diff options
56 files changed, 848 insertions, 657 deletions
diff --git a/.github/workflows/trigger_rebuild_packages.yml b/.github/workflows/trigger_rebuild_packages.yml index 4355ecb8..33679a76 100644 --- a/.github/workflows/trigger_rebuild_packages.yml +++ b/.github/workflows/trigger_rebuild_packages.yml @@ -23,6 +23,10 @@ jobs: with: base: ${{ github.ref_name }} filters: | + amazon-cloudwatch-agent: + - 'scripts/package-build/amazon-cloudwatch-agent/**' + amazon-ssm-agent: + - 'scripts/package-build/amazon-ssm-agent/**' aws-gwlbtun: - 'scripts/package-build/aws-gwlbtun/**' ddclient: @@ -74,6 +78,8 @@ jobs: - 'scripts/package-build/radvd/**' strongswan: - 'scripts/package-build/strongswan/**' + tacacs: + - 'scripts/package-build/tacacs/**' telegraf: - 'scripts/package-build/telegraf/**' waagent: @@ -99,6 +105,14 @@ jobs: } # Trigger builds based on detected changes + if [ "${{ steps.changes.outputs.amazon-cloudwatch-agent }}" == "true" ]; then + trigger_build "amazon-cloudwatch-agent" + fi + + if [ "${{ steps.changes.outputs.amazon-ssm-agent }}" == "true" ]; then + trigger_build "amazon-ssm-agent" + fi + if [ "${{ steps.changes.outputs.aws-gwlbtun }}" == "true" ]; then trigger_build "aws-gwlbtun" fi @@ -199,6 +213,10 @@ jobs: trigger_build "strongswan" fi + if [ "${{ steps.changes.outputs.tacacs }}" == "true" ]; then + trigger_build "tacacs" + fi + if [ "${{ steps.changes.outputs.telegraf }}" == "true" ]; then trigger_build "telegraf" fi diff --git a/data/architectures/amd64.toml b/data/architectures/amd64.toml index 5c83a660..9ab1c03b 100644 --- a/data/architectures/amd64.toml +++ b/data/architectures/amd64.toml @@ -1,8 +1,3 @@ -additional_repositories = [ - "deb [arch=amd64] https://repo.saltproject.io/py3/debian/11/amd64/3005 bullseye main", - "deb https://repo.zabbix.com/zabbix/6.0/debian bookworm main" -] - # Packages added to images for x86 by default packages = [ "grub2", @@ -13,3 +8,11 @@ packages = [ "vyos-intel-ixgbe", "vyos-intel-ixgbevf", ] + +[additional_repositories.salt] + architecture = "amd64" + url = "https://packages.vyos.net/saltproject/debian/11/amd64/3005" + distribution = "bullseye" + +[additional_repositories.zabbix] + url = "https://repo.zabbix.com/zabbix/6.0/debian" diff --git a/data/architectures/arm64.toml b/data/architectures/arm64.toml index c64e19a1..ebf14ef4 100644 --- a/data/architectures/arm64.toml +++ b/data/architectures/arm64.toml @@ -1,10 +1,13 @@ -additional_repositories = [ - "deb [arch=arm64] https://repo.saltproject.io/py3/debian/11/arm64/3005 bullseye main", - "deb https://repo.zabbix.com/zabbix/6.0/debian-arm64 bookworm main" -] - # Packages included in ARM64 images by default packages = [ "grub-efi-arm64", ] bootloaders = "grub-efi" + +[additional_repositories.salt] + architecture = "arm64" + url = "https://packages.vyos.net/saltproject/debian/11/amd64/3005" + distribution = "bullseye" + +[additional_repositories.zabbix] + url = "https://repo.zabbix.com/zabbix/6.0/debian-arm64" diff --git a/data/architectures/armhf.toml b/data/architectures/armhf.toml index de5e62f4..8cf2d763 100644 --- a/data/architectures/armhf.toml +++ b/data/architectures/armhf.toml @@ -1,5 +1,5 @@ additional_repositories = [ - "deb [arch=armhf] https://repo.saltproject.io/py3/debian/11/armhf/3005 bullseye main" + "deb [arch=armhf] https://packages.vyos.net/saltproject/debian/11/arm64/3005 bullseye main" ] # Packages included in armhf images by default diff --git a/data/build-flavors/README.md b/data/build-flavors/README.md deleted file mode 100644 index 19716255..00000000 --- a/data/build-flavors/README.md +++ /dev/null @@ -1,76 +0,0 @@ -# VyOS build flavors - -VyOS supports multiple different hardware and virtual platforms. -Those platforms often need custom packages and may require custom -configs. To make maintenance of existing flavors simpler -and to allow everyone to make and maintain their own flavors, -the build scripts support storing flavor configuration in [TOML](https://toml.io) files. - -Flavor files must be in `data/build-flavors`. Here's an example: - -```toml -# Generic (aka "universal") ISO image - -image_format = "iso" - -# Include these packages in the image regardless of the architecture -packages = [ - # QEMU and Xen guest tools exist for multiple architectures - "qemu-guest-agent", - "vyos-xe-guest-utilities", -] - -[architectures.amd64] - # Hyper-V and VMware guest tools are x86-only - packages = ["hyperv-daemons", "vyos-1x-vmware"] -``` - -## Image format - -The `image_format` option specifies the default format to build. - -```toml -image_format = "iso" -``` - -**Note:** currently, ISO is the only supported format, -support for different flavors is in progress. - -## Including custom packages - -If you want the build scripts to include custom packages from repositories -in the image, you can list them in the `packages` field. - -For example, this is how to include the GNU Hello package: - -```toml -packages = ['hello'] -``` - -It's possible to include packages only in images with certain build architectures -by placing them in a subtable. - -If you want to include GNU Hello only in AMD64 images, do this: - -```toml -[architectures.amd64] - packages = ['hello'] -``` - -## Including custom files - -You can include files inside the SquashFS filesystem by adding entries -to the `includes_chroot` array. - -```toml -[[includes_chroot]] - path = "etc/question.txt" - data = ''' -Can you guess how this file ended up in the image? - ''' - - path = "etc/answer.txt" - data = ''' -It was in the flavor file! - ''' -``` diff --git a/data/build-flavors/aws-iso.toml b/data/build-flavors/aws-iso.toml deleted file mode 100644 index e13ed59a..00000000 --- a/data/build-flavors/aws-iso.toml +++ /dev/null @@ -1,3 +0,0 @@ -image_format = "iso" - -packages = ["amazon-cloudwatch-agent"] diff --git a/data/build-flavors/azure-iso.toml b/data/build-flavors/azure-iso.toml deleted file mode 100644 index b4774483..00000000 --- a/data/build-flavors/azure-iso.toml +++ /dev/null @@ -1,5 +0,0 @@ -image_format = "iso" - -packages = ["waagent"] - - diff --git a/data/build-flavors/dell-vep1400.toml b/data/build-flavors/dell-vep1400.toml deleted file mode 100644 index 038cbe24..00000000 --- a/data/build-flavors/dell-vep1400.toml +++ /dev/null @@ -1,116 +0,0 @@ -# ISO image for Dell VEP4600 devices - -image_format = "iso" - -# Replace built-in NIC naming rules with empty files -# to prevent them from taking any effect - -[[includes_chroot]] - path = "lib/systemd/network/99-default.link" - data = '' - -[[includes_chroot]] - path = "lib/udev/rules.d/65-vyatta-net.rules" - data = '' - -[[includes_chroot]] - path = "lib/udev/rules.d/75-persistent-net-generator.rules" - data = '' - -# Install platform-specific link files - -[[includes_chroot]] - path = "etc/systemd/network/10-eth0-000.link" - data = ''' -[Match] -Path=pci-0000:05:00.1 -Driver=ixgbe - -[Link] -Name=eth0 -Alias=SFP+1 -''' - -[[includes_chroot]] - path = "etc/systemd/network/10-eth1-000.link" - data = ''' -[Match] -Path=pci-0000:05:00.0 -Driver=ixgbe - -[Link] -Name=eth1 -Alias=SFP+2 -''' - -[[includes_chroot]] - path = "etc/systemd/network/10-eth2-000.link" - data = ''' -[Match] -Path=pci-0000:02:00.2 -Driver=igb - -[Link] -Name=eth2 -Alias=GE1 -''' - -[[includes_chroot]] - path = "etc/systemd/network/10-eth3-000.link" - data = ''' -[Match] -Path=pci-0000:02:00.3 -Driver=igb - -[Link] -Name=eth3 -Alias=GE2 -''' - -[[includes_chroot]] - path = "etc/systemd/network/10-eth4-000.link" - data = ''' -[Match] -Path=pci-0000:02:00.0 -Driver=igb - -[Link] -Name=eth4 -Alias=GE3 -''' - -[[includes_chroot]] - path = "etc/systemd/network/10-eth5-000.link" - data = ''' -[Match] -Path=pci-0000:02:00.1 -Driver=igb - -[Link] -Name=eth5 -Alias=GE4 -''' - -[[includes_chroot]] - path = "etc/systemd/network/10-eth6-000.link" - data = ''' -[Match] -Path=pci-0000:07:00.1 -Driver=ixgbe - -[Link] -Name=eth6 -Alias=GE5 -''' - -[[includes_chroot]] - path = "etc/systemd/network/10-eth7-000.link" - data = ''' -[Match] -Path=pci-0000:07:00.0 -Driver=ixgbe - -[Link] -Name=eth7 -Alias=GE6 -''' diff --git a/data/build-flavors/dell-vep4600.toml b/data/build-flavors/dell-vep4600.toml deleted file mode 100644 index 50fdb4d2..00000000 --- a/data/build-flavors/dell-vep4600.toml +++ /dev/null @@ -1,267 +0,0 @@ -# ISO image for Dell VEP4600 devices - -image_format = "iso" - -# Replace built-in NIC naming rules with empty files -# to prevent them from taking any effect - -[[includes_chroot]] - path = "lib/systemd/network/99-default.link" - data = '' - -[[includes_chroot]] - path = "lib/udev/rules.d/65-vyatta-net.rules" - data = '' - -[[includes_chroot]] - path = "lib/udev/rules.d/75-persistent-net-generator.rules" - data = '' - -# Install platform-specific link files - -[[includes_chroot]] - path = "etc/systemd/network/10-eth0-000.link" - data = ''' -[Match] -Path=pci-0000:04:00.0 -Driver=igb - -[Link] -Name=eth0 -''' - -[[includes_chroot]] - path = "etc/systemd/network/10-eth0-001.link" - data = ''' -[Match] -Path=pci-0000:05:00.0 -Driver=igb - -[Link] -Name=eth0 -''' - -[[includes_chroot]] - path = "etc/systemd/network/10-eth10-000.link" - data = ''' -[Match] -Path=pci-0000:65:00.3 -Driver=i40e - -[Link] -Name=eth10 -''' - -[[includes_chroot]] - path = "etc/systemd/network/10-eth1-000.link" - data = ''' -[Match] -Path=pci-0000:b8:00.0 -Driver=i40e - -[Link] -Name=eth1 -''' - -[[includes_chroot]] - path = "etc/systemd/network/10-eth1-001.link" - data = ''' -[Match] -Path=pci-0000:b6:00.0 -Driver=i40e - -[Link] -Name=eth1 -''' - -[[includes_chroot]] - path = "etc/systemd/network/10-eth11-000.link" - data = ''' -[Match] -Path=pci-0000:17:00.0 -Driver=i40e - -[Link] -Name=eth11 -''' - -[[includes_chroot]] - path = "etc/systemd/network/10-eth12-000.link" - data = ''' -[Match] -Path=pci-0000:17:00.1 -Driver=i40e - -[Link] -Name=eth12 -''' - -[[includes_chroot]] - path = "etc/systemd/network/10-eth13-000.link" - data = ''' -[Match] -Path=pci-0000:17:00.2 -Driver=i40e - -[Link] -Name=eth13 -''' - -[[includes_chroot]] - path = "etc/systemd/network/10-eth14-000.link" - data = ''' -[Match] -Path=pci-0000:17:00.3 -Driver=i40e - -[Link] -Name=eth14 -''' - -[[includes_chroot]] - path = "etc/systemd/network/10-eth2-000.link" - data = ''' -[Match] -Path=pci-0000:b8:00.1 -Driver=i40e - -[Link] -Name=eth2 -''' - -[[includes_chroot]] - path = "etc/systemd/network/10-eth2-001.link" - data = ''' -[Match] -Path=pci-0000:b6:00.1 -Driver=i40e - -[Link] -Name=eth2 -''' - -[[includes_chroot]] - path = "etc/systemd/network/10-eth3-000.link" - data = ''' -[Match] -Path=pci-0000:02:00.1 -Driver=igb - -[Link] -Name=eth3 -''' - -[[includes_chroot]] - path = "etc/systemd/network/10-eth4-000.link" - data = ''' -[Match] -Path=pci-0000:02:00.0 -Driver=igb - -[Link] -Name=eth4 -''' - -[[includes_chroot]] - path = "etc/systemd/network/10-eth5-000.link" - data = ''' -[Match] -Path=pci-0000:02:00.3 -Driver=igb - -[Link] -Name=eth5 -''' - -[[includes_chroot]] - path = "etc/systemd/network/10-eth6-000.link" - data = ''' -[Match] -Path=pci-0000:02:00.2 -Driver=igb - -[Link] -Name=eth6 -''' - -[[includes_chroot]] - path = "etc/systemd/network/10-eth7-000.link" - data = ''' -[Match] -Path=pci-0000:65:00.0 -Driver=i40e - -[Link] -Name=eth7 -''' - -[[includes_chroot]] - path = "etc/systemd/network/10-eth8-000.link" - data = ''' -[Match] -Path=pci-0000:65:00.1 -Driver=i40e - -[Link] -Name=eth8 -''' - -[[includes_chroot]] - path = "etc/systemd/network/10-eth9-000.link" - data = ''' -[Match] -Path=pci-0000:65:00.2 -Driver=i40e - -[Link] -Name=eth9 -''' - -[[includes_chroot]] - path = "etc/systemd/network/10-unused0-000.link" - data = ''' -[Match] -Path=pci-0000:b8:00.2 -Driver=i40e - -[Link] -Name=unused0 -''' - -[[includes_chroot]] - path = "etc/systemd/network/10-unused0-001.link" - data = ''' -[Match] -Path=pci-0000:b6:00.2 -Driver=i40e - -[Link] -Name=unused0 -''' - -[[includes_chroot]] - path = "etc/systemd/network/10-unused1-000.link" - data = ''' -[Match] -Path=pci-0000:b8:00.3 -Driver=i40e - -[Link] -Name=unused1 -''' - -[[includes_chroot]] - path = "etc/systemd/network/10-unused1-001.link" - data = ''' -[Match] -Path=pci-0000:b6:00.3 -Driver=i40e - -[Link] -Name=unused1 -''' - -[[includes_chroot]] - path = "etc/systemd/network/99-default.link" - data = ''' -''' diff --git a/data/build-flavors/edgecore.toml b/data/build-flavors/edgecore.toml deleted file mode 100644 index efea4863..00000000 --- a/data/build-flavors/edgecore.toml +++ /dev/null @@ -1,46 +0,0 @@ -# ISO image for EdgeCore routers - -image_format = "iso" - -# udev rules for correct ordering of onboard NICs -[[includes_chroot]] - path = "lib/udev/rules.d/64-vyos-SAF51015I-net.rules" - data = ''' -ATTR{[dmi/id]board_name}!="SAF51015I-0318-EC", GOTO="end_ec_nic" - -ACTION=="add", SUBSYSTEM=="net", KERNELS=="0000:02:00.0", ENV{VYOS_IFNAME}="eth1" -ACTION=="add", SUBSYSTEM=="net", KERNELS=="0000:03:00.0", ENV{VYOS_IFNAME}="eth2" -ACTION=="add", SUBSYSTEM=="net", KERNELS=="0000:04:00.0", ENV{VYOS_IFNAME}="eth3" -ACTION=="add", SUBSYSTEM=="net", KERNELS=="0000:05:00.0", ENV{VYOS_IFNAME}="eth4" -ACTION=="add", SUBSYSTEM=="net", KERNELS=="0000:06:00.0", ENV{VYOS_IFNAME}="eth5" -ACTION=="add", SUBSYSTEM=="net", KERNELS=="0000:06:00.1", ENV{VYOS_IFNAME}="eth6" -ACTION=="add", SUBSYSTEM=="net", KERNELS=="0000:06:00.2", ENV{VYOS_IFNAME}="eth7" -ACTION=="add", SUBSYSTEM=="net", KERNELS=="0000:06:00.3", ENV{VYOS_IFNAME}="eth8" -ACTION=="add", SUBSYSTEM=="net", KERNELS=="0000:0a:00.0", ENV{VYOS_IFNAME}="eth9" -ACTION=="add", SUBSYSTEM=="net", KERNELS=="0000:0a:00.1", ENV{VYOS_IFNAME}="eth10" -ACTION=="add", SUBSYSTEM=="net", KERNELS=="0000:0b:00.0", ENV{VYOS_IFNAME}="eth11" -ACTION=="add", SUBSYSTEM=="net", KERNELS=="0000:0b:00.1", ENV{VYOS_IFNAME}="eth12" - -LABEL="end_ec_nic" - -''' - -[[includes_chroot]] - path = "lib/udev/rules.d/64-vyos-SAF51003I-net.rules" - data = ''' -ATTR{[dmi/id]board_name}!="SAF51003I", GOTO="end_ec_nic" - -ACTION=="add", SUBSYSTEM=="net", KERNELS=="0000:02:00.0", ENV{VYOS_IFNAME}="eth1", ATTR{ifalias}="LAN1" -ACTION=="add", SUBSYSTEM=="net", KERNELS=="0000:02:00.1", ENV{VYOS_IFNAME}="eth2", ATTR{ifalias}="LAN2" -ACTION=="add", SUBSYSTEM=="net", KERNELS=="0000:02:00.2", ENV{VYOS_IFNAME}="eth3", ATTR{ifalias}="LAN3" -ACTION=="add", SUBSYSTEM=="net", KERNELS=="0000:02:00.3", ENV{VYOS_IFNAME}="eth4", ATTR{ifalias}="LAN4" -ACTION=="add", SUBSYSTEM=="net", KERNELS=="0000:05:00.0", ENV{VYOS_IFNAME}="eth5", ATTR{ifalias}="LAN5" -ACTION=="add", SUBSYSTEM=="net", KERNELS=="0000:05:00.1", ENV{VYOS_IFNAME}="eth6", ATTR{ifalias}="LAN6" -ACTION=="add", SUBSYSTEM=="net", KERNELS=="0000:05:00.2", ENV{VYOS_IFNAME}="eth7", ATTR{ifalias}="LAN7" -ACTION=="add", SUBSYSTEM=="net", KERNELS=="0000:05:00.3", ENV{VYOS_IFNAME}="eth8", ATTR{ifalias}="LAN8" -ACTION=="add", SUBSYSTEM=="net", KERNELS=="0000:08:00.0", ENV{VYOS_IFNAME}="eth9", ATTR{ifalias}="DMZ" -ACTION=="add", SUBSYSTEM=="net", KERNELS=="0000:08:00.1", ENV{VYOS_IFNAME}="eth10", ATTR{ifalias}="WAN" - -LABEL="end_ec_nic" - -''' diff --git a/data/build-flavors/generic.toml b/data/build-flavors/generic.toml index 9bf7044d..f9ab5cab 100644 --- a/data/build-flavors/generic.toml +++ b/data/build-flavors/generic.toml @@ -6,7 +6,7 @@ image_format = "iso" packages = [ # QEMU and Xen guest tools exist for multiple architectures "qemu-guest-agent", - "vyos-xe-guest-utilities", + "xen-guest-agent" ] [architectures.amd64] diff --git a/data/build-flavors/xcpng.toml b/data/build-flavors/xcpng.toml deleted file mode 100644 index 3a04177f..00000000 --- a/data/build-flavors/xcpng.toml +++ /dev/null @@ -1,6 +0,0 @@ -# Installation ISO for the XCP-ng virtualization platform - -image_format = "iso" - -# Include these packages in the image -packages = ["xe-guest-utilities"] diff --git a/data/build-types/development.toml b/data/build-types/development.toml index f0207a6a..16ed483e 100644 --- a/data/build-types/development.toml +++ b/data/build-types/development.toml @@ -6,3 +6,73 @@ packages = [ "vim", "vyos-1x-smoketest" ] + +[[includes_chroot]] + path = 'usr/share/vyos/EULA' + data = ''' +VyOS ROLLING RELEASE END USER LICENSE AGREEMENT + +PLEASE READ THIS AGREEMENT CAREFULLY BEFORE INSTALLING AND/OR USING VyOS ROLLING RELEASE. +IF YOU DO NOT ACCEPT THE TERMS OF THIS AGREEMENT, THEN YOU MUST NOT USE VyOS ROLLING RELEASE. + +I. This End-User License Agreement (“Agreement”) is a legal document between you and VyOS Inc. +(a company organized and existing under the laws of California, +having its registered office at 12585 Kirkham Ct, Suite 1, Poway, California 92604) +that governs your use of VyOS Rolling Release, available at vyos.io website. + +II. By downloading, installing and using VyOS Rolling Release you: +- irrevocably agree to comply with all applicable laws, restrictions, + regulations, rules, the GNU GPL and other applicable licenses, and with this Agreement; +- confirm you have all legal rights to enter into this Agreement + and your authority is not limited by any legal means; +- obligate to certainly, indisputably and immediately + (but in any case at the first request of the VyOS Inc.) + compensate for any damage, if such is caused to the VyOS Inc. by your actions; +- assure and enforce any third party you grant access to Rolling Release + will bear the same amount of obligations. + For the purpose of this Agreement such third party will be referred to also as “you”. + +III. VyOS Rolling Release (“Rolling Release”) are copyrighted works +released under the terms of the GNU General Public License (GPL) +and other licenses approved by the Open Source Initiative (www.opensource.org), +(hereinafter, the “Public Licenses”). +Verbatim copies of such works may be made and distributed, by anyone, +in accordance with the terms of the GPL and the Public Licenses. +The GPL and the Public Licenses also grant you certain rights +to make and distribute derivative works based on the source code to Rolling Release. + +You can redistribute and/or modify the Rolling Release under the terms of the GPL and the Public Licenses. +You may obtain a copy of the source code corresponding to the binaries for the Rolling Release +from public Git repositories as https://github.com/vyos + +The GPL and the Public Licenses do not grant you any right, license or interest to use “VyOS” trademarks and logos, +that are trademarks or registered trademarks in the US, EU and other countries, +in connection with these derivative works. +VyOS trademarks may not be used in connection with any such derivative works +unless that usage is explicitly and specifically permitted, in writing. +Otherwise, You must modify the files identifiable as VyOS logos and VyOS trademarks +so as to remove all use of images containing them. +Note that mere deletion of these files may corrupt the Rolling Release. + +IV. Under no circumstances VyOS Inc. will be liable to you for any damages, +however caused or arising in any way out of the use of +or of inability to use the Rolling Release. +VyOS Inc. provides no warranty for Rolling Release. + +V. This Agreement comes into force upon your acceptance in the form of downloading, +installing or using Rolling Release (whatever happens first) and remains valid until termination. +This Agreement shall terminate immediately if you violate any applicable law, +restriction, regulation, rule, GPL or other applicable license, or any provision of this Agreement. +Upon termination of this Agreement you shall discontinue to use Rolling Release +and delete it as well as all copies you made from all storage devices. + +VI. This Agreement may be amended by VyOS Inc. at any time and brought to your attention +by publication on vyos.io website with enter into force immediately after such publication. + +VII. This Agreement, and any dispute or claim arising out of or in connection with it, +shall be governed by, and construed in accordance with the laws of California. +The courts of California shall have exclusive jurisdiction to settle any dispute or claim. + +For more information or any other query please contact VyOS Inc. at: legal@vyos.io + +''' diff --git a/data/build-types/release.toml b/data/build-types/release.toml index e69de29b..122cae37 100644 --- a/data/build-types/release.toml +++ b/data/build-types/release.toml @@ -0,0 +1,350 @@ +[[includes_chroot]] + path = 'usr/share/vyos/EULA' + data = ''' +VyOS END USER LICENSE AGREEMENT + +PLEASE READ THIS END USER LICENSE AGREEMENT (EULA, THIS ‘AGREEMENT’) CAREFULLY BEFORE USING VYOS FROM US. +BY USING VYOS, YOU (“YOU”, “LICENSEE”, “CUSTOMER”) SIGNIFY YOUR ASSENT TO AND ACCEPTANCE OF THIS +END USER LICENSE AGREEMENT AND ACKNOWLEDGE YOU HAVE READ AND UNDERSTAND THE TERMS. +THIS AGREEMENT IS ENFORCEABLE AGAINST ANY PERSON OR ENTITY THAT USES THE SOFTWARE AND ANY PERSON OR ENTITY +(E.G., SYSTEMS INTEGRATOR, CONSULTANT OR CONTRACTOR) THAT USES THE SOFTWARE ON ANOTHER PERSON’S OR ENTITY’S BEHALF. +IF YOU DO NOT ACCEPT THE TERMS OF THIS AGREEMENT, THEN YOU MUST NOT USE THE SOFTWARE. +THE EFFECTIVE DATE OF THIS AGREEMENT IS THE EARLIEST OF THE START DATE OF SERVICES STATED IN OUR INVOICE, +PREVIOUS ACCEPTANCE OF THIS AGREEMENT (OR OUR BUSINESS PARTNER’S ORDER OR/AND INVOICE, +PREVIOUS ACCEPTANCE OF THIS AGREEMENT) OR THE DATE THAT CUSTOMER HAS ACCESS AND IS ABLE TO USE OUR PRODUCTS OR SERVICES. +THIS END USER LICENSE AGREEMENT DOES NOT COVER ANY SERVICES FROM US, OR THROUGH OUR BUSINESS PARTNER, +OTHER THAN ACCESS TO THE SOFTWARE, SUCH AS TECHNICAL SUPPORT, UPGRADES OR SUPPORT SERVICES. +PLEASE REVIEW YOUR SERVICES OR SUBSCRIPTION AGREEMENT(S) THAT YOU MAY HAVE WITH US +OR OTHER AUTHORIZED VYOS SERVICES PROVIDER OR BUSINESS PARTNER REGARDING THE SOFTWARE AND SERVICES AND ASSOCIATED PAYMENTS. + +1. Definitions + +1.1 “We, Our, Us” means VyOS Contracting Entity defined in Section 13. + +1.2 “VyOS” or “Software” means VyOS software provided by Us +(or authorized services provider or business partner) +and consisting of VyOS software application +(exclusively or along with any third-party software included therein or therewith) +that includes or refers to this Agreement and any related documentation +(including, without limitation, user and technical documentation, +further explanatory written materials related to the Software, etc.), +services (including, without limitation, SaaS, internet-based service, etc.), +tool, application, component, object code, source code, +appearance (including, without limitation, images, designs, fonts, etc.), +structure as well as any modification and update thereof, regardless of the delivery mechanism. + +“Services” means software support services and any other services provided by Us, +or through Our Business Partner, on a subscription basis. + +1.3 “Authorized Users” means employees or individual contractors to whom, +pursuant to this Agreement, the Licensee has granted a right +to access and use the Software with your credentials, +provided that such access shall be for your sole benefit and in full compliance with this EULA. +All Authorized Users are bound by the terms of this Agreement. + +1.4 “Cloud Provider” means authorized hosting partner’s cloud marketplace platform, +a company that delivers cloud computing based services, +resources and solutions to businesses and/or offers solutions via the cloud marketplace. + +1.5 “Business Partner” shall mean Our authorized sales agent, partner, +Cloud Provider reseller or distributor +of the Software and Our Services authorized to sell Software and Services via our subscriptions. + +Purchases through or by a Business Partner. +In instances where Customer purchases through a Business Partner, +final prices and terms and conditions of sale will be as agreed between Customer and the Business Partner +from which Customer makes such purchases; however, the terms set forth +in this EULA are applicable to Customer’s use and the performance of VyOS. +Customer acknowledges that: +(a) We may share information with the Business Partner related to Customer’s use and consumption of VyOS, +and vice versa, for account management and billing purposes; +(b) the termination provisions below will also apply if Customer’s Business Partner fails to pay Us applicable fees; and +(c) Business Partner is not authorized to make any changes to this EULA or otherwise authorized to make any warranties, +representations, promises or commitments on Our behalf or in any way concerning the VyOS. + +"Business Partner’s order" means the ordering document(s), +issued during Your purchasing process by Our Business Partner +in a way and manner as defined by Our Business Partner. +Business Partner’s order may describe specific Software and Services, +Subscription(s), associated fees, payment terms, +and shall be subject to the terms of this Agreement and EULA. + +1.6 “Customer”, “You”, “Licensee”, “Your” - user of VyOS and its heirs, agents, successors, assigns and +- for the purpose of Global subscription - its Affiliates. + +2. License Grant + +Subject to the following terms, We grant to You a perpetual, worldwide license to the Software +(most of which includes multiple software components) pursuant to different open sourced and public licenses. +The license agreement for each software component is located in the software component's source code and permits you to +run, copy, modify, and redistribute the software component (subject to certain obligations in some cases), +both in source code and binary code forms, with the exception of the images identified in Section 4 below. +You shall either agree to the terms of each applicable public license or You must not install/use those components +or exercise such licensed rights. +This EULA pertains solely to the Software and does not limit your rights under, or grant you rights that supersede, +the license terms of any particular component. + +2.1 Limited Modifications. For the avoidance of doubt, Licensee is permitted to use VyOS from Us +in accordance with VyOS terms and conditions and on the specific quotation, +purchase order and/or the subscription or customized agreements, if any. +Any other modifications of VyOS terms and conditions won’t be allowed, +except as expressly authorized through a separate custom agreement, +unless otherwise defined by this Agreement, specific quotation, purchase order +and/or the subscription or customized agreements. + +2.2 No Unbundling. Nonetheless, the Software is designed and provided to Licensee solely as permitted herein. +Licensee shall not unbundle or repackage the Software for distribution, transfer or other disposition, +unless otherwise specified by this Agreement. + +3. Prohibited Use and Allowed Use + +3.1 Except as expressly authorized through a separate custom agreement, Licensee and the Authorized Users are prohibited from: +(a) using the Software on behalf of third parties; +(b) sublicensing, licensing, renting, leasing, lending or granting other rights in the Software + including rights on a membership or subscription basis; +(c) providing use of the Software in a service bureau arrangement, outsourcing or on a time sharing basis; +(d) interfere with or disrupt the Software or systems used to provide the VyOS or other equipment or networks connected; +(e) circumvent or disclose the user authentication or security of the Software or any host, network, + or account related thereto or attempt to gain unauthorized access; +(f) store or transmit SPAM or malicious code; +(g) duplicate the Software or publish the Software for others to copy; +(h) infringe the intellectual property rights of any entity or person; or +(i) make any use of the Software that violates any applicable local, + state, national, international or foreign law or regulation. +For more information about how to obtain a custom agreement, please contact us at: sales@vyos.io. + +3.2 The following uses of the Software shall be allowed: +(a) any lab setup within the Licensee or on an Authorized User's personal device, + for the purpose of learning, testing, or debugging company network configs, and +(b) any use in Authorized User's personal home networks, including but not limited to Internet access, + corporate VPN access, learning and experimentation. + +4. Intellectual Property Rights + +The Software and each of their components are owned by Us and other licensors and are protected under copyright law +and other laws as applicable. Title to the Software and any component and systems, +or to any copy or modification shall remain with Us and other licensors, subject to the applicable license. +The “VyOS” mark, the individual Software marks, and the “VyOS” logo are trademarks or registered trademarks +in the EU, US and other countries. +Artwork files that feature the VyOS logo, including but not limited to boot splash images and user interface elements, +are Our property, distributed on the "all rights reserved" basis. +You cannot redistribute those files separately or as part of Software without an express permission from the copyright holder. +By accepting this Agreement You commit not to register or request registration of any commercial name, +domain name, email, trademark, symbol or distinctive; sign, with similar characteristics, color, +typography, style or appearance or that includes the word “VyOS” or/and VyOS logo. + +This EULA does not permit you to distribute the Software using VyOS trademarks, +regardless of whether the Software has been modified. You may make a commercial redistribution of the Software only if +(a) permitted under a separate written agreement with Us authorizing such commercial redistribution or +(b) you remove and replace all Our occurrences and VyOS trademarks and logos. +Modifications to the software may corrupt the Software. + +4.1 The Licensee grants Us a right to use its logos and trademarks +for the purpose of displaying their Licensee status on the VyOS website, +and for the purposes specified in VyOS Subscription Agreement. +We will not claim that the Licensee endorses VyOS and will not publicize any details of Licensee’s VyOS usage, +network setup, or any other information not explicitly provided by the Licensee for public release. + +4.1.1 The Licensee can revoke Our right to use Licensee’s trademarks and logos at any time, +unless otherwise agreed in VyOS Subscription Agreement, or Our Quotation. + +5. Updates + +Along with all software update subscriptions, We provide security updates, hot-fixes and security advisory notifications +before public disclosure (hereinafter collectively referred to as the “Updates”). +You expressly acknowledge and agree that We have no obligation to make available and/or provide any Updates. +All upgrades and Updates are provided by Us or through Our Business Partners to Licensee at Our sole discretion +and are subject to the terms of this Agreement on a license exchange basis. +Any obligations that We may have to support previous versions during the license term may end upon the availability of this