[Cryptech-Commits] [user/sra/alpha-releng/omnibus] 07/24: First cut at release engineering for software that goes with the Alpha board.
git at cryptech.is
git at cryptech.is
Mon Jun 27 20:38:30 UTC 2016
This is an automated email from the git hooks/post-receive script.
sra at hactrn.net pushed a commit to branch master
in repository user/sra/alpha-releng/omnibus.
commit beca9ece1b3a9f47d81b98f06fc4b0180704cabe
Author: Rob Austein <sra at hactrn.net>
AuthorDate: Wed Jun 22 15:34:57 2016 -0400
First cut at release engineering for software that goes with the Alpha board.
This may well end up merging with the firmware super-repository, but,
having started down the road of making them separate, let's keep it
that way while we get the initial stuff out of the way, then merge
them if it still seems like a good idea when the basics are working.
---
.gitmodules | 12 +++++++++
Makefile | 65 +++++++++++++++++++++++++++++++++++++++++++++
README.md | 31 +++++++++++++++++++++
reprepro-conf/distributions | 7 +++++
reprepro-conf/options | 4 +++
sw/Makefile | 17 ++++++++++++
sw/debian/compat | 1 +
sw/debian/control | 14 ++++++++++
sw/debian/copyright | 27 +++++++++++++++++++
sw/debian/rules | 4 +++
sw/debian/source/format | 1 +
sw/libhal | 1 +
sw/pkcs11 | 1 +
sw/thirdparty/libtfm | 1 +
sw/thirdparty/sqlite3 | 1 +
15 files changed, 187 insertions(+)
diff --git a/.gitmodules b/.gitmodules
new file mode 100644
index 0000000..cb4501d
--- /dev/null
+++ b/.gitmodules
@@ -0,0 +1,12 @@
+[submodule "sw/libhal"]
+ path = sw/libhal
+ url = https://git.cryptech.is/sw/libhal.git
+[submodule "sw/pkcs11"]
+ path = sw/pkcs11
+ url = https://git.cryptech.is/sw/pkcs11.git
+[submodule "sw/thirdparty/libtfm"]
+ path = sw/thirdparty/libtfm
+ url = https://git.cryptech.is/sw/thirdparty/libtfm.git
+[submodule "sw/thirdparty/sqlite3"]
+ path = sw/thirdparty/sqlite3
+ url = https://git.cryptech.is/sw/thirdparty/sqlite3.git
diff --git a/Makefile b/Makefile
new file mode 100644
index 0000000..8135639
--- /dev/null
+++ b/Makefile
@@ -0,0 +1,65 @@
+# Top-level build of software packages to work with Cryptech Alpha board.
+
+export CRYPTECH_VERSION := 2.0
+
+HEAD_TIME := $(shell git show -s --format=%ct HEAD)
+HEAD_HASH := $(shell git rev-parse HEAD)
+
+CRYPTECH_PACKAGE_VERSION := ${CRYPTECH_VERSION}~${HEAD_TIME}~${HEAD_HASH}
+
+# Command to generate a new changelog containing one entry.
+# Does nothing if the changelog already exists.
+
+DCH = test -f debian/changelog || \
+ EDITOR=true VISUAL=true TZ=UTC DEBEMAIL='APT Builder Robot <aptbot at cryptech.is>' \
+ dch --create --package cryptech-alpha --newversion '${CRYPTECH_PACKAGE_VERSION}' \
+ '$(strip Version ${CRYPTECH_VERSION} of software for Cryptech Alpha development board.)'
+
+REPOSITORY := /home/aptbot/alpha
+GNUPGHOME := /home/aptbot/gnupg
+CODENAME := wheezy
+REPO_UMASK := 002
+UPLOAD_USER := aptbot
+UPLOAD_URI := rsync://apt.cryptech.is/alpha/
+
+export GNUPGHOME
+
+
+all: init source pbuilder homebrew
+
+enchilada: all reprepro upload
+
+init:
+ git submodule update --init --recursive
+
+clean:
+ git clean -dfx
+ git submodule foreach --recursive git clean -dfx
+
+sandblast: clean
+ git submodule deinit -f .
+
+source:
+ cd sw; ${DCH}
+ cd sw; debuild -S -uc -us
+
+# Maybe use pdebuild here? Have full-blown multi-arch multi-dist
+# pbuilder example for another project, but something simpler would be
+# nice....
+
+pbuilder:
+ cd sw; debuild -b -uc -us
+
+reprepro: ${REPOSITORY}/conf/distributions ${REPOSITORY}/conf/options
+ umask ${REPO_UMASK}; for f in *.changes; do reprepro -b ${REPOSITORY} include ${CODENAME} $$f; done
+
+${REPOSITORY}/conf/distributions ${REPOSITORY}/conf/options:
+ install -D reprepro-conf/$(notdir $@) ${REPOSITORY}/conf/$(notdir $@)
+
+RSYNC := rsync --rsh 'ssh -l ${UPLOAD_USER}' --archive --itemize-changes
+
+upload:
+ ${RSYNC} --ignore-existing ${REPOSITORY}/ ${UPLOAD_URI}
+ ${RSYNC} --delete --delete-delay ${REPOSITORY}/ ${UPLOAD_URI}
+
+.PHONY: all init clean source pbuilder homebrew reprepro upload enchilada sandblast
diff --git a/README.md b/README.md
new file mode 100644
index 0000000..15c1006
--- /dev/null
+++ b/README.md
@@ -0,0 +1,31 @@
+Preliminary release engineering super-repository for building software
+to work with the Cryptech "Alpha" board.
