diff options
| -rw-r--r-- | config-joey.hs | 1 | ||||
| -rw-r--r-- | debian/changelog | 7 | ||||
| -rw-r--r-- | src/Propellor/CmdLine.hs | 7 | ||||
| -rw-r--r-- | src/Propellor/Property/Apt.hs | 2 | ||||
| -rw-r--r-- | src/Propellor/Property/SiteSpecific/GitAnnexBuilder.hs | 28 | ||||
| -rw-r--r-- | src/wrapper.hs | 2 |
6 files changed, 25 insertions, 22 deletions
diff --git a/config-joey.hs b/config-joey.hs index 63768eeb..2c73b3e5 100644 --- a/config-joey.hs +++ b/config-joey.hs @@ -293,6 +293,7 @@ standardContainer name suite arch = Docker.container name (dockerImage system) -- Docker images I prefer to use. dockerImage :: System -> Docker.Image dockerImage (System (Debian Unstable) arch) = "joeyh/debian-unstable-" ++ arch +dockerImage (System (Debian Testing) arch) = "joeyh/debian-unstable-" ++ arch dockerImage (System (Debian Stable) arch) = "joeyh/debian-stable-" ++ arch dockerImage _ = "debian-stable-official" -- does not currently exist! diff --git a/debian/changelog b/debian/changelog index b8db1680..b3f4572f 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,11 +1,14 @@ -propellor (0.7.0) UNRELEASED; urgency=medium +propellor (0.7.0) unstable; urgency=medium * combineProperties no longer stops when a property fails; now it continues trying to satisfy all properties on the list before propigating the failure. * Attr is renamed to Info. + * Renamed wrapper to propellor to make cabal installation of propellor work. + * When git gpg signature of a fetched git branch cannot be verified, + propellor will now continue running, but without merging in that branch. - -- Joey Hess <joeyh@debian.org> Sat, 07 Jun 2014 00:12:44 -0400 + -- Joey Hess <joeyh@debian.org> Fri, 13 Jun 2014 10:06:40 -0400 propellor (0.6.0) unstable; urgency=medium diff --git a/src/Propellor/CmdLine.hs b/src/Propellor/CmdLine.hs index 06a5921d..32e97316 100644 --- a/src/Propellor/CmdLine.hs +++ b/src/Propellor/CmdLine.hs @@ -132,6 +132,8 @@ updateFirst cmdline next = do void $ actionMessage "Git fetch" $ boolSystem "git" [Param "fetch"] + oldsha <- getCurrentGitSha1 branchref + whenM (doesFileExist keyring) $ do {- To verify origin branch commit's signature, have to - convince gpg to use our keyring. While running git log. @@ -153,10 +155,9 @@ updateFirst cmdline next = do then do putStrLn $ "git branch " ++ originbranch ++ " gpg signature verified; merging" hFlush stdout - else errorMessage $ "git branch " ++ originbranch ++ " is not signed with a trusted gpg key; refusing to deploy it!" + void $ boolSystem "git" [Param "merge", Param originbranch] + else warningMessage $ "git branch " ++ originbranch ++ " is not signed with a trusted gpg key; refusing to deploy it! (Running with previous configuration instead.)" - oldsha <- getCurrentGitSha1 branchref - void $ boolSystem "git" [Param "merge", Param originbranch] newsha <- getCurrentGitSha1 branchref if oldsha == newsha diff --git a/src/Propellor/Property/Apt.hs b/src/Propellor/Property/Apt.hs index 17057af2..7e02a335 100644 --- a/src/Propellor/Property/Apt.hs +++ b/src/Propellor/Property/Apt.hs @@ -265,5 +265,5 @@ trustsKey k = RevertableProperty trust untrust -- | Cleans apt's cache of downloaded packages to avoid using up disk -- space. cacheCleaned :: Property -cacheCleaned = cmdProperty "apt-get" ["clean"] +cacheCleaned = trivial $ cmdProperty "apt-get" ["clean"] `describe` "apt cache cleaned" diff --git a/src/Propellor/Property/SiteSpecific/GitAnnexBuilder.hs b/src/Propellor/Property/SiteSpecific/GitAnnexBuilder.hs index 57a6b084..85584e43 100644 --- a/src/Propellor/Property/SiteSpecific/GitAnnexBuilder.hs +++ b/src/Propellor/Property/SiteSpecific/GitAnnexBuilder.hs @@ -69,22 +69,17 @@ tree buildarch = combineProperties "gitannexbuilder tree" buildDepsApt :: Property buildDepsApt = combineProperties "gitannexbuilder build