├── Dockerfile.focal ├── Dockerfile.jammy ├── LICENSE ├── README.md ├── ansible ├── README.md └── ppa-updater-playbook.yaml ├── build.sh └── custom └── rust-samples-patch.sh /Dockerfile.focal: -------------------------------------------------------------------------------- 1 | FROM ubuntu:focal 2 | 3 | # Version of kernel to build. We'll checkout cod/mainline/$kver 4 | ENV kver=v5.12.1 5 | 6 | # The source tree from git://git.launchpad.net/~ubuntu-kernel-test/ubuntu/+source/linux/+git/mainline-crack 7 | ENV ksrc=/home/source 8 | 9 | # The packages will be placed here 10 | ENV kdeb=/home/debs 11 | 12 | # Set the default series 13 | ENV series=focal 14 | 15 | ARG DEBIAN_FRONTEND=noninteractive 16 | 17 | # Install Build Dependencies 18 | RUN set -x \ 19 | && apt-get update && apt-get upgrade -y \ 20 | && apt-get install -y --no-install-recommends \ 21 | autoconf automake autopoint autotools-dev bsdmainutils debhelper dh-autoreconf git fakeroot\ 22 | dh-strip-nondeterminism distro-info-data dwz file gettext gettext-base groff-base \ 23 | intltool-debian libarchive-zip-perl libbsd0 libcroco3 libdebhelper-perl libelf1 libexpat1 \ 24 | libfile-stripnondeterminism-perl libglib2.0-0 libicu66 libmagic-mgc libmagic1 libmpdec2 \ 25 | libpipeline1 python3.9 python3.9-minimal libpython3.9-minimal libpython3.9-stdlib libsigsegv2 \ 26 | libssl1.1 libsub-override-perl libtool libuchardet0 libxml2 \ 27 | lsb-release m4 man-db mime-support po-debconf python-apt-common python3 python3-apt \ 28 | sbsigntool tzdata dctrl-tools kernel-wedge \ 29 | libncurses-dev gawk flex bison openssl libssl-dev dkms libelf-dev libudev-dev libpci-dev \ 30 | libiberty-dev autoconf bc build-essential libusb-1.0-0-dev libhidapi-dev curl wget \ 31 | cpio makedumpfile libcap-dev libnewt-dev libdw-dev rsync gnupg2 ca-certificates\ 32 | libunwind8-dev liblzma-dev libaudit-dev uuid-dev libnuma-dev lz4 xmlto equivs \ 33 | cmake pkg-config zstd dwarves devscripts 34 | 35 | COPY build.sh /build.sh 36 | 37 | ENTRYPOINT ["/build.sh"] 38 | CMD ["--update=yes", "--btype=binary"] 39 | -------------------------------------------------------------------------------- /Dockerfile.jammy: -------------------------------------------------------------------------------- 1 | FROM ubuntu:jammy 2 | 3 | # Version of kernel to build. We'll checkout cod/mainline/$kver 4 | ENV kver=v5.19.1 5 | 6 | # The source tree from git://git.launchpad.net/~ubuntu-kernel-test/ubuntu/+source/linux/+git/mainline-crack 7 | ENV ksrc=/home/source 8 | 9 | # The packages will be placed here 10 | ENV kdeb=/home/debs 11 | 12 | # Set the default series 13 | ENV series=jammy 14 | 15 | ARG DEBIAN_FRONTEND=noninteractive 16 | 17 | # Install Build Dependencies 18 | RUN set -x \ 19 | && apt-get update && apt-get upgrade -y \ 20 | # && apt-get install -y --no-install-recommends software-properties-common \ 21 | # && apt-add-repository universe && apt-get update \ 22 | && apt-get install -y --no-install-recommends \ 23 | autoconf automake autopoint autotools-dev bsdmainutils debhelper dh-autoreconf git fakeroot\ 24 | dh-strip-nondeterminism distro-info-data dwz file gettext gettext-base groff-base \ 25 | intltool-debian libarchive-zip-perl libbsd0 libdebhelper-perl libelf1 libexpat1 \ 26 | libfile-stripnondeterminism-perl libglib2.0-0 libicu-dev libmagic-mgc libmagic1 libmpdec3 \ 27 | libpipeline1 libpython3.11-stdlib libpython3.11-minimal libsigsegv2 \ 28 | libssl3 libsub-override-perl libtool libuchardet0 libxml2 \ 29 | lsb-release m4 man-db mime-support po-debconf python-apt-common python3-apt \ 30 | python3.11 python3.11-minimal sbsigntool tzdata dctrl-tools kernel-wedge \ 31 | libncurses-dev gawk flex bison openssl libssl-dev dkms libelf-dev libudev-dev libpci-dev \ 32 | libiberty-dev autoconf bc build-essential libusb-1.0-0-dev libhidapi-dev curl wget \ 33 | cpio makedumpfile libcap-dev libnewt-dev libdw-dev rsync gnupg2 ca-certificates\ 34 | libunwind8-dev liblzma-dev libaudit-dev uuid-dev libnuma-dev lz4 xmlto equivs \ 35 | cmake pkg-config zstd dwarves devscripts python3-docutils asciidoc \ 36 | bindgen-0.56 rust-1.62-src 37 | 38 | COPY build.sh /build.sh 39 | COPY custom /custom 40 | 41 | ENTRYPOINT ["/build.sh"] 42 | CMD ["--update=yes", "--btype=binary"] 43 | -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | BSD 2-Clause License 2 | 3 | Copyright (c) 2022, Mark Boddington 4 | All rights reserved. 5 | 6 | Redistribution and use in source and binary forms, with or without 7 | modification, are permitted provided that the following conditions are met: 8 | 9 | 1. Redistributions of source code must retain the above copyright notice, this 10 | list of conditions and the following disclaimer. 11 | 12 | 2. Redistributions in binary form must reproduce the above copyright notice, 13 | this list of conditions and the following disclaimer in the documentation 14 | and/or other materials provided with the distribution. 