diff options
35 files changed, 316 insertions, 228 deletions
diff --git a/.github/workflows/add-pr-labels.yml b/.github/workflows/add-pr-labels.yml index ffb04f33..9f472a5b 100644 --- a/.github/workflows/add-pr-labels.yml +++ b/.github/workflows/add-pr-labels.yml @@ -14,5 +14,5 @@ permissions: jobs: add-pr-label: - uses: vyos/.github/.github/workflows/add-pr-labels.yml@feature/T6349-reusable-workflows + uses: vyos/.github/.github/workflows/add-pr-labels.yml@current secrets: inherit diff --git a/.github/workflows/auto-author-assign.yml b/.github/workflows/auto-author-assign.yml index c3696ea4..61612cce 100644 --- a/.github/workflows/auto-author-assign.yml +++ b/.github/workflows/auto-author-assign.yml @@ -10,5 +10,5 @@ permissions: jobs: assign-author: - uses: vyos/.github/.github/workflows/assign-author.yml@feature/T6349-reusable-workflows + uses: vyos/.github/.github/workflows/assign-author.yml@current secrets: inherit diff --git a/.github/workflows/chceck-pr-message.yml b/.github/workflows/chceck-pr-message.yml index f4d30b28..c67785e9 100644 --- a/.github/workflows/chceck-pr-message.yml +++ b/.github/workflows/chceck-pr-message.yml @@ -2,7 +2,7 @@ name: Check pull request message format on: - pull_request: + pull_request_target: branches: - current - sagitta @@ -14,5 +14,5 @@ permissions: jobs: check-pr-title: - uses: vyos/.github/.github/workflows/check-pr-message.yml@feature/T6349-reusable-workflows + uses: vyos/.github/.github/workflows/check-pr-message.yml@current secrets: inherit diff --git a/.github/workflows/check-pr-conflicts.yml b/.github/workflows/check-pr-conflicts.yml index 0c659e6e..f09e6641 100644 --- a/.github/workflows/check-pr-conflicts.yml +++ b/.github/workflows/check-pr-conflicts.yml @@ -10,5 +10,5 @@ permissions: jobs: check-pr-conflict-call: - uses: vyos/.github/.github/workflows/check-pr-merge-conflict.yml@feature/T6349-reusable-workflows + uses: vyos/.github/.github/workflows/check-pr-merge-conflict.yml@current secrets: inherit diff --git a/.github/workflows/check-scripts-executable.yml b/.github/workflows/check-scripts-executable.yml new file mode 100644 index 00000000..123e9895 --- /dev/null +++ b/.github/workflows/check-scripts-executable.yml @@ -0,0 +1,32 @@ +name: "Check for Jenkins build scripts has executable bit" + +on: + pull_request: + branches: + - current + - circinus + - sagitta + - equuleus + +permissions: + contents: read + +jobs: + check-scripts-executable: + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@v3 + with: + repository: ${{ github.repository }} + - name: Checking scripts are executable + run: | + files=$(find packages/ -type f -name '*.py' -or -name '*.sh' -not -executable -print) + if [[ -n $files ]]; then + echo "Found files without executable bit:" + for file in $files; do + echo $file; + done; + exit 1; + fi + shell: bash diff --git a/.github/workflows/check-stale.yml b/.github/workflows/check-stale.yml index 59d25a11..a05442a4 100644 --- a/.github/workflows/check-stale.yml +++ b/.github/workflows/check-stale.yml @@ -10,5 +10,5 @@ permissions: jobs: stale: - uses: vyos/.github/.github/workflows/check-stale.yml@feature/T6349-reusable-workflows + uses: vyos/.github/.github/workflows/check-stale.yml@current secrets: inherit diff --git a/.github/workflows/check-unused-imports.yml b/.github/workflows/check-unused-imports.yml index 324a63e9..c4150022 100644 --- a/.github/workflows/check-unused-imports.yml +++ b/.github/workflows/check-unused-imports.yml @@ -8,9 +8,10 @@ on: workflow_dispatch: permissions: + pull-requests: write contents: read jobs: check-unused-imports: - uses: vyos/.github/.github/workflows/check-unused-imports.yml@feature/T6349-reusable-workflows + uses: vyos/.github/.github/workflows/check-unused-imports.yml@current