/tags/".$tagpat, sub { my ($objid,$objtype,$fullrefname,$reftail) = @_; printdebug "currently $fullrefname=$objid\n"; $here{$fullrefname} = $objid; }); git_for_each_ref(lrfetchrefs."/tags/".$tagpat, sub { my ($objid,$objtype,$fullrefname,$reftail) = @_; my $lref = "refs".substr($fullrefname, length lrfetchrefs); printdebug "offered $lref=$objid\n"; if (!defined $here{$lref}) { my @upd = (@git, qw(update-ref), $lref, $objid, ''); runcmd_ordryrun_local @upd; } elsif ($here{$lref} eq $objid) { } else { print STDERR \ "Not updateting $lref from $here{$lref} to $objid.\n"; } }); } sub fetch_from_archive () { # ensures that lrref() is what is actually in the archive, # one way or another get_archive_dsc(); if ($dsc) { foreach my $field (@ourdscfield) { $dsc_hash = $dsc->{$field}; last if defined $dsc_hash; } if (defined $dsc_hash) { $dsc_hash =~ m/\w+/ or fail "invalid hash in .dsc \`$dsc_hash'"; $dsc_hash = $&; progress "last upload to archive specified git hash"; } else { progress "last upload to archive has NO git hash"; } } else { progress "no version available from the archive"; } $lastpush_hash = git_get_ref(lrref()); printdebug "previous reference hash=$lastpush_hash\n"; my $hash; if (defined $dsc_hash) { fail "missing remote git history even though dsc has hash -". " could not find ref ".lrref(). " (should have been fetched from ".access_giturl()."#".rrref().")" unless $lastpush_hash; $hash = $dsc_hash; ensure_we_have_orig(); if ($dsc_hash eq $lastpush_hash) { } elsif (is_fast_fwd($dsc_hash,$lastpush_hash)) { print STDERR <$clogf", @git, qw(cat-file blob), "$hash:debian/changelog"; my $gotclogp = parsechangelog("-l$clogf"); my $got_vsn = getfield $gotclogp, 'Version'; printdebug "SKEW CHECK GOT $got_vsn\n"; if (version_compare($got_vsn, $skew_warning_vsn) < 0) { print STDERR <", "$attrs.new" or die "$attrs.new $!"; if (!open ATTRS, "<", $attrs) { $!==ENOENT or die "$attrs: $!"; } else { while () { chomp; next if m{^debian/changelog\s}; print NATTRS $_, "\n" or die $!; } ATTRS->error and die $!; close ATTRS; } print NATTRS "debian/changelog merge=$driver\n" or die $!; close NATTRS; set_local_git_config "$cb.name", 'debian/changelog merge driver'; set_local_git_config "$cb.driver", 'dpkg-mergechangelogs -m %O %A %B %A'; rename "$attrs.new", "$attrs" or die "$attrs: $!"; } sub setup_useremail (;$) { my ($always) = @_; return unless $always || access_cfg_bool(1, 'setup-useremail'); my $setup = sub { my ($k, $envvar) = @_; my $v = access_cfg("user-$k", 'RETURN-UNDEF') // $ENV{$envvar}; return unless defined $v; set_local_git_config "user.$k", $v; }; $setup->('email', 'DEBEMAIL'); $setup->('name', 'DEBFULLNAME'); } sub setup_new_tree () { setup_mergechangelogs(); setup_useremail(); } sub clone ($) { my ($dstdir) = @_; canonicalise_suite(); badusage "dry run makes no sense with clone" unless act_local(); my $hasgit = check_for_git(); mkdir $dstdir or die "$dstdir $!"; changedir $dstdir; runcmd @git, qw(init -q); my $giturl = access_giturl(1); if (defined $giturl) { set_local_git_config "remote.$remotename.fetch", fetchspec(); open H, "> .git/HEAD" or die $!; print H "ref: ".lref()."\n" or die $!; close H or die $!; runcmd @git, qw(remote add), 'origin', $giturl; } if ($hasgit) { progress "fetching existing git history"; git_fetch_us(); runcmd_ordryrun_local @git, qw(fetch origin); } else { progress "starting new git history"; } fetch_from_archive() or no_such_package; my $vcsgiturl = $dsc->{'Vcs-Git'}; if (length $vcsgiturl) { $vcsgiturl =~ s/\s+-b\s+\S+//g; runcmd @git, qw(remote add vcs-git), $vcsgiturl; } setup_new_tree(); runcmd @git, qw(reset --hard), lrref(); printdone "ready for work in $dstdir"; } sub fetch () { if (check_for_git()) { git_fetch_us(); } fetch_from_archive() or no_such_package(); printdone "fetched into ".lrref(); } sub pull () { fetch(); runcmd_ordryrun_local @git, qw(merge -m),"Merge from $csuite [dgit]", lrref(); printdone "fetched to ".lrref()." and merged into HEAD"; } sub check_not_dirty () { return if $ignoredirty; my @cmd = (@git, qw(diff --quiet HEAD)); debugcmd "+",@cmd; $!=0; $?=0; system @cmd; return if !$! && !$?; if (!$! && $?==256) { fail "working tree is dirty (does not match HEAD)"; } else { failedcmd @cmd; } if (stat_exists "debian/source/local-options") { fail "git tree contains debian/source/local-options"; } } sub commit_admin ($) { my ($m) = @_; progress "$m"; runcmd_ordryrun_local @git, qw(commit -m), $m; } sub commit_quilty_patch () { my $output = cmdoutput @git, qw(status --porcelain); my %adds; foreach my $l (split /\n/, $output) { next unless $l =~ m/\S/; if ($l =~ m{^(?:\?\?| M) (.pc|debian/patches)}) { $adds{$1}++; } } delete $adds{'.pc'}; # if there wasn't one before, don't add it if (!%adds) { progress "nothing quilty to commit, ok."; return; } my @adds = map { s/[][*?\\]/\\$&/g; $_; } sort keys %adds; runcmd_ordryrun_local @git, qw(add -f), @adds; commit_admin "Commit Debian 3.0 (quilt) metadata"; } sub get_source_format () { if (!open F, "debian/source/format") { die $! unless $!