1 |
commit: e7eb724d2b4a5c9ecb5b74928901cfe3abea28f9 |
2 |
Author: Michael Palimaka <kensington <AT> gentoo <DOT> org> |
3 |
AuthorDate: Thu May 29 19:33:21 2014 +0000 |
4 |
Commit: Michael Palimaka <kensington <AT> gentoo <DOT> org> |
5 |
CommitDate: Thu May 29 19:37:05 2014 +0000 |
6 |
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/qa-scripts.git;a=commit;h=e7eb724d |
7 |
|
8 |
tinderbox: Initial commit adding portage bashrc. |
9 |
|
10 |
--- |
11 |
tinderbox/bashrc | 258 +++++++++++++++++++++++++++++++++++++++++++++++++++++++ |
12 |
1 file changed, 258 insertions(+) |
13 |
|
14 |
diff --git a/tinderbox/bashrc b/tinderbox/bashrc |
15 |
new file mode 100644 |
16 |
index 0000000..763979c |
17 |
--- /dev/null |
18 |
+++ b/tinderbox/bashrc |
19 |
@@ -0,0 +1,258 @@ |
20 |
+# Copyright (c) 2014 Michael Palimaka <kensington@g.o> |
21 |
+# |
22 |
+# Permission to use, copy, modify, and/or distribute this software for any |
23 |
+# purpose with or without fee is hereby granted, provided that the above |
24 |
+# copyright notice and this permission notice appear in all copies. |
25 |
+# |
26 |
+# THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES |
27 |
+# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF |
28 |
+# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR |
29 |
+# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES |
30 |
+# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN |
31 |
+# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF |
32 |
+# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. |
33 |
+# |
34 |
+# bashrc for portage to provide QA data for the Gentoo tinderbox frontend. |
35 |
+# Original concept and Tinderbox-provided QA checks by Diego Elio Pettenò |
36 |
+# <flameeyes@g.o>. |
37 |
+# |
38 |
+# Setup instructions: |
39 |
+# - Copy this file to /etc/portage/bashrc |
40 |
+# - Configure portage: |
41 |
+# - {CFLAGS,CXXFLAGS.FFLAGS,FCFLAGS}+="-frecord-gcc-switches" |
42 |
+# - LDFLAGS+="-Wl,--hash-style=gnu" |
43 |
+# - FEATURES+="test-fail-continue" |
44 |
+# - PORTAGE_ELOG_CLASSES+="qa" |
45 |
+# - Ensure TINDERBOX_DIR is writeable by the portage user |
46 |
+# - Install desktop-file-utils (strongly recommended) |
47 |
+# - Install pax-utils (strongly recommended) |
48 |
+# - Install depcheck (optional) |
49 |
+# - Install pkgcore-checks (optional) |
50 |
+# |
51 |
+# CURRENT QA CHECKS |
52 |
+# Portage provided: |
53 |
+# - Ignored CFLAGS/LDFLAGS |
54 |
+# - Missing NEEDED/SONAE |
55 |
+# - EXECSTACK |
56 |
+# - TEXTRELS |
57 |
+# - Certain logged eqawarns |
58 |
+# |
59 |
+# Tinderbox provided: |
60 |
+# - Binaries in /usr/share |
61 |
+# - Bundled libraries |
62 |
+# - .desktop file validation |
63 |
+# - Illegal directories |
64 |
+# - Insecure functions |
65 |
+# - Misplaced documentation |
66 |
+# - OS X fork files |
67 |
+# - Pointless .la files |
68 |
+# - setXid |
69 |
+# - site_dir perl files |
70 |
+# |
71 |
+# External provided: |
72 |
+# - depcheck |
73 |
+# - pcheck |
74 |
+# - repoman |
75 |
+# |
76 |
+# Todo: |
77 |
+# - am_maintainer_mode |
78 |
+# - bash_command_not_found |
79 |
+# - configure_opts_warn |
80 |
+# - has_lafile_headers |
81 |
+# - helper_missing_file |
82 |
+# - make_jobserver |
83 |
+# - unicode_errors |
84 |
+ |
85 |
+: ${TINDERBOX_DIR:="/var/cache/tinderbox"} |
86 |
+ |
87 |
+PACKAGE_DATA_DIR="${TINDERBOX_DIR}/${CATEGORY}/${PN}" |
88 |
