Commit Graph

1439 Commits

Author SHA1 Message Date
Peter Korsgaard
11b6b65d50 Update for 2022.02.1
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 9da87c5293)
[Peter: skip Makefile bump]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2022-04-13 00:09:28 +02:00
Thomas Petazzoni
bd1798ad95 support/scripts/pkg-stats: reimplement CPE parsing in pkg-stats
pkg-stats currently uses the services from support/scripts/cpedb.py to
match the CPE identifiers of packages with the official CPE database.

Unfortunately, the cpedb.py code uses regular ElementTree parsing,
which involves loading the full XML tree into memory. This causes the
pkg-stats process to consume a huge amount of memory:

thomas   1310458 85.2 21.4 3708952 3450164 pts/5 R+   16:04   0:33  |   |   \_ python3 ./support/scripts/pkg-stats

So, 3.7 GB of VSZ and 3.4 GB of RSS are used by the pkg-stats
process. This is causing the OOM killer to kick-in on machines with
relatively low memory.

This commit reimplements the XML parsing needed to do the CPE matching
directly in pkg-stats, using the XmlParser functionality of
ElementTree, also called "streaming parsing". Thanks to this, we never
load the entire XML tree in RAM, but only stream it through the
parser, and construct a very simple list of all CPE identifiers. The
max memory consumption of pkg-stats is now:

thomas   1317511 74.2  0.9 381104 152224 pts/5   R+   16:08   0:17  |   |   \_ python3 ./support/scripts/pkg-stats

So, 381 MB of VSZ and 152 MB of RSS, which is obviously much better.

The JSON output of pkg-stats for the full package set, before and after
this commit, is exactly identical.

Now, one will probably wonder why this isn't directly changed in
cpedb.py. The reason is simple: cpedb.py is also used by
support/scripts/missing-cpe, which (for now) heavily relies on having
in memory the ElementTree objects, to re-generate a snippet of XML
that allows us to submit to NIST new CPE entries.

So, future work could include one of those two options:

 (1) Re-integrate cpedb.py into missing-cpe directly, and live with
     two different ways of processing the CPE database.

 (2) Rewrite the missing-cpe logic to also be compatible with a
     streaming parsing, which would allow this logic to be again
     shared between pkg-stats and missing-cpe.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
[yann.morin.1998@free.fr:
  - add missing import of requests
  - import CPEDB_URL from cpedb, instead of duplicating it
  - fix flake8 errors
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2022-04-02 19:14:17 +02:00
Thomas Petazzoni
387c496b98 support/scripts/pkg-stats: add a timeout on HTTP requests for upstream URLs
Some upstream sites are very slow to respond, and the default timeout
of 300 seconds of the aiohttp.ClientSession() is too long. Let's
reduce it to 15 seconds.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2022-04-02 16:36:09 +02:00
Thomas Petazzoni
1adcf56598 support/scripts/pkg-stats: allow disabling package warnings retrieval
This is useful when debugging/developing the pkg-stats script.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2022-04-02 16:34:37 +02:00
Thomas Petazzoni
cd8a576c6d support/scripts/pkg-stats: allow disabling CPE matching
This is useful when debugging/developing the pkg-stats script.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2022-04-02 16:34:07 +02:00
James Hilliard
b848117699 package/pkg-meson: add cmake dependency support
Meson dependencies and variables can be provided by cmake similar to
how they can be provided by pkgconfig, for this to work we need to
ensure that cmake_prefix_path is set for both cross and native
targets along with the cmake binary path.

