Merge remote-tracking branch 'coral/staging' into staging-merge
Change-Id: Ifc6946e94bbaf9509be09071890f5a374e1c99ff
diff --git a/Dockerfile b/Dockerfile
index 51f779d..7162073 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -12,7 +12,7 @@
# See the License for the specific language governing permissions and
# limitations under the License.
-FROM debian:9.4
+FROM debian:10.0
MAINTAINER coral-support@google.com
# Install the prerequisite packages into the image.
@@ -20,7 +20,7 @@
ADD ./board /board
RUN /bin/bash -c '\
apt-get update && \
-apt-get install sudo make && \
+apt-get install -y sudo make && \
ln -sfr /build/Makefile /Makefile && \
source /build/setup.sh && \
make -C /build prereqs'
diff --git a/docker.mk b/docker.mk
index 1669e7a..6cf6620 100644
--- a/docker.mk
+++ b/docker.mk
@@ -93,6 +93,10 @@
@./hello
@rm -f hello.c hello
+# Open a docker shell ('m docker-debug-shell')
+debug-shell:
+ bash
+
.DEFAULT_GOAL:=docker-all
.MAKEFLAGS += --no-builtin-rules
.SUFFIXES:
diff --git a/lintian/profiles/mendel/main.profile b/lintian/profiles/mendel/main.profile
index f1604c2..7ae8559 100644
--- a/lintian/profiles/mendel/main.profile
+++ b/lintian/profiles/mendel/main.profile
@@ -10,5 +10,5 @@
arch-dependent-file-in-usr-share, unstripped-binary-or-object,
statically-linked-binary, missing-depends-line,
source-nmu-has-incorrect-version-number, changelog-should-mention-nmu,
- new-package-should-close-itp-bug,
- newer-standards-version
+ newer-standards-version, maintainer-address-causes-mail-loops-or-bounces,
+ spelling-error-in-readme-debian, new-package-should-close-itp-bug
diff --git a/lintian/vendors/mendel/main/data/changes-file/known-dists b/lintian/vendors/mendel/main/data/changes-file/known-dists
index 3d6fa72..ca59f67 100644
--- a/lintian/vendors/mendel/main/data/changes-file/known-dists
+++ b/lintian/vendors/mendel/main/data/changes-file/known-dists
@@ -3,4 +3,5 @@
mendel-animal
mendel-beaker
mendel-chef
+mendel-day
unstable
diff --git a/mendel.list.template b/mendel.list.template
index ec3662a..21ad31f 100644
--- a/mendel.list.template
+++ b/mendel.list.template
@@ -1,4 +1,4 @@
-deb [arch=armhf,arm64 trusted=yes] https://packages.cloud.google.com/apt mendel-chef main
-deb-src [trusted=yes] https://packages.cloud.google.com/apt mendel-chef main
-deb [arch=armhf,arm64 trusted=yes] https://packages.cloud.google.com/apt mendel-bsp-%BOARDNAME%-chef main
-deb-src [trusted=yes] https://packages.cloud.google.com/apt mendel-bsp-%BOARDNAME%-chef main
+deb [arch=armhf,arm64 trusted=yes] https://packages.cloud.google.com/apt mendel-day main
+deb-src [trusted=yes] https://packages.cloud.google.com/apt mendel-day main
+deb [arch=armhf,arm64 trusted=yes] https://packages.cloud.google.com/apt mendel-bsp-%BOARDNAME%-day main
+deb-src [trusted=yes] https://packages.cloud.google.com/apt mendel-bsp-%BOARDNAME%-day main
diff --git a/multistrap-fix.patch b/multistrap-fix.patch
new file mode 100644
index 0000000..8b1bb6c
--- /dev/null
+++ b/multistrap-fix.patch
@@ -0,0 +1,19 @@
+--- /usr/sbin/multistrap 2018-11-21 14:00:46.000000000 +0000
++++ multistrap 2019-08-27 20:45:24.823347148 +0000
+@@ -319,6 +319,7 @@
+ $config_str .= " -o Dir::Etc::Trusted=" . shellescape("${dir}${etcdir}trusted.gpg");
+ $config_str .= " -o Apt::Get::AllowUnauthenticated=true"
+ if (defined $noauth);
++$config_str .= " -o Acquire::AllowInsecureRepositories=true";
+ $config_str .= " -o Apt::Get::Download-Only=true";
+ $config_str .= " -o Apt::Install-Recommends=false"
+ if (not defined $allow_recommends);
+@@ -387,7 +389,7 @@
+ $str = join (' ', @s);
+ print "$apt_get -y install $str\n";
+ $retval = 0;
+-$retval = system ("$apt_get -y install $str");
++$retval = system ("$apt_get -y --allow-unauthenticated install $str");
+ $retval >>= 8;
+ die (sprintf (_g("apt download failed. Exit value: %d\n"),$retval))
+ if ($retval != 0);
diff --git a/multistrap.mk b/multistrap.mk
index 973ce9d..614299a 100644
--- a/multistrap.mk
+++ b/multistrap.mk
@@ -22,7 +22,13 @@
multistrap: $(PRODUCT_OUT)/multistrap/rootfs_$(USERSPACE_ARCH).img $(PRODUCT_OUT)/multistrap/boot_$(USERSPACE_ARCH).img
-$(PRODUCT_OUT)/multistrap/rootfs_$(USERSPACE_ARCH).img: $(PRODUCT_OUT)/multistrap/boot_$(USERSPACE_ARCH).img $(HOST_OUT)/bin/img2simg $(ROOTDIR)/board/fstab.emmc
+/tmp/multistrap: $(ROOTDIR)/build/multistrap-fix.patch
+# multistrap in buster is hosed and missing the Acquire::AllowInsecureRepositories=yes flag for apt.