15 | 16 | THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" 17 | AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 18 | IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE 19 | DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE 20 | FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 21 | DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR 22 | SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER 23 | CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, 24 | OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 25 | OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 26 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # Builder for Ubuntu Mainline kernels 2 | 3 | This container will build a mainline kernel from the Ubuntu source tree. 4 | By default the container will build binary packages which you can then install 5 | on your systems. You can optionally build a metapackage to track a build flavour, 6 | and major release of kernel (eg 5.12.x). 7 | 8 | If you build the metapackage it will have a name like: 9 | `linux-generic-5.12` and will depend on the version of `5.12.x` you are building. 10 | 11 | Alternatively it can build signed source packages for uploading to a PPA. 12 | 13 | I upload my mainline kernels to these PPAs 14 | 15 | | Kernel Version | Series | PPA Link | Packages | 16 | |----------------|--------|----------|----------| 17 | | mainline/stable | focal |[lts-mainline PPA](https://launchpad.net/~tuxinvader/+archive/ubuntu/lts-mainline)|[lts-mainline Packages](https://launchpad.net/~tuxinvader/+archive/ubuntu/lts-mainline/+packages)| 18 | | mainline/stable | jammy |[jammy-mainline PPA](https://launchpad.net/~tuxinvader/+archive/ubuntu/jammy-mainline)|[lts-mainline Packages](https://launchpad.net/~tuxinvader/+archive/ubuntu/jammy-mainline/+packages)| 19 | |longterm | focal |[lts-mainline-longterm PPA](https://launchpad.net/~tuxinvader/+archive/ubuntu/lts-mainline-longterm)|[lts-mainline-longterm Packages](https://launchpad.net/~tuxinvader/+archive/ubuntu/lts-mainline-longterm/+packages)| 20 | 21 | ## building the container 22 | 23 | To build the container with `docker` you would use: 24 | ``` 25 | docker build -t /: -f Dockerfile. . 26 | ``` 27 | 28 | I build and push the Jammy series image using: 29 | 30 | ``` 31 | docker build -t tuxinvader/jammy-mainline-builder:latest -f Dockerfile.jammy . 32 | docker push tuxinvader/jammy-mainline-builder:latest 33 | ``` 34 | 35 | and focal with: 36 | ``` 37 | docker build -t tuxinvader/focal-mainline-builder:latest -f Dockerfile.focal . 38 | docker push tuxinvader/focal-mainline-builder:latest 39 | ``` 40 | 41 | ## Usage 42 | 43 | 1. Checkout the Mainline kernel from Ubuntu 44 | ``` 45 | sudo mkdir -p /usr/local/src/cod/ 46 | sudo chown $(whoami) /usr/local/src/cod 47 | ``` 48 | 49 | * Download the full source tree, if you want to be able to build any kernel (including previous releases) 50 | ``` 51 | git clone git://git.launchpad.net/~ubuntu-kernel-test/ubuntu/+source/linux/+git/mainline-crack \ 52 | /usr/local/src/cod/mainline 53 | ``` 54 | 55 | * Download a specific kernel version if you only need to build this version. Eg v5.12.4: 56 | ``` 57 | git clone --depth=1 -b cod/mainline/v5.12.4 \ 58 | git://git.launchpad.net/~ubuntu-kernel-test/ubuntu/+source/linux/+git/mainline-crack \ 59 | /usr/local/src/cod/mainline 60 | ``` 61 | You should also pass `--update=no` when checking out only a single release. 62 | 63 | 2. Create a directory to receive the Debian packages 64 | ``` 65 | mkdir /usr/local/src/cod/debs 66 | ``` 67 | 68 | 3. Run the container 69 | 70 | Launch the container with two volume mounts, one to the source code downloaded above, and the 71 | other for the deb packages to be copied into. 72 | 73 | *Binary debs* 74 | ``` 75 | sudo docker run -ti -e kver=v5.12.1 -v /usr/local/src/cod/mainline:/home/source \ 76 | -v /usr/local/src/cod/debs:/home/debs --rm tuxinvader/focal-mainline-builder:latest 77 | ``` 78 | Go and make a nice cup-of-tea while your kernel is built. 79 | 80 | If you want to build a signed source package, you need to also provide your GPG keyring: 81 | 82 | *Signed Source package* 83 | ``` 84 | sudo docker run -ti -e kver=v5.12.1 -v /usr/local/src/cod/mainline:/home/source \ 85 | -v /usr/local/src/cod/debs:/home/debs -v ~/.gnupg:/root/keys \ 86 | --rm tuxinvader/focal-mainline-builder:latest --btype=source --sign= \ 87 | --flavour=generic --exclude=cloud-tools,udebs --rename=yes 88 | ``` 89 | 90 | *Build and sign metapackage* 91 | ``` 92 | sudo docker run -ti -e kver=v5.12.1 -v /usr/local/src/cod/mainline:/home/source \ 93 | -v /usr/local/src/cod/debs:/home/debs -v ~/.gnupg:/root/keys \ 94 | --rm tuxinvader/focal-mainline-builder:latest --btype=source --sign= \ 95 | --flavour=generic --exclude=cloud-tools,udebs --rename=yes --buildmeta=yes \ 96 | --maintainer="Zaphod " 97 | ``` 98 | 99 | The Linux source package builds some debs which are linked (by name) against the kernel and some 100 | which are common. Using `--rename=yes` allows us to store multiple kernels in the same PPA by changing 101 | the name of the source package and the linking all binaries (by name) to a specific kernel. 102 | 103 | ### Notes 104 | 105 | Set the `kver` variable to the version of the kernel you want to build 106 | (from here: https://kernel.ubuntu.com/~kernel-ppa/mainline/?C=N;O=D) 107 | 108 | The built packages or source files will be placed in the mounted volume at `/home/debs`, 109 | which is `/usr/local/src/cod/debs` if you've followed the example. 