See:
https://mesonbuild.com/Dependencies.html#cmake
https://mesonbuild.com/Dependencies.html#arbitrary-variables-from-dependencies-that-can-be-found-multiple-ways
https://mesonbuild.com/Machine-files.html#meson-builtin-options

Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2022-03-27 18:12:09 +02:00
Fabrice Fontaine
ee860ce3dc support/dependencies: requires cmake >= 3.18
gerbera requires cmake 3.18 since version 1.10.0 and
ac05976dda

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2022-03-21 22:04:16 +01:00
Thomas Petazzoni
5e8b01afd5 support/scripts/graph-build-time: add support for timeline graphing
This commit adds support for a new type of graph, showing the timeline
of a build. It shows, with one line per package, when each of this
package steps started/ended, and therefore allows to see the
sequencing of the package builds.

For a fully serialized build like we have today, this is not super
useful (except to show that everything is serialized), but it becomes
much more useful in the context of top-level parallel build.

We chose to order the graph by the time-of-configure, as it is the
closest to the actual cascade-style of a true dependency graph, which is
tiny bit more complex to achieve properly. The actual result still looks
pretty good.

The graph-build make target is extended to also generate this new
timeline graph.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
[yann.morin.1998@free.fr:
  - sort by start-of-configure time
  - re-use existing colorsets (default or alternate)
  - fix python2isms
  - fix check-package
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2022-03-20 23:52:24 +01:00
Thomas Petazzoni
c72f3f2b43 support/scripts/pkg-stats: strengthen version check in check_package_get_latest_version_by_distro()
The check_package_get_latest_version_by_distro() function analyzes the
data returned by release-monitoring.org. For two of our
packages (bento4 and qextserialport), release-monitoring.org returns
something that is a bit odd: it returns an entry with a
"stable_versions" field that contains an empty array. Our code was
ready to have or not have a "stable_versions" entry, but when it is
present, we assumed it was not an empty array. These two packages, for
some reason, break this assumption.

In order to solve this problem, this commit is more careful, and uses
the stable_versions field only if it exists and it has at least one
entry. The code is also reworked as a sequence of "if...elif...else"
to be more readable.

This fixes the following exception when running pkg-stats on the full
package set:

Task exception was never retrieved
future: <Task finished name='Task-10772' coro=<check_package_latest_version_get() done, defined at ./support/scripts/pkg-stats:532> exception=IndexError('list index out of range')>
Traceback (most recent call last):
  File "./support/scripts/pkg-stats", line 535, in check_package_latest_version_get
    if await check_package_get_latest_version_by_distro(session, pkg):
  File "./support/scripts/pkg-stats", line 489, in check_package_get_latest_version_by_distro
    version = data['stable_versions'][0] if 'stable_versions' in data else data['version'] if 'version' in data else None
IndexError: list index out of range

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
[yann.morin.1998@free.fr: non-sequence tests as True]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2022-03-16 23:04:46 +01:00
Arnout Vandecappelle (Essensium/Mind)
12588a667a support/testing: test_rust.py: fix flake8 errors
Fix flake8 errors introduced in commit f0d1f21195

Fixes:
support/testing/tests/package/test_rust.py:2:1: F401 'tempfile' imported but unused
support/testing/tests/package/test_rust.py:3:1: F401 'subprocess' imported but unused
support/testing/tests/package/test_rust.py:4:1: F401 'shutil' imported but unused
support/testing/tests/package/test_rust.py:18:1: E302 expected 2 blank lines, found 1
2022-03-15 22:10:01 +01:00
Romain Naour
f0d1f21195 support/testing: TestRust{Bin} use ripgrep package for testing
TestRust and TestRustBin has been introduced at the time when there was
no cargo package infrastructure or any package using rust compiler
(Buildroot 2018.02).

Since then the ripgrep package has been introduced, initially using
the generic package infrastructure and converted later to the cargo
package infrastructure.

Due a recent change in rust/cargo removing the cargo config file [1]
the test TestRust and TestRustBin now fail to compile since they build
an hello-world crate outside of the cargo package infrastructure
without the correct environment for cross-compiling.

Replace the 'hello-world' crate by ripgrep package and check if it
can run properly in Qemu.

