By the time projects-dir.mk is used during onboarding, it's already cloned, and so is jw-pkg in all its glory. So better use a ssh-wrapper.sh directly under jw-pkg's version control instead of plainly generating one with echo some-script-logic > ssh-wrapper.sh.
This has the main benefit of allowing a more elaborate script. The one added by this commit removes "-l user" from remotes which have a standard-user@gitserver form, typically because they differentiate users via their SSH pubkeys only, and which would deny access if both -l user and standard-user@ were specified.
ssh-wrapper.sh still needs to be a target which is updated by a recipe, because the version found in jw-pkg can't be trusted to be executable during bootstrapping, because "make all" has not run, yet.
The git-get-pub does not have the same effect as the other git-get-% targets, and this commit makes it.
The other git-get-% targets run pgit.sh, which rebases the current branch onto the fetched branch, and git-get-pub doesn't. Since devops merges contributor forges fast-forward without a merge-commit, the pub remote's master needs to be the last to be rebased on, because otherwise it will not allow to force-push the result.
As soon as multiple forges with protected master branches contribute, fast-forward merging of the master branch will need to be abolished anyway, and the release machinery will need an overhaul.
pkg.requires.os.release = python3-pyright breaks CI on Kali Linux. It is present in the janware repos, but using those would cross a line: jw-pkg must be buildable from the base repositories alone, so don't make pyright mandatory for Debian, because that pulls it in for Kali, too.
Ironically, the Debian repo provides it. Which makes it obvious that we will need another entry in the os cascade for Debian proper to allow pulling in such packages on Debian.
Target all should create all necessary files in topdir. Currently they're only needed for static file checks, but they might well be prerequistes for the build to succeed in the future, so make target all depend on topdir.
Also, place target all before the block of includes, so that the execution order is defined in topdir.mk rather than the included snippets.
This file can be included from toplevel Makefiles of projects which are part of a jw-pkg project tree but don't want to provide necessary targets themselves. The targets in this makefile simply do nothing. Feel free to add functionality to whatever target seems useful to you.
make topdir doesn't reliably regenerate pyrightconfig.json because of .SECONDEXPANSION. Adding a second dollar symbol $$(TD_GENERATE_FILES) solves the problem.
Currently, only mypy is run from py-check-syntax, but the targets are meant as entry point for further linter jobs in the future.
There's also
py-format-assignments:
which is meant to add spaces around "=" in multi-line assignment blocks, but, pending future experiments, I thing that target is going to be removed again. Left in for now.
Add py-ns-dir.mk. It's first intended use is inside the $(TOPDIR)/src/python/jw directories of each package. These are to be treated specially, because they contribute to the same namespace: jw.
This is true when installed, which means that no __init__.py should be packaged from that directory, see the guide linked below.
And it's also true when not installed, in which case there has to be a path-extending __init__.py in the directory. Normally, it should work without __init__.py in that case, as well, and it does for running Python code with PYTHONPATH pointing to the respective package roots. However, pyright doesn't seem to pull in code scattered over multiple locations without an old-style namespace path-extender, so we're likely going to add (but not install) an __init__.py there.
Not sure if it's going to be auto-generated py py-ns-dir.mk or committed to version control, we'll see with more testing.
Here's where I have my info from, aside from experiments.
If $(wildcard py.typed) is found in a python module directory, install it. py.typed should be used by every repo that declares properly typed code, for jw-pkg that would be at the jw.pkg node, i.e installed to <site-dir>/jw/jw-pkg/py.typed.
Add generic machinery to dynamically create files in $(TOPDIR). The need arises because version controlled configuration files for linters are going to be introduced.
For that, this commit introduces a variable $(TD_GENERATE_FILES), which target all depends on, and which topdir.clean removes.
It defaults to another variable also introduced by this commit, $(TD_COPY_FILES), which in turn defaults to $(TOPDIR)/conf/topdir.
This commit also adds support for JW_PKG_TOPDIR_COPY_PATH. It supports a PATH-style syntax, which allows pointing to multiple directories to be checked for source files. If they exist, they will be appended to the files found in $(TOPDIR)/conf/topdir after copying. Defining arbitray files to copy is not supported before security implications during CI runs are better understood.
Having the copy prerequisites work comes at the cost of having to add .SECONDEXPANSION. Since it's limited to the toplevel Makefile, I suppose that's acceptable.