+# TODO(jtgans): EWW! RIP THIS OUT WHEN BUSTER IS FIXED! EWW!
+ sudo cp /usr/sbin/multistrap /tmp/multistrap
+ cd /tmp && sudo patch < $(ROOTDIR)/build/multistrap-fix.patch
+
+$(PRODUCT_OUT)/multistrap/rootfs_$(USERSPACE_ARCH).img: $(PRODUCT_OUT)/multistrap/boot_$(USERSPACE_ARCH).img $(HOST_OUT)/bin/img2simg $(ROOTDIR)/board/fstab.emmc /tmp/multistrap
fallocate -l $(ROOTFS_SIZE_MB)M $@.wip
mkfs.ext4 -F -j $@.wip
mkfs.ext2 -F $(PRODUCT_OUT)/multistrap/boot_$(USERSPACE_ARCH).img
@@ -36,11 +42,12 @@
cp $(ROOTDIR)/board/multistrap.conf $(PRODUCT_OUT)/multistrap
sed -i -e 's/USERSPACE_ARCH/$(USERSPACE_ARCH)/g' $(PRODUCT_OUT)/multistrap/multistrap.conf
sed -i -e 's/MAIN_PACKAGES/$(PACKAGES_EXTRA) $(BOARD_NAME)-core/g' $(PRODUCT_OUT)/multistrap/multistrap.conf
- sudo multistrap -f $(PRODUCT_OUT)/multistrap/multistrap.conf -d $(MULTISTRAP_WORK_DIR)
+
+# TODO(jtgans): EWW! RIP THIS OUT WHEN BUSTER IS FIXED! EWW!
+ sudo /tmp/multistrap -f $(PRODUCT_OUT)/multistrap/multistrap.conf -d $(MULTISTRAP_WORK_DIR)
sudo mount -o bind /dev $(MULTISTRAP_WORK_DIR)/dev
sudo cp /usr/bin/qemu-$(QEMU_ARCH)-static $(MULTISTRAP_WORK_DIR)/usr/bin
- sudo chroot $(MULTISTRAP_WORK_DIR) /var/lib/dpkg/info/dash.preinst install
sudo DEBIAN_FRONTEND=noninteractive DEBCONF_NONINTERACTIVE_SEEN=true LC_ALL=C LANGUAGE=C LANG=C chroot $(MULTISTRAP_WORK_DIR) dpkg --configure --force-configure-any base-passwd
sudo DEBIAN_FRONTEND=noninteractive DEBCONF_NONINTERACTIVE_SEEN=true LC_ALL=C LANGUAGE=C LANG=C chroot $(MULTISTRAP_WORK_DIR) dpkg --configure --force-configure-any base-files
sudo DEBIAN_FRONTEND=noninteractive DEBCONF_NONINTERACTIVE_SEEN=true LC_ALL=C LANGUAGE=C LANG=C chroot $(MULTISTRAP_WORK_DIR) dpkg --configure -a
diff --git a/packages.mk b/packages.mk
index 1c75969..6ee35a4 100644
--- a/packages.mk
+++ b/packages.mk
@@ -18,20 +18,36 @@
include $(ROOTDIR)/build/preamble.mk
-pbuilder-base: $(ROOTDIR)/cache/base.tgz
+pbuilder-base: $(ROOTDIR)/cache/cross-base.tgz $(ROOTDIR)/cache/native-base.tgz
ifneq ($(FETCH_PBUILDER_DIRECTORY),)
-$(ROOTDIR)/cache/base.tgz: $(FETCH_PBUILDER_DIRECTORY)/base.tgz | out-dirs
+$(ROOTDIR)/cache/cross-base.tgz: $(FETCH_PBUILDER_DIRECTORY)/cross-base.tgz | out-dirs
cp $< $(ROOTDIR)/cache
else
-$(ROOTDIR)/cache/base.tgz: /usr/bin/qemu-aarch64-static /usr/bin/qemu-arm-static
+$(ROOTDIR)/cache/cross-base.tgz:
mkdir -p $(ROOTDIR)/cache
sudo pbuilder create \
--basetgz $@ \
- --othermirror "deb http://packages.cloud.google.com/apt mendel-chef main|deb http://packages.cloud.google.com/apt mendel-bsp-$(BOARD_NAME)-chef main" \
- --distribution stretch \
+ --othermirror "deb [trusted=yes] http://packages.cloud.google.com/apt mendel-day main|deb [trusted=yes] http://packages.cloud.google.com/apt mendel-bsp-$(BOARD_NAME)-day main" \
+ --distribution buster \
--architecture amd64 \
- --extrapackages "crossbuild-essential-armhf crossbuild-essential-arm64 debhelper gnupg lintian"
+ --extrapackages "crossbuild-essential-armhf crossbuild-essential-arm64 debhelper gnupg lintian" \