Fixes tests.package.test_rust.TestRustBin:
https://gitlab.com/buildroot.org/buildroot/-/jobs/2116202545

But doesn't fixes tests.package.test_rust.TestRust due another bug:
https://gitlab.com/buildroot.org/buildroot/-/jobs/2116202544

[1] b6378631c2

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Cc: Eric Le Bihan <eric.le.bihan.dev@free.fr>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2022-03-14 13:17:40 +01:00
Romain Naour
6245121613 toolchain/toolchain-external/toolchain-external-bootlin: update with new s390x toolchain
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2022-03-10 22:09:26 +01:00
Romain Naour
249ce1c584 support/scripts/gen-bootlin-toolchains: add s390x toolchain
s390x support has been added since toolchain-builder release
2021.05 [1].

[1] 4bbb52a6a3

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2022-03-10 22:09:22 +01:00
Peter Korsgaard
d0064df6bd Merge branch 'next' 2022-03-09 14:23:07 +01:00
Peter Korsgaard
08967921c4 Update for 2022.02
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2022-03-08 23:08:11 +01:00
Peter Korsgaard
67b160c3e3 Update for 2021.11.2
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit eeb8c004da)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2022-02-28 22:11:17 +01:00
Peter Korsgaard
a83177aac6 support/testing/../sample_python_pyyaml_dec.py: unbreak after move to pyaml 6.0
Fixes https://gitlab.com/buildroot.org/buildroot/-/jobs/2088684091

python sample_python_pyyaml_dec.py
Traceback (most recent call last):
  File "/root/sample_python_pyyaml_dec.py", line 5, in <module>
    data = yaml.load(serialized)
TypeError: load() missing 1 required positional argument: 'Loader'

yaml.load() requires a loader argument since the move to version 6.0:
https://github.com/yaml/pyyaml/pull/561

The test does not need the extra functionality of load(), so instead move to
the recommended safe_load().

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Tested-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2022-02-21 21:56:34 +01:00
Yann E. MORIN
0319170f50 support/pkg-stats: fix regression after cleanup in show-info
Commit 471ecea5ee (core/show-info: 'name' only applies to packages)
removed the 'name' field for rootfs (really, for non-package) entries,
thus breaking the pkg-stats processing.

We fix that by excluding any entry that has no 'name', on the assumption
that if it has no name, it is not a package.

Reported-by: Xogium on IRC
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2022-02-16 22:38:09 +01:00
James Hilliard
29a12eb86a package/python-flit-core: new package/infrastructure
This adds pep517(needed for flit-core to build itself) and flit python
package types.

We need to add an installer script and pass it appropriate options for
installing pep517 wheels generated by python-pypa-build during the
build stage. Unfortunately it seems pep517 does not support builds
without using the wheel format.

We also need to add a patch fixing the version parser in flit-core.

Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
[Arnout:
 - fix indentation in pkg-python.mk (tabs, not spaces);
 - use the new _CMD variables instead of duplicating the entire _CMDS
   definitions;
 - no need to filter dependencies (they're not self-referencing);
 - _NEEDS_HOST_PYTHON no longer exists;
 - host-python-pypa-build gets added to DEPENDENCIES automatically.
]
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2022-02-16 22:16:43 +01:00
Julien Olivain
ebde11d29f support/testing: add test for python-distro
This commit add a simple test checking the reported distro name and
id are Buildroot (as reported by /etc/os-release).

Signed-off-by: Julien Olivain <ju.o@free.fr>
[Arnout: drop python2 variant]
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2022-02-12 13:55:52 +01:00
Clayton Shotwell
6e40891a66 support/download/helpers: adjust for older coreutils versions
The -z option for head was only added in coreutils 8.25, but some older
enterprise-grade distributions (e.g. the oldest still maintained RHEL 7)
only have nothing more recent than coreutils 8.22.

We fix that by using sed to remove everything that starts with the first
NULL byte, \x00.

