├── .github └── workflows │ └── build-bisdn-linux.yml ├── .gitignore ├── BUILDING_DETAILS.md ├── LICENSE ├── README.md ├── bisdn-linux.yaml ├── build └── README.md ├── default.xml ├── nightly.yaml ├── ofdpa-gitlab.yaml ├── release.yaml ├── rm-work.yaml ├── scripts ├── README.md ├── changelog.sh ├── convert.sh └── prepare_release.sh ├── sources └── README.md └── src_tarball.yaml /.github/workflows/build-bisdn-linux.yml: -------------------------------------------------------------------------------- 1 | name: Build BISDN Linux 2 | 3 | on: 4 | push: 5 | branches: 6 | - main 7 | pull_request: 8 | branches: 9 | - main 10 | workflow_dispatch: # allow manual triggering from the GitHub web UI 11 | 12 | jobs: 13 | build: 14 | runs-on: ubuntu-latest 15 | 16 | strategy: 17 | matrix: 18 | machine: [generic-x86-64, generic-armel-iproc] 19 | # Allow matrix jobs to continue regardless of failures in other 20 | # jobs. 21 | fail-fast: false 22 | 23 | env: 24 | KAS_CFG_FILES: "bisdn-linux.yaml:rm-work.yaml" 25 | MACHINE: "${{ matrix.machine }}" 26 | # Build full image (for faster pipeline tests, use "minimal") 27 | TARGET: "full" 28 | SSTATE_CACHE_DIR: "build/sstate-cache" 29 | 30 | steps: 31 | - name: Check out repository 32 | uses: actions/checkout@v4 33 | 34 | - name: Set up Docker 35 | uses: docker/setup-buildx-action@v3 36 | 37 | - name: Inspect build host 38 | run: | 39 | lscpu 40 | echo . 41 | free -h 42 | echo . 43 | df -h 44 | 45 | - name: Free disk space 46 | run: | 47 | df -h / 48 | echo . 49 | del_dirs="\ 50 | "$AGENT_TOOLSDIRECTORY" \ 51 | /opt/ghc \ 52 | /opt/google \ 53 | /opt/microsoft \ 54 | /usr/lib/google-cloud-sdk \ 55 | /usr/lib/jvm \ 56 | /usr/local/lib/android \ 57 | /usr/local/lib/node_modules \ 58 | /usr/local/share/chromium \ 59 | /usr/local/share/powershell \ 60 | /usr/share/dotnet \ 61 | /usr/share/swift \ 62 | " 63 | # Ignore non-existent directories 64 | echo "Space we are about to reclaim" 65 | sudo du -msc $del_dirs 2>/dev/null || true 66 | sudo rm -rf $del_dirs 2>/dev/null 67 | echo . 68 | df -h / 69 | 70 | - name: Install build dependencies 71 | run: | 72 | sudo apt-get update 73 | sudo apt-get install -y python3-pip 74 | pip3 install kas 75 | 76 | # The kas dump file records the current state of each source repo. 77 | # We use it for the cache key in the next step. 78 | - name: Create kas configuration dump file 79 | run: | 80 | export KAS_MACHINE=$MACHINE 81 | export KAS_TARGET=$TARGET 82 | kas-container dump "$KAS_CFG_FILES" --resolve-refs > dump 83 | 84 | # sstate-cache saves a lot of time. Do not cache anything else (such 85 | # as build/downloads) to at least have a chance to cache both 86 | # MACHINEs without running into github's cache size limit. 87 | # Current state: https://github.com/bisdn/bisdn-linux/actions/caches 88 | - name: Cache BitBake directories 89 | uses: actions/cache@v4 90 | with: 91 | path: | 92 | build/sstate-cache 93 | key: ${{ matrix.machine }}-${{ env.TARGET }}-${{ hashFiles('**/dump') }} 94 | restore-keys: | 95 | ${{ matrix.machine }}-${{ env.TARGET }}- 96 | ${{ matrix.machine }}- 97 | 98 | # On a machine with all build dependencies installed, this is the only 99 | # command required to download the source repos and build the image. 100 | - name: Build BISDN Linux 101 | run: | 102 | export KAS_MACHINE=$MACHINE 103 | export KAS_TARGET=$TARGET 104 | kas-container build "$KAS_CFG_FILES" 105 | 106 | - name: Remove duplicates in sstate-cache 107 | run: | 108 | echo "##############################################################" 109 | du -ms "$SSTATE_CACHE_DIR" 110 | echo "Removing duplicates in sstate-cache." 111 | ./sources/poky/scripts/sstate-cache-management.sh \ 112 | --cache-dir="$SSTATE_CACHE_DIR" --remove-duplicated --yes 113 | echo "##############################################################" 114 | du -ms "$SSTATE_CACHE_DIR" 115 | -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | bitbake.lock 2 | build 3 | cache 4 | conf/bblayers.conf 5 | conf/local.conf 6 | conf/sanity_info 7 | downloads 8 | sources 9 | sstate-cache 10 | tmp 11 | -------------------------------------------------------------------------------- /BUILDING_DETAILS.md: -------------------------------------------------------------------------------- 1 | # Building details 2 | 3 | This document covers details that may be useful to some users. 4 | 5 | All examples build for `generic-x86-64`. Replace it with 6 | `generic-armel-iproc` when building for ARM. 7 | 8 | ## Building additional yocto packages 9 | 10 | Assuming the packages you want to add are already present in one of the 11 | layers configured in [`bisdn-linux.yaml`](bisdn-linux.yaml), you can have 12 | them included in the BISDN Linux image by adding an `IMAGE_INSTALL:append` 13 | line to the configuration. You can do that by creating your own kas 14 | configuration file and pass it to kas: 15 | 16 | ```shell 17 | $ cat > custom-configation.yaml << EOF 18 | header: 19 | version: 14 20 | 21 | local_conf_header: 22 | extra_packages: | 23 | IMAGE_INSTALL:append = "iperf3 strongswan" 24 | EOF 25 | $ KAS_MACHINE=generic-x86-64 kas build bisdn-linux.yaml:custom-configuration.yaml 26 | ``` 27 | 28 | For packages in other layer repos, you need to add the repos first. The repos 29 | configured in `bisdn-linux.yaml` demonstrate how to do this. The 30 | [kas documentation](https://kas.readthedocs.io/en/latest/userguide/project-configuration.html) 31 | provides more information on how to further customize your kas configuration 32 | file. 33 | 34 | ## Building without containers 35 | 36 | We recommend building with containers to ensure a reproducible 37 | build. Building without containers has been known to fail on recent 38 | Linux distributions due to incompatible versions of build tools. 