build: create APK files parrallel to IPK

Create APK files based on the folder and control files of IPK packages.

Signed-off-by: Paul Spooren <mail@aparcar.org>

diff --git a/include/package-ipkg.mk b/include/package-ipkg.mk
index c2017cd220622f88aa437b73f48b5d3ffc1535d6..c536999d02f5b00a3537618b5c34518b0f6b0789 100644 (file)
--- a/include/package-ipkg.mk
+++ b/include/package-ipkg.mk
@@ -264,6 +264,7 @@ $(_endef)
 
        $(INSTALL_DIR) $$(PDIR_$(1))
        $(FAKEROOT) $(SCRIPT_DIR)/ipkg-build -m "$(FILE_MODES)" $$(IDIR_$(1)) $$(PDIR_$(1))
+       $(FAKEROOT) $(SCRIPT_DIR)/apk-build $$(IDIR_$(1)) $$(PDIR_$(1)) $(BUILD_KEY_RSA)
        @[ -f $$(IPKG_$(1)) ]
 
     $(1)-clean:

diff --git a/package/Makefile b/package/Makefile
index f14a8a11cc4cbc72d598584ad6ba02f7fdd1c82a..a89a6068faa9426a23825aed8a5b0643de47729f 100644 (file)
--- a/package/Makefile
+++ b/package/Makefile
@@ -85,6 +85,7 @@ $(curdir)/index: FORCE
        @for d in $(PACKAGE_SUBDIRS); do ( \
                mkdir -p $$d; \
                cd $$d || continue; \
+               $(SCRIPT_DIR)/apk-make-index.sh . 2>&1; \
                $(SCRIPT_DIR)/ipkg-make-index.sh . 2>&1 > Packages.manifest; \
                grep -vE '^(Maintainer|LicenseFiles|Source|SourceName|Require|SourceDateEpoch)' Packages.manifest > Packages; \
                case "$$(((64 + $$(stat -L -c%s Packages)) % 128))" in 110|111) \

diff --git a/package/base-files/Makefile b/package/base-files/Makefile
index 8a1ddf96f50b29324dc46cfc1501dbd351d6748b..dc29c22b3a865a1aa5b484a46fa69da7da852472 100644 (file)
--- a/package/base-files/Makefile
+++ b/package/base-files/Makefile
@@ -107,6 +107,10 @@ ifdef CONFIG_SIGNED_PACKAGES
        [ -s $(BUILD_KEY).ucert ] || \
                $(STAGING_DIR_HOST)/bin/ucert -I -c $(BUILD_KEY).ucert -p $(BUILD_KEY).pub -s $(BUILD_KEY)
 
+       [ -s $(BUILD_KEY_RSA) -a -s $(BUILD_KEY_RSA).pub ] || \
+               openssl genrsa -out $(BUILD_KEY_RSA) 2048; \
+               openssl rsa -in $(BUILD_KEY_RSA) -pubout -out $(BUILD_KEY_RSA).pub
+
   endef
 
 ifndef CONFIG_BUILDBOT

diff --git a/rules.mk b/rules.mk
index f31d9bb113e25f83475177ca83125d98ba9346a6..e6f8331559010ae124b4b8d85916632c4f9d1bf6 100644 (file)
--- a/rules.mk
+++ b/rules.mk
@@ -258,6 +258,7 @@ else
 endif
 
