From 55d9396646d3c87033bede1315051bc258ae5f5b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Romain=20Tarti=C3=A8re?= Date: Tue, 6 Feb 2024 15:12:22 -1000 Subject: [PATCH] Add support for the latest poudriere options Sync the configuration template with poudriere 3.4.1 sample. --- REFERENCE.md | 162 +++++++++++++++++++++++++++++++---- manifests/init.pp | 35 +++++++- spec/classes/init_spec.rb | 154 +++++++++++++++++++-------------- templates/poudriere.conf.epp | 144 ++++++++++++++++++++++++------- 4 files changed, 382 insertions(+), 113 deletions(-) diff --git a/REFERENCE.md b/REFERENCE.md index 883cf2c..d7b96ed 100644 --- a/REFERENCE.md +++ b/REFERENCE.md @@ -44,7 +44,10 @@ The following parameters are available in the `poudriere` class: * [`mfssize`](#-poudriere--mfssize) * [`tmpfs`](#-poudriere--tmpfs) * [`tmpfs_limit`](#-poudriere--tmpfs_limit) +* [`tmpfs_blacklist`](#-poudriere--tmpfs_blacklist) +* [`tmpfs_blacklist_tmpdir`](#-poudriere--tmpfs_blacklist_tmpdir) * [`max_memory`](#-poudriere--max_memory) +* [`max_memory_per_package`](#-poudriere--max_memory_per_package) * [`max_files`](#-poudriere--max_files) * [`distfiles_cache`](#-poudriere--distfiles_cache) * [`git_baseurl`](#-poudriere--git_baseurl) @@ -60,6 +63,8 @@ The following parameters are available in the `poudriere` class: * [`ccache_dir`](#-poudriere--ccache_dir) * [`ccache_static_prefix`](#-poudriere--ccache_static_prefix) * [`restrict_networking`](#-poudriere--restrict_networking) +* [`allow_networking_packages`](#-poudriere--allow_networking_packages) +* [`disallow_networking`](#-poudriere--disallow_networking) * [`allow_make_jobs_packages`](#-poudriere--allow_make_jobs_packages) * [`parallel_jobs`](#-poudriere--parallel_jobs) * [`prepare_parallel_jobs`](#-poudriere--prepare_parallel_jobs) @@ -74,7 +79,6 @@ The following parameters are available in the `poudriere` class: * [`allow_make_jobs`](#-poudriere--allow_make_jobs) * [`allow_make_jobs_packages`](#-poudriere--allow_make_jobs_packages) * [`timestamp_logs`](#-poudriere--timestamp_logs) -* [`url_base`](#-poudriere--url_base) * [`max_execution_time`](#-poudriere--max_execution_time) * [`nohang_time`](#-poudriere--nohang_time) * [`atomic_package_repository`](#-poudriere--atomic_package_repository) @@ -86,19 +90,29 @@ The following parameters are available in the `poudriere` class: * [`preserve_timestamp`](#-poudriere--preserve_timestamp) * [`build_as_non_root`](#-poudriere--build_as_non_root) * [`portbuild_user`](#-poudriere--portbuild_user) +* [`portbuild_group`](#-poudriere--portbuild_group) * [`portbuild_uid`](#-poudriere--portbuild_uid) +* [`portbuild_gid`](#-poudriere--portbuild_gid) * [`priority_boost`](#-poudriere--priority_boost) * [`buildname_format`](#-poudriere--buildname_format) * [`duration_format`](#-poudriere--duration_format) * [`use_colors`](#-poudriere--use_colors) * [`trim_orphaned_build_deps`](#-poudriere--trim_orphaned_build_deps) +* [`delete_unknown_files`](#-poudriere--delete_unknown_files) +* [`delete_unqueued_packages`](#-poudriere--delete_unqueued_packages) * [`local_mtree_excludes`](#-poudriere--local_mtree_excludes) +* [`url_base`](#-poudriere--url_base) * [`html_type`](#-poudriere--html_type) * [`html_track_remaining`](#-poudriere--html_track_remaining) +* [`determine_build_failure_reason`](#-poudriere--determine_build_failure_reason) +* [`makeworldargs`](#-poudriere--makeworldargs) +* [`package_fetch_branch`](#-poudriere--package_fetch_branch) +* [`package_fetch_url`](#-poudriere--package_fetch_url) +* [`package_fetch_blacklist`](#-poudriere--package_fetch_blacklist) +* [`package_fetch_whitelist`](#-poudriere--package_fetch_whitelist) * [`environments`](#-poudriere--environments) * [`portstrees`](#-poudriere--portstrees) * [`xbuild_package`](#-poudriere--xbuild_package) -* [`allow_networking_packages`](#-poudriere--allow_networking_packages) ##### `zpool` @@ -180,6 +194,22 @@ How much memory to limit tmpfs size to for each builder in GiB Default value: `undef` +##### `tmpfs_blacklist` + +Data type: `Optional[Array[String[1]]]` + +List of package globs that are not allowed to use tmpfs + +Default value: `undef` + +##### `tmpfs_blacklist_tmpdir` + +Data type: `Optional[String[1]]` + +The host path where tmpfs-blacklisted packages can be built in + +Default value: `undef` + ##### `max_memory` Data type: `Optional[Integer[1]]` @@ -188,6 +218,14 @@ How much memory to limit jail processes to for each builder Default value: `undef` +##### `max_memory_per_package` + +Data type: `Hash[String[1], Integer[1]]` + +Override max_memory per package + +Default value: `{}` + ##### `max_files` Data type: `Optional[Integer[1]]` @@ -308,6 +346,22 @@ The jails normally only allow network access during the 'make fetch' phase. Default value: `undef` +##### `allow_networking_packages` + +Data type: `Optional[String[1]]` + +Allow networking for a subset of packages + +Default value: `undef` + +##### `disallow_networking` + +Data type: `Optional[Enum['yes', 'no']]` + +Fully disabled networking + +Default value: `undef` + ##### `allow_make_jobs_packages` Data type: `Optional[String[1]]` @@ -418,14 +472,6 @@ Timestamp every line of build logs Default value: `undef` -##### `url_base` - -Data type: `Optional[String[1]]` - -URL where your POUDRIERE_DATA/logs are hosted - -Default value: `undef` - ##### `max_execution_time` Data type: `Optional[Integer[1]]` @@ -514,6 +560,14 @@ Define to the username to build as when BUILD_AS_NON_ROOT is yes Default value: `undef` +##### `portbuild_group` + +Data type: `Optional[String[1]]` + +Define to the groupname to build as when BUILD_AS_NON_ROOT is yes + +Default value: `undef` + ##### `portbuild_uid` Data type: `Optional[Integer[1]]` @@ -522,6 +576,14 @@ Define to the uid to use for PORTBUILD_USER if the user does not already exist i Default value: `undef` +##### `portbuild_gid` + +Data type: `Optional[Integer[1]]` + +Define to the gid to use for PORTBUILD_USER if the group does not already exist in the jail + +Default value: `undef` + ##### `priority_boost` Data type: `Optional[String[1]]` @@ -562,6 +624,22 @@ Only build what is requested Default value: `undef` +##### `delete_unknown_files` + +Data type: `Optional[Enum['yes', 'no']]` + +Whether or not bulk/testport should delete unknown files in the repository + +Default value: `undef` + +##### `delete_unqueued_packages` + +Data type: `Optional[Enum['yes', 'always', 'no']]` + +Whether or not bulk/testport should automatically "pkgclean" + +Default value: `undef` + ##### `local_mtree_excludes` Data type: `Optional[String[1]]` @@ -570,6 +648,14 @@ A list of directories to exclude from leftover and filesystem violation mtree ch Default value: `undef` +##### `url_base` + +Data type: `Optional[String[1]]` + +URL where your POUDRIERE_DATA/logs are hosted + +Default value: `undef` + ##### `html_type` Data type: `Optional[Enum['hosted', 'inline']]` @@ -586,6 +672,54 @@ Set to track remaining ports in the HTML interface Default value: `undef` +##### `determine_build_failure_reason` + +Data type: `Optional[Enum['yes', 'no']]` + +Grep build logs to determine a possible build failure reason + +Default value: `undef` + +##### `makeworldargs` + +Data type: `Optional[String[1]]` + +Pass arguments to buildworld + +Default value: `undef` + +##### `package_fetch_branch` + +Data type: `Optional[String[1]]` + +Set to always attempt to fetch packages or dependencies before building + +Default value: `undef` + +##### `package_fetch_url` + +Data type: `Optional[String[1]]` + +The fetch URL + +Default value: `undef` + +##### `package_fetch_blacklist` + +Data type: `Optional[Array[String[1]]]` + +Packages which should never be fetched + +Default value: `undef` + +##### `package_fetch_whitelist` + +Data type: `Optional[Array[String[1]]]` + +Allow only specific packages to be fetched + +Default value: `undef` + ##### `environments` Data type: `Hash` @@ -610,14 +744,6 @@ Package to install for cross-building packages Default value: `'qemu-user-static'` -##### `allow_networking_packages` - -Data type: `Optional[String[1]]` - - - -Default value: `undef` - ### `poudriere::xbuild` Install cross-building dependencies diff --git a/manifests/init.pp b/manifests/init.pp index e0600d7..e1b9610 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -13,7 +13,10 @@ # @param mfssize Size of WRKDIRPREFIX when using mdmfs # @param tmpfs Use tmpfs(5) # @param tmpfs_limit How much memory to limit tmpfs size to for each builder in GiB +# @param tmpfs_blacklist List of package globs that are not allowed to use tmpfs +# @param tmpfs_blacklist_tmpdir The host path where tmpfs-blacklisted packages can be built in # @param max_memory How much memory to limit jail processes to for each builder +# @param max_memory_per_package Override max_memory per package # @param max_files How many file descriptors to limit each jail process to # @param distfiles_cache Directory used for the distfiles # @param git_baseurl Git URL to use to fetch base @@ -29,6 +32,8 @@ # @param ccache_dir Path to the ccache cache directory # @param ccache_static_prefix Static ccache support from host # @param restrict_networking The jails normally only allow network access during the 