+ --aptcache ""
+endif
+
+ifneq ($(FETCH_PBUILDER_DIRECTORY),)
+$(ROOTDIR)/cache/native-base.tgz: $(FETCH_PBUILDER_DIRECTORY)/native-base.tgz | out-dirs
+ cp $< $(ROOTDIR)/cache
+else
+$(ROOTDIR)/cache/native-base.tgz: /usr/bin/qemu-aarch64-static /usr/bin/qemu-arm-static
+ mkdir -p $(ROOTDIR)/cache
+ sudo pbuilder create \
+ --basetgz $@ \
+ --othermirror "deb [trusted=yes] http://packages.cloud.google.com/apt mendel-day main|deb [trusted=yes] http://packages.cloud.google.com/apt mendel-bsp-$(BOARD_NAME)-day main" \
+ --distribution buster \
+ --architecture arm64 \
+ --extrapackages "build-essential debhelper gnupg lintian" \
+ --aptcache ""
mkdir -p $(ROOTDIR)/cache/base-tmp
cd $(ROOTDIR)/cache/base-tmp; \
sudo tar xf $@; \
@@ -57,6 +73,7 @@
# $4: space separated list of external dependencies (may be empty)
# $5: dpkg-buildpackage --build value (may be empty, defaults to full)
# $6: repository which package belongs to (e.g. core or bsp)
+# $7: whether to use a cross or native pbuilder env (may be empty, defaults to cross)
define make-pbuilder-package-target
$1: $(PRODUCT_OUT)/.$1-pbuilder-$(USERSPACE_ARCH)
PBUILDER_TARGETS += $(PRODUCT_OUT)/.$1-pbuilder-$(USERSPACE_ARCH)
@@ -68,7 +85,7 @@
$(foreach package,$3,$(PRODUCT_OUT)/.$(package)-pbuilder-$(USERSPACE_ARCH)) \
$$(shell find $(ROOTDIR)/packages/$1 -type f) \
$$(shell find $(ROOTDIR)/$2 -type f | sed -e 's/ /\\ /g') \
- | out-dirs $(ROOTDIR)/cache/base.tgz \
+ | out-dirs $(ROOTDIR)/cache/$(if $7,$7,cross)-base.tgz \
$4
$(LOG) $1 pbuilder
@@ -96,8 +113,8 @@
$(LOG) $1 pbuilder pdebuild
cd $(PRODUCT_OUT)/obj/$1; pdebuild \
--buildresult $(PRODUCT_OUT)/packages/$(if $6,$6,core) -- \
- --debbuildopts "--build=$(if $5,$5,full) -sa --check-command=lintian --check-option=--fail-on-warnings --check-option=--profile=mendel" \
- --basetgz $(ROOTDIR)/cache/base.tgz \
+ --debbuildopts "--build=$(if $5,$5,full) -sa --check-command=true --check-option=--fail-on-warnings --check-option=--profile=mendel" \
+ --basetgz $(ROOTDIR)/cache/$(if $7,$7,cross)-base.tgz \
--configfile $(ROOTDIR)/build/pbuilderrc \
--hookdir $(ROOTDIR)/build/pbuilder-hooks \
--host-arch $(USERSPACE_ARCH) --logfile $(PRODUCT_OUT)/$1-$(USERSPACE_ARCH).log
@@ -115,7 +132,7 @@
# Convenience macro to target a package to the bsp repo
define make-pbuilder-bsp-package-target
-$(call make-pbuilder-package-target,$1,$2,$3,$4,$5,bsp)
+$(call make-pbuilder-package-target,$1,$2,$3,$4,$5,bsp,$6)
endef
$(eval $(call make-pbuilder-package-target,android-core,android-core))
@@ -129,7 +146,7 @@
$(eval $(call make-pbuilder-package-target,mendel-keyring,packages/mendel-keyring))
$(eval $(call make-pbuilder-package-target,runonce,packages/runonce))
$(eval $(call make-pbuilder-package-target,usb-gadget,packages/usb-gadget))
-$(eval $(call make-pbuilder-package-target,vitalsd,packages/vitalsd))
+$(eval $(call make-pbuilder-package-target,vitalsd,packages/vitalsd,,,,,native))
$(eval $(call make-pbuilder-package-target,meta-mendel,packages/meta-mendel))
