diff options
22 files changed, 147 insertions, 54 deletions
diff --git a/.github/workflows/trigger_rebuild_packages.yml b/.github/workflows/trigger_rebuild_packages.yml index ffff020f..7cfee337 100644 --- a/.github/workflows/trigger_rebuild_packages.yml +++ b/.github/workflows/trigger_rebuild_packages.yml @@ -51,6 +51,8 @@ jobs: - 'scripts/package-build/kea/**' keepalived: - 'scripts/package-build/keepalived/**' + libpam-radius-auth: + - 'scripts/package-build/libpam-radius-auth/**' linux-kernel: - 'data/defaults.toml' - 'scripts/package-build/linux-kernel/**' @@ -62,8 +64,6 @@ jobs: - 'scripts/package-build/netfilter/**' node_exporter: - 'scripts/package-build/node_exporter/**' - opennhrp: - - 'scripts/package-build/opennhrp/**' openvpn-otp: - 'scripts/package-build/openvpn-otp/**' owamp: @@ -84,6 +84,8 @@ jobs: - 'scripts/package-build/tacacs/**' telegraf: - 'scripts/package-build/telegraf/**' + vpp: + - 'scripts/package-build/vpp/**' waagent: - 'scripts/package-build/waagent/**' wide-dhcpv6: @@ -159,6 +161,10 @@ jobs: trigger_build "keepalived" fi + if [ "${{ steps.changes.outputs.libpam-radius-auth }}" == "true" ]; then + trigger_build "libpam-radius-auth" + fi + if [ "${{ steps.changes.outputs.linux-kernel }}" == "true" ]; then trigger_build "linux-kernel" fi @@ -179,10 +185,6 @@ jobs: trigger_build "node_exporter" fi - if [ "${{ steps.changes.outputs.opennhrp }}" == "true" ]; then - trigger_build "opennhrp" - fi - if [ "${{ steps.changes.outputs.openvpn-otp }}" == "true" ]; then trigger_build "openvpn-otp" fi @@ -223,6 +225,10 @@ jobs: trigger_build "telegraf" fi + if [ "${{ steps.changes.outputs.vpp }}" == "true" ]; then + trigger_build "vpp" + fi + if [ "${{ steps.changes.outputs.waagent }}" == "true" ]; then trigger_build "waagent" fi @@ -26,7 +26,7 @@ test: checkiso .PHONY: test-no-interfaces .ONESHELL: test-no-interfaces: checkiso - scripts/check-qemu-install --debug --configd --smoketest --uefi --no-interfaces build/live-image-amd64.hybrid.iso + scripts/check-qemu-install --debug --configd --smoketest --uefi --no-interfaces --memory 8 build/live-image-amd64.hybrid.iso .PHONY: test-interfaces .ONESHELL: @@ -36,7 +36,7 @@ test-interfaces: checkiso .PHONY: test-vpp .ONESHELL: test-vpp: checkiso - scripts/check-qemu-install --debug --configd --match="vpp" --smoketest --uefi build/live-image-amd64.hybrid.iso + scripts/check-qemu-install --debug --configd --match="vpp" --smoketest --uefi --cpu 2 --memory 8 build/live-image-amd64.hybrid.iso .PHONY: testc .ONESHELL: diff --git a/data/live-build-config/hooks/live/18-enable-disable_services.chroot b/data/live-build-config/hooks/live/18-enable-disable_services.chroot index 1042cef9..1aa0326a 100755 --- a/data/live-build-config/hooks/live/18-enable-disable_services.chroot +++ b/data/live-build-config/hooks/live/18-enable-disable_services.chroot @@ -69,6 +69,7 @@ systemctl disable dpkg-db-backup.service systemctl disable zabbix-agent2.service systemctl disable suricata.service systemctl disable vyconfd.service +systemctl disable vpp.service echo I: Enabling services systemctl enable vyos-hostsd.service diff --git a/docker/Dockerfile b/docker/Dockerfile index a2e0a74d..53ee7460 100644 --- a/docker/Dockerfile +++ b/docker/Dockerfile @@ -162,7 +162,7 @@ RUN apt-get update && apt-get install -y \ # Build