The __init__.py files as gnerated by python-tools.sh contain multiple issues, fix them:
- Make the machinery fail if the same type name is imported from
different modules
- Support relative imports from .Module import Module instead of
having to use the entire module path as import source
- Import types explicitly re-exported with "as":
from .Module import Module as Module
Otherwise ruff will regard the type as "imported but not used"
- Add "# ruff: noqa: E501" near the top. The import lines can get
long and are beyond manual control (except for renaming the
modules themselves, that is). This can cause ruff to fail, so get
it to accept long lines in __init__.py. The style violation
doesn't make much of a difference in generated code, anyway,
because nobody reads that. Plus what's happening in the code
isn't rocket science, so good style wouldn't help much with
understanding, either.
This promptly digs up two symbol name conflicts lib.pm.dpkg and lib.pm.rpm. Fix them along with this commit to keep it from breaking the build.
Remove JW_PKG_EXTRA_SSH_OPTS before git pull in the context of get-pub / git-get-pub because it contains -l username, which collides with Forge-style git@<forge> remote URIs.
Add get-pub for top directory / projects directory level. This is a janware specific target needed for CI. It integrates the current master branch from the new Forgejo-based Git repos.
That said, this will likely need to go along with other release machinery. Packaging is good, but releasing over a bunch of directories is an intricate process, as-is only usable by janware itself, and doesn't need to be part of jw-pkg.
If a project is not initialized via make pkg-init-%, it doesn't contain a VERSION file. When CI tries to build and package such a project, it auto-creates a VERSION file, but a broken one: The revision isn't properly seperated by a dash but by a dot, which makes CI give up while parsing it.
Add a new target git-show-ahead-of-master, which does what git-show-pushable did up to now: List all repos where the currently checked-out branch is ahead of origin/master.
git-show-pushable now shows repos that have their checked-out branch ahead of their respective upstream branches. Which is truer to what the target's name suggests.
Rename command "distro" to "pkg" together with "info", its last remaining subcommand. "distro" is often used in the sense of "Linux distribution", which would be too narrow for the targets jw-pkg could theoretically support.
With the exception of the "info" subcommand, nearly all of distro's subcommands deal with package managing, so push them into their own command category.
pgit.sh get is not invoked with --create-remote-user-repos by default. For the janware Git servers, this makes CI fail over new repos: Repos from the maintainers are pulled, but before pkg-rebuild-reinstall, repos that the devops user has no remote repo for are purged again and are subseqently missing during build.
Passing --create-remote-user-repos to all pgit.sh get invocations should fix the problem, so do that.
CmdCanonicalizeRemotes / canonicalize-remotes and the respective target in topdir.mk remove the /srv/git portion from all remotes' URLs pointing to git.janware.com.
/usr/bin/file <candidate> | grep text is used to detect if a file is a text file or not. Replace that with grep -I., because that adds some files left out by /usr/bin/file, notably systemd service files.
Rename git-show-pushable-master-branches to git-show-pushable, because, the target's recipe doesn't show pushable master branches, but all commits in the working directories current branch not present in origin/master.
Don't use persistent SSH-connections any more for "pkg-" targets,
because, sadly, this hangs after uploading a package.
This commit puts some safeguards against hanging SSH into place, namely setting default SSH timeouts down, SSH keepalive, setting SSH BatchMode to yes.
Use DEP_PROJECTS instead of BUILD_PROJECTS everywhere. DEP_PROJECTS considers more projects, and for all targets it is relevant to, it's desirable to have them operate on the maximum blast radius.
make git-show-pushable-master-branches misses projects which should better be pulled in as dependencies. It searches $(BUILLD_PROJECTS) for repositories with pushable commits, that variable leaves some out, and DEP_PROJECTS has them. It make use of the renovated pkg-requires command.
This move should be extended to other uses of BUILD_PROJECTS as well, after giving it some test runs. And the legacy and redundant command prereq should be removed.
Log to stderr and add some ASCII-art around the output. Also, add a --porcelain option to allow more stable output parsing. Subsequently, use that option in make targets parsing the output, notably make diff and make git-show-xxx.
Move the PY_XXX = true|false variable definitions meant to be preset by including makefiles to the top of py-defs.mk to make the structure of the file clearer.
Add PY_INSTALL_INIT_PY ?= true to py-defs.mk. If set to false, a Python module will not try to attempt installing an existing / generated __init__.py. This is useful when installing into an exiting directory with an existing __init__.py.
jw-pkg supports more than RPM-based package managers, but for historic reasons, lots of its Makefile variables still have "RPM" in their names. This is misleading. Replace "RPM" in variable names by the more generic "PKG" where appropriate.
RPM_REQUIRES_DEVEL is often filled from the current version, which in turn is filled from the version file, so the order of events here is unclear at best.
Add target pkg-release-update-version and make pkg-release-reinstall depend on it to make the order explicit.