update. +Upgrades and Updates may be licensed to Licensee by Us with additional or different terms. + +6. Support + +This agreement does not automatically entitle the Licensee to any support for the Software provided by Us +or through Our Business Partners unless otherwise specified in the subscription terms. +For the avoidance of doubt, We have no liability and provide no support for any hardware or any cloud marketplace services +provided by any Business Partner or Cloud Provider. +Where available, maintenance and support may be purchased separately subject +to a separate VyOS’s support services included subscriptions. + +Support for software built from source code by a party other than Us, +with or without modifications made by the Licensee or a third party, +is provided only through separate agreements. + +For more information about how to obtain a VyOS’s software and support services included subscriptions, +please contact us at: sales@vyos.io. + +7. Term and Termination + +7. Term and Termination. This Agreement begins on the Effective Date and shall remain in effect until terminated due to +(a) Licensee fails to pay the fees amounts associated to Our subscriptions when due or otherwise materially breaches this Agreement, + specific quotation, purchase order and/or the subscription or customized agreements and fails to remedy the breach + within ten (10) days from the receipt of a notification sent in writing or electronically, +(b) Licensee’s deactivation or subscription cancellation of the Software, +(c) Licensee fails to pay the Business Partner, or terminate the agreement with a Business Partner, or Business Partner + fails to pay Us the applicable fees of your Software and/or Services, or +(d) We change, cease to provide or discontinue the Software at any time. + +Upon the occurrence of (a), (b), (c) or (d), above, We are entitled to terminate this Agreement. +Upon termination of this Agreement for any reason, Licensee shall discontinue use of the Software. +If you have copies of the Software obtained when You still had an active subscription, +you can keep using them indefinitely as long as you comply with this Agreement and VyOS Subscription Agreement, +in particular - with Section 4 above and provided this is not intended to interfere with any rights +you may have from other public and open source licenses.Termination shall not, however, relieve either party +of obligations incurred prior to the termination. The following Sections shall survive termination of this Agreement: +Definitions, Intellectual Property Rights, Limited Warranty, Limitation of Remedies and Liability, +General, Term and Termination, and others which by their nature are intended to survive. + +8. Limited Warranty + +Except as specifically stated in this Section 8, a separate agreement with Us, or a license for a particular component, +to the maximum extent permitted under applicable law, the Software and the components are provided and licensed “as is” +without warranty of any kind, express or implied, including the implied warranties of merchantability, non-infringement, +integration, quiet enjoyment, satisfactory quality or fitness for a particular purpose. +Neither Us nor Our affiliates and Business Partners warrant that the Software will meet your requirements, +will be uninterrupted, timely, secure; that the operation of the Software will be entirely error-free, appear or perform +precisely as described in the accompanying documentation, or comply with regulatory requirements; +that the results that may be obtained from the use of the Software will be effective, accurate or reliable; +the quality of the Software will meet your expectations; or that any errors or defects in the Software will be corrected. +This warranty extends only to the party that purchases subscription services for the Software from Us +and/or Our affiliates or a Our authorized Business Partner. + +We and Our affiliates specifically disclaim any liability with regard to any actions resulting from your use of the Software. +Any material downloaded or otherwise obtained through use of the Software is accessed at your own discretion and risk, +and you will be solely responsible for any damage to your computer system or loss of data that results from use of the Software. +We and Our affiliates assume no liability for any malicious software that may be downloaded to your computer +as a result of your use of the Software. + +We will not be liable for any loss that you may incur as a result of a third party using your password or +account or account information in connection with the Software, either with or without your knowledge. + +Licensee assumes the entire cost of all necessary servicing, repair, or correction of problems caused by viruses +or other harmful components; We disclaim and makes no warranties or representations as to the accuracy, quality, +reliability, suitability, completeness, truthfulness, usefulness, or effectiveness of the outputs, logs, reports, +data, results or other information obtained, generated or otherwise received by Licensee from accessing +and/or using the Software or otherwise resulting from this Agreement; and + +Licensee shall use the Software at its own risk and in no event shall We be liable to Licensee for any loss or damage +of any kind (except personal injury or death resulting from Our negligence, fraud or fraudulent misrepresentation +and any other liability that cannot be excluded by law) arising from Licensee’s use of or inability to use the Software +or from faults or defects in the Software whether caused by negligence or otherwise. + +Licensee agrees to defend, indemnify and hold Us harmless from any losses, liabilities, damages, actions, +claims or expenses (including legal fees and court costs) arising or resulting from Licensee’s breach +of any term of this agreement or caused by acts or omissions performed by licensee. + +Some jurisdictions do not allow the exclusion of certain warranties, the limitation or exclusion of implied warranties, +or limitations on how long an implied warranty may last, so the above limitations may not apply to you. + +9. Limitation of Remedies and Liability + +To the maximum extent permitted under applicable law, under no circumstances will We, Our affiliates, +any of Our authorized Business Partner, or the licensor of any component provided to you under this EULA +be liable to you for any direct, indirect, incidental, special, exemplary, punitive, or consequential damages +(including, but not limited to, procurement of substitute goods or services, computer failure or malfunction, +loss of data or profits, business interruption, etc.) however caused and on any theory of liability, +whether in contract, strict liability, or tort (including negligence or otherwise) arising in any way +out of the use of the software or inability to use the software, even if We, Our affiliates, +an authorized Business Partner, and/or licensor are aware of or have been advised of the possibility of such damage. +To the extent permitted by law and as the maximum aggregate liability, Our or Our affiliates’ liability, +an authorized Business Partner’s liability or the liability of the licensor of a component provided to you under +or in connection with this EULA will be limited to the lesser of either five hundred United States dollars ($500) +or the fees paid by the Licensee or by Business Partner and received by Us for the Software and attributable +to the 6 month period immediately preceding the first event giving rise to such liability. +The limitations and exclusions in this section apply to the maximum extent permitted by applicable law in your jurisdiction. +Some jurisdictions prohibit the exclusion or limitation of liability for incidental, consequential or punitive damages. +Accordingly, the limitations and exclusions set forth above may not apply to you. + +10. Compliance and Export Control + +You understand that countries may restrict the import, use, export, re-export or transfer of encryption products +and other controlled materials (which may include the Software or related technical information licensed hereunder). +You agree to comply with export regulations by the Bureau of Industry and Security of the U.S. Department of Commerce +and all applicable laws, restrictions and regulations in Your use of the Software, including but not limited to +export restrictions of various countries that the Software may be subject to, and personal data protection regulations. +You should comply with and oblige to secure Us from any breach of any law and regulation, +from any claim or litigation arising as a result of such breach and to reimburse Us any loss, resulting from such breach. +You will not use the Software for a prohibited use. +10.1 Sanctions compliance. You undertake to follow that You and any person, allowed to use the Software and the Services by You, +is not a subject or the target of sanctions, embargoes and restrictive measures (“Sanctions”), +administered by the Office of Foreign Assets Control of the U.S. Department of the Treasury or the U.S. Department of State, +the United Nations Security Council, the European Union, Her Majesty’s Treasury of the United Kingdom, +Department of Foreign Affairs and Trade of the Australian Federal Government, +or other relevant sanctions authority (“Sanctioning Authorities”). + +You undertake to comply with all the abovementioned Sanctions in all possible ways to keep Us harmless +and oblige to immediately terminate relations with any person that becomes (or is) +subject or target of any of the abovementioned Sanctions, or assists anybody to evade or violate the above mentioned Sanctions. + +11. Third-Party Beneficiary + +Licensee acknowledges and agrees that Our licensors (and/or Us if Licensee obtained the Software from any party other than Us) +are third party beneficiaries of this Agreement, with the right to enforce the obligations set forth herein +with respect to the respective technology of such licensors and/or Ours. + +12. Third-party components, contributions and software programs + +We do not assert any Intellectual Property Rights over: +(i) components created by third parties that may be taken from upstream sources in binary form compiled by Us from the