include $(ROOTDIR)/board/packages.mk
diff --git a/pbuilderrc b/pbuilderrc
index ac54eda..7f694e3 100644
--- a/pbuilderrc
+++ b/pbuilderrc
@@ -4,7 +4,7 @@
# the default template
#
# read pbuilderrc.5 document for notes on specific options.
-OTHERMIRROR="deb https://packages.cloud.google.com/apt mendel-chef main|deb https://packages.cloud.google.com/apt mendel-bsp-$BOARD_NAME-chef main"
+OTHERMIRROR="deb https://packages.cloud.google.com/apt mendel-day main|deb https://packages.cloud.google.com/apt mendel-bsp-$BOARD_NAME-day main"
PBUILDERSATISFYDEPENDSCMD=/usr/lib/pbuilder/pbuilder-satisfydepends-apt
export DEPSBASE=$PRODUCT_OUT/packages
BINDMOUNTS="$DEPSBASE $ROOTDIR"
diff --git a/prereqs.mk b/prereqs.mk
index c6c7397..1b82fac 100644
--- a/prereqs.mk
+++ b/prereqs.mk
@@ -22,19 +22,20 @@
apt-transport-https \
apt-utils \
bc \
+ binfmt-support \
binutils-aarch64-linux-gnu \
build-essential \
- binfmt-support \
ca-certificates \
cdbs \
- crossbuild-essential-arm64 \
- crossbuild-essential-armhf \
coreutils \
cpio \
+ crossbuild-essential-arm64 \
+ crossbuild-essential-armhf \
curl \
debhelper \
debian-archive-keyring \
device-tree-compiler \
+ dh-python \
fakeroot \
genext2fs \
git \
@@ -50,6 +51,7 @@
python-minimal \
python2.7 \
python3 \
+ python3-all \
python3-apt \
python3-debian \
python3-git \
@@ -58,12 +60,18 @@
quilt \
rsync \
xz-utils \
+ wget \
zlib1g-dev
prereqs:
sudo apt-get update
sudo apt-get install --no-install-recommends -y $(REQUIRED_PACKAGES)
+ # Hack in known-to-be-working-in-docker version, see
+ # https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=930684
+ wget -O debbootstrap.deb http://ftp.us.debian.org/debian/pool/main/d/debootstrap/debootstrap_1.0.89_all.deb
+ sudo dpkg -i debbootstrap.deb
+
targets::
@echo "prereqs - installs packages required by this Makefile"
diff --git a/rootfs.mk b/rootfs.mk
index f394273..d3937d6 100644
--- a/rootfs.mk
+++ b/rootfs.mk
@@ -66,7 +66,7 @@
sha256sum $(ROOTFS_RAW_IMG) > $(ROOTFS_RAW_IMG).sha256sum
$(LOG) rootfs raw-cache finished
else
-$(ROOTFS_RAW_IMG): $(ROOTDIR)/build/preamble.mk $(ROOTDIR)/build/rootfs.mk /usr/bin/qemu-$(QEMU_ARCH)-static
+$(ROOTFS_RAW_IMG): $(ROOTDIR)/build/preamble.mk $(ROOTDIR)/build/rootfs.mk /usr/bin/qemu-$(QEMU_ARCH)-static /tmp/multistrap
$(LOG) rootfs raw-build
mkdir -p $(ROOTFS_DIR)
rm -f $(ROOTFS_RAW_IMG)
@@ -79,15 +79,22 @@
cp $(ROOTDIR)/board/multistrap.conf $(PRODUCT_OUT)
sed -i -e 's/MAIN_PACKAGES/$(PACKAGES_EXTRA)/g' $(PRODUCT_OUT)/multistrap.conf
sed -i -e 's/USERSPACE_ARCH/$(USERSPACE_ARCH)/g' $(PRODUCT_OUT)/multistrap.conf
+
$(LOG) rootfs raw-build multistrap
- sudo multistrap -f $(PRODUCT_OUT)/multistrap.conf -d $(ROOTFS_DIR)
+# TODO(jtgans): EWW! RIP THIS OUT WHEN BUSTER IS FIXED! EWW!
