[gentoo-commits] proj/hardened-refpolicy:master commit in: gentoo/ - gentoo-commits

From:	Jason Zaman <perfinion@g.o>
To:	gentoo-commits@l.g.o
Subject:	[gentoo-commits] proj/hardened-refpolicy:master commit in: gentoo/
Date:	Sun, 05 Sep 2021 16:00:26
Message-Id:	`1630855814.5f7c94e010a7d68ddd59a21221788b38e369faa8.perfinion@gentoo`

1

commit:     5f7c94e010a7d68ddd59a21221788b38e369faa8

2

Author:     Jason Zaman <perfinion <AT> gentoo <DOT> org>

3

AuthorDate: Sun Sep  5 15:21:44 2021 +0000

4

Commit:     Jason Zaman <perfinion <AT> gentoo <DOT> org>

5

CommitDate: Sun Sep  5 15:30:14 2021 +0000

6

URL:        https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=5f7c94e0

7

8

Merge upstream

9

10

Signed-off-by: Jason Zaman <perfinion <AT> gentoo.org>

11

12

 gentoo/README | 64 +++++++++++++++++++++++++++++++++++++++++++++++++----------

13

 gentoo/STATE  |  2 +-

14

 2 files changed, 54 insertions(+), 12 deletions(-)

15

16

diff --git a/gentoo/README b/gentoo/README

17

index e0f294bf..54dbcc6a 100644

18

--- a/gentoo/README

19

+++ b/gentoo/README

20

@@ -1,19 +1,61 @@

21

 Gentoo refpolicy repository

22

 ===========================

23

24

-Our upstream is Tresys' refpolicy project, available at

25

-https://github.com/TresysTechnology/refpolicy.git. To properly keep track of the upstream

26

-activity as well as merge its changes, a set of documents, files and scripts are

27

-provided to ease the management of our repository.

28

+Our upstream is SELinuxProject's refpolicy project, available at:

29

+https://github.com/SELinuxProject/refpolicy/. To properly keep track of the

30

+upstream activity as well as merge its changes, a set of documents, files and

31

+scripts are provided to ease the management of our repository.

32

33

-STATE

34

------

35

+Environment Variables

36

+---------------------

37

38

-The STATE file contains the commit id's of upstream up to which point our

39

+The scripts in this directory expect several envvars defining locations to repos.

40

+For example, set in .bashrc:

41

+

42

+export GENTOOX86="/var/db/repos/gentoo"

43

+export HARDENEDREFPOL="${HOME}/code/gentoo/hardened-refpolicy"

44

+export REFPOLGIT="${HOME}/code/gentoo/refpolicy"

45

+export REFPOLRELEASE="${HOME}/code/gentoo/refpolicy-release/refpolicy"

46

+

47

+

48

+gentoo/STATE

49

+------------

50

+

51

+The STATE file contains the commit id of upstream up to which point our

52

 repository is synchronized/merged.

53

54

-release-prepare.sh

55

-------------------

56

+Merging upstream

57

+----------------

58

+

59

+To merge changes from upstream, first have both repos checked out and up to date.

60

+Format patches from upstream repo:

61

+

62

+    refpolicy $ git fetch origin

63

+    refpolicy $ rm -f ./0*.patch # cleanup any previous patches

64

+    refpolicy $ git format-patch $(cat ${HARDENEDREFPOL}/gentoo/STATE)..origin/HEAD

65

+

66

+Apply all the patches to our repo:

67

+

68

+    hardened-refpolicy $ git am ${REFPOLGIT}/0*.patch --signoff

69

+

70

+If there are merge conflicts, patch fuzzy-apply is usually somewhat successful:

71

+

72

+    $ patch -p1 -F99 -l --no-backup-if-mismatch < <(git am --show-current-patch=diff)

73

+

74

+Or resolve conflicts manually. Then, as always, make sure everything is sane,

75

+then continue until all patches are applied: $ git am --continue

76

+

77

+Make sure to test thoroughly and push to github so the Github Actions CI will

78

+test all config combinations and flag any deprecations.

79

+

80

+Finally, make sure the STATE file is updated:

81

+

82

+    $ git -C ${REFPOLGIT} rev-parse origin/HEAD > gentoo/STATE

83

+    $ git add gentoo/STATE

84

+    $ git commit -m "Merge upstream" -s

85

+

86

+gentoo/release-prepare.sh

87

+-------------------------

88

89

-The release-prepare.sh script handles the creation of a new policy release, from

90

-creating the new ebuilds, patchbundle to tagging the repository.

91

+The release-prepare.sh script handles the creation of a new Gentoo policy

92

+release, from creating the new ebuilds & patchbundle to tagging the repository.