secrets: inherit diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index a4fc39e2..6c70c803 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -17,7 +17,7 @@ permissions: jobs: codeql-analysis-call: - uses: vyos/.github/.github/workflows/codeql-analysis.yml@feature/T6349-reusable-workflows + uses: vyos/.github/.github/workflows/codeql-analysis.yml@current secrets: inherit with: languages: "['python']" diff --git a/.github/workflows/label-backport.yml b/.github/workflows/label-backport.yml index 9192b818..efbd4388 100644 --- a/.github/workflows/label-backport.yml +++ b/.github/workflows/label-backport.yml @@ -8,5 +8,5 @@ permissions: jobs: mergifyio-backport: - uses: vyos/.github/.github/workflows/label-backport.yml@feature/T6349-reusable-workflows + uses: vyos/.github/.github/workflows/label-backport.yml@current secrets: inherit diff --git a/.github/workflows/linit-j2.yml b/.github/workflows/linit-j2.yml index 95bfa61f..ae5d42ec 100644 --- a/.github/workflows/linit-j2.yml +++ b/.github/workflows/linit-j2.yml @@ -15,5 +15,5 @@ permissions: jobs: j2lint: - uses: vyos/.github/.github/workflows/lint-j2.yml@feature/T6349-reusable-workflows + uses: vyos/.github/.github/workflows/lint-j2.yml@current secrets: inherit diff --git a/.github/workflows/repo-sync.yml b/.github/workflows/repo-sync.yml index 36f323cd..6da2fb40 100644 --- a/.github/workflows/repo-sync.yml +++ b/.github/workflows/repo-sync.yml @@ -10,7 +10,7 @@ on: jobs: trigger-sync: - uses: vyos/.github/.github/workflows/trigger-repo-sync.yml@feature/T6349-reusable-workflows + uses: vyos/.github/.github/workflows/trigger-repo-sync.yml@current secrets: REMOTE_REPO: ${{ secrets.REMOTE_REPO }} REMOTE_OWNER: ${{ secrets.REMOTE_OWNER }} @@ -21,17 +21,12 @@ checkiso: .PHONY: test .ONESHELL: test: checkiso - scripts/check-qemu-install --debug --match="$(MATCH)" --uefi build/live-image-amd64.hybrid.iso + scripts/check-qemu-install --debug --configd --match="$(MATCH)" --uefi build/live-image-amd64.hybrid.iso .PHONY: test-no-interfaces .ONESHELL: test-no-interfaces: checkiso - scripts/check-qemu-install --debug --match="$(MATCH)" --no-interfaces build/live-image-amd64.hybrid.iso - -.PHONY: testd -.ONESHELL: -testd: checkiso - scripts/check-qemu-install --debug --configd build/live-image-amd64.hybrid.iso + scripts/check-qemu-install --debug --configd --match="$(MATCH)" --uefi --no-interfaces build/live-image-amd64.hybrid.iso .PHONY: testc .ONESHELL: diff --git a/data/defaults.toml b/data/defaults.toml index 9ab5d01b..59da2f5e 100644 --- a/data/defaults.toml +++ b/data/defaults.toml @@ -14,7 +14,7 @@ vyos_mirror = "https://rolling-packages.vyos.net/current" vyos_branch = "current" release_train = "current" -kernel_version = "6.6.34" +kernel_version = "6.6.42" bootloaders = "syslinux,grub-efi" squashfs_compression_type = "xz -Xbcj x86 -b 256k -always-use-fragments -no-recovery" diff --git a/data/live-build-config/archives/trixie.list.chroot b/data/live-build-config/archives/trixie.list.chroot deleted file mode 100644 index 1e6803c3..00000000 --- a/data/live-build-config/archives/trixie.list.chroot +++ /dev/null @@ -1,2 +0,0 @@ -deb http://deb.debian.org/debian/ trixie main -deb http://deb.debian.org/debian/ trixie-updates main diff --git a/data/live-build-config/archives/trixie.pref.chroot b/data/live-build-config/archives/trixie.pref.chroot deleted file mode 100644 index a976413d..00000000 --- a/data/live-build-config/archives/trixie.pref.chroot +++ /dev/null @@ -1,15 +0,0 @@ -Package: podman -Pin: release n=trixie -Pin-Priority: 900 - -Package: netavark -Pin: release n=trixie -Pin-Priority: 900 - -Package: libgpgme11t64 -Pin: release n=trixie -Pin-Priority: 900 - -Package: * -Pin: release n=trixie -Pin-Priority: -10 diff --git