39 | 40 | If you want to build without using containers, you can replace the 41 | `kas-container` command with `kas` in a suitable build environment. 42 | 43 | BISDN Linux is currently based on the Yocto Project's Kirkstone release. 44 | The 45 | [system requirements page](https://docs.yoctoproject.org/4.0.22/ref-manual/system-requirements.html) 46 | lists suitable Linux distributions and required packages for 47 | building a Kirkstone-based system without containers. 48 | 49 | For example, on Ubuntu 22.04 LTS (jammy), you would install the required 50 | packages and then run kas: 51 | 52 | ```shell 53 | sudo apt-get install --no-install-recommends \ 54 | build-essential chrpath diffstat lz4 55 | KAS_MACHINE=generic-x86-64 kas build bisdn-linux.yaml 56 | ``` 57 | 58 | ## Building under disk space constraints 59 | 60 | If your build runs out of disk space, you will see an error like this: 61 | 62 | ``` 63 | ERROR: No new tasks can be executed since the disk space monitor action is "STOPTASKS"! 64 | ERROR: Immediately halt since the disk space monitor action is "HALT"! 65 | ``` 66 | 67 | To work around this, you can include the [`rm-work.yaml`](rm-work.yaml) 68 | file in your kas configuration. This will remove intermediate files 69 | after a package has been successfully built which reduces the amount 70 | of disk space required substantially: 71 | 72 | ```shell 73 | KAS_MACHINE=generic-x86-64 kas-container build bisdn-linux.yaml:rm-work.yaml 74 | ``` 75 | 76 | ## Limiting memory and CPU usage 77 | 78 | Even if you have the recommended RAM and CPU cores, the build process may 79 | expand to eat all resources on your build host and make it unresponsive 80 | to the point where only resetting the machine will help. To avoid this, 81 | you can limit the resources available to the build process by having 82 | kas-container pass additional options to `docker run`. For instance: 83 | 84 | ```shell 85 | KAS_MACHINE=generic-x86-64 kas-container --runtime-args "--cpus=14" --runtime-args "--memory=16g" \ 86 | --runtime-args "--memory-swap=20g" build bisdn-linux.yaml:ofdpa-gitlab.yaml 87 | ``` 88 | 89 | ## Building ofdpa-gitlab 90 | 91 | If you want to build ofdpa from source, you need access to the 92 | ofdpa-gitlab repo. The most convenient way to authenticate when building 93 | with `kas-container` is to use your own `.ssh` directory (to avoid 94 | complaints that the authenticity of the host can't be established) 95 | and your ssh-agent (for authentication with gitlab.bisdn.de): 96 | 97 | ```shell 98 | KAS_MACHINE=generic-x86-64 kas-container --ssh-agent --ssh-dir ~/.ssh build bisdn-linux.yaml:ofdpa-gitlab.yaml 99 | ``` 100 | 101 | ## Troubleshooting 102 | 103 | If your build fails, it may be because your [`build`](build) directory 104 | is in an inconsistent state (this can happen, for instance, if the build 105 | process is killed). The `build` directory is rebuilt if you remove it 106 | (or parts of it). Rebuilding `build/downloads` and `build/sstate-cache` 107 | can take a long time, so you may want to remove just `build/tmp` and 108 | restart the build. If that works, there is no need to remove all of 109 | `build`. 110 | -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | BISDN Linux is based on Yocto. Yocto is comprised of multiple components, 2 | of which most are licensed under GPLv2 or MIT. 3 | 4 | In addition it imports several components from OpenNetworkLinux, which 5 | itself is licensed under GPLv2. 6 | 7 | BISDN Linux' own additions are licensed under MPLv2 or GPLv2, unless 8 | stated otherwise. 9 | 10 | Please see the individual subprojects' license information for additional 11 | details. 12 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # BISDN Linux build system 2 | 3 | [![BISDN Linux CI status](https://github.com/bisdn/bisdn-linux/actions/workflows/build-bisdn-linux.yml/badge.svg)](https://github.com/bisdn/bisdn-linux/actions/workflows/build-bisdn-linux.yml) 4 | 5 | This repository holds files for building the 6 | [BISDN Linux](https://docs.bisdn.de/) network operating system. 7 | 8 | Pre-built release images can be downloaded from the 9 | [BISDN Linux images](https://docs.bisdn.de/download_images.html) page. 10 | [Nightly builds](http://repo.bisdn.de/nightly_builds/) are also available. 11 | 12 | If you want to build your own BISDN Linux images, you can use the files 13 | in this repo and the [kas](https://github.com/siemens/kas) automation 14 | tool. The only file that you will need is the kas configuration file 15 | [`bisdn-linux.yaml`](bisdn-linux.yaml). All other files in this repo 16 | are documentation or for the benefit of our CI/CD and release management 17 | systems. 18 | 19 | The remainder of this document provides a quick guide on how to build 20 | a BISDN Linux image. For further customization, build optimization, and 21 | troubleshooting, please refer to [BUILDING_DETAILS.md](BUILDING_DETAILS.md). 22 | 23 | ## Supported switches 24 | 25 | A list of supported switches can be found at 26 | [BISDN Linux images](https://docs.bisdn.de/download_images.html). 27 | 28 | ## Build requirements 29 | 30 | ### Hardware requirements 31 | 32 | We recommend a build host with 32 CPU cores, 32 GiB RAM and 150 GiB free 33 | disk space for building a full image. You may get away with less, but 34 | you risk running into out-of-memory errors, a full disk, or a slow build. 