110 | 111 | The container will do an update in the source code repository when it runs, 112 | if the tree is already up-to-date then you can append `--update=no` to the 113 | `docker run` command to skip that step. 114 | 115 | ## Flavour lowlatency removed 116 | 117 | With kernel 5.16.12 the mainline kernel discontinued the lowlatency flavour. So, the default build now 118 | only builds the `generic` flavour on 5.16.12+. The build script has been updated to recreate lowlatency 119 | options, but only if you specify that with `--flavour=lowlatency`. 120 | 121 | ## Additional options 122 | 123 | * Update: You can pass `--update=[yes|no]` to have the container perform a 124 | `git pull` before building the kernel. Default is `yes` 125 | 126 | * Shell: You can pass `--shell=[yes|no]` to launch a bash shell before and 127 | after the build process. Default is `no` 128 | 129 | * Build Type: You can pass `--btype=[binary,source,any,all,full]` to chose 130 | the type of build performed. Default is `binary`. 131 | 132 | * Customize: You can pass `--custom=[yes|no]` to run `make menuconfig` before the 133 | the build process. Default is `no` 134 | 135 | * Sign: You can pass `--sign=` to sign source packages ready for uploading 136 | to a PPA. Default is `no`. You'll also need to mount your GPG keys into the container. 137 | Eg: `-v ~/.gnupg:/root/keys` and specify `--btype=source` 138 | 139 | * Flavour: You can pass `--flavour=[generic|lowlatency]` if you want to select the build 140 | flavour. The default is `none`, and we build the generic flavour (since 5.16.12+). 141 | 142 | * Exclude: You can pass `--exclude=[cloud-tools,udebs]` to exclude one or more packages. 143 | Default is `none`. 144 | 145 | * Rename: You can pass `--rename=[yes|no]` to rename the source package to be kernel release specific. 146 | This enables hosting multiple kernels in the same PPA. Use with `--exclude=tools,udebs` to stop 147 | duplicate packages being built. Default is `no` 148 | 149 | * Series: You can pass `--series=[focal|groovy|...]` to set the ubuntu version you're building 150 | for. Default is `jammy` 151 | 152 | * Patch: You can pass a patch version to apply upstream patch to the ubuntu kernel. 153 | Eg `--patch=v5.11.21` to patch v5.11.20 upto v5.11.21. Default is `no` 154 | 155 | * Check bugs: You can pass `--checkbugs=yes` to work around any known bugs, currently this is required 156 | to build older 5.10.x and 5.11.x kernels see bug #4 157 | 158 | * Maintainer: If you want to sign the metapackage (for PPA upload), then you need to provide the details of your 159 | signing key by passing `--maintainer="Me "` 160 | 161 | * Debug Symbols: If you want to package a version of the kernel which includes debug-symbols, 162 | then pass `--debug=yes` to the binary build. 163 | 164 | * Build metapackage: You can pass `--buildmeta=[yes|no]` to build a metapackage named `linux--` 165 | that will depend on the kernel you are building. This makes it easy to track the latest release and auto-update 166 | using apt. 167 | 168 | * Meta Only: You can decide to just rebuild the metapackage by passing `--metaonly=yes`, useful for rolling back a release 169 | should it fail to build. This needs to be combined with `--buildmeta=yes`. 170 | 171 | * Meta Time: The source (orig.tar.gz) tarball is immutable on launchpad, so we need to ensure the ordering, contents, and 172 | modification times match on every build. The timestamp defaults to "2023-01-01 00:00:00", but you can override it with 173 | `--metatime=` 174 | 175 | * Meta Version: We now append `-n` to meta-packages so that we can republish/rebuild them on launchpad by incrementing 176 | the version. You also need to ensure the metatime is consistent, else the orig.tar.gz will be rejected. The version 177 | defaults to 0, eg linux 6.1.0 would be linux-generic-6.01_6.1.0-0, passing `--metaver=1` would result in 178 | linux-generic-6.01_6.1.0-1 179 | 180 | * Have Rust: Build a kernel with rust support? The `haverust` flag defaults to `no` on focal and `yes` on other releases. 181 | Currently building on jammy requires `--haverust=no` because bindgen-0.56 is unavailable. 182 | See this [Ubuntu backport bug](https://bugs.launchpad.net/ubuntu/+source/rustc-1.62/+bug/1993183) 183 | 184 | -------------------------------------------------------------------------------- /ansible/README.md: -------------------------------------------------------------------------------- 1 | # PPA Upload Automation 2 | 3 | ## Create Python venv 4 | 5 | Create a new Virtual Environment 6 | ``` 7 | python3 -m venv ansible-venv 8 | ``` 9 | 10 | Install Ansible and module requirements into the venv 11 | ``` 12 | source ansible-venv/bin/activate 13 | pip install ansible 14 | pip install docker 15 | pip install jmespath 16 | pip install launchpadlib 17 | ``` 18 | 19 | ## Running the playbook 20 | 21 | Create a secrets file somewhere and secure it, encyrpt with ansible-vault or external 22 | solution such as Hashi Vault. The secrets file will contain your sensitive variables. 