'make fetch' phase. +# @param allow_networking_packages Allow networking for a subset of packages +# @param disallow_networking Fully disabled networking # @param allow_make_jobs_packages Allow networking for a subset of packages when building # @param parallel_jobs Override the number of builders # @param prepare_parallel_jobs How many jobs should be used for preparing the build @@ -43,7 +48,6 @@ # @param allow_make_jobs Do not bound the number of processes to the number of cores # @param allow_make_jobs_packages List of packages that will always be allowed to use MAKE_JOBS regardless of ALLOW_MAKE_JOBS # @param timestamp_logs Timestamp every line of build logs -# @param url_base URL where your POUDRIERE_DATA/logs are hosted # @param max_execution_time Set the max time (in seconds) that a command may run for a build before it is killed for taking too long # @param nohang_time Set the time (in seconds) before a command is considered to be in a runaway state for having no output on stdout # @param atomic_package_repository Update the repository atomically @@ -55,15 +59,26 @@ # @param preserve_timestamp Define to get a predictable timestamp on the ports tree # @param build_as_non_root Build and stage as a regular user # @param portbuild_user Define to the username to build as when BUILD_AS_NON_ROOT is yes +# @param portbuild_group Define to the groupname to build as when BUILD_AS_NON_ROOT is yes # @param portbuild_uid Define to the uid to use for PORTBUILD_USER if the user does not already exist in the jail +# @param portbuild_gid Define to the gid to use for PORTBUILD_USER if the group does not already exist in the jail # @param priority_boost Define pkgname globs to boost priority for # @param buildname_format Define format for buildnames # @param duration_format Define format for build duration times # @param use_colors Use colors when in a TTY # @param trim_orphaned_build_deps Only build what is requested +# @param delete_unknown_files Whether or not bulk/testport should delete unknown files in the repository +# @param delete_unqueued_packages Whether or not bulk/testport should automatically "pkgclean" # @param local_mtree_excludes A list of directories to exclude from leftover and filesystem violation mtree checks +# @param url_base URL where your POUDRIERE_DATA/logs are hosted # @param html_type Set to hosted to use the /data directory instead of inline style HTML # @param html_track_remaining Set to track remaining ports in the HTML interface +# @param determine_build_failure_reason Grep build logs to determine a possible build failure reason +# @param makeworldargs Pass arguments to buildworld +# @param package_fetch_branch Set to always attempt to fetch packages or dependencies before building +# @param package_fetch_url The fetch URL +# @param package_fetch_blacklist Packages which should never be fetched +# @param package_fetch_whitelist Allow only specific packages to be fetched # @param environments Build environments to manage # @param portstrees Port trees to manage # @param xbuild_package Package to install for cross-building packages @@ -78,7 +93,10 @@ Optional[String[1]] $mfssize = undef, Poudriere::Tmpfs $tmpfs = 'yes', Optional[Integer[1]] $tmpfs_limit = undef, + Optional[Array[String[1]]] $tmpfs_blacklist = undef, + Optional[String[1]] $tmpfs_blacklist_tmpdir = undef, Optional[Integer[1]] $max_memory = undef, + Hash[String[1], Integer[1]] $max_memory_per_package = {}, Optional[Integer[1]] $max_files = undef, Stdlib::Absolutepath $distfiles_cache = '/usr/ports/distfiles', Optional[String[1]] $git_baseurl = undef, @@ -95,6 +113,7 @@ Optional[Stdlib::Absolutepath] $ccache_static_prefix = undef, Optional[Enum['yes', 'no']] $restrict_networking = undef, Optional[String[1]] $allow_networking_packages = undef, + Optional[Enum['yes', 'no']] $disallow_networking = undef, Integer[1] $parallel_jobs = $facts['processors']['count'], Optional[Integer[1]] $prepare_parallel_jobs = undef, Optional[String[1]] $save_wrkdir = undef, @@ -108,7 +127,6 @@ Optional[String[1]] $allow_make_jobs = undef, Optional[String[1]] $allow_make_jobs_packages = undef, Optional[Enum['yes', 'no']] $timestamp_logs = undef, - Optional[String[1]] $url_base = undef, Optional[Integer[1]] $max_execution_time = undef, Optional[Integer[1]] $nohang_time = undef, Optional[Enum['yes', 'no']] $atomic_package_repository = undef, @@ -120,19 +138,32 @@ Optional[Enum['yes', 'no']] $preserve_timestamp = undef, Optional[String[1]] $build_as_non_root = undef, Optional[String[1]] $portbuild_user = undef, + Optional[String[1]] $portbuild_group = undef, Optional[Integer[1]] $portbuild_uid = undef, + Optional[Integer[1]] $portbuild_gid = undef, Optional[String[1]] $priority_boost = undef, Optional[String[1]] $buildname_format = undef, Optional[String[1]] $duration_format = undef, Optional[Enum['yes', 'no']] $use_colors = undef, Optional[Enum['yes', 'no']] $trim_orphaned_build_deps = undef, + Optional[Enum['yes', 'no']] $delete_unknown_files = undef, + Optional[Enum['yes', 'always', 'no']] $delete_unqueued_packages = undef, Optional[String[1]] $local_mtree_excludes = undef, + Optional[String[1]] $url_base = undef, Optional[Enum['hosted', 'inline']] $html_type = undef, Optional[Enum['yes', 'no']] $html_track_remaining = undef, + Optional[Enum['yes', 'no']] $determine_build_failure_reason = undef, + Optional[String[1]] $makeworldargs = undef, + Optional[String[1]] $package_fetch_branch = undef, + Optional[String[1]] $package_fetch_url = undef, + Optional[Array[String[1]]] $package_fetch_blacklist = undef, + Optional[Array[String[1]]] $package_fetch_whitelist = undef, Hash $environments = {}, Hash $portstrees = {}, String[1] $xbuild_package = 'qemu-user-static', ) { + if $mfssize { deprecation('mfssize', 'This parameter is deprecated and has no effect.') } + Exec { path => '/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/bin', } diff --git a/spec/classes/init_spec.rb b/spec/classes/init_spec.rb index a7d80fa..ae7b219 100644 --- a/spec/classes/init_spec.rb +++ b/spec/classes/init_spec.rb @@ -18,70 +18,85 @@ context 'with all configuration parameters set' do let(:params) do { - 'zpool' => 'tank', - 'zrootfs' => '/pdata', - 'freebsd_host' => 'https://download.FreeBSD.org', - 'resolv_conf' => '/jails/resolv.conf', - 'poudriere_base' => '/opt/poudriere', - 'poudriere_data' => '/data', - 'use_portlint' => 'yes', - 'mfssize' => '4G', - 'tmpfs' => %w[ + 'zpool' => 'tank', + 'zrootfs' => '/pdata', + 'freebsd_host' => 'https://download.FreeBSD.org', + 'resolv_conf' => '/jails/resolv.conf', + 'poudriere_base' => '/opt/poudriere', + 'poudriere_data' => '/data', + 'use_portlint' => 'yes', + 'tmpfs' => %w[ data wrkdir ], - 'tmpfs_limit' => 8, - 'max_memory' => 8, - 'max_files' => 1024, - 'distfiles_cache' => '/var/cache/distfiles', - 'git_baseurl' => 'https://github.com/freebsd/freebsd-src.git', - 'git_portsurl' => 'https://github.com/freebsd/freebsd-ports.git', - 'svn_host' => 'svnmirror.lan', - 'check_changed_options' => 'verbose', - 'check_changed_deps' => 'no', - 'bad_pkgname_deps_are_fatal' => 'yes', - 'pkg_repo_signing_key' => '/etc/ssl/keys/repo.key', - 'signing_command' => 'ssh signing-server sign.sh', - 'pkg_repo_from_host' => 'yes', - 'ccache_enable' => true, - 'ccache_dir' => '/var/cache/ccache', - 'ccache_static_prefix' => '/usr/local', - 'restrict_networking' => 'no', - 'allow_networking_packages' => 'npm-foo npm-bar', - 'parallel_jobs' => 42, - 'prepare_parallel_jobs' => 7, - 'save_wrkdir' => 'yes', - 'wrkdir_archive_format' => 'txz', - 'nolinux' => 'yes', - 'no_force_package' => 'yes', - 'no_package_building' => 'yes', - 'http_proxy' => 'http://10.0.0.1', - 'ftp_proxy' => 'ftp://10.0.0.2', - 'no_restricted' => 'yes', - 'allow_make_jobs' => 'yes', - 'allow_make_jobs_packages' => 'pkg ccache py*', - 'timestamp_logs' => 'no', - 'url_base' => 'http://example.com/poudriere/', - 'max_execution_time' => 86_400, - 'nohang_time' => 7200, - 'atomic_package_repository' => 'yes', - 'commit_packages_on_failure' => 'yes', - 'keep_old_packages' => 'yes', - 'keep_old_packages_count' => 5, - 'porttesting_fatal' => 'yes', - 'builder_hostname' => 'pkg.FreeBSD.org', - 'preserve_timestamp' => 'yes', - 'build_as_non_root' => 'yes', - 'portbuild_user' => 'nobody', - 'portbuild_uid' => 65_534, - 'priority_boost' => 'pypy openoffice', - 'buildname_format' => '%FT%TZ', - 'duration_format' => '%H:%M:%S', - 'use_colors' => 'yes', - 'trim_orphaned_build_deps' => 'yes', - 'local_mtree_excludes' => '/usr/obj /var/tmp/ccache', - 'html_type' => 'hosted', - 'html_track_remaining' => 'yes', + 'tmpfs_limit' => 8, + 'tmpfs_blacklist' => ['gcc*', 'rust', 'llvm*'], + 'tmpfs_blacklist_tmpdir' => '${BASEFS}/data/cache/tmp', + 'max_memory' => 8, + 'max_memory_per_package' => { + 'rust' => 20, + }, + 'max_files' => 1024, + 'distfiles_cache' => '/var/cache/distfiles', + 'git_baseurl' => 'https://github.com/freebsd/freebsd-src.git', + 'git_portsurl' => 'https://github.com/freebsd/freebsd-ports.git', + 'svn_host' => 'svnmirror.lan', + 'check_changed_options' => 'verbose', + 'check_changed_deps' => 'no', + 'bad_pkgname_deps_are_fatal' => 'yes', + 'pkg_repo_signing_key' => '/etc/ssl/keys/repo.key', + 