 BUILD_KEY=$(TOPDIR)/key-build
+BUILD_KEY_RSA=$(TOPDIR)/key-build.rsa
 
 FAKEROOT:=$(STAGING_DIR_HOST)/bin/fakeroot
 

diff --git a/scripts/apk-build b/scripts/apk-build
new file mode 100755 (executable)
index 0000000..dc712a9
--- /dev/null
+++ b/scripts/apk-build
@@ -0,0 +1,95 @@
+#!/bin/bash
+
+pkginfo_val() {
+       local key="$1"
+       local file="$2"
+       awk -F ' = ' "\$1 == \"$key\" {print \$2}" "$file"
+}
+
+datadir="$1"
+outputdir="$2"
+BUILD_KEY_RSA="$3"
+tmp_dir=$(mktemp -d -t apk-XXXXXXXXXX)
+file="$tmp_dir/.PKGINFO"
+
+sed -n \
+       -e 's/Package:/pkgname =/p' \
+       -e 's/Version:/pkgver =/p' \
+       -e 's/Installed-Size:/size =/p' \
+       -e 's/Description:/pkgdesc =/p' \
+       -e 's/License:/license =/p' \
+       -e 's/Source:/origin =/p' \
+       -e 's/Architecture:/arch =/p' \
+       "$datadir/CONTROL/control" \
+       >"$file"
+
+grep "Depends" "$datadir/CONTROL/control" | sed \
+       -e 's/Depends://' \
+       -e "s/ (=/></g" \
+       -e "s/)//g" \
+       -e 's/ /depend = /g' \
+       -e 's/,/\n/g' \
+       >>"$file"
+
+dir="${file%/.PKGINFO}"
+name=$(pkginfo_val pkgname "$file")
+ver=$(pkginfo_val pkgver "$file")
+size=$(pkginfo_val size "$file")
+arch=$(pkginfo_val arch "$file")
+apk="${name}_${ver}_${arch}.apk"
+metafiles=".PKGINFO"
+keyname=${BUILD_KEY_RSA##*/}.pub
+sig_rsa=".SIGN.RSA.$keyname"
+
+echo "$metafiles" >"$dir/.metafiles"
+rm -f "$dir/data.tar.gz" "$dir/control.tar.gz"
+
+(
+       cd "$datadir" || exit 1
+       # data.tar.gz
+
+       echo "Package size: ${size}"
+       echo "Compressing data..."
+       set -- *
+       if [ "$1" = '*' ]; then
+               touch .dummy
+               set -- .dummy
+       fi
+
+       # normalize timestamps
+       find "$@" -exec touch -h -d "@$SOURCE_DATE_EPOCH" {} +
+       find "$@" -print0 | LC_ALL=C sort -z | tar --xattrs \
+               --exclude=CONTROL \
+               --format=posix \
+               --pax-option=exthdr.name=%d/PaxHeaders/%f,atime:=0,ctime:=0 \
+               --mtime="@${SOURCE_DATE_EPOCH}" \
+               --no-recursion --null -T - \
+               -f - -c | abuild-tar --hash | gzip -n -9 >"$tmp_dir/data.tar.gz"
+
+       # data.tar.gz
+       echo "Create checksum..."
+       # append the hash for data.tar.gz
+       sha256=$(sha256sum "$dir"/data.tar.gz | cut -f1 -d' ')
+       echo "datahash = $sha256" >>"$dir"/.PKGINFO
+
+       cd "$tmp_dir" || exit 1
+       tar \
+               --format=posix \
+               --pax-option=exthdr.name=%d/PaxHeaders/%f,atime:=0,ctime:=0 \
+               --mtime="@${SOURCE_DATE_EPOCH}" \
+               -f - -c $(cat "$dir/.metafiles") | abuild-tar --cut |
+               gzip -n -9 >control.tar.gz
+
+       # signing works but requires manually generated private key
+       openssl dgst -sha1 -sign "$BUILD_KEY_RSA" -out "$sig_rsa" "control.tar.gz"
+       touch -h -d "@$SOURCE_DATE_EPOCH" "$sig_rsa"
+
+       tmptargz=$(mktemp)
+       tar -f - -c .SIGN* | abuild-tar --cut | gzip -n -9 >"$tmptargz"
+       tmpsigned=$(mktemp)
+       cat "$tmptargz" "control.tar.gz" >"$tmpsigned"
+       mv "$tmpsigned" "control.tar.gz"
+
+       echo "Create $apk"
+       cat control.tar.gz data.tar.gz >"$outputdir/$apk"
+)

diff --git a/scripts/apk-make-index.sh b/scripts/apk-make-index.sh
new file mode 100755 (executable)
index 0000000..df1f1a2
--- /dev/null
+++ b/scripts/apk-make-index.sh
@@ -0,0 +1,20 @@
+#!/usr/bin/env bash
+set -e
+
+pkg_dir=$1
+
+if [ -z "$pkg_dir" ] || [ ! -d "$pkg_dir" ]; then
+       echo "Usage: apk-make-index <package_directory>" >&2
+       exit 1
+fi
+
+(
+       cd "$pkg_dir" || exit 1
+       GLOBIGNORE="kernel*:libc*"
+       set -- *.apk
+       if [ "$1" = '*.apk' ]; then
+               echo "No APK packages found"
+       fi
+       apk index --output APKINDEX.tar.gz "$@"
+       unset GLOBIGNORE
+)