Signed-off-by: Clayton Shotwell <clayton.shotwell@collins.com>
[yann.morin.1998@free.fr: hex is \xHH, not \xH, reword commit log]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2022-02-11 17:25:24 +01:00
Peter Korsgaard
f697096a77 support/testing: drop python2 tests
Python2 for the target is about to get removed, so drop the tests using it.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2022-02-09 22:07:33 +01:00
Arnout Vandecappelle (Essensium/Mind)
11f8b9fb45 support/testing: fix test_lua_cffi.py flake8 error
support/testing/tests/package/test_lua_cffi.py:14:1: W391 blank line at end of file

Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2022-02-07 08:52:55 +01:00
Francois Perrad
13114d0f93 package/lua-cffi: new package
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2022-02-06 20:22:12 +01:00
Ricardo Martincoski
236e2343f3 support/docker: add shellcheck
Allow developers to run check-package for init scripts, that call
shellcheck, without having to install the tool.

Since the docker have a fixed version of the tool, there will be no
difference between runs in different machines.

One can call:
$ utils/docker-run utils/check-package package/package/S*
$ utils/docker-run shellcheck package/package/S*

This change also allows to eventually run check-package for init scripts
in the GitLab CI.

Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Acked-by: Romain Naour <romain.naour@smile.fr>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2022-02-06 18:27:03 +01:00
Ricardo Martincoski
fcceee0b2e utils/checkpackagelib: run unit tests on GitLab CI
... so we can catch regressions on check-package.

Update to the new docker image that was pushed after the previous
commit.

Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2022-02-06 15:35:19 +01:00
Ricardo Martincoski
a9061b7e68 support/docker: add python3-pytest
... so the unit tests for check-package can run in the GitLab CI.

Signed-off-by: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Acked-by: Romain Naour <romain.naour@smile.fr>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2022-02-06 15:35:19 +01:00
Francois Perrad
d32e062f1c package/lua: use Lua 5.4 as default
lua-sdl2 is not available on Lua 5.4, so update its test to use Lua 5.3
instead.

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2022-02-05 23:45:19 +01:00
Norbert Lange
41ea61d59c support/scripts/mkusers: allow option for system uid/gid
Some software decides based on uid/gid whether a user is a system or
normal (human) user, with different behaviour for those flavors (example
journald [2]).

So adding logic to create system-users is necessary, we take the now
common ranges from [1].

This extends the mkusers script to allow -2 for uid/gid, this argument
will take an identifier from the user range. All identifiers used up to
now should have been from the system range, so -1 is now interpreted as
a system user/group.

Note that after this commit, all the UIDs and GIDs that are created
automatically (with -1) will change. That means if there is peristent
data on an existing system that was created by such an automatic user,
it will suddenly belong to a different user. However, this could already
happen before: if a USERS line is added to a package, then other UIDs
may change as well.

Add system/user ranges as variables, and the argument for user/system
uid variable as well. Thus some magic constants could be removed, some
further occurences of -1 were replaced with equivalent logic. For
consistency, the existing MIN/MAX_UID/GID variables are renamed to
FIRST/LAST_USER_UID/GID.

Update the documentation with the new automatic ranges.

[1] - https://systemd.io/UIDS-GIDS/
[2] - https://www.freedesktop.org/software/systemd/man/journald.conf.html

Signed-off-by: Norbert Lange <nolange79@gmail.com>
[Arnout: use -1 for system users; refactor the changes a bit]
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2022-02-05 23:09:31 +01:00
Arnout Vandecappelle (Essensium/Mind)
675f02fd3f package/pkg-meson: improve generation of cross-compilation file
Removed a few variables, as they were only used to communicate
between the meson package and pkg-meson.mk and are not needed
anymore.

Moved cross-compilation.conf.in out of meson package.

Creating the cross-compilation.conf files for packages is now
using the original template.
To avoid duplicate code, the common sed pattern is stored in
a make variable.