==&ENOENT; return ''; } $_ = ; F->error and die $!; chomp; return $_; } sub madformat ($) { my ($format) = @_; return 0 unless $format eq '3.0 (quilt)'; if ($quilt_mode eq 'nocheck') { progress "Not doing any fixup of \`$format' due to --no-quilt-fixup"; return 0; } progress "Format \`$format', checking/updating patch stack"; return 1; } sub push_parse_changelog ($) { my ($clogpfn) = @_; my $clogp = Dpkg::Control::Hash->new(); $clogp->load($clogpfn) or die; $package = getfield $clogp, 'Source'; my $cversion = getfield $clogp, 'Version'; my $tag = debiantag($cversion, access_basedistro); runcmd @git, qw(check-ref-format), $tag; my $dscfn = dscfn($cversion); return ($clogp, $cversion, $tag, $dscfn); } sub push_parse_dsc ($$$) { my ($dscfn,$dscfnwhat, $cversion) = @_; $dsc = parsecontrol($dscfn,$dscfnwhat); my $dversion = getfield $dsc, 'Version'; my $dscpackage = getfield $dsc, 'Source'; ($dscpackage eq $package && $dversion eq $cversion) or fail "$dscfn is for $dscpackage $dversion". " but debian/changelog is for $package $cversion"; } sub push_mktag ($$$$$$$) { my ($head,$clogp,$tag, $dscfn, $changesfile,$changesfilewhat, $tfn) = @_; $dsc->{$ourdscfield[0]} = $head; $dsc->save("$dscfn.tmp") or die $!; my $changes = parsecontrol($changesfile,$changesfilewhat); foreach my $field (qw(Source Distribution Version)) { $changes->{$field} eq $clogp->{$field} or fail "changes field $field \`$changes->{$field}'". " does not match changelog \`$clogp->{$field}'"; } my $cversion = getfield $clogp, 'Version'; my $clogsuite = getfield $clogp, 'Distribution'; # We make the git tag by hand because (a) that makes it easier # to control the "tagger" (b) we can do remote signing my $authline = clogp_authline $clogp; my $delibs = join(" ", "",@deliberatelies); my $declaredistro = access_basedistro(); open TO, '>', $tfn->('.tmp') or die $!; print TO <('.tmp'); if ($sign) { if (!defined $keyid) { $keyid = access_cfg('keyid','RETURN-UNDEF'); } if (!defined $keyid) { $keyid = getfield $clogp, 'Maintainer'; } unlink $tfn->('.tmp.asc') or $!==&ENOENT or die $!; my @sign_cmd = (@gpg, qw(--detach-sign --armor)); push @sign_cmd, qw(-u),$keyid if defined $keyid; push @sign_cmd, $tfn->('.tmp'); runcmd_ordryrun @sign_cmd; if (act_scary()) { $tagobjfn = $tfn->('.signed.tmp'); runcmd shell_cmd "exec >$tagobjfn", qw(cat --), $tfn->('.tmp'), $tfn->('.tmp.asc'); } } return ($tagobjfn); } sub sign_changes ($) { my ($changesfile) = @_; if ($sign) { my @debsign_cmd = @debsign; push @debsign_cmd, "-k$keyid" if defined $keyid; push @debsign_cmd, "-p$gpg[0]" if $gpg[0] ne 'gpg'; push @debsign_cmd, $changesfile; runcmd_ordryrun @debsign_cmd; } } sub dopush ($) { my ($forceflag) = @_; printdebug "actually entering push\n"; supplementary_message(<<'END'); Push failed, while preparing your push. You can retry the push, after fixing the problem, if you like. END prep_ud(); access_giturl(); # check that success is vaguely likely my $clogpfn = ".git/dgit/changelog.822.tmp"; runcmd shell_cmd "exec >$clogpfn", qw(dpkg-parsechangelog); responder_send_file('parsed-changelog', $clogpfn); my ($clogp, $cversion, $tag, $dscfn) = push_parse_changelog("$clogpfn"); my $dscpath = "$buildproductsdir/$dscfn"; stat_exists $dscpath or fail "looked for .dsc $dscfn, but $!;". " maybe you forgot to build"; responder_send_file('dsc', $dscpath); push_parse_dsc($dscpath, $dscfn, $cversion); my $format = getfield $dsc, 'Format'; printdebug "format $format\n"; if (madformat($format)) { commit_quilty_patch(); } check_not_dirty(); changedir $ud; progress "checking that $dscfn corresponds to HEAD"; runcmd qw(dpkg-source -x --), $dscpath =~ m#^/# ? $dscpath : "../../../$dscpath"; my ($tree,$dir) = mktree_in_ud_from_only_subdir(); check_for_vendor_patches() if madformat($dsc->{format}); changedir '../../../..'; my $diffopt = $debuglevel>0 ? '--exit-code' : '--quiet'; my @diffcmd = (@git, qw(diff), $diffopt, $tree); debugcmd "+",@diffcmd; $!=0; $?=0; my $r = system @diffcmd; if ($r) { if ($r==256) { fail "$dscfn specifies a different tree to your HEAD commit;". " perhaps you forgot to build". ($diffopt eq '--exit-code' ? "" : " (run with -D to see full diff output)"); } else { failedcmd @diffcmd; } } my $head = git_rev_parse('HEAD'); if (!$changesfile) { my $multi = "$buildproductsdir/". "${package}_".(stripepoch $cversion)."_multi.changes"; if (stat_exists "$multi") { $changesfile = $multi; } else { my $pat = "${package}_".(stripepoch $cversion)."_*.changes"; my @cs = glob "$buildproductsdir/$pat"; fail "failed to find unique changes file". " (looked for $pat in $buildproductsdir, or $multi);". " perhaps you need to use dgit -C" unless @cs==1; ($changesfile) = @cs; } } else { $changesfile = "$buildproductsdir/$changesfile"; } responder_send_file('changes',$changesfile); responder_send_command("param head $head"); responder_send_command("param csuite $csuite"); if (deliberately_not_fast_forward) { git_for_each_ref(lrfetchrefs, sub { my ($objid,$objtype,$lrfetchrefname,$reftail) = @_; my $rrefname= substr($lrfetchrefname, length(lrfetchrefs) + 1); responder_send_command("previously $rrefname=$objid"); $previously{$rrefname} = $objid; }); } my $tfn = sub { ".git/dgit/tag$_[0]"; }; my $tagobjfn; supplementary_message(<<'END'); Push failed, while signing the tag. You can retry the push, after fixing the problem, if you like. END # If we manage to sign but