deps" [ Apt.buildDep ["git-annex"] - , buildDepsFewHaskellLibs + , buildDepsNoHaskellLibs , "git-annex source build deps installed" ==> Apt.buildDepIn builddir ] -buildDepsFewHaskellLibs :: Property -buildDepsFewHaskellLibs = combineProperties "gitannexbuilder build deps" - [ buildDepsNoHaskellLibs - -- these haskell libs depend on C libs and don't use TH - , Apt.installed ["libghc-dbus-dev", "libghc-fdo-notify-dev", "libghc-network-protocol-xmpp-dev"] - ] - buildDepsNoHaskellLibs :: Property buildDepsNoHaskellLibs = Apt.installed ["git", "rsync", "moreutils", "ca-certificates", "debhelper", "ghc", "curl", "openssh-client", "git-remote-gcrypt", "liblockfile-simple-perl", "cabal-install", "vim", "less", + -- needed by haskell libs + "libxml2-dev", "libidn11-dev", "libgsasl7-dev", "libgnutls-dev", "alex", "happy", "c2hs" ] @@ -98,14 +93,15 @@ cabalDeps = flagFile go cabalupdated standardAutoBuilderContainer :: (System -> Docker.Image) -> Architecture -> Int -> TimeOut -> Host standardAutoBuilderContainer dockerImage arch buildminute timeout = Docker.container (arch ++ "-git-annex-builder") - (dockerImage $ System (Debian Unstable) arch) - & os (System (Debian Unstable) arch) + (dockerImage $ System (Debian Testing) arch) + & os (System (Debian Testing) arch) & Apt.stdSourcesList & Apt.installed ["systemd"] & Apt.unattendedUpgrades + & User.accountFor builduser + & tree arch & buildDepsApt & autobuilder (show buildminute ++ " * * * *") timeout True - `requires` tree arch androidAutoBuilderContainer :: (System -> Docker.Image) -> Cron.CronTimes -> TimeOut -> Host androidAutoBuilderContainer dockerImage crontimes timeout = @@ -144,15 +140,16 @@ androidContainer dockerImage name setupgitannexdir gitannexdir = Docker.containe armelCompanionContainer :: (System -> Docker.Image) -> Host armelCompanionContainer dockerImage = Docker.container "armel-git-annex-builder-companion" (dockerImage $ System (Debian Unstable) "amd64") - & os (System (Debian Unstable) "amd64") + & os (System (Debian Testing) "amd64") & Apt.stdSourcesList & Apt.installed ["systemd"] & Apt.unattendedUpgrades -- This volume is shared with the armel builder. & Docker.volume gitbuilderdir + & User.accountFor builduser -- Install current versions of build deps from cabal. & tree "armel" - & buildDepsFewHaskellLibs + & buildDepsNoHaskellLibs & cabalDeps -- The armel builder can ssh to this companion. & Docker.expose "22" @@ -162,18 +159,19 @@ armelCompanionContainer dockerImage = Docker.container "armel-git-annex-builder- armelAutoBuilderContainer :: (System -> Docker.Image) -> Cron.CronTimes -> TimeOut -> Host armelAutoBuilderContainer dockerImage crontimes timeout = Docker.container "armel-git-annex-builder" (dockerImage $ System (Debian Unstable) "armel") - & os (System (Debian Unstable) "armel") + & os (System (Debian Testing) "armel") & Apt.stdSourcesList & Apt.unattendedUpgrades & Apt.installed ["systemd"] & Apt.installed ["openssh-client"] & Docker.link "armel-git-annex-builder-companion" "companion" & Docker.volumes_from "armel-git-annex-builder-companion" + & User.accountFor builduser -- TODO: automate installing haskell libs -- (Currently have to run -- git-annex/standalone/linux/install-haskell-packages -- which is not fully automated.) - & buildDepsFewHaskellLibs + & buildDepsNoHaskellLibs & autobuilder crontimes timeout True `requires` tree "armel" & Ssh.keyImported SshRsa builduser diff --git a/src/wrapper.hs b/src/wrapper.hs index f180e855..4d2c50fc 100644 --- a/src/wrapper.hs +++ b/src/wrapper.hs @@ -1,7 +1,7 @@ -- | Wrapper program for propellor distribution. -- -- Distributions should install this program into PATH. --- (Cabal builds it as dist/build/propellor. +-- (Cabal builds it as dist/build/propellor/propellor). -- -- This is not the propellor main program (that's config.hs) -- |