diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index fed2681..9d6361d 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -7,17 +7,14 @@ on: - '[0-9].[0-9].[0-9]' jobs: - build_release: - name: build and release - runs-on: ubuntu-20.04 # Build on Debian-based distro + build: + name: build + runs-on: ubuntu-20.04 container: quay.io/pypa/manylinux2014_x86_64 # Use a container with glibc 2.17 steps: - - name: Show GLIBC # Confirm glibc version - run: ldd --version - - name: Checkout # Clone repository - uses: actions/checkout@v2 + uses: actions/checkout@v4 with: fetch-depth: 0 @@ -33,24 +30,51 @@ jobs: toolchain: stable override: true - - name: Cargo build # Release build + - name: Cargo build # Build for release run: | cargo build --release --verbose ls -lah target/release - - name: Cargo deb # deb package + - name: Cargo deb # Package deb run: | cargo install --version 1.44.1 cargo-deb - cargo deb --verbose + cargo deb --no-build --verbose ls -lah target/debian - - name: Cargo rpm # RPM package + - name: Cargo rpm # Package RPM run: | cargo install --version 0.14.0 cargo-generate-rpm strip -s target/release/libnss_shim.so cargo generate-rpm --payload-compress none ls -lah target/generate-rpm + - uses: uraimo/run-on-arch-action@v2 # Cross-build (arm64/aarch64) + name: Cross-build (arm64/aarch64) + with: + base_image: quay.io/pypa/manylinux2014_aarch64 + env: | + VERSION: ${{github.ref_name}} + # Mount the working directory as /libnss_shim in the container, and run commands there + dockerRunArgs: | + --volume "${PWD}:/libnss_shim" + -w "/libnss_shim" + # Speeds up builds + githubToken: ${{ github.token }} + # Prepare cached dependencies + setup: | + curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y + . "$HOME/.cargo/env" + cargo install --version 1.44.1 cargo-deb + cargo install --version 0.14.0 cargo-generate-rpm + run: | + . "$HOME/.cargo/env" + cargo build --release --verbose + ls -lah target/release + cargo deb --no-build --verbose + ls -lah target/debian + cargo generate-rpm --payload-compress none + ls -lah target/generate-rpm + - name: Release # Publish GitHub release uses: softprops/action-gh-release@v1 if: startsWith(github.ref, 'refs/tags/') # Presumably redundant due to the `on: push: tags:` filter, but kept for safety diff --git a/README.md b/README.md index f33c966..594044b 100755 --- a/README.md +++ b/README.md @@ -46,7 +46,7 @@ can print to `stdout` in a supported format to be used with NSS. as described in `Cargo.toml` prior to running the `debian/postinst` script, but this has not been tested extensively. - To request support for a different configuration, please create a GitHub Issue -### Installation steps +### Install/Upgrade 1. Prepare the commands/software that will be triggered by `libnss_shim` (see the Commands section for details). @@ -61,7 +61,7 @@ can print to `stdout` in a supported format to be used with NSS. wget https://github.com/xenago/libnss_shim/releases/download/1.1.0/libnss_shim-1.1.0-1.x86_64.rpm ``` -3. Install it directly `dpkg` or `rpm`. +3. Install or upgrade it directly with `dpkg` or `rpm`. **deb:** ``` @@ -69,10 +69,10 @@ can print to `stdout` in a supported format to be used with NSS. ``` **RPM:** ``` - sudo rpm -i ./libnss_shim-1.1.0-1.x86_64.rpm + sudo rpm -Uvh ./libnss_shim-1.1.0-1.x86_64.rpm ``` -4. Configure the shim by importing a custom `config.json`: +4. Configure the shim by importing a custom `config.json`. ``` sudo cp custom_config.json /etc/libnss_shim/config.json ``` @@ -102,17 +102,19 @@ can print to `stdout` in a supported format to be used with NSS. ## Uninstallation -1. To remove `libnss_shim`, use either `dpkg` or `apt`: - ``` - dpkg -r libnss_shim - ``` - or - ``` - sudo apt remove libnss_shim - ``` +1. To remove `libnss_shim`, run the same