fail to record it anywhere, it's fine. if ($we_are_responder) { $tagobjfn = $tfn->('.signed.tmp'); responder_receive_files('signed-tag', $tagobjfn); } else { $tagobjfn = push_mktag($head,$clogp,$tag, $dscpath, $changesfile,$changesfile, $tfn); } supplementary_message(<<'END'); Push failed, *after* signing the tag. If you want to try again, you should use a new version number. END my $tag_obj_hash = cmdoutput @git, qw(hash-object -w -t tag), $tagobjfn; runcmd_ordryrun @git, qw(verify-tag), $tag_obj_hash; runcmd_ordryrun_local @git, qw(update-ref), "refs/tags/$tag", $tag_obj_hash; supplementary_message(<<'END'); Push failed, while updating the remote git repository - see messages above. If you want to try again, you should use a new version number. END if (!check_for_git()) { create_remote_git_repo(); } runcmd_ordryrun @git, qw(push),access_giturl(), $forceflag."HEAD:".rrref(), $forceflag."refs/tags/$tag"; runcmd_ordryrun @git, qw(update-ref -m), 'dgit push', lrref(), 'HEAD'; supplementary_message(<<'END'); Push failed, after updating the remote git repository. If you want to try again, you must use a new version number. END if ($we_are_responder) { my $dryrunsuffix = act_local() ? "" : ".tmp"; responder_receive_files('signed-dsc-changes', "$dscpath$dryrunsuffix", "$changesfile$dryrunsuffix"); } else { if (act_local()) { rename "$dscpath.tmp",$dscpath or die "$dscfn $!"; } else { progress "[new .dsc left in $dscpath.tmp]"; } sign_changes $changesfile; } supplementary_message(<<'END'); Push failed, while uploading package(s) to the archive server. You can retry the upload of exactly these same files with dput of: $changesfile If that .changes file is broken, you will need to use a new version number for your next attempt at the upload. END my $host = access_cfg('upload-host','RETURN-UNDEF'); my @hostarg = defined($host) ? ($host,) : (); runcmd_ordryrun @dput, @hostarg, $changesfile; printdone "pushed and uploaded $cversion"; supplementary_message(''); responder_send_command("complete"); } sub cmd_clone { parseopts(); notpushing(); my $dstdir; badusage "-p is not allowed with clone; specify as argument instead" if defined $package; if (@ARGV==1) { ($package) = @ARGV; } elsif (@ARGV==2 && $ARGV[1] =~ m#^\w#) { ($package,$isuite) = @ARGV; } elsif (@ARGV==2 && $ARGV[1] =~ m#^[./]#) { ($package,$dstdir) = @ARGV; } elsif (@ARGV==3) { ($package,$isuite,$dstdir) = @ARGV; } else { badusage "incorrect arguments to dgit clone"; } $dstdir ||= "$package"; if (stat_exists $dstdir) { fail "$dstdir already exists"; } my $cwd_remove; if ($rmonerror && !$dryrun_level) { $cwd_remove= getcwd(); unshift @end, sub { return unless defined $cwd_remove; if (!chdir "$cwd_remove") { return if $!==&ENOENT; die "chdir $cwd_remove: $!"; } rmtree($dstdir) or die "remove $dstdir: $!\n"; }; } clone($dstdir); $cwd_remove = undef; } sub branchsuite () { my $branch = cmdoutput_errok @git, qw(symbolic-ref HEAD); if ($branch =~ m#$lbranch_re#o) { return $1; } else { return undef; } } sub fetchpullargs () { notpushing(); if (!defined $package) { my $sourcep = parsecontrol('debian/control','debian/control'); $package = getfield $sourcep, 'Source'; } if (@ARGV==0) { # $isuite = branchsuite(); # this doesn't work because dak hates canons if (!$isuite) { my $clogp = parsechangelog(); $isuite = getfield $clogp, 'Distribution'; } canonicalise_suite(); progress "fetching from suite $csuite"; } elsif (@ARGV==1) { ($isuite) = @ARGV; canonicalise_suite(); } else { badusage "incorrect arguments to dgit fetch or dgit pull"; } } sub cmd_fetch { parseopts(); fetchpullargs(); fetch(); } sub cmd_pull { parseopts(); fetchpullargs(); pull(); } sub cmd_push { parseopts(); pushing(); badusage "-p is not allowed with dgit push" if defined $package; check_not_dirty(); my $clogp = parsechangelog(); $package = getfield $clogp, 'Source'; my $specsuite; if (@ARGV==0) { } elsif (@ARGV==1) { ($specsuite) = (@ARGV); } else { badusage "incorrect arguments to dgit push"; } $isuite = getfield $clogp, 'Distribution'; if ($new_package) { local ($package) = $existing_package; # this is a hack canonicalise_suite(); } else { canonicalise_suite(); } if (defined $specsuite && $specsuite ne $isuite && $specsuite ne $csuite) { fail "dgit push: changelog specifies $isuite ($csuite)". " but command line specifies $specsuite"; } supplementary_message(<<'END'); Push failed, while checking state of the archive. You can retry the push, after fixing the problem, if you like. END if (check_for_git()) { git_fetch_us(); } my $forceflag = ''; if (fetch_from_archive()) { if (is_fast_fwd(lrref(), 'HEAD')) { # ok } elsif (deliberately_not_fast_forward) { $forceflag = '+'; } else { fail "dgit push: HEAD is not a descendant". " of the archive's version.\n". "dgit: To overwrite its contents,". " use git merge -s ours ".lrref().".\n". "dgit: To rewind history, if permitted by the archive,". " use --deliberately-not-fast-forward"; } } else { $new_package or fail "package appears to be new in this suite;". " if this is intentional, use --new"; } dopush($forceflag); } #---------- remote commands' implementation ---------- sub cmd_remote_push_build_host { my ($nrargs) = shift @ARGV; my (@rargs) = @ARGV[0..