'signing_command' => 'ssh signing-server sign.sh', + 'pkg_repo_from_host' => 'yes', + 'ccache_enable' => true, + 'ccache_dir' => '/var/cache/ccache', + 'ccache_static_prefix' => '/usr/local', + 'restrict_networking' => 'no', + 'allow_networking_packages' => 'npm-foo npm-bar', + 'disallow_networking' => 'yes', + 'parallel_jobs' => 42, + 'prepare_parallel_jobs' => 7, + 'save_wrkdir' => 'yes', + 'wrkdir_archive_format' => 'txz', + 'nolinux' => 'yes', + 'no_force_package' => 'yes', + 'no_package_building' => 'yes', + 'http_proxy' => 'http://10.0.0.1', + 'ftp_proxy' => 'ftp://10.0.0.2', + 'no_restricted' => 'yes', + 'allow_make_jobs' => 'yes', + 'allow_make_jobs_packages' => 'pkg ccache py*', + 'timestamp_logs' => 'no', + 'max_execution_time' => 86_400, + 'nohang_time' => 7200, + 'atomic_package_repository' => 'yes', + 'commit_packages_on_failure' => 'yes', + 'keep_old_packages' => 'yes', + 'keep_old_packages_count' => 5, + 'porttesting_fatal' => 'yes', + 'builder_hostname' => 'pkg.FreeBSD.org', + 'preserve_timestamp' => 'yes', + 'build_as_non_root' => 'yes', + 'portbuild_user' => 'nobody', + 'portbuild_group' => 'nobody', + 'portbuild_uid' => 65_534, + 'portbuild_gid' => 65_534, + 'priority_boost' => 'pypy openoffice', + 'buildname_format' => '%FT%TZ', + 'duration_format' => '%H:%M:%S', + 'use_colors' => 'yes', + 'trim_orphaned_build_deps' => 'yes', + 'delete_unknown_files' => 'yes', + 'delete_unqueued_packages' => 'always', + 'url_base' => 'http://example.com/poudriere/', + 'local_mtree_excludes' => '/usr/obj /var/tmp/ccache', + 'html_type' => 'hosted', + 'html_track_remaining' => 'yes', + 'determine_build_failure_reason' => 'yes', + 'makeworldargs' => 'WITHOUT_LLVM_ASSERTIONS=yes WITH_MALLOC_PRODUCTION=yes -DMALLOC_PRODUCTION', + 'package_fetch_branch' => 'latest', + 'package_fetch_url' => 'pkg+http://pkg.FreeBSD.org/\\${ABI}', + 'package_fetch_blacklist' => [], + 'package_fetch_whitelist' => ['gcc*', 'rust', 'llvm*'], } end @@ -93,10 +108,12 @@ it { is_expected.to contain_file('/usr/local/etc/poudriere.conf').with(content: %r{^BASEFS=/opt/poudriere$}) } it { is_expected.to contain_file('/usr/local/etc/poudriere.conf').with(content: %r{^POUDRIERE_DATA=/data$}) } it { is_expected.to contain_file('/usr/local/etc/poudriere.conf').with(content: %r{^USE_PORTLINT=yes$}) } - it { is_expected.to contain_file('/usr/local/etc/poudriere.conf').with(content: %r{^MFSSIZE=4G$}) } it { is_expected.to contain_file('/usr/local/etc/poudriere.conf').with(content: %r{^USE_TMPFS="data wrkdir"$}) } it { is_expected.to contain_file('/usr/local/etc/poudriere.conf').with(content: %r{^TMPFS_LIMIT=8$}) } + it { is_expected.to contain_file('/usr/local/etc/poudriere.conf').with(content: %r{^TMPFS_BLACKLIST="gcc\* rust llvm\*"$}) } + it { is_expected.to contain_file('/usr/local/etc/poudriere.conf').with(content: %r(^TMPFS_BLACKLIST_TMPDIR=\${BASEFS}/data/cache/tmp$)) } it { is_expected.to contain_file('/usr/local/etc/poudriere.conf').with(content: %r{^MAX_MEMORY=8$}) } + it { is_expected.to contain_file('/usr/local/etc/poudriere.conf').with(content: %r{^MAX_MEMORY_rust=20$}) } it { is_expected.to contain_file('/usr/local/etc/poudriere.conf').with(content: %r{^MAX_FILES=1024$}) } it { is_expected.to contain_file('/usr/local/etc/poudriere.conf').with(content: %r{^DISTFILES_CACHE=/var/cache/distfiles$}) } it { is_expected.to contain_file('/usr/local/etc/poudriere.conf').with(content: %r{^GIT_BASEURL=https://github\.com/freebsd/freebsd-src\.git$}) } @@ -112,6 +129,7 @@ it { is_expected.to contain_file('/usr/local/etc/poudriere.conf').with(content: %r{^CCACHE_STATIC_PREFIX=/usr/local$}) } it { is_expected.to contain_file('/usr/local/etc/poudriere.conf').with(content: %r{^RESTRICT_NETWORKING=no$}) } it { is_expected.to contain_file('/usr/local/etc/poudriere.conf').with(content: %r{^ALLOW_NETWORKING_PACKAGES="npm-foo npm-bar"$}) } + it { is_expected.to contain_file('/usr/local/etc/poudriere.conf').with(content: %r{^DISALLOW_NETWORKING=yes$}) } it { is_expected.to contain_file('/usr/local/etc/poudriere.conf').with(content: %r{^PARALLEL_JOBS=42$}) } it { is_expected.to contain_file('/usr/local/etc/poudriere.conf').with(content: %r{^PREPARE_PARALLEL_JOBS=7$}) } it { is_expected.to contain_file('/usr/local/etc/poudriere.conf').with(content: %r{^SAVE_WRKDIR=yes$}) } @@ -125,7 +143,6 @@ it { is_expected.to contain_file('/usr/local/etc/poudriere.conf').with(content: %r{^ALLOW_MAKE_JOBS=yes$}) } it { is_expected.to contain_file('/usr/local/etc/poudriere.conf').with(content: %r{^ALLOW_MAKE_JOBS_PACKAGES="pkg ccache py\*"$}) } it { is_expected.to