35 | 36 | ### Software requirements 37 | 38 | Our build system uses 39 | [kas](https://kas.readthedocs.io/en/latest/userguide.html) to fetch the 40 | source repositories and to configure the build. While it is possible to 41 | run `kas` directly on your build host, we recommend using 42 | [`kas-container`](https://kas.readthedocs.io/en/latest/userguide/kas-container.html) 43 | because it provides a reproducible build environment. 44 | 45 | Your build host should be running Linux and have the following software 46 | components installed: 47 | 48 | - kas. Some Linux distributions offer their own kas package, but they 49 | may be too old to work with our kas files. We recommend installing 50 | kas as a Python package (using pip, pipx, or a similar tool). 51 | 52 | - a container management tool. For the rest of this document, we will assume 53 | you have docker installed, but podman should work as well. 54 | 55 | ### Time and disk space 56 | 57 | Expect the build process to take a bit over an hour with 32 CPU cores 58 | and 32 GiB RAM. Adding additional CPU cores speeds up the build time 59 | significantly. 60 | 61 | Subsequent builds are much faster (taking less than 10 minutes with a warm 62 | build cache) because source repos (kept in the `sources` directory) are not 63 | downloaded again and (more importantly) a number of intermediate build 64 | artifacts are cached in the `build` directory. 65 | 66 | A single build requires about 100 GiB of disk space. The cache directories in 67 | `build` directory tend to grow slowly when building new versions. 68 | 69 | ## Building a BISDN Linux image 70 | 71 | BISDN Linux supports two different architectures: Broadcom XGS iProc (ARM), and 72 | Intel x86-64. 73 | 74 | To select the target machine for BISDN Linux, pass the appropriate name via 75 | the`KAS_MACHINE` environment variable: 76 | 77 | * `generic-armel-iproc` for devices based on Broadcom XGS iProc (Accton AS4610 series) 78 | * `generic-x86-64` for devices with an Intel x86 host CPU (all other supported devices) 79 | 80 | To build the image from the latest sources, clone this repo and run the 81 | following command in its root directory, e.g.: 82 | 83 | ```bash 84 | KAS_MACHINE=generic-x86-64 kas-container build bisdn-linux.yaml 85 | ``` 86 | 87 | After the build process has finished, your image will be in 88 | `build/tmp/deploy/images//`. A symlink named 89 | `onie-bisdn-full-.bin` will point to the actual image 90 | file named `onie-bisdn-full--.bin`. 91 | 92 | ## Installing a BISDN Linux image 93 | 94 | Please refer to our 95 | [BISDN Linux docs](https://docs.bisdn.de/getting_started/install_bisdn_linux.html) 96 | on how to install the resulting image. 97 | -------------------------------------------------------------------------------- /bisdn-linux.yaml: -------------------------------------------------------------------------------- 1 | header: 2 | version: 14 3 | distro: bisdn-linux 4 | build_system: oe 5 | machine: generic-x86-64 6 | target: full 7 | 8 | env: 9 | # Export variables (if set) to bitbake via BB_ENV_PASSTHROUGH_ADDITIONS 10 | CCACHE_TOP_DIR: null 11 | FEEDURIPREFIX: null 12 | 13 | local_conf_header: 14 | default-local-conf: | 15 | CONF_VERSION = "2" 16 | PACKAGE_CLASSES ?= "package_ipk" 17 | USER_CLASSES ?= "buildstats" 18 | PATCHRESOLVE = "noop" 19 | BB_DISKMON_DIRS = "\ 20 | STOPTASKS,${TMPDIR},1G,100K \ 21 | STOPTASKS,${DL_DIR},1G,100K \ 22 | STOPTASKS,${SSTATE_DIR},1G,100K \ 23 | STOPTASKS,/tmp,100M,100K \ 24 | HALT,${TMPDIR},100M,1K \ 25 | HALT,${DL_DIR},100M,1K \ 26 | HALT,${SSTATE_DIR},100M,1K \ 27 | HALT,/tmp,10M,1K" 28 | feed-local-conf: | 29 | FEEDURIPREFIX ?= "latest/${MACHINE}/packages_latest-build" 30 | 31 | repos: 32 | poky: 33 | url: "git://git.yoctoproject.org/poky" 34 | branch: "kirkstone" 35 | path: "sources/poky" 36 | layers: 37 | meta: 38 | meta-poky: 39 | meta-yocto-bsp: 40 | 41 | # additional yocto layers 42 | meta-cloud-services: 43 | url: "git://git.yoctoproject.org/meta-cloud-services" 44 | branch: "kirkstone" 45 | path: "sources/meta-cloud-services" 46 | layers: 47 | .: 48 | meta-openstack: 49 | 50 | meta-virtualization: 51 | url: "git://git.yoctoproject.org/meta-virtualization" 52 | branch: "kirkstone" 53 | path: "sources/meta-virtualization" 54 | 55 | # open embedded layers 56 | meta-openembedded: 57 | url: "git://git.openembedded.org/meta-openembedded" 58 | branch: "kirkstone" 59 | path: "sources/meta-openembedded" 60 | layers: 61 | meta-filesystems: 62 | meta-networking: 63 | meta-oe: 64 | meta-python: 65 | meta-webserver: 66 | 67 | # open source BISDN layers 68 | meta-bisdn-linux: 69 | url: "https://github.com/bisdn/meta-bisdn-linux.git" 70 | branch: "main" 71 | path: "sources/meta-bisdn-linux" 72 | 73 | meta-ofdpa: 74 | url: "https://github.com/bisdn/meta-ofdpa.git" 75 | branch: "main" 76 | path: "sources/meta-ofdpa" 77 | 78 | meta-open-network-linux: 79 | url: "https://github.com/bisdn/meta-open-network-linux.git" 80 | branch: "main" 81 | path: "sources/meta-open-network-linux" 82 | -------------------------------------------------------------------------------- /build/README.md: -------------------------------------------------------------------------------- 1 | # build directory 2 | 3 | The build directory is initially empty (except for this README file). It 4 | gets populated with configuration files by `kas-container checkout` 5 | after which it looks like this: 6 | 7 | ``` 8 | build 9 | ├── conf 10 | │   ├── bblayers.conf 11 | │   ├── local.conf 12 | │   └── templateconf.cfg 13 | └── README.md 14 | ``` 15 | 16 | The build process (i.e., running bitbake) adds additional files and 17 | directories. Here is a directory tree (some file omitted for brevity; 18 | you may not have all these files, depending on your configuration). 19 | 20 | ``` 21 | build 22 | ├── cache 23 | ├── conf 24 | │   ├── bblayers.conf 25 | │   ├── local.conf 26 | │   └── templateconf.cfg 27 | ├── downloads 28 | ├── README.md 29 | ├── sstate-cache 30 | └── tmp 31 | ``` 32 | 33 | For more information, see the Yocto Project's documentation of 34 | [the build directory](https://docs.yoctoproject.org/ref-manual/structure.html#the-build-directory-build). 35 | -------------------------------------------------------------------------------- /default.xml: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | -------------------------------------------------------------------------------- /nightly.yaml: -------------------------------------------------------------------------------- 1 | header: 2 | version: 14 3 | 4 | local_conf_header: 5 | feed-local-conf: | 6 | FEEDURIPREFIX ?= "nightly_builds/${MACHINE}/main/packages_latest-build" 7 | -------------------------------------------------------------------------------- /ofdpa-gitlab.yaml: -------------------------------------------------------------------------------- 1 | header: 2 | version: 14 3 | 4 | repos: 5 | meta-ofdpa-closed: 6 | url: "ssh://git@gitlab.bisdn.de/yocto-meta-layers/meta-ofdpa.git" 7 | branch: "main" 8 | path: "sources/meta-ofdpa-closed" 9 | -------------------------------------------------------------------------------- /release.yaml: -------------------------------------------------------------------------------- 1 | header: 2 | version: 14 3 | 4 | local_conf_header: 5 | feed-local-conf: | 6 | FEEDURIPREFIX = "pub/onie/${MACHINE}/packages-v${DISTRO_VERSION}" 7 | -------------------------------------------------------------------------------- /rm-work.yaml: -------------------------------------------------------------------------------- 1 | # Including this kas file lowers the disk space requirements when building. 2 | header: 3 | version: 14 4 | 5 | local_conf_header: 6 | rm-work-conf: 7 | INHERIT += "rm_work" 8 | -------------------------------------------------------------------------------- /scripts/README.md: -------------------------------------------------------------------------------- 1 | # scripts directory 2 | 3 | This directory contains scripts for use in the BISDN Linux release process. 4 | If you are not preparing a BISDN Linux release, you can ignore this directory. 5 | -------------------------------------------------------------------------------- /scripts/changelog.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # 3 | # changelog.sh - Generate a list of new commits between two releases 4 | # 5 | # 6 | # SPDX-License-Identifier: MPL-2.0 7 | # 8 | # (C) 2021-2023 BISDN GmbH 9 | 10 | set -e 11 | 12 | TOPDIR="$(git rev-parse --show-toplevel)" 13 | 14 | ONELINE_FORMAT_COMMIT='%C(auto)%h %s' 15 | ONELINE_FORMAT='%C(auto)%s' 16 | 17 | IGNORED_LAYERS="" 18 | 19 | while getopts 'cefhi:n:o:p:vw:' c 20 | do 21 | case "$c" in 22 | c) 23 | PRINT_COMMITS=1 24 | ;; 25 | e) 26 | PRINT_EMPTY=1 27 | ;; 28 | f) 29 | PRINT_CVE_FIXES=1 30 | ;; 31 | h) 32 | PRINT_HELP=1 33 | ;; 34 | i) 35 | IGNORED_LAYERS=$OPTARG 36 | ;; 37 | n) 38 | NEW_VERSION=$OPTARG 39 | ;; 40 | o) 41 | OLD_VERSION=$OPTARG 42 | ;; 43 | p) 44 | PREFIX=$OPTARG 45 | ;; 46 | v) 47 | PRINT_VERSIONS=1 48 | ;; 49 | w) 50 | WORKDIR=$OPTARG 51 | ;; 52 | esac 53 | done 54 | 55 | shift $((OPTIND-1)) 56 | OLD=$1 57 | NEW=$2 58 | 59 | # $1 list of packages in the image 60 | # $2 packages available and their versions 61 | # $3 list of open CVE issues 62 | collect_bitbake_info() { 63 | local package_list pkg_name pkg_version depends_file cve_file cve_list 64 | local template_dir 65 | declare -n packages=$1 66 | declare -n versions=$2 67 | declare -n cve_issues=$3 68 | 69 | # BB_ENV_EXTRAWHITE was renamed to BB_ENV_PASSTHROUGH_ADDITIONS and 70 | # bitbake will error out if the old one exists in the environment, so 71 | # make sure that neither is set 72 | unset BB_ENV_EXTRAWHITE 73 | unset BB_ENV_PASSTHROUGH_ADDITIONS 74 | 75 | if [ ! -f conf/local.conf.sample ]; then 76 | template_dir=../meta-bisdn-linux/conf/templates/bisdn-linux 77 | else 78 | # older version, not using TEMPLATECONF yet 79 | template_dir=conf 80 | fi 81 | 82 | rm -f conf/local.conf 83 | rm -f conf/bblayers.conf 84 | 85 | sed -i 's|^TMPDIR = .*|TMPDIR = "${TOPDIR}/tmp"|' $template_dir/local.conf.sample 86 | sed -i 's|^DL_DIR ?= .*|DL_DIR = "${TOPDIR}/dl"|' $template_dir/local.conf.sample 87 | sed -i 's|^SSTATE_DIR ?= .