93

94

diff --git a/gentoo/STATE b/gentoo/STATE

95

index 76659b77..7e9c4893 100644

96

--- a/gentoo/STATE

97

+++ b/gentoo/STATE

98

@@ -1 +1 @@

99

-main 4aa1562208b576906ecb469175bfa11e791fdbe6

100

+e45d2fd1efb20380b2bf21a52623bf008d742e46

1	commit: 5f7c94e010a7d68ddd59a21221788b38e369faa8
2	Author: Jason Zaman <perfinion <AT> gentoo <DOT> org>
3	AuthorDate: Sun Sep 5 15:21:44 2021 +0000
4	Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org>
5	CommitDate: Sun Sep 5 15:30:14 2021 +0000
6	URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=5f7c94e0
7
8	Merge upstream
9
10	Signed-off-by: Jason Zaman <perfinion <AT> gentoo.org>
11
12	gentoo/README \| 64 +++++++++++++++++++++++++++++++++++++++++++++++++----------
13	gentoo/STATE \| 2 +-
14	2 files changed, 54 insertions(+), 12 deletions(-)
15
16	diff --git a/gentoo/README b/gentoo/README
17	index e0f294bf..54dbcc6a 100644
18	--- a/gentoo/README
19	+++ b/gentoo/README
20	@@ -1,19 +1,61 @@
21	Gentoo refpolicy repository
22	===========================
23
24	-Our upstream is Tresys' refpolicy project, available at
25	-https://github.com/TresysTechnology/refpolicy.git. To properly keep track of the upstream
26	-activity as well as merge its changes, a set of documents, files and scripts are
27	-provided to ease the management of our repository.
28	+Our upstream is SELinuxProject's refpolicy project, available at:
29	+https://github.com/SELinuxProject/refpolicy/. To properly keep track of the
30	+upstream activity as well as merge its changes, a set of documents, files and
31	+scripts are provided to ease the management of our repository.
32
33	-STATE
34	------
35	+Environment Variables
36	+---------------------
37
38	-The STATE file contains the commit id's of upstream up to which point our
39	+The scripts in this directory expect several envvars defining locations to repos.
40	+For example, set in .bashrc:
41	+
42	+export GENTOOX86="/var/db/repos/gentoo"
43	+export HARDENEDREFPOL="${HOME}/code/gentoo/hardened-refpolicy"
44	+export REFPOLGIT="${HOME}/code/gentoo/refpolicy"
45	+export REFPOLRELEASE="${HOME}/code/gentoo/refpolicy-release/refpolicy"
46	+
47	+
48	+gentoo/STATE
49	+------------
50	+
51	+The STATE file contains the commit id of upstream up to which point our
52	repository is synchronized/merged.
53
54	-release-prepare.sh
55	-------------------
56	+Merging upstream
57	+----------------
58	+
59	+To merge changes from upstream, first have both repos checked out and up to date.
60	+Format patches from upstream repo:
61	+
62	+ refpolicy $ git fetch origin
63	+ refpolicy $ rm -f ./0*.patch # cleanup any previous patches
64	+ refpolicy $ git format-patch $(cat ${HARDENEDREFPOL}/gentoo/STATE)..origin/HEAD
65	+
66	+Apply all the patches to our repo:
67	+
68	+ hardened-refpolicy $ git am ${REFPOLGIT}/0*.patch --signoff
69	+
70	+If there are merge conflicts, patch fuzzy-apply is usually somewhat successful:
71	+
72	+ $ patch -p1 -F99 -l --no-backup-if-mismatch < <(git am --show-current-patch=diff)
73	+
74	+Or resolve conflicts manually. Then, as always, make sure everything is sane,
75	+then continue until all patches are applied: $ git am --continue
76	+
77	+Make sure to test thoroughly and push to github so the Github Actions CI will
78	+test all config combinations and flag any deprecations.
79	+
80	+Finally, make sure the STATE file is updated:
81	+
82	+ $ git -C ${REFPOLGIT} rev-parse origin/HEAD > gentoo/STATE
83	+ $ git add gentoo/STATE
84	+ $ git commit -m "Merge upstream" -s
85	+
86	+gentoo/release-prepare.sh
87	+-------------------------
88
89	-The release-prepare.sh script handles the creation of a new policy release, from
90	-creating the new ebuilds, patchbundle to tagging the repository.
91	+The release-prepare.sh script handles the creation of a new Gentoo policy
92	+release, from creating the new ebuilds & patchbundle to tagging the repository.
93
94	diff --git a/gentoo/STATE b/gentoo/STATE
95	index 76659b77..7e9c4893 100644
96	--- a/gentoo/STATE
97	+++ b/gentoo/STATE
98	@@ -1 +1 @@
99	-main 4aa1562208b576906ecb469175bfa11e791fdbe6
100	+e45d2fd1efb20380b2bf21a52623bf008d742e46

Gentoo Archives: gentoo-commits