libvyosconfig RUN eval $(opam env --root=/opt/opam --set-root) && \ git clone https://github.com/vyos/libvyosconfig.git /tmp/libvyosconfig && \ - cd /tmp/libvyosconfig && git checkout e4bfbf0147f4242b0999a3305fd9a496b49b2caf && \ + cd /tmp/libvyosconfig && git checkout 677d1e2bf8109b9fd4da60e20376f992b747e384 && \ dpkg-buildpackage -uc -us -tc -b && \ dpkg -i /tmp/libvyosconfig0_*_$(dpkg-architecture -qDEB_HOST_ARCH).deb @@ -273,11 +273,6 @@ RUN GO_VERSION_INSTALL="1.23.2" ; \ rm /tmp/go*.tar.gz RUN echo "export PATH=/opt/go/bin:$PATH" >> /etc/bash.bashrc -# Packages needed for opennhrp -RUN apt-get update && apt-get install -y \ - libc-ares-dev \ - libev-dev - # Packages needed for Qemu test-suite # This is for now only supported on i386 and amd64 platforms RUN if dpkg-architecture -ii386 || dpkg-architecture -iamd64; then \ diff --git a/scripts/check-qemu-install b/scripts/check-qemu-install index 11083706..89219c40 100755 --- a/scripts/check-qemu-install +++ b/scripts/check-qemu-install @@ -1,6 +1,6 @@ #!/usr/bin/env python3 # -# Copyright (C) 2019-2024, VyOS maintainers and contributors +# Copyright (C) 2019-2025, VyOS maintainers and contributors # # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License version 2 or later as @@ -95,6 +95,8 @@ parser.add_argument('--sbtest', help='Execute Secure Boot tests', action='store_true', default=False) parser.add_argument('--qemu-cmd', help='Only generate QEMU launch command', action='store_true', default=False) +parser.add_argument('--cpu', help='Set QEMU CPU', type=int, default=2) +parser.add_argument('--memory', help='Set QEMU memory', type=int, default=4) args = parser.parse_args() @@ -103,11 +105,13 @@ with open('data/defaults.toml', 'rb') as f: vyos_defaults = tomli.load(f) # This is what we got from the build -with open('build/manifest.json', 'rb') as f: - manifest = json.load(f) +manifest_file = 'build/manifest.json' +if os.path.isfile(manifest_file): + with open('build/manifest.json', 'rb') as f: + manifest = json.load(f) -vyos_version = manifest['build_config']['version'] -vyos_codename = manifest['build_config']['release_train'] + vyos_version = manifest['build_config']['version'] + vyos_codename = manifest['build_config']['release_train'] class StreamToLogger(object): """ @@ -168,11 +172,11 @@ def get_qemu_cmd(name, enable_uefi, disk_img, raid=None, iso_img=None, tpm=False macbase = '00:00:5E:00:53' cmd = f'qemu-system-x86_64 \ -name "{name}" \ - -smp 2,sockets=1,cores=2,threads=1 \ + -smp {args.cpu},sockets=1,cores={args.cpu},threads=1 \ -cpu host \ -machine {machine},accel=kvm \ {uefi} \ - -m 4G \ + -m {args.memory}G \ -vga none \ -nographic \ {vga} {vnc}\ @@ -546,16 +550,23 @@ try: c.sendline('systemd-detect-virt') c.expect('kvm') c.expect(op_mode_prompt) + c.sendline('show system cpu') + c.expect(op_mode_prompt) + c.sendline('show system memory') + c.expect(op_mode_prompt) + c.sendline("show version all | match vpp") + c.expect(op_mode_prompt) ################################################# # Verify /etc/os-release via lsb_release ################################################# c.sendline('lsb_release --short --id 2>/dev/null') c.expect('VyOS') - c.sendline('lsb_release --short --release 2>/dev/null') - c.expect(vyos_version) - c.sendline('lsb_release --short --codename 