*|SSTATE_DIR = "${TOPDIR}/sstate-cache"|' $template_dir/local.conf.sample 88 | if [ -n "$PRINT_CVE_FIXES" ]; then 89 | echo 'INHERIT += "cve-check"' >> $template_dir/local.conf.sample 90 | fi 91 | TEMPLATECONF="meta-bisdn-linux/conf/templates/bisdn-linux" source ../oe-init-build-env . >&2 92 | 93 | pushd $template_dir > /dev/null 94 | git checkout local.conf.sample >&2 95 | popd > /dev/null 96 | 97 | bitbake -g full >&2 98 | if [ -n "$PRINT_CVE_FIXES" ]; then 99 | bitbake --runall cve_check full >&2 100 | cve_file="$(pwd)/tmp/log/cve/cve-summary.json" 101 | fi 102 | 103 | # This is a list of recipe names, not (sub-)packages, but unless we 104 | # also want to build an image, this is the closest we can get. 105 | packages=$(grep -v -e '-native' pn-buildlist) 106 | oIFS=$IFS 107 | IFS=" 108 | " 109 | package_list=$(bitbake -s full) 110 | for package in $package_list; do 111 | pkg_name=$(echo $package | awk '{ print $1}') 112 | pkg_version=$(echo $package | awk -F: '{print $2}') 113 | versions[$pkg_name]=$pkg_version 114 | if [ -n "$PRINT_CVE_FIXES" ]; then 115 | # JSON format example: 116 | # { 117 | # "version": "1", 118 | # "package": [ 119 | # { 120 | # "name": "python3-cryptography", 121 | # "layer": "meta", 122 | # "version": "36.0.2", 123 | # "products": [ 124 | # { 125 | # "product": "cryptography", 126 | # "cvesInRecord": "No" 127 | # } 128 | # ], 129 | # "issue": [ 130 | # { 131 | # "id": "CVE-2023-23931", 132 | # "summary": "(omitted for readability)", 133 | # "scorev2": "0.0", 134 | # "scorev3": "6.5", 135 | # "vector": "NETWORK", 136 | # "status": "Patched", 137 | # "link": "https://nvd.nist.gov/vuln/detail/CVE-2023-23931" 138 | # } 139 | # ] 140 | # } 141 | # ] 142 | # } 143 | # collect all issue ids with status 'Unpatched' for this package: 144 | cve_list=$(jq -r '.package[] | select (.name == "'${pkg_name}'") | .issue[] | select ( .status == "Unpatched" ) | { id } | join(" ")' $cve_file) 145 | cve_issues[$pkg_name]="$cve_list" 146 | fi 147 | done 148 | IFS=$oIFS 149 | 150 | # reset to initial state 151 | unset BB_ENV_EXTRAWHITE 152 | unset BB_ENV_PASSTHROUGH_ADDITIONS 153 | rm -f conf/local.conf 154 | rm -f conf/bblayers.conf 155 | } 156 | 157 | [ -n "$PRINT_HELP" -o -z "$OLD" -o -z "$NEW" ] && { 158 | echo "Generate a full release changelog for BISDN Linux and write it to STDOUT" 159 | echo "" 160 | echo "Generates a list of new commits between two versions for all (default) projects" 161 | echo "defined in the default.xml, separated by project name." 162 | echo "" 163 | echo "Usage: $0 [] " 164 | echo " e.g. $0 v4.8.0 v4.9.0" 165 | echo "Options:" 166 | echo " -c print commit hashes" 167 | echo " -e print repos without changes" 168 | echo " -f print a list of fixed CVEs (may take a long time)" 169 | echo " -h print this help" 170 | echo " -i comma separated list of layers to ignore" 171 | echo " -n set the name of the new version (default: )" 172 | echo " -o set the name of the old version (default: )" 173 | echo " -p prefix all changelog entries with (e.g. ' - ')" 174 | echo " -v also include a list of updated packages and their version changes" 175 | echo " -w use as repo work dir (warning: will discard any changes!)" 176 | exit 1 177 | } 178 | 179 | which repo &> /dev/null || { 180 | echo "ERROR: no working repo utility found." >&2 181 | exit 1 182 | } 183 | 184 | declare -A old_revs 185 | declare -A new_revs 186 | declare -A repos 187 | declare -A repo_paths 188 | declare -A old_versions 189 | declare -A new_versions 190 | declare -A old_open_cves 191 | declare -A new_open_cves 192 | 193 | # use WORKDIR if defined, else create a temporary directory 194 | if [ -z "$WORKDIR" ]; then 195 | WORKDIR=$(mktemp -d) 196 | # make sure we delete it again when we are finished 197 | trap "rm -rf $WORKDIR" EXIT 198 | fi 199 | 200 | pushd "$WORKDIR" > /dev/null 201 | 202 | # repo requires tags to be passed as "refs/tags/", anything else will be 203 | # be treated as a branch and repo tries to checkout refs/heads/, which 204 | # will fail for tags. So check if $OLD is a tag and use the full path. 205 | TAG="$(git ls-remote --tags $TOPDIR $OLD | awk '{print $2}')" 206 | repo init -q -b ${TAG:-${OLD}} -u $TOPDIR > /dev/null 207 | repo sync -q > /dev/null 208 | 209 | dirs=$(repo list -p) 210 | for dir in $dirs; do 211 | pushd $dir > /dev/null 212 | REV=$(git rev-parse HEAD) 213 | popd > /dev/null 214 | layer=$(basename $dir) 215 | if echo $IGNORED_LAYERS | grep -q -P "(? /dev/null 224 | collect_bitbake_info old_packages old_versions old_open_cves 225 | popd > /dev/null 226 | fi 227 | 228 | # As with $OLD, we need to use the full path if $NEW is a tag. 229 | TAG="$(git ls-remote --tags $TOPDIR $NEW | awk '{print $2}')" 230 | repo init -q -b ${TAG:-${NEW}} > /dev/null 231 | repo sync -q --force-sync > /dev/null 232 | 233 | dirs=$(repo list -p) 234 | for dir in $dirs; do 235 | pushd "$dir" > /dev/null 236 | REV=$(git rev-parse HEAD) 237 | popd > /dev/null 238 | layer=$(basename "$dir") 239 | 240 | # we cannot use -F, as -F considers dashes as a word delimiter, but 241 | # layernames use them (e.g. meta-cloud-services). 242 | # So use a handcrafted regex that only considers whitespaces. 243 | if echo $IGNORED_LAYERS | grep -q -P "(? /dev/null 253 | collect_bitbake_info new_packages new_versions new_open_cves 254 | popd > /dev/null 255 | fi 256 | 257 | # meta-switch was renamed to meta-bisdn-linux, so treat meta-switch as an 258 | # old version of meta-bisdn-linux and pretend meta-switch does not exist. 