$nrargs-1]; @ARGV = @ARGV[$nrargs..$#ARGV]; die unless @rargs; my ($dir,$vsnwant) = @rargs; # vsnwant is a comma-separated list; we report which we have # chosen in our ready response (so other end can tell if they # offered several) $debugprefix = ' '; $we_are_responder = 1; $us .= " (build host)"; pushing(); open PI, "<&STDIN" or die $!; open STDIN, "/dev/null" or die $!; open PO, ">&STDOUT" or die $!; autoflush PO 1; open STDOUT, ">&STDERR" or die $!; autoflush STDOUT 1; $vsnwant //= 1; ($protovsn) = grep { $vsnwant =~ m{^(?:.*,)?$_(?:,.*)?$} } @rpushprotovsn_support; fail "build host has dgit rpush protocol versions ". (join ",", @rpushprotovsn_support). " but invocation host has $vsnwant" unless defined $protovsn; responder_send_command("dgit-remote-push-ready $protovsn"); changedir $dir; &cmd_push; } sub cmd_remote_push_responder { cmd_remote_push_build_host(); } # ... for compatibility with proto vsn.1 dgit (just so that user gets # a good error message) our $i_tmp; sub i_cleanup { local ($@, $?); my $report = i_child_report(); if (defined $report) { printdebug "($report)\n"; } elsif ($i_child_pid) { printdebug "(killing build host child $i_child_pid)\n"; kill 15, $i_child_pid; } if (defined $i_tmp && !defined $initiator_tempdir) { changedir "/"; eval { rmtree $i_tmp; }; } } END { i_cleanup(); } sub i_method { my ($base,$selector,@args) = @_; $selector =~ s/\-/_/g; { no strict qw(refs); &{"${base}_${selector}"}(@args); } } sub cmd_rpush { pushing(); my $host = nextarg; my $dir; if ($host =~ m/^((?:[^][]|\[[^][]*\])*)\:/) { $host = $1; $dir = $'; #'; } else { $dir = nextarg; } $dir =~ s{^-}{./-}; my @rargs = ($dir); push @rargs, join ",", @rpushprotovsn_support; my @rdgit; push @rdgit, @dgit; push @rdgit, @ropts; push @rdgit, qw(remote-push-build-host), (scalar @rargs), @rargs; push @rdgit, @ARGV; my @cmd = (@ssh, $host, shellquote @rdgit); debugcmd "+",@cmd; if (defined $initiator_tempdir) { rmtree $initiator_tempdir; mkdir $initiator_tempdir, 0700 or die "$initiator_tempdir: $!"; $i_tmp = $initiator_tempdir; } else { $i_tmp = tempdir(); } $i_child_pid = open2(\*RO, \*RI, @cmd); changedir $i_tmp; ($protovsn) = initiator_expect { m/^dgit-remote-push-ready (\S+)/ }; die "$protovsn ?" unless grep { $_ eq $protovsn } @rpushprotovsn_support; $supplementary_message = '' unless $protovsn >= 3; for (;;) { my ($icmd,$iargs) = initiator_expect { m/^(\S+)(?: (.*))?$/; ($1,$2); }; i_method "i_resp", $icmd, $iargs; } } sub i_resp_progress ($) { my ($rhs) = @_; my $msg = protocol_read_bytes \*RO, $rhs; progress $msg; } sub i_resp_supplementary_message ($) { my ($rhs) = @_; $supplementary_message = protocol_read_bytes \*RO, $rhs; } sub i_resp_complete { my $pid = $i_child_pid; $i_child_pid = undef; # prevents killing some other process with same pid printdebug "waiting for build host child $pid...\n"; my $got = waitpid $pid, 0; die $! unless $got == $pid; die "build host child failed $?" if $?; i_cleanup(); printdebug "all done\n"; exit 0; } sub i_resp_file ($) { my ($keyword) = @_; my $localname = i_method "i_localname", $keyword; my $localpath = "$i_tmp/$localname"; stat_exists $localpath and badproto \*RO, "file $keyword ($localpath) twice"; protocol_receive_file \*RO, $localpath; i_method "i_file", $keyword; } our %i_param; sub i_resp_param ($) { $_[0] =~ m/^(\S+) (.*)$/ or badproto \*RO, "bad param spec"; $i_param{$1} = $2; } sub i_resp_previously ($) { $_[0] =~ m#^(refs/tags/\S+)=(\w+)$# or badproto \*RO, "bad previously spec"; my $r = system qw(git check-ref-format), $1; die "bad previously ref spec ($r)" if $r; $previously{$1} = $2; } our %i_wanted; sub i_resp_want ($) { my ($keyword) = @_; die "$keyword ?" if $i_wanted{$keyword}++; my @localpaths = i_method "i_want", $keyword; printdebug "[[ $keyword @localpaths\n"; foreach my $localpath (@localpaths) { protocol_send_file \*RI, $localpath; } print RI "files-end\n" or die $!; } our ($i_clogp, $i_version, $i_tag, $i_dscfn, $i_changesfn); sub i_localname_parsed_changelog { return "remote-changelog.822"; } sub i_file_parsed_changelog { ($i_clogp, $i_version, $i_tag, $i_dscfn) = push_parse_changelog "$i_tmp/remote-changelog.822"; die if $i_dscfn =~ m#/|^\W#; } sub i_localname_dsc { defined $i_dscfn or badproto \*RO, "dsc (before parsed-changelog)"; return $i_dscfn; } sub i_file_dsc { } sub i_localname_changes { defined $i_dscfn or badproto \*RO, "dsc (before parsed-changelog)"; $i_changesfn = $i_dscfn; $i_changesfn =~ s/\.dsc$/_dgit.changes/ or die; return $i_changesfn; } sub i_file_changes { } sub i_want_signed_tag { printdebug Dumper(\%i_param, $i_dscfn); defined $i_param{'head'} && defined $i_dscfn && defined $i_clogp && defined $i_param{'csuite'} or badproto \*RO, "premature desire for signed-tag"; my $head = $i_param{'head'}; die if $head =~ m/[^0-9a-f]/ || $head !