source code; +(ii) source code and documentation of the Software, which is developed collaboratively + and is open to contributions by parties not affiliated with Us (to such purpose, contributors give Us non-exclusive rights + according to the licenses of the Software and documentation); +(iii) third parties software or programs included therein or therewith the Software. + +13. General + +If any provision of this EULA is held to be unenforceable, the enforceability of the remaining provisions shall not be affected. + +Updates and upgrades may be licensed to Licensee by Us with additional or different terms. + +You are not allowed to transfer or assign this EULA or any rights hereunder, unless with Our previous written consent. +Please inform Us of Your intention to transfer or assign in advance so We can respond accordingly. +Conversely, We may transfer, assign, sublicense or delegate the EULA or any portions thereof, without restriction. +We also may subcontract any performance associated with the Software to third parties, +provided that such subcontract does not relieve Us of any of Our obligations under this EULA. + +Licensee may not sublicense, transfer or assign, whether voluntarily or by operation of law, +any right or license in or to the Software. Any attempted sublicense, transfer or assignment shall be void. + +We may, from time-to-time modify this agreement. + +Licensee shall comply with all applicable laws and regulations pertaining to this Agreement + +This Agreement, along with a VyOS Subscription Agreement, Privacy Policy and Terms and Conditions, +any quotation, purchase order and services level agreement, if applicable, and any other documents +deemed to be incorporated by reference in it, constitutes the entire agreement between the parties +with respect to its subject matter and it supersedes all prior or contemporaneous agreements concerning such matter. +If you order VyOS from a Business Partner, then any agreement that you enter into with a Business Partner +is solely between you and a Business Partner and will not be binding on Us. + +In the table below, “Customer Location” refers to where Customer is located +(as determined by Customer’s business address on the invoice) and determines which table row applies to Customer: + +Customer Location* VyOS Contracting Entity Governing Law Venue/Courts +North & South America VyOS Inc California Poway +EEA & UK +(except Spain & Portugal) VyOS EMEA Operations Limited Ireland Cork +Spain, Andorra & Portugal VyOS Networks Iberia SLU Spain Madrid +Asia & Oceania VyOS APAC Pty Ltd Australia Sydney +Non-EEA parts of Europe, Middle East, & Africa +(except Andorra) VyOS Networks Cyprus Limited Cyprus Limassol + +*all sales via Cloud Providers are generally done by VyOS Inc., +unless otherwise decided by Us regardless of Customer location. + +References to “We”, “Our”, “Us” are references to the applicable VyOS Contracting Entity specified in the Contracting Entity Table, +unless otherwise has been decided for operational purposes, in the Quotation and in the invoice. The Services are provided by that VyOS Contracting Entity. + +This Agreement, and any disputes arising out of or related hereto, will be governed exclusively by the applicable governing law above, +without giving effect to any of its conflicts of laws, rules or principles. +The courts located in the applicable venue above will have exclusive jurisdiction to adjudicate any dispute arising out of +or relating to this Agreement or its formation, interpretation, or enforcement. Each party hereby consents and submits +to the exclusive jurisdiction of such courts. Before resorting to any external dispute resolution mechanisms, +the parties agree to use their best efforts in good faith to settle any dispute in relation to the Agreement. + +We may, in our sole discretion, amend this EULA at any time by posting a revised version thereof on Our website and, +by updating the “last updated” date on the applicable page, or by providing reasonable notice. +Your continued use of the Software following changes to the Agreement after the effective date of a revised version thereof +constitutes Your expressed acceptance of and the agreement to be bound by the Agreement and its future versions or updates. + +''' diff --git a/data/build-types/stream.toml b/data/build-types/stream.toml new file mode 100644 index 00000000..f0207a6a --- /dev/null +++ b/data/build-types/stream.toml @@ -0,0 +1,8 @@ +packages = [ + "gdb", + "strace", + "apt-rdepends", + "tshark", + "vim", + "vyos-1x-smoketest" +] diff --git a/data/defaults.toml b/data/defaults.toml index f0a7d83d..b97a2de8 100644 --- a/data/defaults.toml +++ b/data/defaults.toml @@ -14,7 +14,7 @@ vyos_mirror = "https://packages.vyos.net/repositories/current" vyos_branch = "current" release_train = "current" -kernel_version = "6.6.56" +kernel_version = "6.6.62" kernel_flavor = "vyos" bootloaders = "syslinux,grub-efi" diff --git a/data/live-build-config/hooks/live/01-live-serial.binary b/data/live-build-config/hooks/live/01-live-serial.binary index e138b20d..05785da7 100755 --- a/data/live-build-config/hooks/live/01-live-serial.binary +++ b/data/live-build-config/hooks/live/01-live-serial.binary @@ -10,22 +10,22 @@ SERIAL_CONSOLE="console=tty0 console=ttyS0,115200" GRUB_MENUENTRY=$(sed -e '/menuentry.*hotkey.*/,/^}/!d' -e 's/--hotkey=l//g' $GRUB_PATH) # Update KVM menuentry name -sed -i 's/"Live system \((.*-vyos)\)"/"Live system \1 - KVM console"/' $GRUB_PATH +sed -i 's/"Live system \((.*vyos)\)"/"Live system \1 - KVM console"/' $GRUB_PATH # Insert serial menuentry echo "$GRUB_MENUENTRY" | sed \ - -e 's/"Live system \((.*-vyos)\)"/"Live system \1 - Serial console"/' \ + -e 's/"Live system \((.*vyos)\)"/"Live system \1 - Serial console"/' \ -e "s/$KVM_CONSOLE/$SERIAL_CONSOLE/g" >> $GRUB_PATH # Live.cfg Update ISOLINUX_MENUENTRY=$(sed -e '/label live-\(.*\)-vyos$/,/^\tappend.*/!d' $ISOLINUX_PATH) # Update KVM menuentry name -sed -i 's/Live system \((.*-vyos)\)/Live system \1 - KVM console/' $ISOLINUX_PATH +sed -i 's/Live system \((.*vyos)\)/Live system \1 - KVM console/' $ISOLINUX_PATH # Insert serial menuentry echo "\n$ISOLINUX_MENUENTRY" | sed \ -e 's/live-\(.*\)-vyos/live-\1-vyos-serial/' \ -e '/^\tmenu default/d' \ - -e 's/Live system \((.*-vyos)\)/Live system \1 - Serial console/' \ + -e 's/Live system \((.*vyos)\)/Live system \1 - Serial console/' \ -e "s/$KVM_CONSOLE/$SERIAL_CONSOLE/g" >> $ISOLINUX_PATH diff --git a/data/live-build-config/includes.chroot/opt/vyatta/etc/grub/default-union-grub-entry b/data/live-build-config/includes.chroot/opt/vyatta/etc/grub/default-union-grub-entry new file mode 100644 index 00000000..49f4afc4 --- /dev/null +++ b/data/live-build-config/includes.chroot/opt/vyatta/etc/grub/default-union-grub-entry @@ -0,0 +1,20 @@ +menuentry "VyOS (KVM console)" { + linux /boot//vmlinuz boot=live quiet rootdelay=5 noautologin net.ifnames=0 biosdevname=0 udev.exec_delay=3 vyos-union=/boot/ console=ttyS0,115200 console=tty0 + initrd /boot//initrd.img +} + +menuentry "VyOS (Serial console)" { + linux /boot//vmlinuz boot=live quiet rootdelay=5 noautologin net.ifnames=0 biosdevname=0 udev.exec_delay=3 vyos-union=/boot/ console=tty0 console=ttyS0,115200 + initrd /boot//initrd.img +} + +menuentry "Lost password change (KVM console)" { + linux /boot//vmlinuz boot=live quiet rootdelay=5 noautologin net.ifnames=0 biosdevname=0 udev.exec_delay=3 vyos-union=/boot/ console=ttyS0,115200 console=tty0 init=/opt/vyatta/sbin/standalone_root_pw_reset + initrd /boot//initrd.img +} + +menuentry "Lost password change (Serial console)" { + linux /boot//vmlinuz boot=live quiet rootdelay=5 noautologin net.ifnames=0 biosdevname=0 udev.exec_delay=3 vyos-union=/boot/ console=tty0 console=ttyS0,115200 init=/opt/vyatta/sbin/standalone_root_pw_reset + initrd /boot//initrd.img +} + diff --git a/docker/Dockerfile b/docker/Dockerfile index 1697e859..7fc683f8 100644 --- a/docker/Dockerfile +++ b/docker/Dockerfile @@ -103,6 +103,7 @@ RUN apt-get update && apt-get install -y \ python3-flake8 \ python3-autopep8 \ python3-tomli \ + python3-tomli-w \ yq \ debootstrap \ live-build \ @@ -136,7 +137,7 @@ RUN dpkg-reconfigure ca-certificates; \ # Installing OCAML needed to compile libvyosconfig RUN curl https://raw.githubusercontent.com/ocaml/opam/master/shell/install.sh \ --output /tmp/opam_install.sh --retry 10 --retry-delay 5 && \ - sed -i 's/read BINDIR/BINDIR=""/' /tmp/opam_install.sh && sh /tmp/opam_install.sh && \ + sed -i 's/read -r BINDIR/BINDIR=""/' /tmp/opam_install.sh && sh /tmp/opam_install.sh && \ opam init --root=/opt/opam --comp=${OCAML_VERSION} --disable-sandboxing --no-setup RUN eval $(opam env --root=/opt/opam --set-root) && \ diff --git a/scripts/check-qemu-install b/scripts/check-qemu-install index 8d65f8b2..7faea56f 100755 --- a/scripts/check-qemu-install +++ b/scripts/check-qemu-install @@ -563,7 +563,7 @@ try: def verify_config(): # Verify encrypted config is loaded c.sendline('show config commands | cat') - c.expect('set system option performance \'latency\'') + c.expect('set system option performance \'network-latency\'') c.expect('set system option reboot-on-panic') c.expect(op_mode_prompt) @@ -600,7 +600,7 @@ try: log.info('Adding nodes for encrypted config test') c.sendline('configure') c.expect(cfg_mode_prompt) - c.sendline('set system option performance latency') + c.sendline('set system option performance network-latency') c.expect(cfg_mode_prompt) c.sendline('set system option reboot-on-panic') c.expect(cfg_mode_prompt) diff --git a/scripts/image-build/build-vyos-image b/scripts/image-build/build-vyos-image index a9294f38..1fc2c6c3 100755 --- a/scripts/image-build/build-vyos-image +++ b/scripts/image-build/build-vyos-image @@ -25,6 +25,7 @@ import copy import uuid import glob import json +import base64 import shutil import argparse import datetime @@ -62,7 +63,7 @@ except Exception as e: # Checkout vyos-1x under build directory try: branch_name = build_defaults['vyos_branch'] - url_vyos_1x = 'https://github.com/vyos/vyos-1x' + url_vyos_1x = os.getenv('VYOS1X_REPO_URL', default='https://github.com/vyos/vyos-1x') path_vyos_1x = os.path.join(defaults.BUILD_DIR, 'vyos-1x') try: repo_vyos_1x = git.Repo.clone_from(url_vyos_1x, path_vyos_1x, no_checkout=True) @@ -191,9 +192,10 @@ if __name__ == "__main__": 'pbuilder-debian-mirror': ('Debian repository mirror for pbuilder env bootstrap', None), 'vyos-mirror': ('VyOS package mirror', None), 'build-type': ('Build type, release or development', lambda x: x in ['release', 'development']), - 'version': ('Version number (release builds only)', None), + 'version': ('Version string', None), 'build-comment': ('Optional build comment', None), - 'build-hook-opts': ('Custom options for the post-build hook', None) + 'build-hook-opts': ('Custom options for the post-build hook', None), + 'bootloaders': ('Bootloaders to include in the image', None) } # Create the option parser @@ -259,28 +261,24 @@ if __name__ == "__main__": pre_build_config = merge_defaults(args, defaults=pre_build_config, skip_none=True) # Some fixup for mirror settings. - # The idea is: if --debian-mirror is specified but --pbuilder-debian-mirror is not, - # use the --debian-mirror value for both lb and pbuilder bootstrap - if pre_build_config['debian_mirror'] is None or pre_build_config['debian_security_mirror'] is None: - print("E: debian_mirror and debian_security_mirror cannot be empty") + # The idea is: if --debian-mirror is specified + # but --pbuilder-debian-mirror or --debian-security-mirror are not, + # use the --debian-mirror value for those + if pre_build_config['debian_mirror'] is None: + print("E: debian_mirror must be specified") sys.exit(1) if pre_build_config['pbuilder_debian_mirror'] is None: - args['pbuilder_debian_mirror'] = pre_build_config['pbuilder_debian_mirror'] = pre_build_config['debian_mirror'] - - # Version can only be set for release builds, - # for dev builds it hardly makes any sense - if pre_build_config['build_type'] == 'development': - if args['version'] is not None: - print("E: Version can only be set for release builds") - print("Use --build-type=release option if you want to set version number") - sys.exit(1) + pre_build_config['pbuilder_debian_mirror'] = pre_build_config['debian_mirror'] + + if pre_build_config['debian_security_mirror'] is None: + pre_build_config['debian_security_mirror'] = pre_build_config['debian_mirror'] # Validate characters in version name - if 'version' in args and args['version'] != None: + if args.get('version'): allowed = string.ascii_letters + string.digits + '.' + '-' + '+' if not set(args['version']) <= set(allowed): - print(f'Version contained illegal character(s), allowed: {allowed}') + print(f'Version string contains illegal character(s), allowed: {allowed}') sys.exit(1) ## Inject some useful hardcoded options @@ -306,6 +304,11 @@ if __name__ == "__main__": build_config = merge_defaults(flavor_config, defaults=build_config) build_config = merge_defaults(args, defaults=build_config, skip_none=True) + # If Debian mirror is specified explicitly but Debian security mirror is not, + # assume that the user wants to use that mirror for security updates as well. + if (args['debian_mirror'] is not None) and (args['debian_security_mirror'] is None): + build_config['debian_security_mirror'] = args['debian_mirror'] + ## Rename and merge some fields for simplicity ## E.g. --custom-packages is for the user, but internally ## it's added to the same package list as everything else @@ -326,6 +329,10 @@ if __name__ == "__main__": print("E: image format is not specified in the build flavor file") sys.exit(1) + ## Override bootloaders if specified + if args['bootloaders'] is not None: + build_config['bootloaders'] = args['bootloaders'] + ## Add default boot settings if needed if "boot_settings" not in build_config: build_config["boot_settings"] = defaults.boot_settings @@ -412,8 +419,10 @@ if __name__ == "__main__": build_git = "" git_branch = "" - # Create the build version string - if build_config['build_type'] == 'development': + # Create the build version string, if it's not explicitly given + if build_config.get('version'): + version = build_config['version'] + else: try: if not git_branch: raise ValueError("git branch could not be determined") @@ -428,9 +437,6 @@ if __name__ == "__main__": except Exception as e: print("W: Could not build a version string specific to git branch, falling back to default: {0}".format(str(e))) version = "999.{0}".format(build_timestamp) - else: - # Release build, use the version from ./configure arguments - version = build_config['version'] version_data = { 'version': version, @@ -503,8 +509,9 @@ DOCUMENTATION_URL="{build_config['documentation_url']}" ## Create live-build configuration files # Add the additional repositories to package lists - print("I: Setting up additional APT entries") + print("I: Setting up VyOS repository APT entries") vyos_repo_entry = "deb {vyos_mirror} {vyos_branch} main\n".format(**build_config) + vyos_repo_entry += "deb-src {vyos_mirror} {vyos_branch} main\n".format(**build_config) apt_file = defaults.VYOS_REPO_FILE @@ -516,10 +523,36 @@ DOCUMENTATION_URL="{build_config['documentation_url']}" f.write(vyos_repo_entry) # Add custom APT entries + print("I: Setting up additional APT entries") if build_config.get('additional_repositories', False): - build_config['custom_apt_entry'] += build_config['additional_repositories'] + for r in build_config['additional_repositories']: + repo_data = build_config['additional_repositories'][r] + + url = repo_data.get('url', None) + arch = repo_data.get('architecture', None) + distro = repo_data.get('distribution', build_config['debian_distribution']) + components = repo_data.get('components', 'main') + + if not url: + print(f'E: repository {r} does not specify URL') + sys.exit(1) + + if arch: + arch_string = f'[arch={arch}]' + else: + arch_string = '' + + entry = f'deb {arch_string} {url} {distro} {components}' + build_config['custom_apt_entry'].append(entry) + + if not repo_data.get('no_source', False): + src_entry = f'deb-src {url} {distro} {components}' + build_config['custom_apt_entry'].append(src_entry) + + if repo_data.get('key', None): + build_config['custom_apt_keys'].append({'name': r, 'key': repo_data['key']}) - if build_config.get('custom_apt_entry', False): + if build_config.get('custom_apt_entry', []): custom_apt_file = defaults.CUSTOM_REPO_FILE entries = "\n".join(build_config['custom_apt_entry']) if debug: @@ -530,11 +563,13 @@ DOCUMENTATION_URL="{build_config['documentation_url']}" f.write("\n") # Add custom APT keys - if has_nonempty_key(build_config, 'custom_apt_key'): + if has_nonempty_key(build_config, 'custom_apt_keys'): key_dir = defaults.ARCHIVES_DIR - for k in build_config['custom_apt_key']: - dst_name = '{0}.key.chroot'.format(os.path.basename(k)) - shutil.copy(k, os.path.join(key_dir, dst_name)) + for k in build_config['custom_apt_keys']: + dst_name = '{0}.key.chroot'.format(k['name']) + with open(os.path.join(key_dir, dst_name), 'bw') as f: + key_data = base64.b64decode(k['key']) + f.write(key_data) # Add custom packages if has_nonempty_key(build_config, 'packages'): @@ -644,7 +679,7 @@ Pin-Priority: 600 # If not, build additional flavors from the ISO. if build_config["image_format"] != ["iso"]: # For all non-iso formats, we always build a raw image first - raw_image = raw_image.create_raw_image(build_config, iso_file, "tmp/") + version_data, raw_image = raw_image.create_raw_image(build_config, iso_file, "tmp/") manifest['artifacts'].append(raw_image) # If there are other formats in the flavor, the assumptions is that @@ -674,8 +709,10 @@ Pin-Priority: 600 hook_opts = build_config["build_hook_opts"] else: hook_opts = "" - custom_image = rc_cmd(f"./build_hook {raw_image} {build_config['version']} \ - {build_config['architecture']} {hook_opts}") + build_hook_command = f"./build_hook {raw_image} {version_data['version']} \ + {build_config['architecture']} {hook_opts}" + print(f'I: executing build hook command: {build_hook_command}') + custom_image = rc_cmd(build_hook_command) manifest['artifacts'].append(custom_image) # Filter out unwanted files from the artifact list diff --git a/scripts/image-build/defaults.py b/scripts/image-build/defaults.py index a0c5c8bf..29a6d59f 100644 --- a/scripts/image-build/defaults.py +++ b/scripts/image-build/defaults.py @@ -35,7 +35,7 @@ boot_settings: dict[str, str] = { # Hardcoded default values HARDCODED_BUILD = { 'custom_apt_entry': [], - 'custom_apt_key': [], + 'custom_apt_keys': [], 'custom_package': [], 'reuse_iso': None, 'disk_size': 10, diff --git a/scripts/image-build/raw_image.py b/scripts/image-build/raw_image.py index dedb6f5e..d850eead 100644 --- a/scripts/image-build/raw_image.py +++ b/scripts/image-build/raw_image.py @@ -210,4 +210,4 @@ def create_raw_image(build_config, iso_file, work_dir): install_image(con, version) install_grub(con, version) - return raw_file + return (version_data, raw_file) diff --git a/scripts/package-build/amazon-cloudwatch-agent/.gitignore b/scripts/package-build/amazon-cloudwatch-agent/.gitignore new file mode 100644 index 00000000..7f8e0127 --- /dev/null +++ b/scripts/package-build/amazon-cloudwatch-agent/.gitignore @@ -0,0 +1,7 @@ +amazon-cloudwatch-agent/ +*.buildinfo +*.build +*.changes +*.deb +*.dsc +*.tar.gz diff --git a/scripts/package-build/pam_tacplus/build.py b/scripts/package-build/amazon-cloudwatch-agent/build.py index 3c76af73..3c76af73 120000 --- a/scripts/package-build/pam_tacplus/build.py +++ b/scripts/package-build/amazon-cloudwatch-agent/build.py diff --git a/scripts/package-build/amazon-cloudwatch-agent/package.toml b/scripts/package-build/amazon-cloudwatch-agent/package.toml new file mode 100644 index 00000000..833096d4 --- /dev/null +++ b/scripts/package-build/amazon-cloudwatch-agent/package.toml @@ -0,0 +1,14 @@ +[[packages]] +name = "amazon-cloudwatch-agent" +commit_id = "v1.300050.0" +scm_url = "https://github.com/aws/amazon-cloudwatch-agent" + +build_cmd = """ + +make prepackage package-deb +ARCH=$(dpkg --print-architecture) +TAG=$(git describe --tags --abbrev=0) +COMMIT=$(git rev-parse --short HEAD) +cp ./build/bin/linux/${ARCH}/*.deb ../amazon-cloudwatch-agent_${TAG}_${COMMIT}_${ARCH}.deb + +""" diff --git a/scripts/package-build/pam_tacplus/.gitignore b/scripts/package-build/amazon-ssm-agent/.gitignore index 04e8d4e9..f70728cf 100644 --- a/scripts/package-build/pam_tacplus/.gitignore +++ b/scripts/package-build/amazon-ssm-agent/.gitignore @@ -1,7 +1,7 @@ -pam_tacplus/ -pam_tacplus-debian/ +amazon-ssm-agent/ *.buildinfo *.build *.changes *.deb *.dsc +*.tar.gz diff --git a/scripts/package-build/amazon-ssm-agent/build.py b/scripts/package-build/amazon-ssm-agent/build.py new file mode 120000 index 00000000..3c76af73 --- /dev/null +++ b/scripts/package-build/amazon-ssm-agent/build.py @@ -0,0 +1 @@ +../build.py
