Remove debian/tmp prefix, as debhelper will try to find the files in
that directory. Change source patterns to avoid using destination
directories.
Change-Id: Ic72ce634970c3987635dbfe497e20b176e893bbd
Make it conform to common expectations, where:
- Use DESTDIR for the staged installation directory.
- Use PREFIX to set the installation prefix for all pathnames,
and include it in the other DIR variables.
- Rename LIBSOVER to LIBSONAME.
- Rename HDR to HDRDIR to make the variable more clear.
- Add LIBSONAME for lib<name>.so.<version>.
- Do not specify the target name if it matches the source.
- Add spaces around Makefile variable assignments.
- Make VERSION parsing more robust against coding style changes.
- Pass PREFIX from the environment to «make install», which avoids a
debhelper override.
Change-Id: I6d5181dd34cd076966ed02e7ae9701286e4673cf
Depending on the buffer contents, we might be printing binary garbage to
stdout, which can mess up with the terminal state if that happens to be
ANSI control codes.
Change-Id: Iee0059bccccb33bc47a6b066a353b0038a9679a2
In more recent versions, Git upstream does an owner check for the
top-level directory (see git upstream commit 8959555ce), also see
https://github.blog/2022-04-12-git-security-vulnerability-announced/
This change is included in git versions >=2.30.3, >=2.31.2, >=2.34.2,
>=2.35.2 + >=2.36.0-rc2, and therefore also affects the Git package
v2.35.2-1 as present in current Debian/unstable (as of 2022-04-16).
Because of that libtcap-abi-check-docker fails for us with:
| fatal: detected dubious ownership in repository at '/code'
| To add an exception for this directory, call:
|
| git config --global --add safe.directory /code
Running `git config --add safe.directory ...` as implemented in
jenkins-config's git rev 77040321 won't work though, as the resulting
.git/config won't be considered for security issues, so the `--global`
switch is essential and needs to be used as reported by the error
message mentioned above.
Now what was more tricky and required some more debugging:
We pass the environment of the Jenkins job down to the docker
environment (via --env-file=...), but we're running the docker container
with root user. Therefore the ~/.gitconfig inside the docker environment
is expected to be located at /var/lib/jenkins/, while we could only
prepare the one at /root/.gitconfig (without hardcoding jenkins UID etc
upfront in the docker image, which is clearly an approach to avoid).
So when we're running testrunner inside a docker environment and we are
running as user root, let's make sure to set $HOME to /root as one might
expect. Then the ~/.gitconfig with the safe.directory can be found as
expected.
Change-Id: I81b7764945f80cfb415779c2bc8bcf1fcd339b40
Using apt-get with `-qq` displays only the following message
on package installation problems:
| E: Unable to correct problems, you have held broken packages.
Whereas with `-q`, we get the actual underlying problem, being:
| The following packages have unmet dependencies:
| builddeps:. : Depends: debhelper-compat (= 13)
| E: Unable to correct problems, you have held broken packages.
Furthermore, ubuntu-20.04 doesn't provide debhelper-compat (= 13),
therefore our workflows fail with:
| The following packages have unmet dependencies:
| builddeps:. : Depends: debhelper-compat (= 13)
| E: Unable to correct problems, you have held broken packages.
So enable the ubuntu-cloud-archive/yoga-staging PPA,
which provides a backport of debhelper v13:
https://launchpad.net/~ubuntu-cloud-archive/+archive/ubuntu/yoga-staging/+packages
and fixes our failing coverity builds on github.
While at it, let's switch from ubuntu-20.04 to ubuntu-latest, which
currently still points to ubuntu-20.04, but should reduce
our maintenance efforts.
Change-Id: Ifffd3e4b446ed916501acd26b160f2b48fb405a7
This adds support for running cppcheck, clang-analyzer, and running the
tests using various compiler sanitizers.
Change-Id: I931af6460c60bccd3d1429e84ef8653f907ecf38
This is illegal in standard C, even though it is allowed as a GNU C
extension.
Change-Id: I490d36688dc6874befda250aeda480109b134b35
Warned-by: gcc, cppcheck
Generate and patch them on every build to make sure we use the latest
versions and compile from actual source.
This has the effect of updating the ASN1C code we are using to the
latest version available in the Debian release used.
Change-Id: If48392226e4f783c3a0fb64816e8109f2952c410
This makes it easier to control what symbols require what version in a
more fine grained way, even though we pretty much force wholesale system
upgrades, but also helps tracking symbols additions and removals.
Change-Id: Ie787d4bfcb7fb47b361e81a2e9a9e3a9a41cf1e2
These are data types and symbols for which we do not have any control
over their API/ABI guarantees and means we cannot update to newer
ASN1C versions w/o continuously bumping the SONAME. Stop exposing them
as part of our public interface, which requires a SONAME bump as this
is an API and ABI breaking change.
Add a version script to control the ABI that we expose.
Change-Id: I4077da7b47bb48007a17027215ca33bfb201a3b7
When we bump the SOVERSION we should skip doing the API/ABI checks, as
this is going to be by definition at least an ABI incompatible change.
Change-Id: Iaa5c77a4eece4166b47cf12399fb80f5a1299ee7
Refactor this function from the test case, and from the lnpd mock-test
implementation. This will make it possible to stop exposing ASN1C
internals as part of the public interface, as we do not have any control
over the API/ABI and means we cannot update to newer ASN1C versions w/o
continuously bumping the SONAME.
Change-Id: I6fa0a0e6b4360bebcd4a19c0e38be09cfdee1f2b
- Use built-in rules whenever possible.
- Split between optional and required options in flag variables.
- Refactor tests into a variable.
Change-Id: I1f82648c8b9757fc98acbcc1d8d7157a83f4ec79
Sipwise Jenkins Builder
Michael Prokop
Guillem Jover
Mykola Malkov
Manuel Montecelo