contain_file('/usr/local/etc/poudriere.conf').with(content: %r{^TIMESTAMP_LOGS=no$}) } - it { is_expected.to contain_file('/usr/local/etc/poudriere.conf').with(content: %r{^URL_BASE=http://example\.com/poudriere/$}) } it { is_expected.to contain_file('/usr/local/etc/poudriere.conf').with(content: %r{^MAX_EXECUTION_TIME=86400$}) } it { is_expected.to contain_file('/usr/local/etc/poudriere.conf').with(content: %r{^NOHANG_TIME=7200$}) } it { is_expected.to contain_file('/usr/local/etc/poudriere.conf').with(content: %r{^ATOMIC_PACKAGE_REPOSITORY=yes$}) } @@ -137,15 +154,26 @@ it { is_expected.to contain_file('/usr/local/etc/poudriere.conf').with(content: %r{^PRESERVE_TIMESTAMP=yes$}) } it { is_expected.to contain_file('/usr/local/etc/poudriere.conf').with(content: %r{^BUILD_AS_NON_ROOT=yes$}) } it { is_expected.to contain_file('/usr/local/etc/poudriere.conf').with(content: %r{^PORTBUILD_USER=nobody$}) } + it { is_expected.to contain_file('/usr/local/etc/poudriere.conf').with(content: %r{^PORTBUILD_GROUP=nobody$}) } it { is_expected.to contain_file('/usr/local/etc/poudriere.conf').with(content: %r{^PORTBUILD_UID=65534$}) } + it { is_expected.to contain_file('/usr/local/etc/poudriere.conf').with(content: %r{^PORTBUILD_GID=65534$}) } it { is_expected.to contain_file('/usr/local/etc/poudriere.conf').with(content: %r{^PRIORITY_BOOST=pypy openoffice$}) } it { is_expected.to contain_file('/usr/local/etc/poudriere.conf').with(content: %r{^BUILDNAME_FORMAT=%FT%TZ$}) } it { is_expected.to contain_file('/usr/local/etc/poudriere.conf').with(content: %r{^DURATION_FORMAT=%H:%M:%S$}) } it { is_expected.to contain_file('/usr/local/etc/poudriere.conf').with(content: %r{^USE_COLORS=yes$}) } it { is_expected.to contain_file('/usr/local/etc/poudriere.conf').with(content: %r{^TRIM_ORPHANED_BUILD_DEPS=yes$}) } + it { is_expected.to contain_file('/usr/local/etc/poudriere.conf').with(content: %r{^DELETE_UNKNOWN_FILES=yes$}) } + it { is_expected.to contain_file('/usr/local/etc/poudriere.conf').with(content: %r{^DELETE_UNQUEUED_PACKAGES=always$}) } it { is_expected.to contain_file('/usr/local/etc/poudriere.conf').with(content: %r{^LOCAL_MTREE_EXCLUDES="/usr/obj /var/tmp/ccache"$}) } + it { is_expected.to contain_file('/usr/local/etc/poudriere.conf').with(content: %r{^URL_BASE=http://example\.com/poudriere/$}) } it { is_expected.to contain_file('/usr/local/etc/poudriere.conf').with(content: %r{^HTML_TYPE=hosted$}) } it { is_expected.to contain_file('/usr/local/etc/poudriere.conf').with(content: %r{^HTML_TRACK_REMAINING=yes$}) } + it { is_expected.to contain_file('/usr/local/etc/poudriere.conf').with(content: %r{^DETERMINE_BUILD_FAILURE_REASON=yes$}) } + it { is_expected.to contain_file('/usr/local/etc/poudriere.conf').with(content: %r{^MAKEWORLDARGS="WITHOUT_LLVM_ASSERTIONS=yes WITH_MALLOC_PRODUCTION=yes -DMALLOC_PRODUCTION"$}) } + it { is_expected.to contain_file('/usr/local/etc/poudriere.conf').with(content: %r{^PACKAGE_FETCH_BRANCH=latest$}) } + it { is_expected.to contain_file('/usr/local/etc/poudriere.conf').with(content: %r{^PACKAGE_FETCH_URL=pkg\+http://pkg.FreeBSD.org/\\\${ABI}$}) } + it { is_expected.to contain_file('/usr/local/etc/poudriere.conf').with(content: %r{^PACKAGE_FETCH_BLACKLIST=""$}) } + it { is_expected.to contain_file('/usr/local/etc/poudriere.conf').with(content: %r{^PACKAGE_FETCH_WHITELIST="gcc\* rust llvm\*"$}) } end end end diff --git a/templates/poudriere.conf.epp b/templates/poudriere.conf.epp index d0807e8..1e9c55b 100644 --- a/templates/poudriere.conf.epp +++ b/templates/poudriere.conf.epp @@ -1,7 +1,7 @@ # Poudriere can optionally use ZFS for its ports/jail storage. For # ZFS define ZPOOL, otherwise set NO_ZFS=yes -# +# #### ZFS # The pool where poudriere will create all the filesystems it needs # poudriere will use ${ZPOOL}/${ZROOTFS} as its root @@ -33,13 +33,13 @@ ZROOTFS=<%= $poudriere::zrootfs %> # replace _CHANGE_THIS_ by the hostname of the mirrors where you want to fetch # by default: ftp://ftp.freebsd.org # -# Also note that every protocols supported by fetch(1) are supported here, even +# Also note that all protocols supported by fetch(1) are supported here, even # file:/// # Suggested: https://download.FreeBSD.org FREEBSD_HOST=<%= $poudriere::freebsd_host %> # By default the jails have no /etc/resolv.conf, you will need to set -# RESOLV_CONF to a file on your hosts system that will be copied has +# RESOLV_CONF to a file on your hosts system that will be copied to # /etc/resolv.conf for the jail, except if you don't need it (using an http # proxy for example) RESOLV_CONF=<%= $poudriere::resolv_conf %> @@ -57,17 +57,6 @@ POUDRIERE_DATA=<%= $poudriere::poudriere_data %> # Use portlint to check ports sanity USE_PORTLINT=<%= $poudriere::use_portlint %> -# When building packages, a memory device can be used to speedup the build. -# Only one of MFSSIZE or USE_TMPFS is supported. TMPFS is generally faster -# and will expand to the needed amount of RAM. MFS is a slower since it -# uses UFS and several abstraction layers. - -# If set WRKDIRPREFIX will be mdmfs of the given size (mM or gG) -#MFSSIZE=4G -<% if $poudriere::mfssize { -%> -MFSSIZE=<%= $poudriere::mfssize %> -<% } -%> - # Use tmpfs(5) # This can be a space-separated list of options: # wrkdir - Use tmpfs(5) for port building WRKDIRPREFIX @@ -86,17 +75,37 @@ USE_TMPFS=<%= [$poudriere::tmpfs].flatten().join(' ').shellquote() %> TMPFS_LIMIT=<%= $poudriere::tmpfs_limit %> <% } -%> +# List of package globs that are not allowed to use tmpfs for their WRKDIR +# Note that you *must* set TMPFS_BLACKLIST_TMPDIR +# EXAMPLE: TMPFS_BLACKLIST="rust" +<% if $poudriere::tmpfs_blacklist { -%> +TMPFS_BLACKLIST=<%= [$poudriere::tmpfs_blacklist].flatten().join(' ').shellquote() %> +<% } -%> + +# The host path where tmpfs-blacklisted packages can be built in. +# A temporary directory will be generated here and be null-mounted as the +# WRKDIR for any packages listed in TMPFS_BLACKLIST. +# EXAMPLE: TMPFS_BLACKLIST_TMPDIR=${BASEFS}/data/cache/tmp +<% if $poudriere::tmpfs_blacklist_tmpdir { -%> +TMPFS_BLACKLIST_TMPDIR=<%= $poudriere::tmpfs_blacklist_tmpdir %> +<% } -%> + # How much memory to limit jail processes to for *each builder* # in GiB (default: none) +# This can also be set per PKGBASE, such as MAX_MEMORY_rust=20. +# Package names with hyphens (-) should be replaced with underscores (_). #MAX_MEMORY=8 <% if $poudriere::max_memory { -%> MAX_MEMORY=<%= $poudriere::max_memory %> <% } -%> +<% $poudriere::max_memory_per_package.each |$pkgbase, $max_memory| { -%> +MAX_MEMORY_<%= $pkgbase %>=<%= $max_memory %> +<% } -%> -# How many file descriptors to limit each jail process to (default: 1024) +# How many file descriptors to limit each jail process to (default: 8192) # This can also be set per PKGBASE, such as MAX_FILES_RStudio=2048. # Package names with hyphens (-) should be replaced with underscores (_). -#MAX_FILES=1024 +#MAX_FILES=8192 <% if $poudriere::max_files { -%> MAX_FILES=<%= $poudriere::max_files %> <% } -%> @@ -111,7 +120,7 @@ DISTFILES_CACHE=<%= $poudriere::distfiles_cache %> # mirror (default: git.FreeBSD.org/port.git) # # Example to use github mirror: -#GIT_BASEURL=https://github.com/freebsd/freebsd-src.git +#GIT_BASEURL=github.com/freebsd/freebsd-src.git <% if $poudriere::git_baseurl { -%> GIT_BASEURL=<%= $poudriere::git_baseurl %> <% } -%> @@ -120,7 +129,7 @@ GIT_BASEURL=<%= $poudriere::git_baseurl %> # mirror (default: git.FreeBSD.org/src.git) # # Example to use github mirror: -#GIT_PORTSURL=https://github.com/freebsd/freebsd-ports.git +#GIT_PORTSURL=github.com/freebsd/freebsd-ports.git <% if $poudriere::git_portsurl { -%> GIT_PORTSURL=<%= $poudriere::git_portsurl %> <% } -%> @@ -231,6 +240,15 @@ RESTRICT_NETWORKING=<%= $poudriere::restrict_networking %> ALLOW_NETWORKING_PACKAGES=<%= $poudriere::allow_networking_packages.shellquote() %> <% } -%> +# Networking can be fully disabled by setting DISALLOW_NETWORKING to "yes" +# this will prevent networking access even in the 'make fetch' phase +# and will block access even for packages listed in ALLOW_NETWORKING_PACKAGES. +# Default: no +#DISALLOW_NETWORKING=yes +<% if $poudriere::disallow_networking { -%> +DISALLOW_NETWORKING=<%= $poudriere::disallow_networking %> +<% } -%> + # parallel build support. # # By default poudriere uses hw.ncpu to determine the number of builders. @@ -322,15 +340,6 @@ ALLOW_MAKE_JOBS_PACKAGES=<%= $poudriere::allow_make_jobs_packages.shellquote() % TIMESTAMP_LOGS=<%= $poudriere::timestamp_logs %> <% } -%> -# URL where your POUDRIERE_DATA/logs are hosted -# This will be used for giving URL hints to the HTML output when -# scheduling and starting builds -#URL_BASE=http://yourdomain.com/poudriere/ -<% if $poudriere::url_base { -%> -URL_BASE=<%= $poudriere::url_base %> -<% } -%> - - # This defines the max time (in seconds) that a command may run for a build # before it is killed for taking too long. Default: 86400 #MAX_EXECUTION_TIME=86400 @@ -418,20 +427,28 @@ PRESERVE_TIMESTAMP=<%= $poudriere::preserve_timestamp %> BUILD_AS_NON_ROOT=<%= $poudriere::build_as_non_root %> <% } -%> -# Define to the username to build as when BUILD_AS_NON_ROOT is yes. +# Define to the username and groupname to build as when