tool used for installation. + + **deb:** + ``` + dpkg -r libnss_shim + ``` + **RPM:** + ``` + sudo sudo rpm -e libnss_shim + ``` 2. If removal/deletion is performed, restarting affected applications is required. A system reboot is an effective way - to do this: + to do this. ``` sudo reboot ``` @@ -359,7 +361,9 @@ I generally find it easiest to run `build.sh` inside a temporary container: 3. Run the build script inside a temporary container, setting `LIBNSS_SHIM_VERSION` and the cloned repo path as desired: - sudo docker run -e "LIBNSS_SHIM_VERSION=0.0.0" -v /path/to/cloned/libnss_shim:/libnss_shim --rm -it quay.io/pypa/manylinux2014_x86_64:latest bash /libnss_shim/build.sh + sudo docker run -e "LIBNSS_SHIM_VERSION=0.0.0" -v /path/to/cloned/libnss_shim:/libnss_shim -v /var/run/docker.sock:/var/run/docker.sock --rm -it quay.io/pypa/manylinux2014_x86_64:latest bash /libnss_shim/build.sh + + Note that this requires 4. The build script will output packages in the following subdirectories of the cloned repo: diff --git a/build.sh b/build.sh index 2c92d34..6caf060 100644 --- a/build.sh +++ b/build.sh @@ -17,7 +17,7 @@ ls -lah target/release echo "BUILD: Packaging deb" cargo install --version 1.44.1 cargo-deb -cargo deb --verbose +cargo deb --verbose --no-build echo "BUILD: deb packaged" ls -lah target/debian @@ -27,3 +27,24 @@ strip -s target/release/libnss_shim.so cargo generate-rpm --payload-compress none echo "BUILD: RPM packaged" ls -lah target/generate-rpm + +# TODO: enable local cross-build with docker-in-docker + +#echo "BUILD: Cross-building for release (arm64/aarch64)" +#cargo install --version 0.2.5 cross +#env CROSS_CONTAINER_IN_CONTAINER=true cross build --release --target aarch64-unknown-linux-gnu +#echo "BUILD: built for release (arm64/aarch64)" +#ls -lah target/aarch64-unknown-linux-gnu/release +# +#echo "BUILD: Packaging deb (arm64/aarch64)" +#cargo deb --target=aarch64-unknown-linux-gnu --no-build --verbose +#echo "BUILD: deb packaged (arm64/aarch64)" +#ls -lah target/aarch64-unknown-linux-gnu/debian +# +#echo "BUILD: Packaging RPM (arm64/aarch64)" +## FIXME: use script when possible for --auto-req +## See https://github.com/cat-in-136/cargo-generate-rpm/issues/107 +## --auto-req "cross/find-requires.sh" +#cargo generate-rpm --payload-compress none --target aarch64-unknown-linux-gnu --auto-req disabled +#echo "BUILD: RPM packaged (arm64/aarch64)" +#ls -lah target/aarch64-unknown-linux-gnu/generate-rpm diff --git a/changelog/CHANGELOG.txt b/changelog/CHANGELOG.txt index 8d0f0c5..dbbded3 100644 --- a/changelog/CHANGELOG.txt +++ b/changelog/CHANGELOG.txt @@ -2,3 +2,8 @@ - Required change: 64-bit integer types to platform-dependent `size` pointer types - Remove `lazy_static` dependency - Add additional resource, update formatting of `README.md` +- Bump toolchain to 1.78.0 +- Add ARM compile step to CI +- Adjust README.md to clarify install/upgrade are the same process +- Add RPM uninstall notes to README.md +- Add find-requires script for build (not yet implemented) diff --git a/cross/find-requires.sh b/cross/find-requires.sh new file mode 100755 index 0000000..51c86c2 --- /dev/null +++ b/cross/find-requires.sh @@ -0,0 +1,10 @@ +#!/bin/sh + +# Fail fast on any error +set -e + +# This is designed to replicate the output from the `find-requires` RPM script +# http://ftp.rpm.org/max-rpm/s1-rpm-depend-auto-depend.html +# That script uses `ldd`, which doesn't seem to work with cross-compiled binaries +# https://github.com/cat-in-136/cargo-generate-rpm/issues/107 +objdump -x "$1" | grep NEEDED | awk '{print $NF}' diff --git a/rust-toolchain.toml b/rust-toolchain.toml index 7897a24..5198580 100644 --- a/rust-toolchain.toml +++ b/rust-toolchain.toml @@ -1,2 +1,2 @@ [toolchain] -channel = "1.75.0" +channel = "1.78.0"