cadey
/
propellor
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

The Debian package now includes a single-revision git repository in /usr/src/propellor/, and ~/.propellor/ is set up to use this repository as its "upstream" remote. This avoids relying on the security of the github repository when using the Debian package.

This commit is contained in:
Joey Hess 2014-08-19 14:33:43 -04:00
parent c3c1f921bb
commit b6c5f54741
5 changed files with 27 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
Makefile
View File

@ -25,6 +25,7 @@ install:
$(CABAL) sdist $(CABAL) sdist
cat dist/propellor-*.tar.gz | \ cat dist/propellor-*.tar.gz | \
(cd $(DESTDIR)/usr/src/propellor && tar zx --strip-components=1) (cd $(DESTDIR)/usr/src/propellor && tar zx --strip-components=1)
cd $(DESTDIR)/usr/src/propellor && git init && git add . && git commit -m "current version of propellor"
clean: clean:
rm -rf dist Setup tags propellor privdata/local rm -rf dist Setup tags propellor privdata/local

7
debian/README.Debian vendored
View File

@ -8,4 +8,9 @@ Edit ~/.propellor/config.hs to configure it.
Note that upgrading the propellor package will not update your Note that upgrading the propellor package will not update your
~/.propellor/ repository. You can `git pull upstream` in your repository to ~/.propellor/ repository. You can `git pull upstream` in your repository to
update to the current upstream. update to the current upstream source, as distributed in the Debian
package.
Older versions of propellor set the upstream remote to
point to a repository on github, so if you used one of them, you may want
to change it to point to the new location, /usr/src/propellor/

4
debian/changelog vendored
View File

@ -1,5 +1,9 @@
propellor (0.8.3) UNRELEASED; urgency=medium propellor (0.8.3) UNRELEASED; urgency=medium
* The Debian package now includes a single-revision git repository in
/usr/src/propellor/, and ~/.propellor/ is set up to use this repository as
its "upstream" remote. This avoids relying on the security of the github
repository when using the Debian package.
* Included the config.hs symlink to config-simple.hs in the cabal and Debian * Included the config.hs symlink to config-simple.hs in the cabal and Debian
packages. packages.

1
debian/control vendored
View File

@ -3,6 +3,7 @@ Section: admin
Priority: optional Priority: optional
Build-Depends: Build-Depends:
debhelper (>= 9), debhelper (>= 9),
git,
ghc (>= 7.4), ghc (>= 7.4),
cabal-install, cabal-install,
libghc-async-dev, libghc-async-dev,

34
src/wrapper.hs
View File

@ -9,8 +9,8 @@
-- uses it to build the real propellor program (if not already built), -- uses it to build the real propellor program (if not already built),
-- and runs it. -- and runs it.
-- --
-- The source is either copied from /usr/src/propellor, or is cloned from -- The source is cloned from /usr/src/propellor when available,
-- git over the network. -- or is cloned from git over the network.
module Main where module Main where
@ -28,13 +28,13 @@ import System.Environment (getArgs)
import System.Exit import System.Exit
import System.Posix.Directory import System.Posix.Directory
srcdir :: FilePath localrepo :: FilePath
srcdir = "/usr/src/propellor" localrepo = "/usr/src/propellor"
-- Using the github mirror of the main propellor repo because -- Using the github mirror of the main propellor repo because
-- it is accessible over https for better security. -- it is accessible over https for better security.
srcrepo :: String netrepo :: String
srcrepo = "https://github.com/joeyh/propellor.git" netrepo = "https://github.com/joeyh/propellor.git"
main :: IO () main :: IO ()
main = do main = do
@ -56,29 +56,25 @@ wrapper args propellordir propellorbin = do
makeRepo = do makeRepo = do
putStrLn $ "Setting up your propellor repo in " ++ propellordir putStrLn $ "Setting up your propellor repo in " ++ propellordir
putStrLn "" putStrLn ""
ifM (doesDirectoryExist srcdir) ifM (doesDirectoryExist localrepo)
( do ( do
void $ boolSystem "cp" [Param "-a", File srcdir, File propellordir] void $ boolSystem "git" [Param "clone", File localrepo, File propellordir]
changeWorkingDirectory propellordir setuprepo True localrepo
void $ boolSystem "git" [Param "init"]
void $ boolSystem "git" [Param "add", Param "."]
setuprepo True
, do , do
void $ boolSystem "git" [Param "clone", Param srcrepo, File propellordir] void $ boolSystem "git" [Param "clone", Param netrepo, File propellordir]
void $ boolSystem "git" [Param "remote", Param "rm", Param "origin"] setuprepo False netrepo
setuprepo False
) )
setuprepo fromsrcdir = do setuprepo fromlocalrepo repolocation = do
changeWorkingDirectory propellordir changeWorkingDirectory propellordir
whenM (doesDirectoryExist "privdata") $ whenM (doesDirectoryExist "privdata") $
mapM_ nukeFile =<< dirContents "privdata" mapM_ nukeFile =<< dirContents "privdata"
void $ boolSystem "git" [Param "commit", Param "--allow-empty", Param "--quiet", Param "-m", Param "setting up propellor git repository"] void $ boolSystem "git" [Param "remote", Param "rm", Param "origin"]
void $ boolSystem "git" [Param "remote", Param "add", Param "upstream", Param srcrepo] void $ boolSystem "git" [Param "remote", Param "add", Param "upstream", Param repolocation]
-- Connect synthetic git repo with upstream history so -- Connect synthetic git repo with upstream history so
-- merging with upstream will work going forward. -- merging with upstream will work going forward.
-- Note -s ours is used to avoid getting any divergent -- Note -s ours is used to avoid getting any divergent
-- changes from upstream. -- changes from upstream.
when fromsrcdir $ do when (not fromlocalrepo) $ do
void $ boolSystem "git" [Param "fetch", Param "upstream"] void $ boolSystem "git" [Param "fetch", Param "upstream"]
version <- readProcess "dpkg-query" ["--showformat", "${Version}", "--show", "propellor"] version <- readProcess "dpkg-query" ["--showformat", "${Version}", "--show", "propellor"]
void $ boolSystem "git" [Param "merge", Param "-s", Param "ours", Param version] void $ boolSystem "git" [Param "merge", Param "-s", Param "ours", Param version]