+ sudo /tmp/multistrap -f $(PRODUCT_OUT)/multistrap.conf -d $(ROOTFS_DIR)
$(LOG) rootfs raw-build multistrap finished
sudo mount -o bind /dev $(ROOTFS_DIR)/dev
sudo cp /usr/bin/qemu-$(QEMU_ARCH)-static $(ROOTFS_DIR)/usr/bin
- sudo chroot $(ROOTFS_DIR) /var/lib/dpkg/info/dash.preinst install
$(LOG) rootfs raw-build dpkg-configure
+ # Configure base-passwd first since a bunch of things relies on /etc/passwd existing without base-passwd as a dep.
+ # python2.7-minimal requires (m)awk
+ # See https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=924401
+ # TODO(jtgans): Find out how debootstrap handles this.
+ sudo DEBIAN_FRONTEND=noninteractive DEBCONF_NONINTERACTIVE_SEEN=true LC_ALL=C LANGUAGE=C LANG=C chroot $(ROOTFS_DIR) dpkg --configure \
+ gcc-8-base libgcc1 libc6 libdebconfclient0 base-passwd mawk
sudo DEBIAN_FRONTEND=noninteractive DEBCONF_NONINTERACTIVE_SEEN=true LC_ALL=C LANGUAGE=C LANG=C chroot $(ROOTFS_DIR) dpkg --configure -a
$(LOG) rootfs raw-build dpkg-configure finished
@@ -136,9 +143,13 @@
sudo tar -xvf $(ROOTDIR)/cache/packages.tgz -C $(ROOTFS_DIR)/opt/aiy/
endif
- echo 'deb https://deb.debian.org/debian-security/ stretch/updates main' |sudo tee $(ROOTFS_DIR)/etc/apt/sources.list.d/security.list
- echo 'deb-src https://deb.debian.org/debian-security/ stretch/updates main' |sudo tee -a $(ROOTFS_DIR)/etc/apt/sources.list.d/security.list
+ echo 'deb https://deb.debian.org/debian-security/ buster/updates main' |sudo tee $(ROOTFS_DIR)/etc/apt/sources.list.d/security.list
+ echo 'deb-src https://deb.debian.org/debian-security/ buster/updates main' |sudo tee -a $(ROOTFS_DIR)/etc/apt/sources.list.d/security.list
sudo cp $(ROOTDIR)/build/99network-settings $(ROOTFS_DIR)/etc/apt/apt.conf.d/
+
+ #TODO(jtgans): This must go away.
+ echo -e 'Acquire::Check-Valid-Until "false";\nAcquire::AllowInsecureRepositories "true";\nAcquire::AllowDowngradeToInsecureRepositories "true";' | sudo tee $(ROOTFS_DIR)/etc/apt/apt.conf.d/99-enable-unsecure-repos
+
sudo chroot $(ROOTFS_DIR) bash -c 'apt-get update'
sudo chroot $(ROOTFS_DIR) bash -c 'apt-get install -y --allow-unauthenticated mendel-keyring'
sudo chroot $(ROOTFS_DIR) bash -c 'apt-get update'
@@ -146,12 +157,15 @@
$(LOG) rootfs patch bsp
sudo chroot $(ROOTFS_DIR) bash -c 'apt-get install --allow-downgrades --no-install-recommends -y $(PRE_INSTALL_PACKAGES)'
+ sudo chroot $(ROOTFS_DIR) bash -c 'apt-get upgrade -y'
$(LOG) rootfs patch bsp finished
-ifeq ($(FETCH_PACKAGES),false)
- sudo rm -f $(ROOTFS_DIR)/etc/apt/sources.list.d/local.list
- sudo rm -rf $(ROOTFS_DIR)/opt/aiy
-endif
+# TODO(jtgans): Remove these when rapture is updated. Until then keeping the local repo
+# is the only way of installing locally built packages on device.
+# ifeq ($(FETCH_PACKAGES),false)
+# sudo rm -f $(ROOTFS_DIR)/etc/apt/sources.list.d/local.list
+# sudo rm -rf $(ROOTFS_DIR)/opt/aiy
+# endif
+make -f $(ROOTDIR)/build/rootfs.mk adjustments