~ m/^../; die unless $i_param{'csuite'} =~ m/^$suite_re$/; $csuite = $&; push_parse_dsc $i_dscfn, 'remote dsc', $i_version; my $tagobjfn = push_mktag $head, $i_clogp, $i_tag, $i_dscfn, $i_changesfn, 'remote changes', sub { "tag$_[0]"; }; return $tagobjfn; } sub i_want_signed_dsc_changes { rename "$i_dscfn.tmp","$i_dscfn" or die "$i_dscfn $!"; sign_changes $i_changesfn; return ($i_dscfn, $i_changesfn); } #---------- building etc. ---------- our $version; our $sourcechanges; our $dscfn; #----- `3.0 (quilt)' handling ----- our $fakeeditorenv = 'DGIT_FAKE_EDITOR_QUILT'; sub quiltify_dpkg_commit ($$$;$) { my ($patchname,$author,$msg, $xinfo) = @_; $xinfo //= ''; mkpath '.git/dgit'; my $descfn = ".git/dgit/quilt-description.tmp"; open O, '>', $descfn or die "$descfn: $!"; $msg =~ s/\s+$//g; $msg =~ s/\n/\n /g; $msg =~ s/^\s+$/ ./mg; print O < $git_commit_id, # Child => $c, # or undef if P=T # Whynot => $reason_edge_PC_unsuitable, # in @nots only # Nontrivial => true iff $p..$c has relevant changes # }; my @todo; my @nots; my $sref_S; my $max_work=100; my %considered; # saves being exponential on some weird graphs my $t_sentinels = quiltify_tree_sentinelfiles $target; my $not = sub { my ($search,$whynot) = @_; printdebug " search NOT $search->{Commit} $whynot\n"; $search->{Whynot} = $whynot; push @nots, $search; no warnings qw(exiting); next; }; push @todo, { Commit => $target, }; while (@todo) { my $c = shift @todo; next if $considered{$c->{Commit}}++; $not->($c, "maximum search space exceeded") if --$max_work <= 0; printdebug "quiltify investigate $c->{Commit}\n"; # are we done? if (!quiltify_trees_differ $c->{Commit}, $oldtiptree) { printdebug " search finished hooray!\n"; $sref_S = $c; last; } if ($quilt_mode eq 'nofix') { fail "quilt fixup required but quilt mode is \`nofix'\n". "HEAD commit $c->{Commit} differs from tree implied by ". " debian/patches (tree object $oldtiptree)"; } if ($quilt_mode eq 'smash') { printdebug " search quitting smash\n"; last; } my $c_sentinels = quiltify_tree_sentinelfiles $c->{Commit}; $not->($c, "has $c_sentinels not $t_sentinels") if $c_sentinels ne $t_sentinels; my $commitdata = cmdoutput @git, qw(cat-file commit), $c->{Commit}; $commitdata =~ m/\n\n/; $commitdata =~ $`; my @parents = ($commitdata =~ m/^parent (\w+)$/gm); @parents = map { { Commit => $_, Child => $c } } @parents; $not->($c, "root commit") if !@parents; foreach my $p (@parents) { $p->{Nontrivial}= quiltify_trees_differ $p->{Commit},$c->{Commit}; } my $ndiffers = grep { $_->{Nontrivial} } @parents; $not->($c, "merge ($ndiffers nontrivial parents)") if $ndiffers > 1; foreach my $p (@parents) { printdebug "considering C=$c->{Commit} P=$p->{Commit}\n"; my @cmd= (@git, qw(diff-tree -r --name-only), $p->{Commit},$c->{Commit}, qw(-- debian/patches .pc)); my $patchstackchange = cmdoutput @cmd; if (length $patchstackchange) { $patchstackchange =~ s/\n/,/g; $not->($p, "changed $patchstackchange"); } printdebug " search queue P=$p->{Commit} ", ($p->{Nontrivial} ? "NT" : "triv"),"\n"; push @todo, $p; } } if (!$sref_S) { printdebug "quiltify want to smash\n"; my $abbrev = sub { my $x = $_[0]{Commit}; $x =~ s/(.*?[0-9a-z]{8})[0-9a-z]*$/$1/; return $x; }; my $reportnot = sub { my ($notp) = @_; my $s = $abbrev->($notp); my $c = $notp->{Child}; $s .= "..".$abbrev->($c) if $c; $s .= ": ".$notp->{Whynot}; return $s; }; if ($quilt_mode eq 'linear') { print STDERR "$us: quilt fixup cannot be linear. Stopped at:\n"; foreach my $notp (@nots) { print STDERR "$us: ", $reportnot->($notp), "\n"; } fail "quilt fixup naive history linearisation failed.\n". "Use dpkg-source --commit by hand; or, --quilt=smash for one ugly patch"; } elsif ($quilt_mode eq 'smash') { } elsif ($quilt_mode eq 'auto') { progress "quilt fixup cannot be linear, smashing..."; } else { die "$quilt_mode ?"; } my $time = time; my $ncommits = 3; my $msg = cmdoutput @git, qw(log), "-n$ncommits"; quiltify_dpkg_commit "auto-$version-$target-$time", (getfield $clogp, 'Maintainer'), "Automatically generated patch ($clogp->{Version})\n". "Last (up to) $ncommits git changes, FYI:\n\n". $msg; return; } progress "quiltify linearisation planning successful, executing..."; for (my $p = $sref_S; my $c = $p->{Child}; $p = $p->{Child}) { printdebug "quiltify traverse $p->{Commit}..$c->{Commit}\n"; next unless $p->{Nontrivial}; my $cc = $c->{Commit}; my $commitdata = cmdoutput @git, qw(cat-file commit), $cc; $commitdata =~ m/\n\n/ or die "$c ?"; $commitdata = $`; my $msg = $'; #'; $commitdata =~ m/^author (.*) \d+ [-+0-9]+$/m or die "$cc ?"; my $author = $1; $msg =~ s/^(.*)\n*/$1\n/ or die "$cc $msg ?"; my $title = $1; my $patchname = $title; $patchname =~ s/[.:]$//; $patchname =~ y/ A-Z/-a-z/; $patchname =~ y/-a-z0-9_.+=~//cd; $patchname =~ s/^\W/x-$&/; $patchname = substr($patchname,0,40); my $index; for ($index=''; stat "debian/patches/$patchname$index"; $index++) { } $!