2>/dev/null') - c.expect(vyos_codename) + if os.path.isfile(manifest_file): + c.sendline('lsb_release --short --release 2>/dev/null') + c.expect(vyos_version) + c.sendline('lsb_release --short --codename 2>/dev/null') + c.expect(vyos_codename) # Ensure ephemeral key is loaded vyos_kernel_key = 'VyOS build time autogenerated kernel key' diff --git a/scripts/image-build/build-vyos-image b/scripts/image-build/build-vyos-image index 65891aa1..0614f214 100755 --- a/scripts/image-build/build-vyos-image +++ b/scripts/image-build/build-vyos-image @@ -438,6 +438,8 @@ if __name__ == "__main__": print("W: Could not build a version string specific to git branch, falling back to default: {0}".format(str(e))) version = "999.{0}".format(build_timestamp) + build_config['version'] = version + version_data = { 'version': version, 'flavor': build_config["build_flavor"], diff --git a/scripts/package-build/build.py b/scripts/package-build/build.py index d64a7378..9c1df7b3 100755 --- a/scripts/package-build/build.py +++ b/scripts/package-build/build.py @@ -1,6 +1,6 @@ #!/usr/bin/env python3 # -# Copyright (C) 2024 VyOS maintainers and contributors +# Copyright (C) 2024-2025 VyOS maintainers and contributors # # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License version 2 or later as @@ -92,9 +92,45 @@ def build_package(package: list, patch_dir: Path) -> None: # Check out the specific commit run(['git', 'checkout', package['commit_id']], cwd=repo_dir, check=True) - # Apply patches if any - if (repo_dir / 'patches'): - apply_patches(repo_dir, patch_dir / repo_name) + # The `pre_build_hook` is an optional configuration defined in `package.toml`. + # It executes after the repository is checked out and before the build process begins. + # This hook allows you to perform preparatory tasks, such as creating directories, + # copying files, or running custom scripts/commands. + # + # Usage: + # - Single command: + # pre_build_hook = "echo 'Hello Pre-Build-Hook'" + # + # - Multi-line commands: + # pre_build_hook = """ + # mkdir -p ../hello/vyos + # mkdir -p ../vyos + # cp example.txt ../vyos + # """ + # + # - Combination of commands and scripts: + # pre_build_hook = "ls -l; ./script.sh" + pre_build_hook = package.get('pre_build_hook', '') + if pre_build_hook: + try: + print(f'I: execute pre_build_hook for the package "{repo_name}"') + run(pre_build_hook, cwd=repo_dir, check=True, shell=True) + except CalledProcessError as e: + print(e) + print(f"I: pre_build_hook failed for the {repo_name}") + raise + + # Apply patches if the 'apply_patches' key is set to True (default) in the package configuration + # This allows skipping patch application for specific packages when desired + # + # Usage: + # apply_patches = false + # + # Default to True if the key is missing + if package.get('apply_patches', True): + # Check if the 'patches' directory exists in the repository + if (repo_dir / 'patches'): + apply_patches(repo_dir, patch_dir / repo_name) # Sanitize the commit ID and build a tarball for the package commit_id_sanitized = package['commit_id'].replace('/', '_') diff --git a/scripts/package-build/frr/package.toml b/scripts/package-build/frr/package.toml index 4df46208..8ff35777 100644 --- a/scripts/package-build/frr/package.toml +++ b/scripts/package-build/frr/package.toml @@ -21,6 +21,7 @@ packages = [ "gawk", "install-info", "libcap-dev", + "libc-ares-dev", "libjson-c-dev", "librtr-dev", "libpam-dev", diff --git a/scripts/package-build/hsflowd/package.toml b/scripts/package-build/hsflowd/package.toml index 8418319e..05ec13fe 100644 --- a/scripts/package-build/hsflowd/package.toml +++ b/scripts/package-build/hsflowd/package.toml @@ -2,7 +2,7 @@ name = "host-sflow" commit_id = "v2.0.55-1" scm_url = "https://github.com/sflow/host-sflow.git" -build_cmd = "make deb FEATURES='PCAP DROPMON DBUS'" +build_cmd = "make deb FEATURES='PCAP DROPMON DBUS PSAMPLE'" [dependencies] packages = ["libpcap0.8-dev"] diff --git a/scripts/package-build/libpam-radius-auth/.gitignore b/scripts/package-build/libpam-radius-auth/.gitignore new file mode 100644 index 00000000..b6ba8742 --- /dev/null +++ b/scripts/package-build/libpam-radius-auth/.gitignore @@ -0,0 +1 @@ +/libpam-radius-auth/ diff --git a/scripts/package-build/opennhrp/build.py b/scripts/package-build/libpam-radius-auth/build.py index 3c76af73..3c76af73 120000 --- a/scripts/package-build/opennhrp/build.py +++ b/scripts/package-build/libpam-radius-auth/build.py diff --git a/scripts/package-build/libpam-radius-auth/package.toml b/scripts/package-build/libpam-radius-auth/package.toml new file mode 100644 index 00000000..d2c760c8 --- /dev/null +++ b/scripts/package-build/libpam-radius-auth/package.toml @@ -0,0 +1,10 @@ +[[packages]] +name = "libpam-radius-auth" +commit_id = "current" +scm_url = "https://github.com/vyos/libpam-radius-auth.git" + +[dependencies] +packages = [ + "libpam-dev", + "libaudit-dev" +] diff --git a/scripts/package-build/linux-kernel/arch/arm64/configs/vyos_defconfig b/scripts/package-build/linux-kernel/arch/arm64/configs/vyos_defconfig index 91f26660..9592b39b 100644 --- a/scripts/package-build/linux-kernel/arch/arm64/configs/vyos_defconfig +++ b/scripts/package-build/linux-kernel/arch/arm64/configs/vyos_defconfig @@ -1735,7 +1735,7 @@ CONFIG_RFKILL_INPUT=y # CONFIG_CAIF is not set # CONFIG_CEPH_LIB is not set # CONFIG_NFC is not set -# CONFIG_PSAMPLE is not set +CONFIG_PSAMPLE=y # CONFIG_NET_IFE is not set CONFIG_LWTUNNEL=y CONFIG_LWTUNNEL_BPF=y diff --git a/scripts/package-build/linux-kernel/arch/x86/configs/vyos_defconfig b/scripts/package-build/linux-kernel/arch/x86/configs/vyos_defconfig index a77a6a13..f33cde92 100644 --- a/scripts/package-build/linux-kernel/arch/x86/configs/vyos_defconfig +++ b/scripts/package-build/linux-kernel/arch/x86/configs/vyos_defconfig @@ -1780,7 +1780,7 @@ CONFIG_RFKILL_INPUT=y # CONFIG_CAIF is not set # CONFIG_CEPH_LIB is not set # CONFIG_NFC is not set -# CONFIG_PSAMPLE is not set +CONFIG_PSAMPLE=y # CONFIG_NET_IFE is not set CONFIG_LWTUNNEL=y CONFIG_LWTUNNEL_BPF=y diff --git a/scripts/package-build/opennhrp/.gitignore b/scripts/package-build/opennhrp/.gitignore deleted file mode 100644 index a06f6fde..00000000 --- a/scripts/package-build/opennhrp/.gitignore +++ /dev/null @@ -1 +0,0 @@ -/opennhrp/ diff --git a/scripts/package-build/opennhrp/package.toml b/scripts/package-build/opennhrp/package.toml deleted file mode 100644 index d647c072..00000000 --- a/scripts/package-build/opennhrp/package.toml +++ /dev/null @@ -1,21 +0,0 @@ -[[packages]] -name = "opennhrp" -commit_id = "613277f" -scm_url = "https://git.code.sf.net/p/opennhrp/code" - -build_cmd = """ -make clean -make - -install --directory debian/etc debian/usr/sbin -install --mode 0644 etc/racoon-ph1dead.sh debian/etc -install --mode 0644 etc/racoon-ph1down.sh debian/etc -install --strip --mode 0755 nhrp/opennhrp debian/usr/sbin -install --strip --mode 0755 nhrp/opennhrpctl debian/usr/sbin - -fpm --input-type dir --output-type deb --name opennhrp \ - --version $(git describe --always | cut -c2-) --deb-compression gz \ - --maintainer "VyOS Package Maintainers <maintainers@vyos.net>" \ - --description "NBMA Next Hop Resolution Protocol daemon" \ - --license "MIT" -C debian --package .. -""" diff --git a/scripts/package-build/vpp/.gitignore b/scripts/package-build/vpp/.gitignore new file mode 100644 index 00000000..38768675 --- /dev/null +++ b/scripts/package-build/vpp/.gitignore @@ -0,0 +1,2 @@ +/vpp/ +/vyos-vpp-patches/ diff --git a/scripts/package-build/vpp/build.py b/scripts/package-build/vpp/build.py new file mode 120000 index 00000000..3c76af73 --- /dev/null +++ b/scripts/package-build/vpp/build.py @@ -0,0 +1 @@ +../build.py
\ No newline at end of file diff --git a/scripts/package-build/vpp/package.toml b/scripts/package-build/vpp/package.toml new file mode 100644 index 00000000..35a22896 --- /dev/null +++ b/scripts/package-build/vpp/package.toml @@ -0,0 +1,35 @@ +[[packages]] +name = "vyos-vpp-patches" +commit_id = "current" +scm_url = "https://github.com/vyos/vyos-vpp-patches" +build_cmd = "/bin/true" +apply_patches = false + +[[packages]] +name = "vpp" +commit_id = "stable/2406" +scm_url = "https://github.com/FDio/vpp" +# Skip apply patches by build.py as we use them in build_cmd +apply_patches = false + +pre_build_hook = """ +mkdir -p ../patches/vpp/ +rsync -av ../vyos-vpp-patches/patches/vpp/ ../patches/vpp/ +""" + +build_cmd = """ +# Patches for vpp should applied here +for patch in ../patches/vpp/*.patch; do + echo "I: build_cmd applying patch $patch..." + git -c user.email=maintainers@vyos.net -c user.name=vyos am "$patch" || { echo "Failed to apply patch $patch"; exit 1; } +done + +make UNATTENDED=yes install-dep +make pkg-deb +cp build-root/*.deb ../ +""" + +[dependencies] +packages = [ + "llvm" +] diff --git a/scripts/package-build/vyos-1x/.gitignore b/scripts/package-build/vyos-1x/.gitignore new file mode 100644 index 00000000..990c6351 --- /dev/null +++ b/scripts/package-build/vyos-1x/.gitignore @@ -0,0 +1,2 @@ +/vyos-1x/ +/vyos-vpp/ diff --git a/scripts/package-build/vyos-1x/build.py b/scripts/package-build/vyos-1x/build.py new file mode 120000 index 00000000..3c76af73 --- /dev/null +++ b/scripts/package-build/vyos-1x/build.py @@ -0,0 +1 @@ +../build.py
\ No newline at end of file diff --git a/scripts/package-build/vyos-1x/package.toml b/scripts/package-build/vyos-1x/package.toml new file mode 100644 index 00000000..6dcbadb3 --- /dev/null +++ b/scripts/package-build/vyos-1x/package.toml @@ -0,0 +1,11 @@ +[[packages]] +name = "vyos-vpp" +commit_id = "current" +scm_url = "https://github.com/vyos/vyos-vpp.git" +build_cmd = "/bin/true" + +[[packages]] +name = "vyos-1x" +commit_id = "current" +scm_url = "https://github.com/vyos/vyos-1x.git" +build_cmd = "rsync -av --exclude='.git' --exclude='.github' --exclude='README*' --exclude='LICENSE' --exclude='*.md' ../vyos-vpp/ ./; dpkg-buildpackage -us -uc -F" |