Use explicit Buildroot variables for compiler tools,
and some fixes. (TARGET_LDFLAGS and TARGET_CXXFLAGS
were mixed up with PKG_TARGET_CFLAGS)

Signed-off-by: Norbert Lange <nolange79@gmail.com>
[Arnout: keep PKG_MESON_INSTALL_CROSS_CONF in
TOOLCHAIN_TARGET_FINALIZE_HOOKS]
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2022-01-31 23:36:11 +01:00
Peter Korsgaard
4f4a3152f6 Update for 2021.11.1
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 323ae1e681)
[Peter: drop Makefile change]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2022-01-30 20:48:31 +01:00
Julien Olivain
9a79397fc5 support/testing: add test for python-gnupg
This commit add a simple test doing symmetric encryption/decryption
to check this python interface with the gpg binary is working fine.

Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2022-01-26 18:01:08 +01:00
Thomas Petazzoni
7ed58f94ee support/scripts/gen-bootlin-toolchains: add missing BR2_X86_CPU_HAS_AVX512 condition for x86-64-v4
The x86-64-v4 toolchain assumes availability of AVX512, as per the
definition of the x86-64-v4 "standard".

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2022-01-25 08:41:19 +01:00
Thomas Petazzoni
7df632905f toolchain/toolchain-external/toolchain-external-bootlin: update with new x86-64 toolchains
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2022-01-25 08:41:02 +01:00
Thomas Petazzoni
93cb793181 support/scripts/gen-bootlin-toolchains: add support for new x86-64 toolchains
Following the merge of
d6ce2a1681 ("arch/Config.in.x86: add
option for -march=x86-64") and
eeace1cc13 ("arch/Config.in.x86: add support for
x86-64-v2, x86-64-v3, x86-64-v4"), bootlin.toolchains.com now provides
toolchains targetting the x86-64, x86-64-v2, x86-64-v3 and x86-64-v4
architecture variants.

This commits modifies gen-bootlin-toolchains to support these
toolchains. It should be noted that the description for the x86-64-v3
and x86-64-v4 toolchains are for now the same, as Buildroot doesn't
yet have the options to describe the extra features that x86-64-v4
expects to find on the hardware platform.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2022-01-25 08:40:59 +01:00
Herve Codina
af5b1ec68b support/testing/tests/package/test_libshdata: new test
This new test ensures that libraries and binaries generated
using Parrot Alchemy build system are correct.
Indeed, the test uses libshdata-stress.
This binary depends on libshdata.
libshdata depends on libfutils and libfutils depends on ulog.
All of these binaries and libraries are built using Alchemy.

Signed-off-by: Herve Codina <herve.codina@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2022-01-12 00:30:06 +01:00
Yann E. MORIN
5da8218184 support/download: drop support for the 'none' hash
Commit 1ba85b7f87 (support/download: add explicit no-hash support)
introduced the 'none' hash type, in an attempt to make hash files
mandatory, but not failing on archives localy generated, like those
for git or svn repositories, especially for those packages where a
version choice was present, which would allow for either remote
archives for which we'd have a hash or VCS trees for which we could
not have a hash for the localy generated archive.

Indeed, back in the time, we did not have a mean to generate
reproducible archives, so having a hash file without a hash for
thosel ocally generated archives would trigger an error in the
hash-checking machinery.

But now, low-and-behold, we do know how to generate those archives,
and we have a mechanism to explicitly exclude some archives from being
hash-checked (e.g. when the version string itself can be user-provided).

As such, the 'none' hash type no longer has any raison d'être, we do not
use it in-tree, and its use in a br2-external tree is most probably
inexistent (as is the use of hash files alotgether most probably).

So we simply drop the support for that.

Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
[Thomas: drop support in checkpackagelib, as reported by Ricardo.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2022-01-11 21:58:01 +01:00
Arnout Vandecappelle (Essensium/Mind)
02e679d8bf support/scripts/pkg-stats: fix flake8 errors
support/scripts/pkg-stats:1171:8: E713 test for membership should be 'not in'
support/scripts/pkg-stats:1175:8: E713 test for membership should be 'not in'
support/scripts/pkg-stats:1179:8: E713 test for membership should be 'not in'
3     E713 test for membership should be 'not in'

Fixes: https://gitlab.com/buildroot.org/buildroot/-/jobs/1955772278

Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2022-01-09 21:00:56 +01:00
Thomas Petazzoni
b102352b62 support/scripts/pkg-stats: add --disable option
When debugging pkg-stats, it's quite useful to be able to disable some
features that are quite long (checking upstream URL, checking latest
version, checking CVE). This commit adds a --disable option, which can
take a comma-separated list of features to disable, such as:

     ./support/scripts/pkg-stats --disable url,upstream

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2022-01-09 17:31:55 +01:00
Gregory CLEMENT
a206bbc5fe support/scripts/pkg-stats: account for unsure CVEs
The .affects() method of the CVE class in support/scripts/cve.py can
return 3 values: CVE_AFFECTS, CVE_DOESNT_AFFECT and CVE_UNKNOWN.

We of course properly account for CVEs where .affects() return
CVE_AFFECTS, but the ones for which CVE_UNKNOWN is returned are
currently ignored, and therefore treated as if they did not affect the
package.

However CVE_UNKNOWN in fact indicates that the v_start/v_end fields of
the CPE entry could not be parsed by
distutils.version.LooseVersion(). Instead of ignoring such cases, this
commit adds support for the concept of "unsure CVEs", which will be
listed next to CVEs known to affect the package, so that we are aware
of them and can investigate the version issue.

Signed-off-by: Gregory CLEMENT <gregory.clement@bootlin.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2022-01-09 17:31:55 +01:00
Thomas Petazzoni
e5ead094e1 support/testing/tests: switch python-cryptography related tests to glibc
In a follow-up commit, we are about to bump python-cryptography to a
new version, which has the interesting charateristic of using Rust
code. This means python-cryptography will now only be available on
platforms supported by Rust, which for now excludes uclibc-based
configurations (none of the Rust Tier1/Tier2 platforms use uClibc,
there is some uClibc support in Tier3 platforms but they have not been
added to Buildroot for now).

So in preparation for this bump, we switch the few test cases of
Python packages that directly or indirectly use python-cryptography to
use a glibc toolchain. Another impacted test case is the
docker-compose test case, but it already uses a glibc toolchain;

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2022-01-09 12:13:49 +01:00
Thomas Petazzoni
36e8743da1 support/download/cargo-post-process: make manifest path configurable
In most pure Rust packages, the Cargo.toml manifest is at the root
directory, which is why we could call "cargo vendor" without
specifying the path of the manifest.

However, other packages, such as python-cryptography, which have parts
implemented in Rust, have their Cargo.toml located in a specific
subdirectory.

This commit extends the cargo-post-process download script to
understand a BR_CARGO_MANIFEST_PATH environment variable, which allows
a package to pass the location of the Cargo.toml file. If not passed,
"Cargo.toml" is used, preserving the existing behavior for other
packages.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2022-01-09 12:13:48 +01:00
Thomas Petazzoni
bfd1a31d0e support/download/go-post-process: drop -o pipefail
This breaks the post_process_unpack() function in
support/download/helpers, which had a sequence of pipe, with "head"
that can abort early and cause the pipe to fail.

Fixes intermitent:

make[1]: *** [package/pkg-generic.mk:190: /builds/tpetazzoni/buildroot/test-output/TestDockerCompose/build/containerd-1.5.8/.stamp_downloaded] Error 141

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2022-01-09 11:07:37 +01:00
Patrick Havelange
301a8eae0c package/pkg-cargo.mk: introduce the cargo package infrastructure
In order to be package agnostic, the install phase is now using cargo
instead of install. TARGET_CONFIGURE_OPTS is now also set when running
cargo in order to support cross compiling C code within cargo.