23 | 24 | ```yaml 25 | --- 26 | secret_access_token: 27 | secret_access_secret: 28 | secret_maintainer_email: "Tux " 29 | secret_signing_key: 30 | secret_gpg_path: /home/user/.ansible-gnupg 31 | ``` 32 | 33 | Then modify the playbook and set the correct values for `lp_project` and `lp_ppa`, as well 34 | as the paths to the mainline kernel source, and the output folder for packages. 35 | 36 | ```yaml 37 | vars: 38 | lp_project: "~tuxinvader" 39 | lp_ppa: "lts-mainline" 40 | lp_lts_version: "focal" 41 | lp_singing_key: "{{ secret_signing_key }}" 42 | lp_maintainer: "{{ secret_maintainer_email }}" 43 | 44 | build_flavour: "generic" 45 | build_gpg_path: "{{ secret_gpg_path }}" 46 | build_kernel_source_path: "/usr/local/src/cod/mainline" 47 | build_packages_path: "/usr/local/src/cod/debs" 48 | 49 | kernel_series: "stable" 50 | kernel_major_minor: "" 51 | stable_check_mainline: False 52 | ``` 53 | 54 | You can also set the `kernel_series` to one of `stable`, `mainline`, or `longterm`. 55 | The `mainline` option will build the latest RC kernel, but if you chose the 56 | `longterm` option you might want to also set `kernel_major_minor` to match one of the 57 | LTS kernels (eg 5.15), otherwise you'll get the newest one (eg 5.15.x). 58 | 59 | If you're following "stable", then note that the new releases are published in "mainline" 60 | first. You can set `stable_check_mainline` to `True` if you want new (non-rc) kernels 61 | to be preferred over the newest stable. 62 | 63 | Once you've made those changes, you can run the playbook on cron to keep the PPA 64 | updated with the latest kernels 65 | 66 | ``` 67 | source ansible-venv/bin/activate 68 | ansible-playbook -e @~/.launchpadlib_ansible_secrets.yml ppa-updater-playbook.yaml 69 | ``` 70 | 71 | -------------------------------------------------------------------------------- /ansible/ppa-updater-playbook.yaml: -------------------------------------------------------------------------------- 1 | - hosts: localhost 2 | become: false 3 | collections: 4 | - tuxinvader.launchpad 5 | - community.docker 6 | 7 | vars: 8 | lp_project: "~tuxinvader" 9 | lp_ppa: "lts-mainline" 10 | lp_lts_version: "focal" 11 | lp_singing_key: "{{ secret_signing_key }}" 12 | lp_maintainer: "{{ secret_maintainer_email }}" 13 | 14 | build_flavour: "generic" 15 | build_gpg_path: "{{ secret_gpg_path }}" 16 | build_kernel_source_path: "/usr/local/src/cod/mainline" 17 | build_packages_path: "/usr/local/src/cod/debs" 18 | build_meta_version: 0 19 | build_meta_only: "no" 20 | 21 | kernel_series: "stable" 22 | kernel_major_minor: "" 23 | stable_check_mainline: False 24 | skip_ppa_check: False 25 | 26 | environment: 27 | LP_ACCESS_TOKEN: "{{ secret_access_token }}" 28 | LP_ACCESS_SECRET: "{{ secret_access_secret }}" 29 | 30 | tasks: 31 | 32 | - name: Get latest kernel releases 33 | uri: 34 | url: https://www.kernel.org/releases.json 35 | return_content: yes 36 | register: kdist 37 | 38 | - name: Set the mainline kernel version fact 39 | set_fact: 40 | kernel_version: "{{ item.version | regex_search('^[0-9]+\\.[0-9]+(\\.[0-9]+)*$') }}" 41 | kernel_timestamp: "{{ item.released.timestamp }}" 42 | with_items: "{{ kdist.json | json_query( kernel_query ) }}" 43 | vars: 44 | kernel_query: "releases[?moniker == 'mainline' && starts_with(version, '{{kernel_major_minor}}')]" 45 | when: 46 | - stable_check_mainline 47 | - item.version is version( (kernel_version | default('1.0.0')), '>') 48 | 49 | - name: Set the kernel version fact 50 | set_fact: 51 | kernel_version: "{{ item.version }}" 52 | kernel_timestamp: "{{ item.released.timestamp }}" 53 | with_items: "{{ kdist.json | json_query( kernel_query ) }}" 54 | vars: 55 | kernel_query: "releases[?moniker == '{{ kernel_series }}' && starts_with(version, '{{kernel_major_minor}}')]" 56 | when: (kernel_version is not defined) or 57 | (kernel_version == "" ) or 58 | (item.version is version( (kernel_version | default('1.0.0')), '>')) 59 | 60 | - name: Get the published packages from the PPA 61 | ppa_info: 62 | project: "{{ lp_project }}" 63 | name: "{{ lp_ppa }}" 64 | register: ppa_info 65 | 66 | - name: Checking PPA for our selected kernel 67 | debug: 68 | msg: "Selected Kernel version: {{ kernel_version }}" 69 | 70 | - block: 71 | 72 | - name: End play when the latest kernel exists in the PPA 73 | debug: 74 | msg: "Found PPA package: {{ item }} - ending play" 75 | with_items: "{{ ppa_info | json_query( pkg_query ) }}" 76 | 77 | - name: End play when the latest kernel exists in the PPA 78 | meta: end_play 79 | 80 | when: 81 | - ppa_info | json_query( pkg_query ) | length > 0 82 | - not skip_ppa_check 83 | vars: 84 | pkg_query: "sources[?source_package_name == `{{ 'linux-' ~ kernel_version }}`].