\ No newline at end of file diff --git a/scripts/package-build/amazon-ssm-agent/package.toml b/scripts/package-build/amazon-ssm-agent/package.toml new file mode 100644 index 00000000..ecd2fdf6 --- /dev/null +++ b/scripts/package-build/amazon-ssm-agent/package.toml @@ -0,0 +1,16 @@ +[[packages]] +name = "amazon-ssm-agent" +commit_id = "3.3.1311.0" +scm_url = "https://github.com/aws/amazon-ssm-agent" + +build_cmd = """ + +ARCH=$(dpkg --print-architecture) +TAG=$(git describe --tags --abbrev=0) +COMMIT=$(git rev-parse --short HEAD) + +make build-linux +make package-deb +cp ./bin/debian_${ARCH}/*.deb ../amazon-ssm-agent_${TAG}_${COMMIT}_${ARCH}.deb + +""" diff --git a/scripts/package-build/build.py b/scripts/package-build/build.py index 0648b564..7212b6cf 100755 --- a/scripts/package-build/build.py +++ b/scripts/package-build/build.py @@ -75,12 +75,11 @@ def prepare_package(repo_dir: Path, install_data: str) -> None: raise -def build_package(package: list, dependencies: list, patch_dir: Path) -> None: +def build_package(package: list, patch_dir: Path) -> None: """Build a package from the repository Args: package (list): List of Packages from toml - dependencies (list): List of additional dependencies patch_dir (Path): Directory containing patches """ repo_name = package['name'] @@ -94,9 +93,6 @@ def build_package(package: list, dependencies: list, patch_dir: Path) -> None: # Check out the specific commit run(['git', 'checkout', package['commit_id']], cwd=repo_dir, check=True) - # Ensure dependencies - ensure_dependencies(dependencies) - # Apply patches if any if (repo_dir / 'patches'): apply_patches(repo_dir, patch_dir) @@ -177,11 +173,14 @@ if __name__ == '__main__': packages = config['packages'] patch_dir = Path(args.patch_dir) - for package in packages: - dependencies = package.get('dependencies', {}).get('packages', []) + # Load global dependencies + global_dependencies = config.get('dependencies', {}).get('packages', []) + if global_dependencies: + ensure_dependencies(global_dependencies) + for package in packages: # Build the package - build_package(package, dependencies, patch_dir) + build_package(package, patch_dir) # Clean up build dependency packages after build cleanup_build_deps(Path(package['name'])) diff --git a/scripts/package-build/dropbear/.gitignore b/scripts/package-build/dropbear/.gitignore index 6e8cff9c..3d080d7c 100644 --- a/scripts/package-build/dropbear/.gitignore +++ b/scripts/package-build/dropbear/.gitignore @@ -4,4 +4,4 @@ dropbear/ *.changes *.deb *.dsc - +*.tar.gz diff --git a/scripts/package-build/dropbear/package.toml b/scripts/package-build/dropbear/package.toml index cbb885ee..a00aad3d 100644 --- a/scripts/package-build/dropbear/package.toml +++ b/scripts/package-build/dropbear/package.toml @@ -3,5 +3,5 @@ name = "dropbear" commit_id = "debian/2022.83-1+deb12u1" scm_url = "https://salsa.debian.org/debian/dropbear.git" -[packages.dependencies] -packages = ["libpam0g-dev"]
\ No newline at end of file +[dependencies] +packages = ["libpam0g-dev"] diff --git a/scripts/package-build/frr/.gitignore b/scripts/package-build/frr/.gitignore index 590895c0..f22f6747 100644 --- a/scripts/package-build/frr/.gitignore +++ b/scripts/package-build/frr/.gitignore @@ -6,3 +6,4 @@ libyang/ *.changes *.deb *.dsc +*.tar.gz diff --git a/scripts/package-build/frr/package.toml b/scripts/package-build/frr/package.toml index 48d51ae6..caae3537 100644 --- a/scripts/package-build/frr/package.toml +++ b/scripts/package-build/frr/package.toml @@ -16,7 +16,7 @@ commit_id = "stable/9.1" scm_url = "https://github.com/FRRouting/frr.git" build_cmd = "sudo dpkg -i ../*.deb; sudo dpkg-buildpackage -us -uc -tc -b -Ppkg.frr.rtrlib,pkg.frr.lua" -[packages.dependencies] +[dependencies] packages = [ "chrpath", "gawk", diff --git a/scripts/package-build/frr/patches/0001-Enable-PCRE2-in-Debian-package-builds.patch b/scripts/package-build/frr/patches/0001-Enable-PCRE2-in-Debian-package-builds.patch new file mode 100644 index 00000000..c31c4a85 --- /dev/null +++ b/scripts/package-build/frr/patches/0001-Enable-PCRE2-in-Debian-package-builds.patch @@ -0,0 +1,24 @@ +From 21800432167ac022c01772df993efca8d4969b38 Mon Sep 17 00:00:00 2001 +From: Daniil Baturin <daniil@baturin.org> +Date: Wed, 6 Nov 2024 15:58:10 +0000 +Subject: [PATCH] Enable PCRE2 in Debian package builds + +--- + debian/rules | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/debian/rules b/debian/rules +index 43e5d7e61..1f971ab22 100755 +--- a/debian/rules ++++ b/debian/rules +@@ -69,6 +69,7 @@ override_dh_auto_configure: + --enable-vty-group=frrvty \ + --enable-configfile-mask=0640 \ + --enable-logfile-mask=0640 \ ++ --enable-pcre2posix \ + # end + + override_dh_auto_install: +-- +2.47.0 + diff --git a/scripts/package-build/hsflowd/.gitignore b/scripts/package-build/hsflowd/.gitignore index d0964b29..ecb384cd 100644 --- a/scripts/package-build/hsflowd/.gitignore +++ b/scripts/package-build/hsflowd/.gitignore @@ -4,3 +4,4 @@ host-sflow/ *.changes *.deb *.dsc +*.tar.gz diff --git a/scripts/package-build/hsflowd/package.toml b/scripts/package-build/hsflowd/package.toml index 75d320a7..8418319e 100644 --- a/scripts/package-build/hsflowd/package.toml +++ b/scripts/package-build/hsflowd/package.toml @@ -4,5 +4,5 @@ commit_id = "v2.0.55-1" scm_url = "https://github.com/sflow/host-sflow.git" build_cmd = "make deb FEATURES='PCAP DROPMON DBUS'" -[packages.dependencies] +[dependencies] packages = ["libpcap0.8-dev"] diff --git a/scripts/package-build/isc-dhcp/.gitignore b/scripts/package-build/isc-dhcp/.gitignore index 66d17cc8..3f2ca44a 100644 --- a/scripts/package-build/isc-dhcp/.gitignore +++ b/scripts/package-build/isc-dhcp/.gitignore @@ -4,4 +4,4 @@ isc-dhcp/ *.changes *.deb *.dsc - +*.tar.gz diff --git a/scripts/package-build/isc-dhcp/package.toml b/scripts/package-build/isc-dhcp/package.toml index 76a0e4a1..f07e71e3 100644 --- a/scripts/package-build/isc-dhcp/package.toml +++ b/scripts/package-build/isc-dhcp/package.toml @@ -3,5 +3,5 @@ name = "isc-dhcp" commit_id = "debian/4.4.3-P1-4" scm_url = "https://salsa.debian.org/debian/isc-dhcp" -[packages.dependencies] +[dependencies] packages = ["libpam0g-dev"] diff --git a/scripts/package-build/linux-kernel/build-intel-ixgbe.sh b/scripts/package-build/linux-kernel/build-intel-ixgbe.sh index 797ed60f..fabfb7af 100755 --- a/scripts/package-build/linux-kernel/build-intel-ixgbe.sh +++ b/scripts/package-build/linux-kernel/build-intel-ixgbe.sh @@ -97,17 +97,17 @@ fpm --input-type dir --output-type deb --name vyos-intel-${DRIVER_NAME} \ --depends linux-image-${KERNEL_VERSION}${KERNEL_SUFFIX} \ --license "GPL2" -C ${DEBIAN_DIR} --after-install ${DEBIAN_POSTINST} -echo "I: Cleanup ${DRIVER_NAME} source" -cd ${CWD} -if [ -e ${DRIVER_FILE} ]; then - rm -f ${DRIVER_FILE} -fi -if [ -d ${DRIVER_DIR} ]; then - rm -rf ${DRIVER_DIR} -fi -if [ -d ${DEBIAN_DIR} ]; then - rm -rf ${DEBIAN_DIR} -fi -if [ -f ${DEBIAN_POSTINST} ]; then - rm -f ${DEBIAN_POSTINST} -fi +# echo "I: Cleanup ${DRIVER_NAME} source" +# cd ${CWD} +# if [ -e ${DRIVER_FILE} ]; then +# rm -f ${DRIVER_FILE} +# fi +# if [ -d ${DRIVER_DIR} ]; then +# rm -rf ${DRIVER_DIR} +# fi +# if [ -d ${DEBIAN_DIR} ]; then +# rm -rf ${DEBIAN_DIR} +# fi +# if [ -f ${DEBIAN_POSTINST} ]; then +# rm -f ${DEBIAN_POSTINST} +# fi diff --git a/scripts/package-build/linux-kernel/build-intel-ixgbevf.sh b/scripts/package-build/linux-kernel/build-intel-ixgbevf.sh index 7d389832..f0e4c89b 100755 --- a/scripts/package-build/linux-kernel/build-intel-ixgbevf.sh +++ b/scripts/package-build/linux-kernel/build-intel-ixgbevf.sh @@ -89,17 +89,17 @@ fpm --input-type dir --output-type deb --name vyos-intel-${DRIVER_NAME} \ --depends linux-image-${KERNEL_VERSION}${KERNEL_SUFFIX} \ --license "GPL2" -C ${DEBIAN_DIR} --after-install ${DEBIAN_POSTINST} -echo "I: Cleanup ${DRIVER_NAME} source" -cd ${CWD} -if [ -e ${DRIVER_FILE} ]; then - rm -f ${DRIVER_FILE} -fi -if [ -d ${DRIVER_DIR} ]; then - rm -rf ${DRIVER_DIR} -fi -if [ -d ${DEBIAN_DIR} ]; then - rm -rf ${DEBIAN_DIR} -fi -if [ -f ${DEBIAN_POSTINST} ]; then - rm -f ${DEBIAN_POSTINST} -fi +# echo "I: Cleanup ${DRIVER_NAME} source" +# cd ${CWD} +# if [ -e ${DRIVER_FILE} ]; then +# rm -f ${DRIVER_FILE} +# fi +# if [ -d ${DRIVER_DIR} ]; then +# rm -rf ${DRIVER_DIR} +# fi +# if [ -d ${DEBIAN_DIR} ]; then +# rm -rf ${DEBIAN_DIR} +# fi +# if [ -f ${DEBIAN_POSTINST} ]; then +# rm -f ${DEBIAN_POSTINST} +# fi diff --git a/scripts/package-build/linux-kernel/build-intel-qat.sh b/scripts/package-build/linux-kernel/build-intel-qat.sh index fb6ccbb5..c2c364a9 100755 --- a/scripts/package-build/linux-kernel/build-intel-qat.sh +++ b/scripts/package-build/linux-kernel/build-intel-qat.sh @@ -101,17 +101,17 @@ fpm --input-type dir --output-type deb --name vyos-intel-${DRIVER_NAME} \ --depends linux-image-${KERNEL_VERSION}${KERNEL_SUFFIX} \ --license "GPL2" -C ${DEBIAN_DIR} --after-install ${DEBIAN_POSTINST} -echo "I: Cleanup ${DRIVER_NAME} source" -cd ${CWD} -if [ -e ${DRIVER_FILE} ]; then - rm -f ${DRIVER_FILE} -fi -if [ -d ${DRIVER_DIR} ]; then - rm -rf ${DRIVER_DIR} -fi -if [ -d ${DEBIAN_DIR} ]; then - rm -rf ${DEBIAN_DIR} -fi -if [ -f ${DEBIAN_POSTINST} ]; then - rm -f ${DEBIAN_POSTINST} -fi +# echo "I: Cleanup ${DRIVER_NAME} source" +# cd ${CWD} +# if [ -e ${DRIVER_FILE} ]; then +# rm -f ${DRIVER_FILE} +# fi +# if [ -d ${DRIVER_DIR} ]; then +# rm -rf ${DRIVER_DIR} +# fi +# if [ -d ${DEBIAN_DIR} ]; then +# rm -rf ${DEBIAN_DIR} +# fi +# if [ -f ${DEBIAN_POSTINST} ]; then +# rm -f ${DEBIAN_POSTINST} +# fi diff --git a/scripts/package-build/linux-kernel/build.py b/scripts/package-build/linux-kernel/build.py index b16e0702..1433eaa8 100755 --- a/scripts/package-build/linux-kernel/build.py +++ b/scripts/package-build/linux-kernel/build.py @@ -63,6 +63,40 @@ def clone_or_update_repo(repo_dir: Path, scm_url: str, commit_id: str) -> None: run(['git', 'checkout', commit_id], cwd=repo_dir, check=True) +def create_tarball(package_name, source_dir=None): + """Creates a .tar.gz archive of the specified directory. + + Args: + package_name (str): The name of the package. This will also be the name of the output tarball. + source_dir (str, optional): The directory to be archived. If not provided, defaults to `package_name`. + + Raises: + FileNotFoundError: If the specified `source_dir` does not exist. + Exception: If an error occurs during tarball creation. + + Example: + >>> create_tarball("linux-6.6.56") + I: Tarball created: linux-6.6.56.tar.gz + + >>> create_tarball("my-package", "/path/to/source") + I: Tarball created: my-package.tar.gz + """ + # Use package_name as the source directory if source_dir is not provided + source_dir = source_dir or package_name + output_tarball = f"{package_name}.tar.gz" + + # Check if the source directory exists + if not os.path.isdir(source_dir): + raise FileNotFoundError(f"Directory '{source_dir}' does not exist.") + + # Create the tarball + try: + shutil.make_archive(base_name=output_tarball.replace('.tar.gz', ''), format='gztar', root_dir=source_dir) + print(f"I: Tarball created: {output_tarball}") + except Exception as e: + print(f"I: Failed to create tarball for {package_name}: {e}") + + def build_package(package: dict, dependencies: list) -> None: """Build a package from the repository @@ -88,10 +122,13 @@ def build_package(package: dict, dependencies: list) -> None: # Execute the build command if package['build_cmd'] == 'build_kernel': build_kernel(package['kernel_version']) + create_tarball(f'{package["name"]}-{package["kernel_version"]}', f'linux-{package["kernel_version"]}') elif package['build_cmd'] == 'build_linux_firmware': build_linux_firmware(package['commit_id'], package['scm_url']) + create_tarball(f'{package["name"]}-{package["commit_id"]}', f'{package["name"]}') elif package['build_cmd'] == 'build_accel_ppp': build_accel_ppp(package['commit_id'], package['scm_url']) + create_tarball(f'{package["name"]}-{package["commit_id"]}', f'{package["name"]}') elif package['build_cmd'] == 'build_intel_qat': build_intel_qat() elif package['build_cmd'] == 'build_intel_ixgbe': @@ -106,6 +143,7 @@ def build_package(package: dict, dependencies: list) -> None: build_jool() elif package['build_cmd'] == 'build_openvpn_dco': build_openvpn_dco(package['commit_id'], package['scm_url']) + create_tarball(f'{package["name"]}-{package["commit_id"]}', f'{package["name"]}') elif package['build_cmd'] == 'build_nat_rtsp': build_nat_rtsp(package['commit_id'], package['scm_url']) else: diff --git a/scripts/package-build/netfilter/.gitignore b/scripts/package-build/netfilter/.gitignore index 9bf39f82..c6444404 100644 --- a/scripts/package-build/netfilter/.gitignore +++ b/scripts/package-build/netfilter/.gitignore @@ -5,4 +5,4 @@ *.changes *.deb *.dsc - +*.tar.gz diff --git a/scripts/package-build/netfilter/build.py b/scripts/package-build/netfilter/build.py index 9737b7d3..d15b5770 100755 --- a/scripts/package-build/netfilter/build.py +++ b/scripts/package-build/netfilter/build.py @@ -112,6 +112,12 @@ def build_package(package: dict, dependencies: list, patch_dir: Path) -> None: # Apply patches if any apply_patches(repo_dir, patch_dir, repo_name) + # Sanitize the commit ID and build a tarball for the package + commit_id_sanitized = package['commit_id'].replace('/', '_') + tarball_name = f"{repo_name}_{commit_id_sanitized}.tar.gz" + run(['tar', '-czf', tarball_name, '-C', str(repo_dir.parent), repo_name], check=True) + print(f"I: Tarball created: {tarball_name}") + # Prepare the package if required if package.get('prepare_package', False): prepare_package(repo_dir, package.get('install_data', '')) diff --git a/scripts/package-build/openvpn-otp/.gitignore b/scripts/package-build/openvpn-otp/.gitignore index 7f89da2b..60dd3cad 100644 --- a/scripts/package-build/openvpn-otp/.gitignore +++ b/scripts/package-build/openvpn-otp/.gitignore @@ -4,3 +4,4 @@ openvpn-otp/ *.changes *.deb *.dsc +*.tar.gz diff --git a/scripts/package-build/openvpn-otp/package.toml b/scripts/package-build/openvpn-otp/package.toml index 72209ad1..bdbc6d9d 100644 --- a/scripts/package-build/openvpn-otp/package.toml +++ b/scripts/package-build/openvpn-otp/package.toml @@ -1,6 +1,6 @@ [[packages]] name = "openvpn-otp" -commit_id = "master" +commit_id = "9781ff1" scm_url = "https://github.com/evgeny-gridasov/openvpn-otp" # build_cmd = "cd ..; ./build-openvpn-otp.sh" diff --git a/scripts/package-build/pam_tacplus/package.toml b/scripts/package-build/pam_tacplus/package.toml deleted file mode 100644 index 79b28544..00000000 --- a/scripts/package-build/pam_tacplus/package.toml +++ /dev/null @@ -1,19 +0,0 @@ -[[packages]] -name = "pam_tacplus-debian" -commit_id = "50c6fd7" -scm_url = "https://github.com/kravietz/pam_tacplus-debian" -build_cmd = "/bin/true" - -[[packages]] -name = "pam_tacplus" -#commit_id = "4f91b0d" # This commit cannot build the package -commit_id = "b839c44" -scm_url = "https://github.com/kravietz/pam_tacplus" - -#build_cmd = "sudo mk-build-deps --install --tool 'apt-get --yes --no-install-recommends'; cd ..; ./build.sh" -build_cmd = """ -cp -a ../pam_tacplus-debian debian -rm -f debian/compat -sudo mk-build-deps --install --tool 'apt-get --yes --no-install-recommends' -dpkg-buildpackage -uc -us -tc -b -d -""" diff --git a/scripts/package-build/podman/package.toml b/scripts/package-build/podman/package.toml index 952af518..707f3d7e 100644 --- a/scripts/package-build/podman/package.toml +++ b/scripts/package-build/podman/package.toml @@ -20,7 +20,7 @@ fpm --input-type dir --output-type deb --name podman \ --license "Apache License 2.0" -C podman-v$VERSION --package .. """ -[packages.dependencies] +[dependencies] packages = [ "libseccomp-dev", "libgpgme-dev" diff --git a/scripts/package-build/strongswan/.gitignore b/scripts/package-build/strongswan/.gitignore index ec612740..f1ad761d 100644 --- a/scripts/package-build/strongswan/.gitignore +++ b/scripts/package-build/strongswan/.gitignore @@ -4,3 +4,4 @@ strongswan/ *.changes *.deb *.dsc +*.tar.gz diff --git a/scripts/package-build/strongswan/package.toml b/scripts/package-build/strongswan/package.toml index 8cedd4ac..a5722062 100644 --- a/scripts/package-build/strongswan/package.toml +++ b/scripts/package-build/strongswan/package.toml @@ -13,7 +13,7 @@ dpkg-buildpackage -uc -us -tc -b -d cd ..; ./build-vici.sh """ -[packages.dependencies] +[dependencies] packages = [ "bison", "bzip2", diff --git a/scripts/package-build/tacacs/.gitignore b/scripts/package-build/tacacs/.gitignore new file mode 100644 index 00000000..142020c5 --- /dev/null +++ b/scripts/package-build/tacacs/.gitignore @@ -0,0 +1,9 @@ +libnss-tacplus/ +libpam-tacplus/ +libtacplus-map/ +*.buildinfo +*.build +*.changes +*.deb +*.dsc +*.tar.gz diff --git a/scripts/package-build/tacacs/build.py b/scripts/package-build/tacacs/build.py new file mode 120000 index 00000000..3c76af73 --- /dev/null +++ b/scripts/package-build/tacacs/build.py @@ -0,0 +1 @@ +../build.py
\ No newline at end of file diff --git a/scripts/package-build/tacacs/package.toml b/scripts/package-build/tacacs/package.toml new file mode 100644 index 00000000..fde9df6e --- /dev/null +++ b/scripts/package-build/tacacs/package.toml @@ -0,0 +1,24 @@ +[[packages]] +name = "libtacplus-map" +commit_id = "master" +scm_url = "https://github.com/vyos/libtacplus-map.git" +build_cmd = "dpkg-buildpackage -us -uc -tc -b" + +[[packages]] +name = "libpam-tacplus" +commit_id = "master" +scm_url = "https://github.com/vyos/libpam-tacplus.git" +build_cmd = "sudo dpkg -i ../libtacplus-map*.deb; dpkg-buildpackage -us -uc -tc -b" + +[[packages]] +name = "libnss-tacplus" +commit_id = "master" +scm_url = "https://github.com/vyos/libnss-tacplus.git" +build_cmd = "sudo dpkg -i ../libtac*.deb ../libpam-tacplus*.deb; dpkg-buildpackage -us -uc -tc -b" + +[dependencies] +packages = [ + "libpam-dev", + "autoconf-archive", + "libaudit-dev" +] diff --git a/scripts/package-build/waagent/package.toml b/scripts/package-build/waagent/package.toml index d7343a7a..1a382baa 100644 --- a/scripts/package-build/waagent/package.toml +++ b/scripts/package-build/waagent/package.toml @@ -3,5 +3,5 @@ name = "waagent" commit_id = "debian/2.9.1.1-2" scm_url = "https://salsa.debian.org/cloud-team/waagent.git" -[packages.dependencies] +[dependencies] packages = ["dpkg-source-gitarchive"] diff --git a/scripts/utils/merge-flavors b/scripts/utils/merge-flavors new file mode 100755 index 00000000..79f8180e --- /dev/null +++ b/scripts/utils/merge-flavors @@ -0,0 +1,76 @@ +#!/usr/bin/env python3 +# +# Copyright (C) 2024 VyOS maintainers and contributors +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2 or later as +# published by the Free Software Foundation. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see <http://www.gnu.org/licenses/>. +# +# Purpose: merges multiple flavor files into one + +import sys + +import tomli +import tomli_w + +def load_flavor(file_path): + with open(file_path, 'rb') as f: + flavor_def = tomli.load(f) + + return flavor_def + +# XXX: at the moment, this script is only used +# to produce a meta-flavor for collecting packages +# used in multiple flavors, +# so it ignores all other flavor fields for now +def merge_flavors(l, r): + if 'packages' in r: + l['packages'] += r['packages'] + + for arch in r.get('architectures', []): + if arch not in l['architectures']: + l['architectures'][arch] = {} + + if 'packages' not in l['architectures'][arch]: + l['architectures'][arch]['packages'] = [] + + if 'packages' in r['architectures'][arch]: + l['architectures'][arch]['packages'] += \ + r['architectures'][arch]['packages'] + + return l + +if __name__ == '__main__': + if len(sys.argv) < 3: + print("Please specify a base flavor and a list of flavor files to merge!") + sys.exit(1) + + base_flavor = load_flavor(sys.argv[1]) + + if 'architectures' not in base_flavor: + base_flavor['architectures'] = {} + + if 'packages' not in base_flavor: + base_flavor['packages'] = [] + + flavor_files = sys.argv[2:] + flavor_defs = map(load_flavor, flavor_files) + + for fd in flavor_defs: + merge_flavors(base_flavor, fd) + + base_flavor['packages'] = list(set(base_flavor['packages'])) + for arch in base_flavor.get('architectures'): + if 'packages' in base_flavor['architectures'][arch]: + base_flavor['architectures'][arch]['packages'] = \ + list(set(base_flavor['architectures'][arch]['packages'])) + + print(tomli_w.dumps(base_flavor)) |