==ENOENT or die "$patchname$index $!"; runcmd @git, qw(checkout -q), $cc; # We use the tip's changelog so that dpkg-source doesn't # produce complaining messages from dpkg-parsechangelog. None # of the information dpkg-source gets from the changelog is # actually relevant - it gets put into the original message # which dpkg-source provides our stunt editor, and then # overwritten. runcmd @git, qw(checkout -q), $target, qw(debian/changelog); quiltify_dpkg_commit "$patchname$index", $author, $msg, "X-Dgit-Generated: $clogp->{Version} $cc\n"; runcmd @git, qw(checkout -q), $cc, qw(debian/changelog); } runcmd @git, qw(checkout -q master); } sub build_maybe_quilt_fixup () { my $format=get_source_format; return unless madformat $format; # sigh check_for_vendor_patches(); # Our objective is: # - honour any existing .pc in case it has any strangeness # - determine the git commit corresponding to the tip of # the patch stack (if there is one) # - if there is such a git commit, convert each subsequent # git commit into a quilt patch with dpkg-source --commit # - otherwise convert all the differences in the tree into # a single git commit # # To do this we: # Our git tree doesn't necessarily contain .pc. (Some versions of # dgit would include the .pc in the git tree.) If there isn't # one, we need to generate one by unpacking the patches that we # have. # # We first look for a .pc in the git tree. If there is one, we # will use it. (This is not the normal case.) # # Otherwise need to regenerate .pc so that dpkg-source --commit # can work. We do this as follows: # 1. Collect all relevant .orig from parent directory # 2. Generate a debian.tar.gz out of # debian/{patches,rules,source/format} # 3. Generate a fake .dsc containing just these fields: # Format Source Version Files # 4. Extract the fake .dsc # Now the fake .dsc has a .pc directory. # (In fact we do this in every case, because in future we will # want to search for a good base commit for generating patches.) # # Then we can actually do the dpkg-source --commit # 1. Make a new working tree with the same object # store as our main tree and check out the main # tree's HEAD. # 2. Copy .pc from the fake's extraction, if necessary # 3. Run dpkg-source --commit # 4. If the result has changes to debian/, then # - git-add them them # - git-add .pc if we had a .pc in-tree # - git-commit # 5. If we had a .pc in-tree, delete it, and git-commit # 6. Back in the main tree, fast forward to the new HEAD my $clogp = parsechangelog(); my $headref = git_rev_parse('HEAD'); prep_ud(); changedir $ud; my $upstreamversion=$version; $upstreamversion =~ s/-[^-]*$//; my $fakeversion="$upstreamversion-~~DGITFAKE"; my $fakedsc=new IO::File 'fake.dsc', '>' or die $!; print $fakedsc <addfile($fh); print $fakedsc " ".$md->hexdigest." $size $b\n" or die $!; }; foreach my $f (<../../../../*>) { #/){ my $b=$f; $b =~ s{.*/}{}; next unless is_orig_file $b, srcfn $upstreamversion,''; link_ltarget $f, $b or die "$b $!"; $dscaddfile->($b); } my @files=qw(debian/source/format debian/rules); if (stat_exists '../../../debian/patches') { push @files, 'debian/patches'; } my $debtar= srcfn $fakeversion,'.debian.tar.gz'; runcmd qw(env GZIP=-1 tar -zcf), "./$debtar", qw(-C ../../..), @files; $dscaddfile->($debtar); close $fakedsc or die $!; runcmd qw(sh -ec), 'exec dpkg-source --no-check -x fake.dsc >/dev/null'; my $fakexdir= $package.'-'.(stripepoch $upstreamversion); rename $fakexdir, "fake" or die "$fakexdir $!"; mkdir "work" or die $!; changedir "work"; mktree_in_ud_here(); runcmd @git, qw(reset --hard), $headref; my $mustdeletepc=0; if (stat_exists ".pc") { -d _ or die; progress "Tree already contains .pc - will use it then delete it."; $mustdeletepc=1; } else { rename '../fake/.pc','.pc' or die $!; } quiltify($clogp,$headref); if (!open P, '>>', ".pc/applied-patches") { $!==&ENOENT or die $!; } else { close P; } commit_quilty_patch(); if ($mustdeletepc) { runcmd @git, qw(rm -rqf .pc); commit_admin "Commit removal of .pc (quilt series tracking data)"; } changedir '../../../..'; runcmd @git, qw(pull --ff-only -q .git/dgit/unpack/work master); } sub quilt_fixup_editor () { my $descfn = $ENV{$fakeeditorenv}; my $editing = $ARGV[$#ARGV]; open I1, '<', $descfn or die "$descfn: $!"; open I2, '<', $editing or die "$editing: $!"; unlink $editing or die "$editing: $!"; open O, '>', $editing or die "$editing: $!"; while () { print O or die $!; } I1->error and die $!; my $copying = 0; while () { $copying ||= m/^\-\-\- /; next unless $copying; print O or die $!; } I2->error and die $!; close O or die $1; exit 0; } #----- other building ----- our $suppress_clean; sub clean_tree () { return if $suppress_clean; if ($cleanmode eq 'dpkg-source') { runcmd_ordryrun_local @dpkgbuildpackage, qw(-T clean); } elsif ($cleanmode eq 'dpkg-source-d') { runcmd_ordryrun_local @dpkgbuildpackage, qw(-d -T clean); } elsif ($cleanmode eq 'git') { runcmd_ordryrun_local @git, qw(clean -xdf); } elsif ($cleanmode eq 'git-ff') { runcmd_ordryrun_local @git, qw(clean -xdff); } elsif ($cleanmode eq 'check') { my $leftovers = cmdoutput @git, qw(clean -xdn); if (length $leftovers) { print STDERR $leftovers, "\n" or die $!; fail "tree contains uncommitted files and --clean=check specified"; } } elsif ($cleanmode eq 'none') { } else { die "$cleanmode ?"; } } sub cmd_clean () { badusage "clean takes no additional arguments" if @ARGV; notpushing(); clean_tree(); } sub build_prep () { notpushing(); badusage "-p is not allowed when building" if defined $package; check_not_dirty(); clean_tree(); my $clogp = parsechangelog(); $isuite = getfield $clogp, 'Distribution'; $package = getfield $clogp, 'Source'; $version = getfield $clogp, 'Version'; build_maybe_quilt_fixup(); } sub changesopts_initial () { my @opts =@changesopts[1..