propellor-4.1.0: property-based host configuration management in haskell

Propellor.Property.Sbuild

Description

Build and maintain schroots for use with sbuild.

For convenience we set up several enhancements, such as ccache and eatmydata. This means we have to make several assumptions:

1. you want to build for a Debian release strictly newer than squeeze, or for a Buntish release newer than or equal to trusty
2. if you want to build for Debian stretch or newer, you have sbuild 0.70.0 or newer (there is a backport to jessie)

The latter is due to the migration from GnuPG v1 to GnuPG v2.1 in Debian stretch, which older sbuild can't handle.

Suggested usage in config.hs:

 & Apt.installed ["piuparts", "autopkgtest"]
& Sbuild.builtFor (System (Debian Linux Unstable) X86_32) Sbuild.UseCcache
& Sbuild.piupartsConfFor (System (Debian Linux Unstable) X86_32)
& Sbuild.updatedFor (System (Debian Linux Unstable) X86_32) period Weekly 1
& Sbuild.usableBy (User "spwhitton")
& Sbuild.shareAptCache
& Schroot.overlaysInTmpfs

If you are using sbuild older than 0.70.0, you also need:

 & Sbuild.keypairGenerated

In ~/.sbuildrc (sbuild 0.71.0 or newer):

 $run_piuparts = 1;$piuparts_opts = [
'--schroot',
'%r-%a-piuparts',
];

$run_autopkgtest = 1;$autopkgtest_root_args = "";
$autopkgtest_opts = ["--", "schroot", "%r-%a-sbuild"]; We use sbuild-createchroot(1) to create a chroot to the specification of sbuild-setup(7). This avoids running propellor inside the chroot to set it up. While that approach is flexible, a propellor spin pulls in a lot of dependencies. This could defeat using sbuild to determine if you've included all necessary build dependencies in your source package control file. Nevertheless, the chroot that sbuild-createchroot(1) creates might not meet your needs. For example, you might need to enable an apt cacher. In that case you can do something like this in config.hs:  & Sbuild.built (System (Debian Linux Unstable) X86_32) before mySetup where mySetup = Chroot.provisioned myChroot myChroot = Chroot.debootstrapped Debootstrap.BuilddD "/srv/chroot/unstable-i386" -- the extra configuration you need: & Apt.installed ["apt-transport-https"] Synopsis # Creating and updating sbuild schroots An sbuild schroot, such as would be listed by schroot -l Parts of the sbuild toolchain cannot distinguish between schroots with both the same suite and the same architecture, so neither do we Constructors  SbuildSchroot Suite Architecture Instances  Source # Methods data UseCcache Source # Whether an sbuild schroot should use ccache during builds ccache is generally useful but it breaks building some packages. This data types allows you to toggle it on and off for particular schroots. Constructors  UseCcache NoCcache Build and configure a schroot for use with sbuild Ensure that an sbuild schroot's packages and apt indexes are updated Create a corresponding schroot config file for use with piuparts This is useful because: • piuparts will clear out the apt cache which makes shareAptCache much less useful • piuparts itself invokes eatmydata, so the command-prefix setting in our regular schroot config would force the user to pass --no-eatmydata to piuparts in their ~/.sbuildrc, which is inconvenient. To make use of this new schroot config, you can put something like this in your ~/.sbuildrc (sbuild 0.71.0 or newer): $run_piuparts = 1;
\$piuparts_opts = [
'--schroot',
'%r-%a-piuparts',
];

This property has no effect if the corresponding sbuild schroot does not exist (i.e. you also need built or builtFor).

Build and configure a schroot for use with sbuild using a distribution's standard mirror

This function is a convenience wrapper around built, allowing the user to identify the schroot and distribution using the System type

Ensure that an sbuild schroot's packages and apt indexes are updated

This function is a convenience wrapper around updated, allowing the user to identify the schroot using the System type

Create a corresponding schroot config file for use with piuparts

This function is a convenience wrapper around piupartsConf, allowing the user to identify the schroot using the System type. See that function's documentation for why you might want to use this property, and sample config.

# Global sbuild configuration

Ensure that sbuild is installed

Generate the apt keys needed by sbuild

You only need this if you are using sbuild older than 0.70.0.

Generate the apt keys needed by sbuild using a low-quality source of randomness

Note that any running rngd will be killed; if you are using rngd, you should arrange for it to be restarted after this property has been ensured. E.g.

 & Sbuild.keypairInsecurelyGenerated
onChange Systemd.started "my-rngd-service"

Useful on throwaway build VMs.

You only need this if you are using sbuild older than 0.70.0.

Bind-mount varcacheaptarchives in all sbuild chroots so that the host system and the chroot share the apt cache