BUILD_AS_NON_ROOT is yes. # Default: nobody (uid PORTBUILD_UID) #PORTBUILD_USER=nobody +#PORTBUILD_GROUP=nobody <% if $poudriere::portbuild_user { -%> PORTBUILD_USER=<%= $poudriere::portbuild_user %> <% } %> +<% if $poudriere::portbuild_group { -%> +PORTBUILD_GROUP=<%= $poudriere::portbuild_group %> +<% } %> -# Define to the uid to use for PORTBUILD_USER if the user does not +# Define to the uid and gid to use for PORTBUILD_USER if the user does not # already exist in the jail. # Default: 65532 #PORTBUILD_UID=65534 +#PORTBUILD_GID=65534 <% if $poudriere::portbuild_uid { -%> PORTBUILD_UID=<%= $poudriere::portbuild_uid %> <% } %> +<% if $poudriere::portbuild_gid { -%> +PORTBUILD_GID=<%= $poudriere::portbuild_gid %> +<% } %> # Define pkgname globs to boost priority for # Default: none @@ -465,12 +482,29 @@ USE_COLORS=<%= $poudriere::use_colors %> # Only build what is requested. Do not rebuild build deps if nothing requested # depends on them. This can create an inconsistent repository if you often # build one-off packages but expect the repository to stay consistent. -# Defaut: yes +# Default: yes #TRIM_ORPHANED_BUILD_DEPS=yes <% if $poudriere::trim_orphaned_build_deps { -%> TRIM_ORPHANED_BUILD_DEPS=<%= $poudriere::trim_orphaned_build_deps %> <% } %> +# Whether or not bulk/testport should delete unknown files in the repository +# Default: yes +#DELETE_UNKNOWN_FILES=yes +<% if $poudriere::delete_unknown_files { -%> +DELETE_UNKNOWN_FILES=<%= $poudriere::delete_unknown_files %> +<% } %> + +# Whether or not bulk/testport should automatically "pkgclean". +# Values: yes, always, no +# yes: Does the behavior with bulk -a and bulk -f. Use of testport or +# bulk -t or bulk -C will not delete unqueued packages. +# Default: no +#DELETE_UNQUEUED_PACKAGES=no +<% if $poudriere::delete_unqueued_packages { -%> +DELETE_UNQUEUED_PACKAGES=<%= $poudriere::delete_unqueued_packages %> +<% } %> + # A list of directories to exclude from leftover and filesystem violation # mtree checks. Ccache is used here as an example but is already # excluded by default. There is no need to add it here unless a @@ -481,6 +515,14 @@ TRIM_ORPHANED_BUILD_DEPS=<%= $poudriere::trim_orphaned_build_deps %> LOCAL_MTREE_EXCLUDES=<%= $poudriere::local_mtree_excludes.shellquote() %> <% } %> +# URL where your POUDRIERE_DATA/logs are hosted +# This will be used for giving URL hints to the HTML output when +# scheduling and starting builds +#URL_BASE=http://yourdomain.com/poudriere/ +<% if $poudriere::url_base { -%> +URL_BASE=<%= $poudriere::url_base %> +<% } %> + # Set to hosted to use the /data directory instead of inline style HTML # Default: inline #HTML_TYPE="hosted" @@ -495,3 +537,45 @@ HTML_TYPE=<%= $poudriere::html_type %> <% if $poudriere::html_track_remaining { -%> HTML_TRACK_REMAINING=<%= $poudriere::html_track_remaining %> <% } %> + +# Grep build logs to determine a possible build failure reason. This is +# only shown on the web interface. +# Default: yes +#DETERMINE_BUILD_FAILURE_REASON=yes +<% if $poudriere::determine_build_failure_reason { -%> +DETERMINE_BUILD_FAILURE_REASON=<%= $poudriere::determine_build_failure_reason %> +<% } %> + +# Set to pass arguments to buildworld. +# Default: +#MAKEWORLDARGS="WITHOUT_LLVM_ASSERTIONS=yes WITH_MALLOC_PRODUCTION=yes -DMALLOC_PRODUCTION" +<% if $poudriere::makeworldargs { -%> +MAKEWORLDARGS=<%= $poudriere::makeworldargs.shellquote() %> +<% } %> + +# Set to always attempt to fetch packages or dependencies before building. +# XXX: This is subject to change +# Default: off; requires -b for bulk or testport. +#PACKAGE_FETCH_BRANCH=latest +<% if $poudriere::package_fetch_branch { -%> +PACKAGE_FETCH_BRANCH=<%= $poudriere::package_fetch_branch %> +<% } %> +# The branch will be appended to the URL: +#PACKAGE_FETCH_URL=pkg+http://pkg.FreeBSD.org/\${ABI} +<% if $poudriere::package_fetch_url { -%> +PACKAGE_FETCH_URL=<%= $poudriere::package_fetch_url %> +<% } %> +# Packages which should never be fetched. This is useful for ports that +# you have local patches for as otherwise the patches would be ignored if +# a remote package is used instead. +#PACKAGE_FETCH_BLACKLIST="" +<% if $poudriere::package_fetch_blacklist { -%> +PACKAGE_FETCH_BLACKLIST=<%= $poudriere::package_fetch_blacklist.join(' ').shellquote() %> +<% } %> +# Alternatively a whitelist can be created to only allow specific packages to +# be fetched. +# Default: everything +#PACKAGE_FETCH_WHITELIST="gcc* rust llvm*" +<% if $poudriere::package_fetch_whitelist { -%> +PACKAGE_FETCH_WHITELIST=<%= $poudriere::package_fetch_whitelist.join(' ').shellquote() %> +<% } %>