$#changesopts]; } sub changesopts_version () { if (!defined $changes_since_version) { my @vsns = archive_query('archive_query'); my @quirk = access_quirk(); if ($quirk[0] eq 'backports') { local $isuite = $quirk[2]; local $csuite; canonicalise_suite(); push @vsns, archive_query('archive_query'); } if (@vsns) { @vsns = map { $_->[0] } @vsns; @vsns = sort { -version_compare($a, $b) } @vsns; $changes_since_version = $vsns[0]; progress "changelog will contain changes since $vsns[0]"; } else { $changes_since_version = '_'; progress "package seems new, not specifying -v"; } } if ($changes_since_version ne '_') { return ("-v$changes_since_version"); } else { return (); } } sub changesopts () { return (changesopts_initial(), changesopts_version()); } sub massage_dbp_args ($;$) { my ($cmd,$xargs) = @_; if ($cleanmode eq 'dpkg-source') { $suppress_clean = 1; return; } debugcmd '#massaging#', @$cmd if $debuglevel>1; my @newcmd = shift @$cmd; # -nc has the side effect of specifying -b if nothing else specified push @newcmd, '-nc'; # and some combinations of -S, -b, et al, are errors, rather than # later simply overriding earlier push @newcmd, '-F' unless grep { m/^-[bBASF]$/ } (@$cmd, @$xargs); push @newcmd, @$cmd; @$cmd = @newcmd; } sub cmd_build { my @dbp = (@dpkgbuildpackage, qw(-us -uc), changesopts_initial(), @ARGV); massage_dbp_args \@dbp; build_prep(); push @dbp, changesopts_version(); runcmd_ordryrun_local @dbp; printdone "build successful\n"; } sub cmd_gbp_build { my @dbp = @dpkgbuildpackage; massage_dbp_args \@dbp, \@ARGV; my @cmd; if (length executable_on_path('git-buildpackage')) { @cmd = qw(git-buildpackage); } else { @cmd = qw(gbp buildpackage); } push @cmd, (qw(-us -uc --git-no-sign-tags), "--git-builder=@dbp"); if ($cleanmode eq 'dpkg-source') { $suppress_clean = 1; } else { push @cmd, '--git-cleaner=true'; } build_prep(); unless (grep { m/^--git-debian-branch|^--git-ignore-branch/ } @ARGV) { canonicalise_suite(); push @cmd, "--git-debian-branch=".lbranch(); } push @cmd, changesopts(); runcmd_ordryrun_local @cmd, @ARGV; printdone "build successful\n"; } sub cmd_git_build { cmd_gbp_build(); } # compatibility with <= 1.0 sub build_source { if ($cleanmode =~ m/^dpkg-source/) { # dpkg-source will clean, so we shouldn't $suppress_clean = 1; } build_prep(); $sourcechanges = "${package}_".(stripepoch $version)."_source.changes"; $dscfn = dscfn($version); if ($cleanmode eq 'dpkg-source') { runcmd_ordryrun_local (@dpkgbuildpackage, qw(-us -uc -S)), changesopts(); } elsif ($cleanmode eq 'dpkg-source-d') { runcmd_ordryrun_local (@dpkgbuildpackage, qw(-us -uc -S -d)), changesopts(); } else { my $pwd = must_getcwd(); my $leafdir = basename $pwd; changedir ".."; runcmd_ordryrun_local @dpkgsource, qw(-b --), $leafdir; changedir $pwd; runcmd_ordryrun_local qw(sh -ec), 'exec >$1; shift; exec "$@"','x', "../$sourcechanges", @dpkggenchanges, qw(-S), changesopts(); } } sub cmd_build_source { badusage "build-source takes no additional arguments" if @ARGV; build_source(); printdone "source built, results in $dscfn and $sourcechanges"; } sub cmd_sbuild { build_source(); changedir ".."; my $pat = "${package}_".(stripepoch $version)."_*.changes"; if (act_local()) { stat_exists $dscfn or fail "$dscfn (in parent directory): $!"; stat_exists $sourcechanges or fail "$sourcechanges (in parent directory): $!"; foreach my $cf (glob $pat) { next if $cf eq $sourcechanges; unlink $cf or fail "remove $cf: $!"; } } runcmd_ordryrun_local @sbuild, @ARGV, qw(-d), $isuite, $dscfn; my @changesfiles = glob $pat; @changesfiles = sort { ($b =~ m/_source\.changes$/ <=> $a =~ m/_source\.changes$/) or $a cmp $b } @changesfiles; fail "wrong number of different changes files (@changesfiles)" unless @changesfiles; runcmd_ordryrun_local @mergechanges, @changesfiles; my $multichanges = "${package}_".(stripepoch $version)."_multi.changes"; if (act_local()) { stat_exists $multichanges or fail "$multichanges: $!"; } printdone "build successful, results in $multichanges\n" or die $!; } sub cmd_quilt_fixup { badusage "incorrect arguments to dgit quilt-fixup" if @ARGV; my $clogp = parsechangelog(); $version = getfield $clogp, 'Version'; $package = getfield $clogp, 'Source'; build_maybe_quilt_fixup(); } sub cmd_archive_api_query { badusage "need only 1 subpath argument" unless @ARGV==1; my ($subpath) = @ARGV; my @cmd = archive_api_query_cmd($subpath); debugcmd ">",@cmd; exec @cmd or fail "exec curl: $!\n"; } sub cmd_clone_dgit_repos_server { badusage "need destination argument" unless @ARGV==1; my ($destdir) = @ARGV; $package = '_dgit-repos-server'; my @cmd = (@git, qw(clone), access_giturl(), $destdir); debugcmd ">",@cmd; exec @cmd or fail "exec git clone: $!\n"; } sub cmd_setup_mergechangelogs { badusage "no arguments allowed to dgit setup-mergechangelogs" if @ARGV; setup_mergechangelogs(1); } sub cmd_setup_useremail { badusage "no arguments allowed to dgit setup-mergechangelogs" if @ARGV; setup_useremail(1); } sub cmd_setup_new_tree { badusage "no arguments allowed to dgit setup-tree" if @ARGV; setup_new_tree(); } #---------- argument parsing and main program ---------- sub cmd_version { print "dgit version $our_version\n" or die $!; exit 0; } our (%valopts_long, %valopts_short); our @rvalopts; sub defvalopt ($$$$) { my ($long,$short,$val_re,$how) = @_; my $oi = { Long => $long, Short => $short, Re => $val_re, How => $how }; $valopts_long{$long} = $oi; $valopts_short{$short} = $oi; # $how subref should: # do whatever assignemnt or thing it likes with $_[0] # if the option should not be passed on to remote, @rvalopts=() # or $how can be a scalar ref, meaning simply assign the value } defvalopt '--since-version', '-v', '[^_]+|_', \$changes_since_version; defvalopt '--distro', '-d', '.