259 | if [ -n "${repos['meta-switch']}" ] && [ -n "${repos['meta-bisdn-linux']}" ]; then 260 | old_revs["meta-bisdn-linux"]=${old_revs["meta-switch"]} 261 | unset -v 'repos["meta-switch"]' 262 | fi 263 | 264 | repo_dirs=$(echo ${!repos[@]} | tr ' ' '\n' | sort | tr '\n' ' ') 265 | 266 | if [ -n "$PRINT_VERSIONS" ]; then 267 | packages=$(echo $old_packages $new_packages | tr '"' ' ' | tr ' ' '\n' | sort -u | tr '\n' ' ') 268 | echo -e "\nUpdated packages:" 269 | for package in $packages; do 270 | old_version=$(echo ${old_versions[$package]}) 271 | new_version=$(echo ${new_versions[$package]}) 272 | [ "$old_version" = "$new_version" ] && continue 273 | if [ -z "$old_version" ]; then 274 | bump="NEW" 275 | elif [ -z "$new_version" ]; then 276 | bump="REMOVED" 277 | else 278 | bump="$old_version => $new_version" 279 | fi 280 | 281 | echo "$package ($bump)" 282 | done 283 | fi 284 | 285 | if [ -n "$PRINT_CVE_FIXES" ]; then 286 | packages=$(echo $old_packages $new_packages | tr '"' ' ' | tr ' ' '\n' | sort -u | tr '\n' ' ') 287 | echo -e "\nFixed CVEs:" 288 | for package in $packages; do 289 | old_cves=$(echo ${old_open_cves[$package]}) 290 | new_cves=$(echo ${new_open_cves[$package]}) 291 | old_version=$(echo ${old_versions[$package]}) 292 | new_version=$(echo ${new_versions[$package]}) 293 | 294 | if [ -z "$old_version" ] || [ -z "$new_version" ]; then 295 | # we don't care about CVEs in deleted packages 296 | # there are no CVE changes in new packages 297 | continue 298 | fi 299 | 300 | fixed_cves=$(comm -23 <(echo "$old_cves") <(echo "$new_cves")) 301 | 302 | if [ -n "$fixed_cves" ]; then 303 | echo "$package:" 304 | echo " $fixed_cves" 305 | echo "" 306 | fi 307 | done 308 | fi 309 | 310 | echo -e "Changes between ${OLD_VERSION:-${OLD}} and ${NEW_VERSION:-${NEW}}:\n" 311 | 312 | for dir in $repo_dirs; do 313 | rev_old=${old_revs[$dir]} 314 | rev_new=${new_revs[$dir]} 315 | 316 | if [ -n "$rev_old" -a -n "$rev_new" ]; then 317 | pushd ${repo_paths[$dir]} > /dev/null 318 | 319 | if ! git cat-file -t $rev_old > /dev/null; then 320 | # repo changed, and revision does not exist in new repo 321 | echo "$dir: $OLD's revision not found in git repo, skipping ..." >&2 322 | popd > /dev/null 323 | continue 324 | fi 325 | 326 | MERGE_BASE=$(git merge-base $rev_old $rev_new) 327 | if [ "$MERGE_BASE" != "$rev_old" ]; then 328 | # get a list of commits, then iterate over them and 329 | # remove any commits with the same subject in both 330 | # branches to remove duplicates. 331 | 332 | changes_old=$(git log --format="$ONELINE_FORMAT_COMMIT" --no-merges $MERGE_BASE..$rev_old) 333 | changes_new=$(git log --format="$ONELINE_FORMAT_COMMIT" --no-merges $MERGE_BASE..$rev_new) 334 | changes="" 335 | oIFS=$IFS 336 | IFS=" 337 | " 338 | for change in $changes_new; do 339 | TEXT=${change#* } 340 | SKIP= 341 | for oldchange in $changes_old; do 342 | OLD_TEXT=${oldchange#* } 343 | if [ "$TEXT" = "$OLD_TEXT" ]; then 344 | SKIP=1 345 | break 346 | fi 347 | done 348 | [ -n "$SKIP" ] && continue 349 | 350 | [ -n "$changes" ] && changes="$changes 351 | " 352 | [ -n "$PRINT_COMMITS" ] && TEXT=$change 353 | changes="${changes}${PREFIX}${TEXT}" 354 | done 355 | IFS=$oIFS 356 | else 357 | if [ -n "$PRINT_COMMITS" ]; then 358 | FORMAT="$ONELINE_FORMAT_COMMIT" 359 | else 360 | FORMAT="$ONELINE_FORMAT" 361 | fi 362 | 363 | changes=$(git log --format="$PREFIX$FORMAT" --no-merges $rev_old..$rev_new) 364 | fi 365 | popd > /dev/null 366 | if [ -n "$changes" ]; then 367 | echo "$dir:" 368 | echo -e "$changes\n" 369 | elif [ -n "$PRINT_EMPTY" ]; then 370 | echo "$dir:" 371 | echo -e "(no changes)\n" 372 | fi 373 | elif [ -z "$rev_old" ]; then 374 | echo -e "$dir (NEW)\n" 375 | else 376 | echo -e "$dir (REMOVED)\n" 377 | fi 378 | done 379 | popd > /dev/null 380 | -------------------------------------------------------------------------------- /scripts/convert.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | TOPDIR="$(git rev-parse --show-toplevel)" 4 | 5 | declare -A REPOS 6 | 7 | read_lockfile() { 8 | REPOS["meta-bisdn-linux"]=$(cat $1 | yq -r '.overrides.repos."meta-bisdn-linux".commit') 9 | REPOS["meta-cloud-services"]=$(cat $1 | yq -r '.overrides.repos."meta-cloud-services".commit') 10 | REPOS["meta-ofdpa"]=$(cat $1 | yq -r '.overrides.repos."meta-ofdpa".commit') 11 | REPOS["meta-ofdpa-closed"]=$(cat $1 | yq -r '.overrides.repos."meta-ofdpa-closed".commit') 12 | REPOS["meta-open-network-linux"]=$(cat $1 | yq -r '.overrides.repos."meta-open-network-linux".commit') 13 | REPOS["meta-openembedded"]=$(cat $1 | yq -r '.overrides.repos."meta-openembedded".commit') 14 | REPOS["meta-virtualization"]=$(cat $1 | yq -r '.overrides.repos."meta-virtualization".commit') 15 | REPOS["poky"]=$(cat $1 | yq -r '.overrides.repos."poky".commit') 16 | } 17 | 18 | write_lockfile() { 19 | VERSION=$(cat ${TOPDIR}/bisdn-linux.yaml | yq -r '.header.version') 20 | cat >$1 << EOF 21 | header: 22 | version: ${VERSION} 23 | overrides: 24 | repos: 25 | meta-bisdn-linux: 26 | commit: ${REPOS["meta-bisdn-linux"]} 27 | meta-cloud-services: 28 | commit: ${REPOS["meta-cloud-services"]} 29 | meta-ofdpa: 30 | commit: ${REPOS["meta-ofdpa"]} 31 | meta-ofdpa-closed: 32 | commit: ${REPOS["meta-ofdpa-closed"]} 33 | meta-open-network-linux: 34 | commit: ${REPOS["meta-open-network-linux"]} 35 | meta-openembedded: 36 | commit: ${REPOS["meta-openembedded"]} 37 | meta-virtualization: 38 | commit: ${REPOS["meta-virtualization"]} 39 | poky: 40 | commit: ${REPOS["poky"]} 41 | EOF 42 | } 43 | 44 | read_manifest() { 45 | REPOS["bisdn-linux"]=$(xmlstarlet select -t -v "/manifest/project[@name='bisdn/bisdn-linux.git']/@revision" $1) 46 | REPOS["meta-bisdn-linux"]=$(xmlstarlet select -t -v "/manifest/project[@name='bisdn/meta-bisdn-linux.git']/@revision" $1) 47 | REPOS["meta-cloud-services"]=$(xmlstarlet select -t -v "/manifest/project[@name='meta-cloud-services']/@revision" $1) 48 | REPOS["meta-ofdpa"]=$(xmlstarlet select -t -v "/manifest/project[@name='bisdn/meta-ofdpa.git']/@revision" $1) 49 | REPOS["meta-ofdpa-closed"]=$(xmlstarlet select -t -v "/manifest/project[@name='yocto-meta-layers/meta-ofdpa.git']/@revision" $1) 50 | REPOS["meta-open-network-linux"]=$(xmlstarlet select -t -v "/manifest/project[@name='bisdn/meta-open-network-linux.git']/@revision" $1) 