[source_package_name]" 85 | 86 | - name: Execute Docker build 87 | community.docker.docker_container: 88 | image: "tuxinvader/{{ lp_lts_version }}-mainline-builder:latest" 89 | name: "kbuild-{{ lp_lts_version }}" 90 | auto_remove: no 91 | interactive: yes 92 | detach: no 93 | tty: yes 94 | timeout: 300 95 | command: 96 | - --btype=source 97 | - --exclude=udebs 98 | - --sign={{ lp_singing_key }} 99 | - --rename=yes 100 | - --buildmeta=yes 101 | - --maintainer={{ lp_maintainer }} 102 | - --flavour={{ build_flavour }} 103 | - --series={{ lp_lts_version }} 104 | - --kver=v{{kernel_version}} 105 | - --checkbugs=yes 106 | - --update=yes 107 | - --metaver={{build_meta_version}} 108 | - --metaonly={{build_meta_only}} 109 | - --metatime={{kernel_timestamp}} 110 | volumes: 111 | - "{{ build_gpg_path }}:/root/keys" 112 | - "{{ build_kernel_source_path }}:/home/source" 113 | - "{{ build_packages_path }}:/home/debs" 114 | 115 | - name: Remove Docker container 116 | community.docker.docker_container: 117 | name: "kbuild-{{ lp_lts_version }}" 118 | state: absent 119 | 120 | - name: Locate the source.changes files 121 | find: 122 | paths: "{{ build_packages_path }}/v{{ kernel_version }}/" 123 | file_type: file 124 | patterns: linux*_source.changes 125 | register: source_files 126 | 127 | - name: Prune the PPA to 2 source packages 128 | prune_ppa: 129 | source_name: "linux-[0-9]+.*" 130 | match: regex 131 | project: "{{ lp_project }}" 132 | name: "{{ lp_ppa }}" 133 | prune_by: version 134 | max_sources: 2 135 | 136 | - name: Prune the PPA to 4 packages by version 137 | prune_ppa: 138 | project: "{{ lp_project }}" 139 | name: "{{ lp_ppa }}" 140 | prune_by: version 141 | max_sources: 4 142 | 143 | - name: Upload new Kernel packages to PPA 144 | ppa_upload_package: 145 | source_changes: "{{ item.path }}" 146 | ppa: "{{ lp_project }}/{{ lp_ppa }}" 147 | with_items: "{{ source_files.files }}" 148 | 149 | 150 | -------------------------------------------------------------------------------- /build.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | set -u 3 | 4 | export LANG=C 5 | export RUST_BACKTRACE=full 6 | 7 | update=yes 8 | btype=binary 9 | shell=no 10 | custom=no 11 | sign=no 12 | flavour=none 13 | exclude=none 14 | rename=no 15 | patch=no 16 | series=${series:-"jammy"} 17 | checkbugs=yes 18 | buildmeta=no 19 | debug=no 20 | kver="$kver" 21 | metaver="0" 22 | metatime=1672531200 23 | metaonly=no 24 | maintainer="Zaphod Beeblebrox " 25 | buildargs="-aamd64 -d" 26 | branch="" 27 | bundle=no 28 | stype=crack 29 | clean=no 30 | dryrun=no 31 | 32 | # Set these both to yes if you want to to install the required rust version and build a rust enabled kernel 33 | rustup=no 34 | haverust=no 35 | 36 | do_metapackage() { 37 | KVER=$1 38 | METAVER=$2 39 | METATIME="$(date -d @${3} '+UTC %Y-%m-%d %T')" 40 | VERSION=$(echo ${KVER} | awk -F. '{printf "%d.%02d", $1,$2 }') 41 | FLAVOUR=$4 42 | SERIES=$5 43 | MAINT=$6 44 | ABINUM=$7 45 | BTYPE=$8 46 | BINS="${KVER}-${ABINUM}-${FLAVOUR}" 47 | DEPS="linux-headers-${BINS}, linux-image-unsigned-${BINS}, linux-modules-${BINS}" 48 | 49 | echo ">>> Metapackage for $FLAVOUR: MetaVersion: $METAVER, MetaTime: $METATIME" 50 | [ -d "../meta" ] || mkdir ../meta 51 | cd ../meta 52 | cat > metapackage.control <<-EOF 53 | Section: devel 54 | Priority: optional 55 | # Homepage: 56 | Standards-Version: 3.9.2 57 | 58 | Package: linux-${FLAVOUR}-${VERSION} 59 | Changelog: changelog 60 | Version: ${KVER}-${METAVER} 61 | Maintainer: ${MAINT} 62 | Depends: ${DEPS} 63 | Architecture: amd64 64 | Description: Meta-package which will always depend on the latest packages in a mainline series. 65 | This meta package will depend on the latest kernel in a series (eg 5.12.x) and install the 66 | dependencies for that kernel. 67 | . 68 | Example: linux-generic-5.12 will depend on linux-image-unsigned-5.12.x-generic, 69 | linux-modules-5.12.x-generic, linux-headers-5.12.x-generic and linux-headers-5.12.x 70 | EOF 71 | cat > changelog <<-EOF 72 | linux-${FLAVOUR}-${VERSION} (${KVER}-${METAVER}) ${SERIES}; urgency=low 73 | 74 | Metapackage for Linux ${VERSION}.x 75 | Mainline build at commit: v${KVER} 76 | 77 | -- ${MAINT} $(date -R) 78 | EOF 79 | 80 | mkdir -p "source/usr/share/doc/linux-${FLAVOUR}-${VERSION}" 81 | cat > "source/usr/share/doc/linux-${FLAVOUR}-${VERSION}/README" <<-EOF 82 | This meta-package will always depend on the latest ${VERSION} kernel 83 | To see which version that is you can execute: 84 | 85 | $ apt-cache depends linux-${FLAVOUR}-${VERSION} 86 | 87 | :wq 88 | EOF 89 | 90 | grep "native" /usr/share/equivs/template/debian/source/format > /dev/null 91 | native=$? 92 | 93 | if [ "$native" == "0" ] 94 | then 95 | echo "Extra-Files: source/usr/share/doc/linux-${FLAVOUR}-${VERSION}/README" >> metapackage.control 96 | else 97 | tar -C source --sort=name --owner=root:0 --group=root:0 --mtime="$METATIME" -zcf "linux-${FLAVOUR}-${VERSION}_${KVER}.orig.tar.gz" . 98 | fi 99 | 100 | equivs-build metapackage.control 101 | if [ "$BTYPE" == "source" ] 102 | then 103 | echo ">>> Building source" 104 | equivs-build --source metapackage.control 105 | fi 106 | 107 | changesfile="linux-${FLAVOUR}-${VERSION}_${KVER}-${METAVER}_source.changes" 108 | grep "BEGIN PGP SIGNED MESSAGE" "$changesfile" > /dev/null 109 | signed=$? 