+', \$idistro; defvalopt '', '-k', '.+', \$keyid; defvalopt '--existing-package','', '.*', \$existing_package; defvalopt '--build-products-dir','','.*', \$buildproductsdir; defvalopt '--clean', '', $cleanmode_re, \$cleanmode; defvalopt '--quilt', '', $quilt_modes_re, \$quilt_mode; defvalopt '', '-c', '.*=.*', sub { push @git, '-c', @_; }; defvalopt '', '-C', '.+', sub { ($changesfile) = (@_); if ($changesfile =~ s#^(.*)/##) { $buildproductsdir = $1; } }; defvalopt '--initiator-tempdir','','.*', sub { ($initiator_tempdir) = (@_); $initiator_tempdir =~ m#^/# or badusage "--initiator-tempdir must be used specify an". " absolute, not relative, directory." }; sub parseopts () { my $om; if (defined $ENV{'DGIT_SSH'}) { @ssh = string_to_ssh $ENV{'DGIT_SSH'}; } elsif (defined $ENV{'GIT_SSH'}) { @ssh = ($ENV{'GIT_SSH'}); } my $oi; my $val; my $valopt = sub { my ($what) = @_; @rvalopts = ($_); if (!defined $val) { badusage "$what needs a value" unless @ARGV; $val = shift @ARGV; push @rvalopts, $val; } badusage "bad value \`$val' for $what" unless $val =~ m/^$oi->{Re}$(?!\n)/s; my $how = $oi->{How}; if (ref($how) eq 'SCALAR') { $$how = $val; } else { $how->($val); } push @ropts, @rvalopts; }; while (@ARGV) { last unless $ARGV[0] =~ m/^-/; $_ = shift @ARGV; last if m/^--?$/; if (m/^--/) { if (m/^--dry-run$/) { push @ropts, $_; $dryrun_level=2; } elsif (m/^--damp-run$/) { push @ropts, $_; $dryrun_level=1; } elsif (m/^--no-sign$/) { push @ropts, $_; $sign=0; } elsif (m/^--help$/) { cmd_help(); } elsif (m/^--version$/) { cmd_version(); } elsif (m/^--new$/) { push @ropts, $_; $new_package=1; } elsif (m/^--([-0-9a-z]+)=(.+)/s && ($om = $opts_opt_map{$1}) && length $om->[0]) { push @ropts, $_; $om->[0] = $2; } elsif (m/^--([-0-9a-z]+):(.*)/s && !$opts_opt_cmdonly{$1} && ($om = $opts_opt_map{$1})) { push @ropts, $_; push @$om, $2; } elsif (m/^--ignore-dirty$/s) { push @ropts, $_; $ignoredirty = 1; } elsif (m/^--no-quilt-fixup$/s) { push @ropts, $_; $quilt_mode = 'nocheck'; } elsif (m/^--no-rm-on-error$/s) { push @ropts, $_; $rmonerror = 0; } elsif (m/^--deliberately-($deliberately_re)$/s) { push @ropts, $_; push @deliberatelies, $&; } elsif (m/^(--[-0-9a-z]+)(=|$)/ && ($oi = $valopts_long{$1})) { $val = $2 ? $' : undef; #'; $valopt->($oi->{Long}); } else { badusage "unknown long option \`$_'"; } } else { while (m/^-./s) { if (s/^-n/-/) { push @ropts, $&; $dryrun_level=2; } elsif (s/^-L/-/) { push @ropts, $&; $dryrun_level=1; } elsif (s/^-h/-/) { cmd_help(); } elsif (s/^-D/-/) { push @ropts, $&; $debuglevel++; enabledebug(); } elsif (s/^-N/-/) { push @ropts, $&; $new_package=1; } elsif (m/^-m/) { push @ropts, $&; push @changesopts, $_; $_ = ''; } elsif (s/^-wn$//s) { push @ropts, $&; $cleanmode = 'none'; } elsif (s/^-wg$//s) { push @ropts, $&; $cleanmode = 'git'; } elsif (s/^-wgf$//s) { push @ropts, $&; $cleanmode = 'git-ff'; } elsif (s/^-wd$//s) { push @ropts, $&; $cleanmode = 'dpkg-source'; } elsif (s/^-wdd$//s) { push @ropts, $&; $cleanmode = 'dpkg-source-d'; } elsif (s/^-wc$//s) { push @ropts, $&; $cleanmode = 'check'; } elsif (m/^-[a-zA-Z]/ && ($oi = $valopts_short{$&})) { $val = $'; #'; $val = undef unless length $val; $valopt->($oi->{Short}); $_ = ''; } else { badusage "unknown short option \`$_'"; } } } } } sub finalise_opts_opts () { foreach my $k (keys %opts_opt_map) { my $om = $opts_opt_map{$k}; my $v = access_cfg("cmd-$k", 'RETURN-UNDEF'); if (defined $v) { badcfg "cannot set command for $k" unless length $om->[0]; $om->[0] = $v; } foreach my $c (access_cfg_cfgs("opts-$k")) { my $vl = $gitcfg{$c}; printdebug "CL $c ", ($vl ? join " ", map { shellquote } @$vl : ""), "\n" if $debuglevel >= 4; next unless $vl; badcfg "cannot configure options for $k" if $opts_opt_cmdonly{$k}; my $insertpos = $opts_cfg_insertpos{$k}; @$om = ( @$om[0..$insertpos-1], @$vl, @$om[$insertpos..$#$om] ); } } } if ($ENV{$fakeeditorenv}) { git_slurp_config(); quilt_fixup_editor(); } parseopts(); git_slurp_config(); print STDERR "DRY RUN ONLY\n" if $dryrun_level > 1; print STDERR "DAMP RUN - WILL MAKE LOCAL (UNSIGNED) CHANGES\n" if $dryrun_level == 1; if (!@ARGV) { print STDERR $helpmsg or die $!; exit 8; } my $cmd = shift @ARGV; $cmd =~ y/-/_/; if (!defined $quilt_mode) { local $access_forpush; $quilt_mode = cfg('dgit.force.quilt-mode', 'RETURN-UNDEF') // access_cfg('quilt-mode', 'RETURN-UNDEF') // 'linear'; $quilt_mode =~ m/^($quilt_modes_re)$/ or badcfg "unknown quilt-mode \`$quilt_mode'"; $quilt_mode = $1; } if (!defined $cleanmode) { local $access_forpush; $cleanmode = access_cfg('clean-mode', 'RETURN-UNDEF'); $cleanmode //= 'dpkg-source'; badcfg "unknown clean-mode \`$cleanmode'" unless $cleanmode =~ m/^($cleanmode_re)$(?!\n)/s; } my $fn = ${*::}{"cmd_$cmd"}; $fn or badusage "unknown operation $cmd"; $fn->();