51 | REPOS["meta-openembedded"]=$(xmlstarlet select -t -v "/manifest/project[@name='meta-openembedded']/@revision" $1) 52 | REPOS["meta-virtualization"]=$(xmlstarlet select -t -v "/manifest/project[@name='meta-virtualization']/@revision" $1) 53 | REPOS["poky"]=$(xmlstarlet select -t -v "/manifest/project[@name='poky']/@revision" $1) 54 | } 55 | 56 | write_manifest() { 57 | # KAS does not reference this repository, so take the HEAD revision 58 | if [ -z "${REPOS["bisdn-linux"]}" ]; then 59 | REPOS["bisdn-linux"]="$(git rev-parse HEAD)" 60 | fi 61 | 62 | if [ "$1" == "default.xml" ]; then 63 | INPLACE="--inplace" 64 | OUT_FILE="" 65 | else 66 | INPLACE="" 67 | OUT_FILE=$1 68 | fi 69 | 70 | xmlstarlet edit ${INPLACE} \ 71 | --update "/manifest/project[@name='bisdn/bisdn-linux.git']/@revision" --value "${REPOS["bisdn-linux"]}" \ 72 | --update "/manifest/project[@name='bisdn/meta-bisdn-linux.git']/@revision" --value "${REPOS["meta-bisdn-linux"]}" \ 73 | --update "/manifest/project[@name='meta-cloud-services']/@revision" --value "${REPOS["meta-cloud-services"]}" \ 74 | --update "/manifest/project[@name='bisdn/meta-ofdpa.git']/@revision" --value "${REPOS["meta-ofdpa"]}" \ 75 | --update "/manifest/project[@name='yocto-meta-layers/meta-ofdpa.git']/@revision" --value "${REPOS["meta-ofdpa-closed"]}" \ 76 | --update "/manifest/project[@name='bisdn/meta-open-network-linux.git']/@revision" --value "${REPOS["meta-open-network-linux"]}" \ 77 | --update "/manifest/project[@name='meta-openembedded']/@revision" --value "${REPOS["meta-openembedded"]}" \ 78 | --update "/manifest/project[@name='meta-virtualization']/@revision" --value "${REPOS["meta-virtualization"]}" \ 79 | --update "/manifest/project[@name='poky']/@revision" --value "${REPOS["poky"]}" \ 80 | "${TOPDIR}/default.xml" ${OUT_FILE} 81 | } 82 | 83 | case "$1" in 84 | *.yaml) 85 | read_lockfile $1 86 | ;; 87 | *.xml) 88 | read_manifest $1 89 | ;; 90 | *) 91 | exit 1 92 | ;; 93 | esac 94 | 95 | case "$2" in 96 | *.yaml) 97 | write_lockfile $2 98 | ;; 99 | *.xml) 100 | write_manifest $2 101 | ;; 102 | *) 103 | exit 1 104 | ;; 105 | esac 106 | -------------------------------------------------------------------------------- /scripts/prepare_release.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | set -e 4 | 5 | TOPDIR="$(git rev-parse --show-toplevel)" 6 | BASEBRANCH="main" 7 | BRANCHPREFIX="release" 8 | UPDATE=0 9 | 10 | lock_revisions() { 11 | case "$URI" in 12 | *.xml) 13 | echo "Copying default.xml ..." 14 | curl "$URI" -o $TOPDIR/default.xml 15 | SOURCE=$URI 16 | BASE=repo 17 | ;; 18 | *.yaml) 19 | echo "Copying bisdn-linux.lock.yaml ..." 20 | curl "$URI" -o $TOPDIR/bisdn-linux.lock.yaml 21 | SOURCE=$URI 22 | BASE=kas 23 | ;; 24 | *) 25 | # todo 26 | exit 1 27 | ;; 28 | esac 29 | 30 | case "$BASE" in 31 | kas) 32 | echo "Updating default.xml based on bisdn-linux.lock.yaml ..." 33 | $TOPDIR/scripts/convert.sh bisdn-linux.lock.yaml default.xml 34 | ;; 35 | repo) 36 | echo "Generating bisdn-linux.lock.yaml based on default.xml ..." 37 | $TOPDIR/scripts/convert.sh default.xml bisdn-linux.lock.yaml 38 | ;; 39 | esac 40 | 41 | if [ "$UPDATE" -eq 1 ]; then 42 | MSG="update release revisions 43 | 44 | Update release revisions in bisdn-linux.lock.yaml and default.xml based on $SOURCE." 45 | else 46 | MSG="default.xml: set release revisions 47 | 48 | Set release revisions in in bidn-linux.lock.yaml and default.xml based on $SOURCE." 49 | fi 50 | 51 | git add bisdn-linux.lock.yaml 52 | git commit -s -m "$MSG" default.xml bisdn-linux.lock.yaml 53 | } 54 | 55 | # Check that the top commits for OF-DPA and ofdpa-grpc recipes are identical 56 | # between open and closed repositories by comparing the subjects. 57 | # 58 | # If there is a difference, we must have forgotten to push an update to the 59 | # open repository. 60 | sanity_check_meta-ofdpa() { 61 | echo "Ensuring public and closed meta-ofdpa are in sync ..." 62 | local abort=0 63 | pushd $WORKDIR > /dev/null 64 | repo init -q -b $RELEASE_BRANCH -u $TOPDIR -g all,ofdpa-gitlab 65 | repo sync 66 | 67 | pushd poky/meta-ofdpa > /dev/null 68 | OFDPA_OPEN_TOP="$(git log --no-merges --pretty='format:%s' -1 recipes-ofpda/ofdpa/ofdpa_*.bb)" 69 | OFDPA_GRPC_OPEN_TOP="$(git log --no-merges --pretty='format:%s' -1 recipes-extended/ofdpa-grpc/ofdpa-grpc_*.bb)" 70 | popd > /dev/null 71 | pushd poky/meta-ofdpa-closed > /dev/null 72 | OFDPA_CLOSED_TOP="$(git log --no-merges --pretty='format:%s' -1 recipes-ofpda/ofdpa/ofdpa_*.bb)" 73 | OFDPA_GRPC_CLOSED_TOP="$(git log --no-merges --pretty='format:%s' -1 recipes-extended/ofdpa-grpc/ofdpa-grpc_*.bb)" 74 | popd > /dev/null 75 | 76 | popd > /dev/null 77 | 78 | if [ "$OFDPA_OPEN_TOP" != "$OFDPA_CLOSED_TOP" ]; then 79 | echo "meta-ofdpa [gitlab] OF-DPA recipe has unpublished changes!" >&2 80 | 81 | echo " meta-ofdpa [github] OF-DPA recipe HEAD: $OFDPA_OPEN_TOP" >&2 82 | echo " meta-ofdpa [gitlab] OF-DPA recipe HEAD: $OFDPA_CLOSED_TOP" >&2 83 | abort=1 84 | fi 85 | 86 | if [ "$OFDPA_GRPC_OPEN_TOP" != "$OFDPA_GRPC_CLOSED_TOP" ]; then 87 | echo "meta-ofdpa [gitlab] ofdpa-grpc recipe has unpublished changes!" >&2 88 | 89 | echo " meta-ofdpa [github] ofdpa-grpc recipe HEAD: $OFDPA_GRPC_OPEN_TOP" >&2 90 | echo " meta-ofdpa [gitlab] ofdpa-grpc recipe HEAD: $OFDPA_GRPC_CLOSED_TOP" >&2 91 | abort=1 92 | fi 93 | 94 | if [ "$abort" = "1" ]; then 95 | exit 1 96 | fi 97 | } 98 | 99 | generate_changelog() { 100 | echo "Generating changelog (this may take a while) ..." 