110 | 111 | if [ "$signed" != "0" ] 112 | then 113 | debsign -m"${MAINT}" "${changesfile}" 114 | fi 115 | 116 | mv linux-* ../ 117 | cd - 118 | } 119 | 120 | __die() { 121 | local rc=$1; shift 122 | printf 1>&2 '%s\n' "ERROR: $*"; exit $rc 123 | } 124 | 125 | __update_sources() { 126 | echo -e ">>> Args.... update is $update" 127 | cd /home/source/ 128 | 129 | if [ -z "${branch}" ] 130 | then 131 | if [ ${stype} == "crack" ] 132 | then 133 | branch="cod/mainline/${kver}" 134 | else 135 | branch="${kver}" 136 | fi 137 | fi 138 | 139 | if [ "${update}" == "new" ] 140 | then 141 | [ "$(ls -A /home/source)" != "" ] && __die 1 "/home/source must be empty when using 'update=new'" 142 | if [ ${stype} == "crack" ] 143 | then 144 | echo -e "********\n\nFetching git source from Launchpad, branch: $branch\n\n********" 145 | git clone --depth 1 git://git.launchpad.net/~ubuntu-kernel-test/ubuntu/+source/linux/+git/mainline-crack \ 146 | --branch "${branch}" /home/source --single-branch || __die 1 "Failed to checkout source from launchpad" 147 | else 148 | echo -e "********\n\nFetching git source from Kernel.org, branch: $branch\n\n********" 149 | git clone --depth 1 https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git \ 150 | --branch "${branch}" /home/source --single-branch || __die 1 "Failed to checkout source from kernel.org" 151 | fi 152 | else 153 | echo -e "********\n\nCleaning git source tree\n\n********" 154 | git clean -fdx || __die 1 'git failed' 155 | git reset --hard HEAD 156 | if [ "$update" == "yes" ] 157 | then 158 | echo -e "********\n\nUpdating git source tree\n\n********" 159 | git fetch --tags origin 160 | fi 161 | echo -e "********\n\nSwitching to ${branch} branch\n\n********" 162 | git checkout "${branch}" || __die 1 "Tag for '${branch} not found" 163 | fi 164 | } 165 | 166 | __unbundle() { 167 | cd /home/source/ 168 | wget "https://kernel.ubuntu.com/~kernel-ppa/mainline/${kver}/crack.bundle" || __die 1 "Failed to download bundle from ubuntu.com" 169 | git bundle verify crack.bundle || __die 1 "bundle will not apply" 170 | git bundle unbundle crack.bundle || __die 1 "Failed to unbundle" 171 | git checkout $(git bundle list-heads crack.bundle | grep "${kver}" | awk '{ print $1 }') || __die 1 "failed to checkout commit" 172 | } 173 | 174 | echo -e "********\n\nBuild starting\n\n********" 175 | 176 | args=( "$@" ); 177 | for (( i=0; $i < $# ; i++ )) 178 | do 179 | arg=${args[$i]} 180 | if [[ $arg = --*=* ]] 181 | then 182 | key=${arg#--} 183 | val=${key#*=}; key=${key%%=*} 184 | case "$key" in 185 | update|btype|shell|custom|sign|flavour|exclude|rename|patch|series|checkbugs|buildmeta|maintainer|debug|kver|metaver|metaonly|metatime|haverust|branch|bundle|stype|clean|rustup|dryrun) 186 | printf -v "$key" '%s' "$val" ;; 187 | *) __die 1 "Unknown flag $arg" 188 | esac 189 | else __die 1 "Bad arg $arg" 190 | fi 191 | done 192 | 193 | echo -e ">>> Args.... sign is $sign" 194 | if [ "$sign" == "no" ] 195 | then 196 | buildargs="$buildargs -uc -ui -us" 197 | else 198 | buildargs="$buildargs -sa --sign-key=${sign}" 199 | cp -rp /root/keys /root/.gnupg 200 | chown -R root:root /root/.gnupg 201 | chmod 700 /root/.gnupg 202 | fi 203 | 204 | cd "$ksrc" || __die 1 "\$ksrc ${ksrc@Q} not found" 205 | 206 | # tell git to trust /home/source 207 | git config --global --add safe.directory /home/source 208 | 209 | __update_sources 210 | 211 | if [ "${bundle}" == "yes" ] 212 | then 213 | __unbundle 214 | fi 215 | 216 | # install rust if requested 217 | if [ "$rustup" == "yes" ] 218 | then 219 | curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y 220 | /root/.cargo/bin/rustup override set $(scripts/min-tool-version.sh rustc) 221 | /root/.cargo/bin/rustup component add rust-src 222 | /root/.cargo/bin/cargo install --locked --version $(scripts/min-tool-version.sh bindgen) bindgen-cli 223 | cp /root/.cargo/bin/* /usr/local/bin 224 | fi 225 | 226 | # Apply patch if requested 227 | echo -e ">>> Args.... patch is $patch" 228 | if [ "$patch" != "no" ] 229 | then 230 | echo -e "********\n\nDownloading and patching cod/mainline/${kver} to $patch\n\n********" 231 | if [[ "$patch" =~ v[0-9]+\.[0-9]+\.[0-9]* ]] 232 | then 233 | # apply patch 234 | curl -s https://cdn.kernel.org/pub/linux/kernel/${patch/.*/}.x/patch-${patch:1}.xz > /home/patch.xz 235 | ret=$? 236 | [ $ret -ne 0 ] && __die $ret "Failed to download patch. Code: $ret" 237 | xzcat /home/patch.xz | patch -p1 --forward -r - 238 | ret=$? 239 | [ $ret -gt 1 ] && __die $ret "Patching failed. Code $ret" 240 | kver="$patch" 241 | else 242 | __die 1 "Patch version should be a kernel version, Eg v5.11.19" 243 | fi 244 | fi 245 | 246 | # prep 247 | echo -e "********\n\nRenaming source package and updating control files\n\n********" 248 | debversion=$(date +%Y%m%d%H%M) 249 | abinum=$(echo ${kver:1} | awk -F. '{printf "%02d%02d%02d", $1,$2,$3 }') 250 | echo -e ">>> Args.... rename is $rename" 251 | if [ "$rename" == "yes" ] 252 | then 253 | sed -i -re "s/(^linux) \(([0-9]+\.[0-9]+\.[0-9]+)-([^\.]*)\.[0-9]+\) ([^;]*)(.*)/linux-${kver:1} (${kver:1}-${abinum}.${debversion}) ${series}\5/" debian.master/changelog 254 | sed -i -re 's/SRCPKGNAME/linux/g' debian.master/control.stub.in 255 | sed -i -re 's/SRCPKGNAME/linux/g' debian.master/control.d/flavour-control.stub 256 | sed -i -re "s/Source: linux/Source: linux-${kver:1}/" debian.master/control.stub.in 257 | sed -i -re "s/^(Package:\s+)(linux(-cloud[-tools]*|-tools)(-common|-host))$/\1\2-PKGVER/" debian.master/control.stub.in 258 | sed -i -re "s/^(Depends:\s+.*, )(linux(-cloud[-tools]*|-tools)(-common|-host))$/\1\2-PKGVER/" debian.master/control.stub.in 259 | sed -i -re "s/indep_hdrs_pkg_name=[^-]*/indep_hdrs_pkg_name=linux/" debian/rules.d/0-common-vars.mk 260 | sed -i -re "s/rust_pkg_name=[^-]*/rust_pkg_name=linux/" debian/rules.d/0-common-vars.mk 261 | else 262 | sed -i -re "s/(^linux) \(([0-9]+\.