a/data/live-build-config/hooks/live/18-enable-disable_services.chroot b/data/live-build-config/hooks/live/18-enable-disable_services.chroot index 0732e597..26c7f094 100755 --- a/data/live-build-config/hooks/live/18-enable-disable_services.chroot +++ b/data/live-build-config/hooks/live/18-enable-disable_services.chroot @@ -62,9 +62,6 @@ systemctl disable dnsdist.service systemctl disable haproxy.service systemctl disable owamp-server.service systemctl disable twamp-server.service -systemctl disable podman-auto-update.service -systemctl disable podman-auto-update.timer -systemctl disable podman-restart.service systemctl disable vyos-wan-load-balance.service systemctl disable nvmf-autoconnect.service systemctl disable dpkg-db-backup.timer diff --git a/data/live-build-config/package-lists/vyos-base.list.chroot b/data/live-build-config/package-lists/vyos-base.list.chroot index 0b7b8e9f..4ccc7f76 100644 --- a/data/live-build-config/package-lists/vyos-base.list.chroot +++ b/data/live-build-config/package-lists/vyos-base.list.chroot @@ -1,6 +1,6 @@ debconf gpgv gnupg -vyos-world +vyos-1x vyos-user-utils zstd diff --git a/docker-vyos/vyos_install_stage_01.sh b/docker-vyos/vyos_install_stage_01.sh index ce9e9b53..42e8d1c8 100644 --- a/docker-vyos/vyos_install_stage_01.sh +++ b/docker-vyos/vyos_install_stage_01.sh @@ -23,7 +23,9 @@ echo "Configuring APT repositories" prepare_apt # Get list of VyOS packages -vyos_packages=(`apt-cache -i depends vyos-world | awk '/Depends:/ { printf("%s ", $2) }'`) +vyos_packages=( + "vyos-1x" + ) # Do not analyze packages, which we do not need in Docker vyos_packages_filter=( diff --git a/docker-vyos/vyos_install_stage_02.sh b/docker-vyos/vyos_install_stage_02.sh index 81a0975b..58a62a8d 100644 --- a/docker-vyos/vyos_install_stage_02.sh +++ b/docker-vyos/vyos_install_stage_02.sh @@ -23,7 +23,9 @@ echo "Configuring APT repositories" prepare_apt # Get list of VyOS packages -vyos_packages=(`apt-cache -i depends vyos-world | awk '/Depends:/ { printf("%s ", $2) }'`) +vyos_packages=( + "vyos-1x" + ) # Do not analyze packages, which we do not need in Docker vyos_packages_filter=( diff --git a/docker/Dockerfile b/docker/Dockerfile index be789fc2..9bcc234f 100644 --- a/docker/Dockerfile +++ b/docker/Dockerfile @@ -247,6 +247,12 @@ RUN pip install --break-system-packages \ python3-stdeb \ python3-all \ python3-coverage \ + python3-hurry.filesize \ + python3-netaddr \ + python3-paramiko \ + python3-passlib \ + python3-tabulate \ + python3-zmq \ pylint \ quilt \ whois diff --git a/packages/ddclient/Jenkinsfile b/packages/ddclient/Jenkinsfile index 317362e9..dccaf38c 100644 --- a/packages/ddclient/Jenkinsfile +++ b/packages/ddclient/Jenkinsfile @@ -1,4 +1,4 @@ -// Copyright (C) 2023 VyOS maintainers and contributors +// Copyright (C) 2023-2024 VyOS maintainers and contributors // // This program is free software; you can redistribute it and/or modify // in order to easy exprort images built to "external" world @@ -20,14 +20,10 @@ @Library('vyos-build@current')_ def pkgList = [ - ['name': 'ddclient-debian', - 'scmCommit': 'debian/3.10.0-3', + ['name': 'ddclient', + 'scmCommit': '93bd643', 'scmUrl': 'https://salsa.debian.org/debian/ddclient', - 'buildCmd': '/bin/true'], - ['name': 'ddclient-github', - 'scmCommit': 'v3.11.2', - 'scmUrl': 'https://github.com/ddclient/ddclient', - 'buildCmd': 'cd ..; ./build.sh'], + 'buildCmd': 'sudo mk-build-deps --install --tool "apt-get --yes --no-install-recommends"; dpkg-buildpackage -uc -us -tc -b'], ] // Start package build using library function from https://github.com/vyos/vyos-build diff --git a/packages/ddclient/build.sh b/packages/ddclient/build.sh deleted file mode 100755 index 82e9b899..00000000 --- a/packages/ddclient/build.sh +++ /dev/null @@ -1,49 +0,0 @@ -#!