101 | 102 | $TOPDIR/scripts/changelog.sh -f -w $WORKDIR -n $NEW -i meta-ofdpa-closed $OLD "$RELEASE_BRANCH" > changelog.txt 103 | git add changelog.txt 104 | 105 | if [ "$UPDATE" -eq 1 ]; then 106 | MSG="update changelog.txt" 107 | else 108 | MSG="add changelog.txt" 109 | fi 110 | 111 | git commit -s -m "$MSG" changelog.txt 112 | } 113 | 114 | set_feed_uri_prefix() { 115 | echo "Setting FEEDURIPREFIX to release value ..." 116 | mkdir -p conf 117 | echo 'SCONF_VERSION = "1"' > conf/site.conf 118 | echo 'FEEDURIPREFIX = "pub/onie/${MACHINE}/packages-v${DISTRO_VERSION}"' >> conf/site.conf 119 | git add conf/site.conf 120 | git commit -s -m "conf: set release FEEDURIPREFIX 121 | 122 | Set the FEEDURIPREFIX to the release path." conf/site.conf 123 | } 124 | 125 | update_default_xml() { 126 | echo "Updating default.xml to point commit with the changelog.txt ..." 127 | # update default.xml so that the bisdn-linux checkout will be include 128 | # the changelog.txt and release FEEDURIPREFIX 129 | 130 | HEAD_COMMIT="$(git rev-parse HEAD)" 131 | xmlstarlet edit --inplace \ 132 | --update "/manifest/project[@name='bisdn/bisdn-linux.git']/@upstream" --value "$RELEASE_BRANCH" \ 133 | --update "/manifest/project[@name='bisdn/bisdn-linux.git']/@dest-branch" --value "$RELEASE_BRANCH" \ 134 | --update "/manifest/project[@name='bisdn/bisdn-linux.git']/@revision" --value "$HEAD_COMMIT" \ 135 | default.xml 136 | 137 | if [ "$UPDATE" -eq 1 ]; then 138 | MSG="default.xml: update build-bisdn-linux to new revision 139 | 140 | Update build-bisdn-linux to include the updated changelog.txt. 141 | " 142 | else 143 | MSG="default.xml: switch build-bisdn-linux to release branch 144 | 145 | Update build-bisdn-linux to include the generated changelog.txt and release 146 | FEEDURIPREFIX. 147 | " 148 | fi 149 | git commit -s -m "$MSG" default.xml 150 | } 151 | 152 | print_help() { 153 | echo "Prepare or update a release branch with fixed revisions and release configuration" 154 | echo "" 155 | echo "Prepares a release branch named release/ with the configuration" 156 | echo "updated for a release, a default.xml with fixed revisions and a changelog.txt" 157 | echo "based on the passed ." 158 | echo "Revisions taken either from current $BASEBRANCH or a default.xml passed via URI" 159 | echo "argument." 160 | echo "If the release branch already exists, update default.xml and changelog.txt only." 161 | echo "" 162 | echo "Usage:" 163 | echo "$0 [URI]" 164 | exit 1 165 | } 166 | 167 | OLD=$1 168 | NEW=$2 169 | URI=$3 170 | 171 | if [ -z "$OLD" -o -z "$NEW" ]; then 172 | print_help 173 | fi 174 | 175 | REQUIRED_BINARIES="curl git repo xmlstarlet yq" 176 | FAILED=0 177 | 178 | for binary in $REQUIRED_BINARIES; do 179 | if ! command -v $binary > /dev/null; then 180 | echo "ERROR: '$binary' was not found in path." >&2 181 | FAILED=1 182 | fi 183 | done 184 | 185 | if [ "$FAILED" != "0" ]; then 186 | echo "ERROR: Some required programs are not available. Please install and try again." >&2 187 | exit 1 188 | fi 189 | 190 | RELEASE_BRANCH="$BRANCHPREFIX/$NEW" 191 | WORKDIR=$(mktemp -d) 192 | # make sure we delete it again 193 | trap "rm -rf $WORKDIR" EXIT 194 | 195 | echo "Preparing branch $RELEASE_BRANCH" 196 | 197 | pushd $TOPDIR 198 | 199 | # make sure we are up to date 200 | git fetch 201 | # if $OLD is a branch, make sure $OLD exists and is up to date 202 | if ! git rev-parse --verify --quiet --tags "refs/tags/$OLD" > /dev/null; then 203 | git branch -f $OLD origin/$OLD 204 | fi 205 | 206 | if git rev-parse --verify --quiet "refs/heads/$RELEASE_BRANCH" > /dev/null; then 207 | # branch already exists, so only update it 208 | UPDATE=1 209 | git checkout "$RELEASE_BRANCH" 210 | else 211 | # this is a new branch, so create it and set it to release 212 | git switch -c "$RELEASE_BRANCH" $BASEBRANCH 213 | set_feed_uri_prefix 214 | fi 215 | 216 | lock_revisions 217 | sanity_check_meta-ofdpa 218 | generate_changelog 219 | update_default_xml 220 | 221 | popd 222 | 223 | echo "Release branch successfully prepared/updated as $RELEASE_BRANCH 224 | 225 | Please review and directly push if acceptable. 226 | 227 | WARNING: Do *NOT* create a pull request, as pull requests will rewrite commits 228 | when merged, breaking the bisdn-linux reference in default.xml. 229 | " 230 | -------------------------------------------------------------------------------- /sources/README.md: -------------------------------------------------------------------------------- 1 | # sources directory 2 | 3 | The sources directory is initially empty (except for this README file). It 4 | gets populated with configuration files by `kas-container checkout` 5 | after which it looks something like this: 6 | 7 | ``` 8 | sources 9 | ├── meta-bisdn-linux 10 | ├── meta-cloud-services 11 | ├── meta-ofdpa 12 | ├── meta-openembedded 13 | ├── meta-open-network-linux 14 | ├── meta-virtualization 15 | ├── poky 16 | └── README.md 17 | ``` 18 | 19 | Each of the directories in the sources directory is a git repository 20 | containing the source code for a yocto layer from which build recipes 21 | and related files are pulled. 22 | -------------------------------------------------------------------------------- /src_tarball.yaml: -------------------------------------------------------------------------------- 1 | header: 2 | version: 14 3 | 4 | local_conf_header: 5 | source-tarball-conf: | 6 | INHERIT += "archiver" 7 | ARCHIVER_MODE[src] = "original" 8 | --------------------------------------------------------------------------------