[0-9]+\.[0-9]+)-([0-9]+)\.[0-9]+\) ([^;]*)(.*)/linux (${kver:1}-${abinum}.${debversion}) ${series}\5/" debian.master/changelog 263 | fi 264 | sed -i -re 's/dwarves \[/dwarves (>=1.21) \[/g' debian.master/control.stub.in 265 | 266 | # don't fail if we find no *.ko files in the build dir 267 | sed -i -re 's/zstd -19 --quiet --rm/zstd -19 --rm || true/g' debian/rules.d/2-binary-arch.mk 268 | 269 | # undo GCC-11 update in focal 270 | echo -e ">>> Args.... series is $series" 271 | if [ "$series" == "focal" ] 272 | then 273 | echo -e ">>> Downgrade GCC to version 9 on focal" 274 | sed -i -re 's/export gcc\?=.*/export gcc?=gcc-9/' debian/rules.d/0-common-vars.mk 275 | # revert GCC to v12 on Jammy 276 | elif [ "$series" == "jammy" ] 277 | then 278 | echo -e ">>> Downgrade GCC to version 12 on focal" 279 | sed -i -re 's/export gcc\?=.*/export gcc?=gcc-12/' debian/rules.d/0-common-vars.mk 280 | fi 281 | 282 | # Remove rust dependencies if $haverust is "no". Defaults to "no" on focal and "yes" on others. 283 | echo -e ">>> Args.... haverust is $haverust" 284 | if [ "$haverust" == "no" ] 285 | then 286 | if [ "$abinum" -ge "060100" ] 287 | then 288 | echo -e ">>> Removing deps and disabling rust in kernel" 289 | sed -i -re 's/^ (rust|bindgen|clang|llvm)(.*)/#\1\2/g' debian.master/control.stub.in 290 | sed -i -re "s#CONFIG_HAVE_RUST.*#CONFIG_HAVE_RUST policy<{'amd64': 'n'}>#" debian.master/config/annotations 291 | sed -i -re "s#CONFIG_RUST_IS_AVAILABLE.*#CONFIG_RUST_IS_AVAILABLE policy<{'amd64': 'n'}>#" debian.master/config/annotations 292 | fi 293 | fi 294 | 295 | # force python3 to python3.9 in focal 296 | if [ "$series" == "focal" ] 297 | then 298 | echo -e ">>> Forcing python3.9 on focal" 299 | sed -i -re 's#PYTHON=python3#PYTHON=python3.9\nexport PATH=$(shell pwd)/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin#' debian/rules 300 | sed -i -re 's#dh_clean#dh_clean\n\n\trm -rf bin\n\tmkdir bin\n\tln -sf /usr/bin/python3.9 bin/python3\n\tenv\n\tpython3 --version\n#' debian/rules 301 | sed -i -re 's# python3-dev ,# python3-dev ,\n python3.9-dev ,\n python3.9-minimal ,#g' debian.master/control.stub.in 302 | sed -i -re 's#PYTHON3\s*=\s*python3#PYTHON3 = python3.9#' Makefile 303 | fi 304 | 305 | echo -e ">>> Args.... flavour is $flavour" 306 | if [ "$flavour" != "none" ] 307 | then 308 | echo -e "********\n\nSetting flavour: $flavour\n\n********" 309 | sed -i -re "s/(flavours\s+=).*/\1 $flavour/" debian.master/rules.d/amd64.mk 310 | fi 311 | 312 | echo -e ">>> Args.... exclude is $exclude" 313 | if [ "$exclude" != "none" ] 314 | then 315 | IFS=',' read -ra pkgs <<< "$exclude" 316 | for pkg in "${pkgs[@]}" 317 | do 318 | if [ "$pkg" == "cloud-tools" ] 319 | then 320 | sed -i -re "s/(do_tools_hyperv\s+=).*/\1 false/" debian.master/rules.d/amd64.mk 321 | elif [ "$pkg" == "tools" ] 322 | then 323 | # This doesn't work. We'll rename tools packages instead 324 | sed -i -re "s/^(do_tools_)((common|host)\s+=).*/\1\2 false/" debian.master/rules.d/amd64.mk 325 | echo "do_linux_tools = false" >> debian.master/rules.d/amd64.mk 326 | elif [ "$pkg" == "udebs" ] 327 | then 328 | echo "disable_d_i = true" >> debian.master/rules.d/amd64.mk 329 | fi 330 | done 331 | fi 332 | 333 | echo -e ">>> Args.... debug is $debug" 334 | if [ "$debug" == yes ] 335 | then 336 | echo -e "********\n\nEnabling Debug packages\n\n********\n" 337 | sed -i -re "s/skipdbg\s*=\s*true/skipdbg = false/g" debian/rules.d/0-common-vars.mk 338 | fi 339 | 340 | echo -e ">>> Args.... checkbugs is $checkbugs" 341 | if [ "$checkbugs" == "yes" ] 342 | then 343 | echo -e "********\n\nChecking for potential bugs\n\n********\n" 344 | if [ "$(cat debian/debian.env)" == "DEBIAN=debian.master" ] 345 | then 346 | echo ">>> ---> debian.env bug == no" 347 | else 348 | echo ">>> ---> debian.env bug == yes" 349 | echo "DEBIAN=debian.master" > debian/debian.env 350 | fi 351 | fi 352 | 353 | # Make lowlatency changes manually, the flavour was removed in 5.16.12 and newer 354 | if [ "$flavour" = "lowlatency" -a ! -f debian.master/control.d/vars.lowlatency ] 355 | then 356 | echo ">>> Recreating settings for defunct lowlatency flavour" 357 | cat debian.master/control.d/vars.generic | sed -e 's/Generic/Lowlatency/g' > debian.master/control.d/vars.lowlatency 358 | touch debian.master/config/amd64/config.flavour.lowlatency 359 | ./scripts/config --file debian.master/config/amd64/config.common.amd64 --disable COMEDI_TESTS_EXAMPLE 360 | ./scripts/config --file debian.master/config/amd64/config.common.amd64 --disable COMEDI_TESTS_NI_ROUTES 361 | ./scripts/config --file debian.master/config/amd64/config.common.amd64 --set-val CONFIG_HZ 1000 362 | ./scripts/config --file debian.master/config/amd64/config.common.amd64 --enable HZ_1000 363 | ./scripts/config --file debian.master/config/amd64/config.common.amd64 --disable HZ_250 364 | ./scripts/config --file debian.master/config/amd64/config.common.amd64 --enable LATENCYTOP 365 | ./scripts/config --file debian.master/config/amd64/config.common.amd64 --enable PREEMPT 366 | ./scripts/config --file debian.master/config/amd64/config.common.amd64 --disable PREEMPT_VOLUNTARY 367 | ./scripts/config --file debian.master/config/amd64/config.common.amd64 --set-val TEST_DIV64 m 368 | fi 369 | 370 | echo -e ">>> Args.... metaonly is $metaonly" 371 | if [ "$metaonly" == "no" ] 372 | then 373 | echo -e "********\n\nApplying default configs\n\n********" 374 | echo 'archs="amd64"' > debian.master/etc/kernelconfig 375 | fakeroot debian/rules clean defaultconfigs 376 | #fakeroot debian/rules importconfigs 377 | fakeroot debian/rules clean 378 | fi 379 | 380 | echo -e ">>> Args.... shell is $shell" 381 | if [ "$shell" == "yes" ] 382 | then 383 | echo -e "********\n\nPre-build shell, exit or ctrl-d to continue build\n\n********" 384 | bash 385 | fi 386 | 387 | echo -e ">>> Args.... custom is $custom" 388 | if [ "$custom" == "yes" ] 389 | then 390 | echo -e "********\n\nYou have asked for a custom build.\nYou will be given the chance to makemenuconfig next.\n\n********" 391 | read -p 'Press return to continue...' foo 392 | fakeroot debian/rules editconfigs 393 | else 394 | if [ -x "/custom/${custom}-patch.sh" ] 395 | then 396 | echo -e "********\n\nYou have asked for a custom build.\nPatching source with /custom/${custom}-patch.sh\n\n********" 397 | /custom/${custom}-patch.sh 398 | read -p 'Press return to continue...' foo 399 | fakeroot debian/rules editconfigs 400 | fi 401 | fi 402 | 403 | # Build 404 | if [ "$metaonly" == "no" ] 405 | then 406 | echo -e "********\n\nBuilding packages\nCommand: dpkg-buildpackage --build=$btype $buildargs\n\n********" 407 | if [ "$dryrun" == "no" ] 408 | then 409 | dpkg-buildpackage --build=$btype $buildargs 410 | fi 411 | fi 412 | 413 | echo -e "********\n\nBuilding meta package\n\n********" 414 | echo -e ">>> Args.... buildmeta is $buildmeta" 415 | if [ "$buildmeta" == "yes" ] 416 | then 417 | if [ "$dryrun" == "yes" ] 418 | then 419 | echo -e "********\n\nDry-run\nCommand: dpkg-buildpackage --build=$btype $buildargs" 420 | echo "do_metapackage "${kver:1}" "${metaver}" "${metatime}" "generic" "$series" "$maintainer" "$abinum" "$btype"" 421 | echo "dry-run shell" 422 | bash 423 | elif [ "$flavour" == "none" ] 424 | then 425 | echo ">>> Building generic metapackage" 426 | do_metapackage "${kver:1}" "${metaver}" "${metatime}" "generic" "$series" "$maintainer" "$abinum" "$btype" 427 | if [ -f debian.master/control.d/vars.lowlatency ] 428 | then 429 | echo ">>> Building lowlatency metapackage" 430 | do_metapackage "${kver:1}" "${metaver}" "${metatime}" "lowlatency" "$series" "$maintainer" "$abinum" "$btype" 431 | fi 432 | else 433 | echo ">>> Building $flavour metapackage" 434 | do_metapackage "${kver:1}" "${metaver}" "${metatime}" "$flavour" "$series" "$maintainer" "$abinum" "$btype" 435 | fi 436 | fi 437 | 438 | echo -e "********\n\nMoving packages to debs folder\n\n********" 439 | [ -d "$kdeb/$kver" ] || mkdir "$kdeb/$kver" 440 | mv "$ksrc"/../*.* "$kdeb/$kver" 441 | 442 | if [ "$shell" == "yes" ] 443 | then 444 | echo -e "********\n\nPost-build shell, exit or ctrl-d to finish\n\n********" 445 | bash 446 | fi 447 | 448 | if [ "$clean" == "yes" ] 449 | then 450 | echo -e "********\n\nRemoving git source tree\n\n********" 451 | rm -r /home/source/* 452 | rm -r /home/source/.[a-z]* 453 | else 454 | echo -e "********\n\nCleaning git source tree\n\n********" 455 | git clean -fdx 456 | git reset --hard HEAD 457 | fi 458 | 459 | -------------------------------------------------------------------------------- /custom/rust-samples-patch.sh: -------------------------------------------------------------------------------- 1 | DISABLED=(CONFIG_DEBUG_INFO_BTF CONFIG_MODVERSIONS CONFIG_HAVE_GCC_PLUGINS) 2 | ENABLED=(CONFIG_RUST CONFIG_SAMPLES_RUST CONFIG_SAMPLE_RUST_HOSTPROGS) 3 | MODULES=(CONFIG_SAMPLE_RUST_MINIMAL CONFIG_SAMPLE_RUST_PRINT) 4 | 5 | annotations=debian.master/config/annotations 6 | 7 | for config in ${DISABLED[@]} 8 | do 9 | egrep "^$config" "$annotations" > /dev/null 10 | if [ $? -eq 0 ] 11 | then 12 | sed -i $annotations -re "s/^$config.*/$config policy<{'amd64': 'n', 'arm64': 'n', 'armhf': 'n', 'ppc64el': 'n', 'riscv64': 'n', 's390x': 'n'}>" 13 | else 14 | echo "$config policy<{'amd64': 'n', 'arm64': 'n', 'armhf': 'n', 'ppc64el': 'n', 'riscv64': 'n', 's390x': 'n'}>" >> $annotations 15 | fi 16 | done 17 | 18 | for config in ${ENABLED[@]} 19 | do 20 | egrep "^$config" "$annotations" > /dev/null 21 | if [ $? -eq 0 ] 22 | then 23 | sed -i $annotations -re "s/^$config.*/$config policy<{'amd64': 'y', 'arm64': 'y', 'armhf': 'y', 'ppc64el': 'y', 'riscv64': 'y', 's390x': 'y'}>" 24 | else 25 | echo "$config policy<{'amd64': 'y', 'arm64': 'y', 'armhf': 'y', 'ppc64el': 'y', 'riscv64': 'y', 's390x': 'y'}>" >> $annotations 26 | fi 27 | done 28 | 29 | for config in ${modules[@]} 30 | do 31 | egrep "^$config" "$annotations" > /dev/null 32 | if [ $? -eq 0 ] 33 | then 34 | sed -i $annotations -re "s/^$config.*/$config policy<{'amd64': 'm', 'arm64': 'm', 'armhf': 'm', 'ppc64el': 'm', 'riscv64': 'm', 's390x': 'm'}>" 35 | else 36 | echo "$config policy<{'amd64': 'm', 'arm64': 'm', 'armhf': 'm', 'ppc64el': 'm', 'riscv64': 'm', 's390x': 'm'}>" >> $annotations 37 | fi 38 | done 39 | 40 | --------------------------------------------------------------------------------