1#!/usr/bin/env bash
2# SPDX-License-Identifier: LGPL-2.1-or-later
3
4set -eux
5set -o pipefail
6
7# default to Debian testing
8DISTRO="${DISTRO:-debian}"
9RELEASE="${RELEASE:-bullseye}"
10BRANCH="${BRANCH:-upstream-ci}"
11ARCH="${ARCH:-amd64}"
12CONTAINER="${RELEASE}-${ARCH}"
13CACHE_DIR="${SEMAPHORE_CACHE_DIR:-/tmp}"
14AUTOPKGTEST_DIR="${CACHE_DIR}/autopkgtest"
15# semaphore cannot expose these, but useful for interactive/local runs
16ARTIFACTS_DIR=/tmp/artifacts
17# shellcheck disable=SC2206
18PHASES=(${@:-SETUP RUN})
19UBUNTU_RELEASE="$(lsb_release -cs)"
20
21create_container() {
22    # Create autopkgtest LXC image; this sometimes fails with "Unable to fetch
23    # GPG key from keyserver", so retry a few times with different keyservers.
24    for keyserver in "keys.openpgp.org" "" "keyserver.ubuntu.com" "keys.gnupg.net"; do
25        for retry in {1..5}; do
26            sudo lxc-create -n "$CONTAINER" -t download -- -d "$DISTRO" -r "$RELEASE" -a "$ARCH" ${keyserver:+--keyserver "$keyserver"} && break 2
27            sleep $((retry*retry))
28        done
29    done
30
31    # unconfine the container, otherwise some tests fail
32    echo 'lxc.apparmor.profile = unconfined' | sudo tee -a "/var/lib/lxc/$CONTAINER/config"
33
34    sudo lxc-start -n "$CONTAINER"
35
36    # enable source repositories so that apt-get build-dep works
37    sudo lxc-attach -n "$CONTAINER" -- sh -ex <<EOF
38sed 's/^deb/deb-src/' /etc/apt/sources.list >> /etc/apt/sources.list.d/sources.list
39# We might attach the console too soon
40while ! systemctl --quiet --wait is-system-running; do sleep 1; done
41# Manpages database trigger takes a lot of time and is not useful in a CI
42echo 'man-db man-db/auto-update boolean false' | debconf-set-selections
43# Speed up dpkg, image is thrown away after the test
44mkdir -p /etc/dpkg/dpkg.cfg.d/
45echo 'force-unsafe-io' > /etc/dpkg/dpkg.cfg.d/unsafe_io
46# For some reason, it is necessary to run this manually or the interface won't be configured
47# Note that we avoid networkd, as some of the tests will break it later on
48dhclient
49apt-get -q --allow-releaseinfo-change update
50apt-get -y dist-upgrade
51apt-get install -y eatmydata
52# The following four are needed as long as these deps are not covered by Debian's own packaging
53apt-get install -y fdisk tree libfdisk-dev libp11-kit-dev libssl-dev libpwquality-dev rpm
54apt-get purge --auto-remove -y unattended-upgrades
55systemctl unmask systemd-networkd
56systemctl enable systemd-networkd
57EOF
58    sudo lxc-stop -n "$CONTAINER"
59}
60
61for phase in "${PHASES[@]}"; do
62    case "$phase" in
63        SETUP)
64            # remove semaphore repos, some of them don't work and cause error messages
65            sudo rm -f /etc/apt/sources.list.d/*
66
67            # enable backports for latest LXC
68            echo "deb http://archive.ubuntu.com/ubuntu $UBUNTU_RELEASE-backports main restricted universe multiverse" | sudo tee -a /etc/apt/sources.list.d/backports.list
69            sudo apt-get -q update
70            sudo apt-get install -y -t "$UBUNTU_RELEASE-backports" lxc
71            sudo apt-get install -y python3-debian git dpkg-dev fakeroot python3-jinja2
72
73            [ -d "$AUTOPKGTEST_DIR" ] || git clone --quiet --depth=1 https://salsa.debian.org/ci-team/autopkgtest.git "$AUTOPKGTEST_DIR"
74
75            create_container
76        ;;
77        RUN)
78            # add current debian/ packaging
79            git fetch --depth=1 https://salsa.debian.org/systemd-team/systemd.git "$BRANCH"
80            git checkout FETCH_HEAD debian
81
82            # craft changelog
83            UPSTREAM_VER="$(git describe | sed 's/^v//;s/-/./g')"
84            cat << EOF > debian/changelog.new
85systemd (${UPSTREAM_VER}.0) UNRELEASED; urgency=low
86
87  * Automatic build for upstream test
88
89 -- systemd test <pkg-systemd-maintainers@lists.alioth.debian.org>  $(date -R)
90
91EOF
92            cat debian/changelog >>debian/changelog.new
93            mv debian/changelog.new debian/changelog
94
95            # clean out patches
96            rm -rf debian/patches
97            # disable autopkgtests which are not for upstream
98            sed -i '/# NOUPSTREAM/ q' debian/tests/control
99            # enable more unit tests
100            sed -i '/^CONFFLAGS =/ s/=/= --werror -Dtests=unsafe -Dsplit-usr=true -Dslow-tests=true -Dfuzz-tests=true -Dman=true /' debian/rules
101            # no orig tarball
102            echo '1.0' > debian/source/format
103
104            # build source package
105            dpkg-buildpackage -S -I -I"$(basename "$CACHE_DIR")" -d -us -uc -nc
106
107            # now build the package and run the tests
108            rm -rf "$ARTIFACTS_DIR"
109            # autopkgtest exits with 2 for "some tests skipped", accept that
110            "$AUTOPKGTEST_DIR/runner/autopkgtest" --env DEB_BUILD_OPTIONS=noudeb \
111                                                  --env TEST_UPSTREAM=1 ../systemd_*.dsc \
112                                                  -o "$ARTIFACTS_DIR" \
113                                                  -- lxc -s "$CONTAINER" \
114                || [ $? -eq 2 ]
115        ;;
116        *)
117            echo >&2 "Unknown phase '$phase'"
118            exit 1
119    esac
120done
121