+BUILD_DATA_DIR="${PACKAGE_DATA_DIR}/${PF}/$(uuidgen)" |
89 |
+ |
90 |
+tinderbox_setup_common() { |
91 |
+ SANDBOX_ON=0 mkdir -p "${BUILD_DATA_DIR}" > /dev/null |
92 |
+ write_data arch ${ARCH} |
93 |
+ write_data description ${DESCRIPTION} |
94 |
+ write_data profile $(eselect profile show | tail -1) |
95 |
+ write_data timestamp $(date --utc "+%F %T %Z") |
96 |
+} |
97 |
+ |
98 |
+tinderbox_teardown_common() { |
99 |
+ SANDBOX_ON=0 cp "${T}"/build.log "${BUILD_DATA_DIR}" |
100 |
+} |
101 |
+ |
102 |
+tinderbox_success() { |
103 |
+ tinderbox_setup_common |
104 |
+ tinderbox_postinst_checks |
105 |
+ write_data success true |
106 |
+ tinderbox_teardown_common |
107 |
+} |
108 |
+ |
109 |
+tinderbox_failure() { |
110 |
+ if [[ ${EBUILD_PHASE} == test ]] ; then |
111 |
+ touch "${T}"/testsfailed |
112 |
+ return 0 |
113 |
+ fi |
114 |
+ tinderbox_setup_common |
115 |
+ tinderbox_teardown_common |
116 |
+} |
117 |
+ |
118 |
+tinderbox_postinst_checks() { |
119 |
+ # QA logs created by portage: |
120 |
+ # - scanelf-execstack.log |
121 |
+ # - scanelf-ignored-CFLAGS.log |
122 |
+ # - scanelf-ignored-LDFLAGS.log |
123 |
+ # - scanelf-missing-NEEDED.log |
124 |
+ # - scanelf-missing-SONAME.log |
125 |
+ # - scanelf-textrel.log |
126 |
+ SANDBOX_ON=0 cp "${T}"/scanelf-*.log "${BUILD_DATA_DIR}" 2> /dev/null |
127 |
+ |
128 |
+ SANDBOX_ON=0 cp "${T}"/testsfailed "${BUILD_DATA_DIR}" 2> /dev/null |
129 |
+ SANDBOX_ON=0 find "${T}" -name "tinderbox-*.log" -not -empty -execdir mv '{}' "${BUILD_DATA_DIR}" \; |
130 |
+ SANDBOX_ON=0 grep --no-filename QA "${T}"/logging/* > "${BUILD_DATA_DIR}"/portageqa |
131 |
+ |
132 |
+ if [[ ! -s "${BUILD_DATA_DIR}"/portageqa ]] ; then |
133 |
+ SANDBOX_ON=0 rm "${BUILD_DATA_DIR}"/portageqa |
134 |
+ fi |
135 |
+ |
136 |
+ if type -P depcheck > /dev/null ; then |
137 |
+ SANDBOX_ON=0 depcheck ${PF} > "${BUILD_DATA_DIR}"/depcheck |
138 |
+ fi |
139 |
+ |
140 |
+ #pushd "$(dirname ${FILESDIR})" > /dev/null |
141 |
+ #SANDBOX_ON=0 repoman > "${PACKAGE_DATA_DIR}"/repoman |
142 |
+ #SANDBOX_ON=0 pcheck --license-dir "${PORTDIR}"/licenses > "${PACKAGE_DATA_DIR}"/pchecks |
143 |
+ #popd > /dev/null |
144 |
+} |
145 |
+ |
146 |
+write_data() { |
147 |
+ local file=$1 |
148 |
+ shift |
149 |
+ |
150 |
+ SANDBOX_ON=0 echo $@ >> "${BUILD_DATA_DIR}/${file}" |
151 |
+} |
152 |
+ |
153 |
+tinderbox_log() { |
154 |
+ cat - > "${T}"/${1} |
155 |
+} |
156 |
+ |
157 |
+# |
158 |
+# Function overrides to catch QA issues |
159 |
+# |
160 |
+ |
161 |
+make() { |
162 |
+ if [[ "${FUNCNAME[1]}" == "einstall" ]] ; then |
163 |
+ emake -j1 "$@" |
164 |
+ else |
165 |
+ emake "$@" |
166 |
+ |
167 |
+ if [[ "${FUNCNAME[1]}" == "__eapi0_src_test" ]] ; then |
168 |
+ return |
169 |
+ fi |
170 |
+ |
171 |
+ eqawarn QA Notice: direct 'make' call by ${FUNCNAME[1]} |
172 |
+ fi |
173 |
+} |
174 |
+ |
175 |
+# |
176 |
+# QA functions |
177 |
+# |
178 |
+ |
179 |
+# Checks for symbols commonly exported by well-known libraries such eg. libpng |
180 |
+bundled_symbols() { |
181 |
+ for symbol in adler32 BZ2_decompress jpeg_mem_init XML_Parse avcodec_init png_get_libpng_ver lt_dlopen GC_stdout; do |
182 |
+ scanelf -qRs +$symbol "${D}" | tinderbox_log tinderbox-scanelf-bundled.log |
183 |
+ done |
184 |
+} |
185 |
+ |
186 |
+# Checks for usage of functions that may pose a potential security issue. |
187 |
+insecure_functions() { |
188 |