/bin/bash -CWD=$(pwd) -set -e - -SRC_DEBIAN=ddclient-debian -SRC_GITHUB=ddclient-github - -if [ ! -d ${SRC_DEBIAN} ]; then - echo "${SRC_DEBIAN} directory does not exists, please 'git clone'" - exit 1 -fi - -if [ ! -d ${SRC_GITHUB} ]; then - echo "${SRC_GITHUB} directory does not exists, please 'git clone'" - exit 1 -fi - -echo "I: Copy Debian build instructions" -cp -a ${SRC_DEBIAN}/debian ${SRC_GITHUB} -# Preserve some of the Debian's default patches -cat > ${SRC_GITHUB}/debian/patches/series << EOF -maxinterval.diff -news.diff -EOF -# Remove vestigial documentation -sed -i '/README\.ssl/d' ${SRC_GITHUB}/debian/docs - -PATCH_DIR=${CWD}/patches -if [ -d ${PATCH_DIR} ]; then - for patch in $(ls ${PATCH_DIR}) - do - echo "I: Apply patch: ${patch} to main repository" - cp ${PATCH_DIR}/${patch} ${SRC_GITHUB}/debian/patches/ - echo ${patch} >> ${SRC_GITHUB}/debian/patches/series - done -fi - -cd ${SRC_GITHUB} - -echo "I: Ensure Debian build dependencies are met" -sudo mk-build-deps --install --tool "apt-get --yes --no-install-recommends" - -echo "I: Bump Debian Package version" -version="$(git describe --tags)" -dch -v "${version:1}+vyos0" "Patchset for miscellaneous fixes" -dch -a "Forward port to upstream version ${version:1}" - -echo "I: Build Debian Package" -dpkg-buildpackage -uc -us -tc -b diff --git a/packages/hostap/Jenkinsfile b/packages/hostap/Jenkinsfile index 91465cf6..7eeff1bb 100644 --- a/packages/hostap/Jenkinsfile +++ b/packages/hostap/Jenkinsfile @@ -25,7 +25,7 @@ def pkgList = [ 'scmUrl': 'https://salsa.debian.org/debian/wpa', 'buildCmd': '/bin/true'], ['name': 'hostap', - 'scmCommit': '6b9c86466', + 'scmCommit': 'e7172e26d', 'scmUrl': 'git://w1.fi/srv/git/hostap.git', 'buildCmd': 'cd ..; ./build.sh'], ] diff --git a/packages/linux-kernel/Jenkinsfile b/packages/linux-kernel/Jenkinsfile index ba4a5a1c..986780e0 100644 --- a/packages/linux-kernel/Jenkinsfile +++ b/packages/linux-kernel/Jenkinsfile @@ -44,7 +44,7 @@ def pkgList = [ '''], // Firmware - ['name': 'linux-firmware', 'scmCommit': '20231211', + ['name': 'linux-firmware', 'scmCommit': '20240610', 'scmUrl': 'https://git.kernel.org/pub/scm/linux/kernel/git/firmware/linux-firmware.git', 'buildCmd': 'cd ..; ./build-linux-firmware.sh'], diff --git a/packages/linux-kernel/arch/x86/configs/vyos_defconfig b/packages/linux-kernel/arch/x86/configs/vyos_defconfig index fbf0c88d..767058a8 100644 --- a/packages/linux-kernel/arch/x86/configs/vyos_defconfig +++ b/packages/linux-kernel/arch/x86/configs/vyos_defconfig @@ -2987,9 +2987,9 @@ CONFIG_MT7663_USB_SDIO_COMMON=m CONFIG_MT7663U=m CONFIG_MT7663S=m CONFIG_MT7915E=m -CONFIG_MT7921E=m -CONFIG_MT7921S=m -CONFIG_MT7921U=m +# CONFIG_MT7921E is not set +# CONFIG_MT7921S is not set +# CONFIG_MT7921U is not set # CONFIG_MT7996E is not set CONFIG_WLAN_VENDOR_MICROCHIP=y # CONFIG_WILC1000_SDIO is not set diff --git a/packages/linux-kernel/patches/kernel/0001-linkstate-ip-device-attribute.patch b/packages/linux-kernel/patches/kernel/0001-linkstate-ip-device-attribute.patch index a4026a24..9d10ec7e 100644 --- a/packages/linux-kernel/patches/kernel/0001-linkstate-ip-device-attribute.patch +++ b/packages/linux-kernel/patches/kernel/0001-linkstate-ip-device-attribute.patch @@ -126,10 +126,10 @@ index 9dfbda164e8c..2786c8ea451a 100644 .procname = "ioam6_id", .data = &ipv6_devconf.ioam6_id, diff --git a/net/ipv6/route.c b/net/ipv6/route.c -index c48eaa7c2340..309a93100c34 100644 +index eb3afaee62e8..0f8670e74cc7 100644 --- a/net/ipv6/route.c +++ b/net/ipv6/route.c -@@ -677,6 +677,14 @@ static inline void rt6_probe(struct fib6_nh *fib6_nh) +@@ -679,6 +679,14 @@ static inline void rt6_probe(struct fib6_nh *fib6_nh) } #endif @@ -144,7 +144,7 @@ index c48eaa7c2340..309a93100c34 