This commit also adds support/download/cargo-post-process to perform
the vendoring on Cargo packages.

The <pkg>_LICENSE variable of cargo packages is expanded with ",
vendored dependencies licenses probably not listed" as currently for
all packages, the licenses of the vendored dependencies are not taken
into account.

Signed-off-by: Patrick Havelange <patrick.havelange@essensium.com>
[Thomas: add support for host-cargo-package and vendoring]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2022-01-08 23:35:40 +01:00
Thomas Petazzoni
24ac316ff5 package/pkg-golang.mk: implement Go vendoring support
This commit introduces the download post-process script
support/download/go-post-process, and hooks it into the Go package
infrastructure.

The -modcacherw flag is added to ensure that the Go cache is
read/write, and can be deleted properly upon "make clean".

The <pkg>_LICENSE variable of golang packages is expanded with ",
vendored dependencies licenses probably not listed" as currently for
all packages, the licenses of the vendored dependencies are not taken
into account.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2022-01-08 23:35:40 +01:00
Thomas Petazzoni
8ccff780f4 support/download/helpers: use tar xzf in post_process_unpack()
For now, the download post-process logic uses mk_tar_gz, which repacks
a tarball compressed with gzip. So we can only accept as input a
tarball also compressed with gzip. To enforce that, this commit
changes post_process_unpack() to use tar xzf. This makes sure that if
a tarball compressed with something else than gzip gets used, it will
bail out and we will notice.

Support for other compression schemes can be added later on.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2022-01-08 23:35:40 +01:00
Francois Perrad
e39379ff59 package/lua-inotify: new package
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2022-01-08 18:03:59 +01:00
Romain Naour
b1cc6061fd support/scripts/generate-gitlab-ci-yml: ignore branch name prefix <foo> containing a single hyphen
The commit [1] added a sed command used to retreive a pattern
to keep only defconfigs whose name start with the pattern.

"<foo>-defconfigs-<pattern>"

The sed command doesn't work as expected if <foo> contains a
single hyphen [2]:

"qemu-6.2.0-defconfigs-qemu"

Update the sed command to ignore completely the part before
"-defconfigs-".

[1] 65d2f04c01
[2] http://lists.busybox.net/pipermail/buildroot/2022-January/632507.html

Signed-off-by: Romain Naour <romain.naour@smile.fr>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2022-01-08 15:48:48 +01:00
Arnout Vandecappelle (Essensium/Mind)
0233b84204 support/testing: tyest_python_pybind.py: fix flake8 errors
support/testing/tests/package/test_python_pybind.py:1:1: F401 'os' imported but unused
support/testing/tests/package/test_python_pybind.py:3:1: F401 'subprocess' imported but unused
support/testing/tests/package/test_python_pybind.py:6:1: E302 expected 2 blank lines, found 1
1     E302 expected 2 blank lines, found 1
2     F401 'os' imported but unused

Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2022-01-08 09:15:36 +01:00
Guillaume W. Bres
87f2b7004e support/testing: add test for python-pybind
The way that python-pybind can be used is fairly complicated, so a
runtime test for it is convenient. In addition, this test validates that
the headers actually work at runtime.

Signed-off-by: Guillaume W. Bres <guillaume.bressaix@gmail.com>
[Arnout:
 - Retain python3 only.
 - python-pybind is a target package, not host.
 - Select python-pybind instead of depend.
 - Simplify python-pybind-example package.
 - Check in python-pybind-example build if pybind11.get_include()
   produces output.
 - Don't use python3 -m pybind11 --includes: it includes the main python
   includes, which are for the host, not for the target.
 - Use TestPythonPackageBase instead of open-coding something imported
   with host python.
]
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2022-01-07 22:26:08 +01:00