+# for symbol in tmpnam tmpnam_r tempnam gets sigstack getpw getwd mktemp exit; do |
189 |
+ for symbol in tmpnam tmpnam_r tempnam gets sigstack getpw getwd mktemp; do |
190 |
+ scanelf -qRs -$symbol "${D}" | tinderbox_log tinderbox-scanelf-insecure.log |
191 |
+ done |
192 |
+} |
193 |
+ |
194 |
+# Finds ELF files in /usr/share. These should be installed to some other location. |
195 |
+share_elfs() { |
196 |
+ scanelf -R "${D}"/usr/share | tinderbox_log tinderbox-share-elfs.log |
197 |
+} |
198 |
+ |
199 |
+# Locate OS X fork files. These should not be installed at all. |
200 |
+osx_forkfile() { |
201 |
+ find "${D}" -name '._*' -printf "/%P\n" | tinderbox_log tinderbox-osx-forkfile.log |
202 |
+} |
203 |
+ |
204 |
+# Locate setXid files which may pose a security issue. |
205 |
+setXid() { |
206 |
+ find "${D}" -perm /6000 -printf "%#m %u:%g /%P\n" | tinderbox_log tinderbox-setXid-binaries.log |
207 |
+} |
208 |
+ |
209 |
+# Locate la files that serve no purpose. |
210 |
+pointless_la() { |
211 |
+ find "${D}" \ |
212 |
+ \( -path "${D}"usr/lib\*/python\*/site-packages/\* -or \ |
213 |
+ -path "${D}"usr/lib\*/ruby\*/site_ruby/\* -or \ |
214 |
+ -path "${D}"usr/lib\*/perl5/\* -or \ |
215 |
+ -path "${D}"lib\*/security/\* \) -name '*.la' \ |
216 |
+ -printf "/%P\n" | tinderbox_log tinderbox-pointless-la.log |
217 |
+} |
218 |
+ |
219 |
+# Find directories that are not permitted to be used by ebuilds. |
220 |
+invalid_directory() { |
221 |
+ find "${D}" \ |
222 |
+ \( -path "${D}"usr/man\* -or \ |
223 |
+ -path "${D}"usr/man/\* -or \ |
224 |
+ -path "${D}"usr/info/\* -or \ |
225 |
+ -path "${D}"usr/X11R6/\* -or \ |
226 |
+ -path "${D}"usr/locale/\* -or \ |
227 |
+ -path "${D}"usr/local/\* -or \ |
228 |
+ -path "${D}"var/lock\* -or \ |
229 |
+ -path "${D}"var/run/\* -or \ |
230 |
+ -path "${D}"dev/\* \ |
231 |
+ \) -printf "/%P\n" | tinderbox_log tinderbox-invalid-directory.log |
232 |
+} |
233 |
+ |
234 |
+# Perl files should be installed into vendor_perl, not site_perl. |
235 |
+site_perl() { |
236 |
+ find "${D}" \ |
237 |
+ -path "${D}"usr/lib*/perl5/site_perl/\* \ |
238 |
+ -printf "/%P\n" | tinderbox_log tinderbox-site-perl.log |
239 |
+} |
240 |
+ |
241 |
+# Most documentation should be installed to /usr/share/doc/${PF} |
242 |
+misplaced_doc() { |
243 |
+ find "${D}" \ |
244 |
+ -path "${D}"usr/doc/\* -or \ |
245 |
+ \( -path "${D}"usr/share/doc/\* -type d \ |
246 |
+ -prune -not \( -name "${PF}" -or -name 'KDE4' -or -name 'HTML' \) \ |
247 |
+ \) -printf "/%P\n" | tinderbox_log tinderbox-misplaced-doc.log |
248 |
+} |
249 |
+ |
250 |
+# Locate .desktop files that do not pass validation |
251 |
+invalid_desktop_files() { |
252 |
+ find "${D}" -maxdepth 4 -path "${D}"usr/share/applications/\* \ |
253 |
+ -name '*.desktop' -exec desktop-file-validate '{}' + | \ |
254 |
+ tinderbox_log tinderbox-invalid-desktop-file.log |
255 |
+} |
256 |
+ |
257 |
+# |
258 |
+# Portage hooks |
259 |
+# |
260 |
+ |
261 |
+pre_pkg_setup() { |
262 |
+ register_success_hook tinderbox_success |
263 |
+ register_die_hook tinderbox_failure |
264 |
+} |
265 |
+ |
266 |
+post_src_install() { |
267 |
+ bundled_symbols |
268 |
+ insecure_functions |
269 |
+ share_elfs |
270 |
+ osx_forkfile |
271 |
+ setXid |
272 |
+ pointless_la |
273 |
+ invalid_directory |
274 |
+ site_perl |
275 |
+ misplaced_doc |
276 |
+ invalid_desktop_files |
277 |
+} |