100644 /* * Default Router Selection (RFC 2461 6.3.6) */ -@@ -718,6 +726,8 @@ static int rt6_score_route(const struct fib6_nh *nh, u32 fib6_flags, int oif, +@@ -720,6 +728,8 @@ static int rt6_score_route(const struct fib6_nh *nh, u32 fib6_flags, int oif, if (!m && (strict & RT6_LOOKUP_F_IFACE)) return RT6_NUD_FAIL_HARD; diff --git a/packages/net-snmp/.gitignore b/packages/net-snmp/.gitignore new file mode 100644 index 00000000..3f41bbac --- /dev/null +++ b/packages/net-snmp/.gitignore @@ -0,0 +1 @@ +net-snmp/ diff --git a/packages/net-snmp/Jenkinsfile b/packages/net-snmp/Jenkinsfile new file mode 100644 index 00000000..a2b21ce5 --- /dev/null +++ b/packages/net-snmp/Jenkinsfile @@ -0,0 +1,30 @@ +// Copyright (C) 2024 VyOS maintainers and contributors +// +// This program is free software; you can redistribute it and/or modify +// in order to easy exprort images built to "external" world +// it under the terms of the GNU General Public License version 2 or later as +// published by the Free Software Foundation. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU General Public License for more details. +// +// You should have received a copy of the GNU General Public License +// along with this program. If not, see <http://www.gnu.org/licenses/>. +@NonCPS + +// Using a version specifier library, use 'current' branch. The underscore (_) +// is not a typo! You need this underscore if the line immediately after the +// @Library annotation is not an import statement! +@Library('vyos-build@current')_ + +def pkgList = [ + ['name': 'net-snmp', + 'scmCommit': 'debian/5.9.4+dfsg-1', + 'scmUrl': 'https://salsa.debian.org/debian/net-snmp', + 'buildCmd': 'sudo mk-build-deps --install --tool "apt-get --yes --no-install-recommends"; cd ..; ./build.sh'], +] + +// Start package build using library function from https://github.com/vyos/vyos-build +buildPackage('net-snmp', pkgList, null, true, "**/packages/net-snmp/**") diff --git a/packages/net-snmp/build.sh b/packages/net-snmp/build.sh new file mode 100755 index 00000000..ebaeb6eb --- /dev/null +++ b/packages/net-snmp/build.sh @@ -0,0 +1,30 @@ +#!/bin/sh +CWD=$(pwd) +set -e + +SRC=net-snmp + +if [ ! -d ${SRC} ]; then + echo "Source directory does not exists, please 'git clone'" + exit 1 +fi + +cd ${SRC} + +PATCH_DIR=${CWD}/patches +if [ -d $PATCH_DIR ]; then + echo "I: Apply SNMP patches not in main repository:" + for patch in $(ls ${PATCH_DIR}) + do + cp ${PATCH_DIR}/${patch} debian/patches + echo ${patch} >> debian/patches/series + done +fi + +echo "I: Build Debian net-snmp Package" +# We need "|| true" to fix an issue wioth the make system +#make[2]: Leaving directory '/vyos/vyos-build/packages/net-snmp/net-snmp/snmplib' +#making clean in /vyos/vyos-build/packages/net-snmp/net-snmp/agent +#make[2]: Entering directory '/vyos/vyos-build/packages/net-snmp/net-snmp/agent' +#make[2]: *** No rule to make target 'clean'. Stop. +dpkg-buildpackage -us -uc -tc -b || true diff --git a/packages/net-snmp/patches/add-linux-6.7-compatibility-parsing.patch b/packages/net-snmp/patches/add-linux-6.7-compatibility-parsing.patch new file mode 100644 index 00000000..b6dcd77a --- /dev/null +++ b/packages/net-snmp/patches/add-linux-6.7-compatibility-parsing.patch @@ -0,0 +1,119 @@ +From f5ae6baf0018abda9dedc368fe6d52c0d7a8ab8f Mon Sep 17 00:00:00 2001 +From: Philippe Troin <phil+github-commits@fifi.org> +Date: Sat, 3 Feb 2024 10:30:30 -0800 +Subject: [PATCH] Add Linux 6.7 compatibility parsing /proc/net/snmp + +Linux 6.7 adds a new OutTransmits field to Ip in /proc/net/snmp. +This breaks the hard-coded assumptions about the Ip line length. +Add compatibility to parse Linux 6.7 Ip header while keep support +for previous versions. +--- + .../ip-mib/data_access/systemstats_linux.c | 46 +++++++++++++++---- + 1 file changed, 37 insertions(+), 9 deletions(-) + +diff --git a/agent/mibgroup/ip-mib/data_access/systemstats_linux.c b/agent/mibgroup/ip-mib/data_access/systemstats_linux.c +index 49e0a34d5c..f04e828a94 100644 +--- a/agent/mibgroup/ip-mib/data_access/systemstats_linux.c ++++ b/agent/mibgroup/ip-mib/data_access/systemstats_linux.c +@@ -36,7 +36,7 @@ netsnmp_access_systemstats_arch_init(void) + } + + /* +- /proc/net/snmp ++ /proc/net/snmp - Linux 6.6 and lower + + Ip: Forwarding DefaultTTL InReceives InHdrErrors InAddrErrors ForwDatagrams InUnknownProtos InDiscards InDelivers OutRequests OutDiscards OutNoRoutes ReasmTimeout ReasmReqds ReasmOKs ReasmFails FragOKs FragFails FragCreates + Ip: 2 64 7083534 0 0 0 0 0 6860233 6548963 0 0 1 286623 63322 1 259920 0 0 +@@ -49,6 +49,26 @@ netsnmp_access_systemstats_arch_init(void) + + Udp: InDatagrams NoPorts InErrors OutDatagrams + Udp: 1491094 122 0 1466178 ++* ++ /proc/net/snmp - Linux 6.7 and higher ++ ++ Ip: Forwarding DefaultTTL InReceives InHdrErrors InAddrErrors ForwDatagrams InUnknownProtos InDiscards InDelivers OutRequests OutDiscards OutNoRoutes ReasmTimeout ReasmReqds ReasmOKs ReasmFails FragOKs FragFails FragCreates OutTransmits ++ Ip: 1 64 50859058 496 0 37470604 0 0 20472980 7515791 1756 0 0 7264 3632 0 3548 0 7096 44961424 ++ ++ Icmp: InMsgs InErrors InCsumErrors InDestUnreachs InTimeExcds InParmProbs InSrcQuenchs InRedirects InEchos InEchoReps InTimestamps InTimestampReps InAddrMasks InAddrMaskReps OutMsgs OutErrors OutRateLimitGlobal OutRateLimitHost OutDestUnreachs OutTimeExcds OutParmProbs OutSrcQuenchs OutRedirects OutEchos OutEchoReps OutTimestamps OutTimestampReps OutAddrMasks OutAddrMaskReps ++ Icmp: 114447 2655 0 17589 0 0 0 0 66905 29953 0 0 0 0 143956 0 0 572 16610 484 0 0 0 59957 66905 0 0 0 0 ++ ++ IcmpMsg: InType0 InType3 InType8 OutType0 OutType3 OutType8 OutType11 ++ IcmpMsg: 29953 17589 66905 66905 16610 59957 484 ++ ++ Tcp: RtoAlgorithm RtoMin RtoMax MaxConn ActiveOpens PassiveOpens AttemptFails EstabResets CurrEstab InSegs OutSegs RetransSegs InErrs OutRsts InCsumErrors ++ Tcp: 1 200 120000 -1 17744 13525 307 3783 6 18093137 9277788 3499 8 7442 0 ++ ++ Udp: InDatagrams NoPorts InErrors OutDatagrams RcvbufErrors SndbufErrors InCsumErrors IgnoredMulti MemErrors ++ Udp: 2257832 1422 0 2252835 0 0 0 84 0 ++ ++ UdpLite: InDatagrams NoPorts InErrors OutDatagrams RcvbufErrors SndbufErrors InCsumErrors IgnoredMulti MemErrors ++ UdpLite: 0 0 0 0 0 0 0 0 0 + */ + + +@@ -101,10 +121,10 @@ _systemstats_v4(netsnmp_container* container, u_int load_flags) + FILE *devin; + char line[1024]; + netsnmp_systemstats_entry *entry = NULL; +- int scan_count; ++ int scan_count, expected_scan_count; + char *stats, *start = line; + int len; +- unsigned long long scan_vals[19]; ++ unsigned long long scan_vals[20]; + + DEBUGMSGTL(("access:systemstats:container:arch", "load v4 (flags %x)\n", + load_flags)); +@@ -126,10 +146,17 @@ _systemstats_v4(netsnmp_container* container, u_int load_flags) + */ + NETSNMP_IGNORE_RESULT(fgets(line, sizeof(line), devin)); + len = strlen(line); +- if (224 != len) { ++ switch (len) { ++ case 224: ++ expected_scan_count = 19; ++ break; ++ case 237: ++ expected_scan_count = 20; ++ break; ++ default: + fclose(devin); + snmp_log(LOG_ERR, "systemstats_linux: unexpected header length in /proc/net/snmp." +- " %d != 224\n", len); ++ " %d not in { 224, 237 } \n", len); + return -4; + } + +@@ -178,20 +205,20 @@ _systemstats_v4(netsnmp_container* container, u_int load_flags) + memset(scan_vals, 0x0, sizeof(scan_vals)); + scan_count = sscanf(stats, + "%llu %llu %llu %llu %llu %llu %llu %llu %llu %llu" +- "%llu %llu %llu %llu %llu %llu %llu %llu %llu", ++ "%llu %llu %llu %llu %llu %llu %llu %llu %llu %llu", + &scan_vals[0],&scan_vals[1],&scan_vals[2], + &scan_vals[3],&scan_vals[4],&scan_vals[5], + &scan_vals[6],&scan_vals[7],&scan_vals[8], + &scan_vals[9],&scan_vals[10],&scan_vals[11], + &scan_vals[12],&scan_vals[13],&scan_vals[14], + &scan_vals[15],&scan_vals[16],&scan_vals[17], +- &scan_vals[18]); ++ &scan_vals[18],&scan_vals[19]); + DEBUGMSGTL(("access:systemstats", " read %d values\n", scan_count)); + +- if(scan_count != 19) { ++ if(scan_count != expected_scan_count) { + snmp_log(LOG_ERR, + "error scanning systemstats data (expected %d, got %d)\n", +- 19, scan_count); ++ expected_scan_count, scan_count); + netsnmp_access_systemstats_entry_free(entry); + return -4; + } +@@ -223,6 +250,7 @@ _systemstats_v4(netsnmp_container* container, u_int load_flags) + entry->stats.HCOutFragFails.high = scan_vals[17] >> 32; + entry->stats.HCOutFragCreates.low = scan_vals[18] & 0xffffffff; + entry->stats.HCOutFragCreates.high = scan_vals[18] >> 32; ++ /* entry->stats. = scan_vals[19]; / * OutTransmits */ + + entry->stats.columnAvail[IPSYSTEMSTATSTABLE_HCINRECEIVES] = 1; + entry->stats.columnAvail[IPSYSTEMSTATSTABLE_INHDRERRORS] = 1; diff --git a/packages/podman/.gitignore b/packages/podman/.gitignore new file mode 100644 index 00000000..1055abad --- /dev/null +++ b/packages/podman/.gitignore @@ -0,0 +1 @@ +podman/ diff --git a/packages/podman/Jenkinsfile b/packages/podman/Jenkinsfile new file mode 100644 index 00000000..cc787565 --- /dev/null +++ b/packages/podman/Jenkinsfile @@ -0,0 +1,31 @@ +// Copyright (C) 2024 VyOS maintainers and contributors +// +// This program is free software; you can redistribute it and/or modify +// in order to easy exprort images built to "external" world +// it under the terms of the GNU General Public License version 2 or later as +// published by the Free Software Foundation. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU General Public License for more details. +// +// You should have received a copy of the GNU General Public License +// along with this program. If not, see <http://www.gnu.org/licenses/>. + +@NonCPS + +// Using a version specifier library, use 'current' branch. The underscore (_) +// is not a typo! You need this underscore if the line immediately after the +// @Library annotation is not an import statement! +@Library('vyos-build@current')_ + +def pkgList = [ + ['name': 'podman', + 'scmCommit': 'v4.9.5', + 'scmUrl': 'https://github.com/containers/podman', + 'buildCmd': 'cd ..; ./build.sh'], +] + +// Start package build using library function from https://github.com/vyos/vyos-build +buildPackage('podman', pkgList, null, true, "**/packages/podman/**") diff --git a/packages/podman/build.sh b/packages/podman/build.sh new file mode 100755 index 00000000..3b9b2929 --- /dev/null +++ b/packages/podman/build.sh @@ -0,0 +1,31 @@ +#!/bin/bash + +export PATH=/opt/go/bin:$PATH + +SRC=podman +if [ ! -d $SRC ]; then + echo "source directory $SRC does not exist!" + exit 1 +fi + +sudo apt-get install -y libseccomp-dev libgpgme-dev + +cd $SRC + +echo "I: installing dependencies" +make install.tools +echo "I: building podman" +make podman-release + +tar xf podman-release-$(dpkg --print-architecture).tar.gz +# retrieve version number from podman archive folder: podman-v4.9.5/ +# remove leading podman string +VERSION=$(ls -d podman-v* | cut -c9-) + +fpm --input-type dir --output-type deb --name podman \ + --version $VERSION --deb-compression gz \ + --maintainer "VyOS Package Maintainers <maintainers@vyos.net>" \ + --description "Engine to run OCI-based containers in Pods" \ + --depends conmon --depends crun --depends netavark \ + --license "Apache License 2.0" -C podman-v$VERSION --package .. + diff --git a/scripts/list-build-dependencies b/scripts/list-build-dependencies deleted file mode 100755 index e13651f3..00000000 --- a/scripts/list-build-dependencies +++ /dev/null @@ -1,120 +0,0 @@ -#!/bin/bash -# -# Copyright (C) 2020 VyOS maintainers and contributors -# -# This program is free software; you can redistribute it and/or modify -# in order to easy exprort images built to "external" world -# it under the terms of the GNU General Public License version 2 or later as -# published by the Free Software Foundation. -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program. If not, see <http://www.gnu.org/licenses/>. - -# Parse debian/control like content and extract packages required by the -# Build-Depends statement. Return a string with all required packages. -# -# Code below copied from https://stackoverflow.com/a/47707412 - Thank You! -get_build_depends () { - echo $(awk ' - /^Build-Depends:/ || /^ / && deps { - sub(/^[^ ]+: /, "") - deps = 1 - dep_str = dep_str ", " $0 - next - } - { deps=0 } - END { - split(dep_str, dep_array, /, */) - for (d in dep_array) { - dep = dep_array[d] - gsub(/[^a-z0-9_.-].*$/, "", dep) - if (dep && !seen[dep]++) print dep - } - }' $1) -} - -get_runtime_depends () { - echo $(awk ' - /^Depends:/ || /^ / && deps { - sub(/^[^ ]+: /, "") - deps = 1 - dep_str = dep_str ", " $0 - next - } - { deps=0 } - END { - split(dep_str, dep_array, /, */) - for (d in dep_array) { - dep = dep_array[d] - gsub(/[^a-z0-9_.-].*$/, "", dep) - if (dep && !seen[dep]++) print dep - } - }' $1) -} - -# Some packages are required prior to running this script -BOOTSTRAP_PACKAGES="devscripts curl equivs" -for pkg in $BOOTSTRAP_PACKAGES -do - dpkg -s $pkg >/dev/null 2>&1 - if [ $? -ne 0 ]; then - echo "Required package \"$pkg\" not installed" - exit 1 - fi -done - -echo "" -echo "Below you can find a list of packages that are required as build time" -echo "dependency for the individual package" -echo "" -echo "The generated content can be used to populate a file to provision" -echo "e.g. a native build host or a Docker container" -echo "" -echo "" - -GIT_BRANCH=$(git rev-parse --abbrev-ref HEAD) - -# First we need to get vyos-world so we know all individual packages for VyOS -curl -L https://github.com/vyos/vyos-world/raw/$GIT_BRANCH/debian/control \ - --output /tmp/vyos-world.control --retry 100 --retry-delay 1 --silent - -VYOS_PACKAGES=$(get_runtime_depends /tmp/vyos-world.control) -rm -f /tmp/vyos-world.control -for pkg in $VYOS_PACKAGES -do - # Check if repo exists - res=$(curl -o /dev/null --silent -Iw '%{http_code}' https://github.com/vyos/$pkg) - if [[ $res -ne 200 ]]; then - continue - fi - - CTRLFILE=/tmp/$pkg.control - curl -L https://github.com/vyos/$pkg/raw/$GIT_BRANCH/debian/control \ - --output $CTRLFILE --retry 100 --retry-delay 1 --silent - - declare -a array - declare -i length cnt - - array=($(get_build_depends $CTRLFILE)) - length=${#array[@]} - cnt=0 - - echo "# Packages needed to build '$pkg' from https://github.com/vyos/$pkg" - echo "apt-get install -y \\" - for name in "${array[@]}"; do - cnt=$((cnt + 1)) - if [[ "$cnt" -eq "$length" ]]; then - echo " $name" - else - echo " $name \\" - fi - done - rm -f $CTRLFILE - echo "" -done - diff --git a/vars/isCustomBuild.groovy b/vars/isCustomBuild.groovy index c5e5fab7..c60ed883 100644 --- a/vars/isCustomBuild.groovy +++ b/vars/isCustomBuild.groovy @@ -17,7 +17,7 @@ def call() { // Returns true if this is a custom build launched on any project fork. // Returns false if this is build from git@github.com:vyos/<reponame>. - // <reponame> can be e.g. vyos-1x.git or vyatta-op.git + // <reponame> can be e.g. vyos-1x.git // GitHub organisation base URL def gitURI = 'git@github.com:vyos/' + getGitRepoName() def httpURI = 'https://github.com/vyos/' + getGitRepoName() |