+
+Primary task here is to build the PKCS #11 library and any needed
+support tools for whichever platforms we support. This will involve
+some packaging voodoo.
+
+Our first targets for this are Debian and Ubuntu, probably the Jessie
+and Xenial releases, respectively. If we really need to support
+multiple releases for each of these platforms, the packaging mechanics
+become more complicated, so we may just stop here for these platforms
+and assume we can fill any odd corners using the associated source
+package.
+
+Our next target for this is likely to be Mac OS X. This should be
+relatively straightforward so long as we only have to support Homebrew
+and we don't have to produce Homebrew "bottles" (binary packages). If
+we do need to bottle, we either need one or more Mac build machines or
+we need some kind of cross-compilation scheme (eg,
+https://github.com/tpoechtrager/osxcross).
+
+Supporting Homebrew at all requires a bit of extra voodoo on top of
+supporting Debian packaging, but none of it looks particularly
+difficult, and the Debian packaging will produce the source tarball we
+need for the Homebrew formula, so integrating production of these two
+kinds of packaging makes some sense.
+
+Windoze is not currently on the radar. In theory, MinGW would suffice
+as a cross compiler if and when we have to do something about it.
+
+This README is probably obsolete by the time you're reading it.
diff --git a/reprepro-conf/distributions b/reprepro-conf/distributions
new file mode 100644
index 0000000..57c1afc
--- /dev/null
+++ b/reprepro-conf/distributions
@@ -0,0 +1,7 @@
+Origin: cryptech.is
+Label: cryptech.is APT repository
+Codename: jessie
+Architectures: i386 amd64 source
+Components: main
+Description: cryptech.is APT Repository
+SignWith: yes
diff --git a/reprepro-conf/options b/reprepro-conf/options
new file mode 100644
index 0000000..f5ad660
--- /dev/null
+++ b/reprepro-conf/options
@@ -0,0 +1,4 @@
+verbose
+ask-passphrase
+basedir .
+ignore wrongdistribution
diff --git a/sw/Makefile b/sw/Makefile
new file mode 100644
index 0000000..4b494a6
--- /dev/null
+++ b/sw/Makefile
@@ -0,0 +1,17 @@
+# Makefile to build Debian package for Cryptech Alpha board software
+
+all:
+ cd thirdparty/sqlite3; ${MAKE}
+ cd thirdparty/libtfm; ${MAKE}
+ cd libhal; ${MAKE} daemon
+ cd pkcs11; ${MAKE}
+
+clean distclean:
+ for d in thirdparty/libtfm libhal thirdparty/sqlite3 pkcs11; do (cd $$d && ${MAKE} $@); done
+
+install: all
+ install -m 644 -D pkcs11/libpkcs11.so ${DESTDIR}/usr/lib/libpkcs11.so
+ install -D pkcs11/p11util ${DESTDIR}/usr/sbin/p11util
+ install -D libhal/cryptech_rpcd ${DESTDIR}/usr/sbin/cryptech_rpcd
+
+# Might also want to install the firmware tarball, scripts to use it, ....
diff --git a/sw/debian/compat b/sw/debian/compat
new file mode 100644
index 0000000..ec63514
--- /dev/null
+++ b/sw/debian/compat
@@ -0,0 +1 @@
+9
diff --git a/sw/debian/control b/sw/debian/control
new file mode 100644
index 0000000..d7440f8
--- /dev/null
+++ b/sw/debian/control
@@ -0,0 +1,14 @@
+Source: cryptech-alpha
+Maintainer: APT Builder Robot <aptbot at cryptech.is>
+Section: misc
+Priority: optional
+Standards-Version: 3.9.6
+Build-Depends: debhelper (>= 9)
+Homepage: http://trac.cryptech.is/wiki
+
+Package: cryptech-alpha
+Architecture: any
+Depends: libc6 (>= 2.13), ${misc:Depends}
+Description: Cryptech open-source crypto software
+ "cryptech-alpha" contains software for use with the Cryptech Project
+ "Alpha" development board.
diff --git a/sw/debian/copyright b/sw/debian/copyright
new file mode 100644
index 0000000..ec25460
--- /dev/null
+++ b/sw/debian/copyright
@@ -0,0 +1,27 @@
+Copyright (c) 2015-2016, NORDUnet A/S All rights reserved.
+
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions are
+met:
+- Redistributions of source code must retain the above copyright notice,
+ this list of conditions and the following disclaimer.
+
+- Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+
+- Neither the name of the NORDUnet nor the names of its contributors may
+ be used to endorse or promote products derived from this software
+ without specific prior written permission.
+
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS
+IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
+TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
+TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
diff --git a/sw/debian/rules b/sw/debian/rules
new file mode 100755
index 0000000..2d33f6a
--- /dev/null
+++ b/sw/debian/rules
@@ -0,0 +1,4 @@
+#!/usr/bin/make -f
+
+%:
+ dh $@
diff --git a/sw/debian/source/format b/sw/debian/source/format
new file mode 100644
index 0000000..89ae9db
--- /dev/null
+++ b/sw/debian/source/format
@@ -0,0 +1 @@
+3.0 (native)
diff --git a/sw/libhal b/sw/libhal
new file mode 160000
index 0000000..52f1eb5
--- /dev/null
+++ b/sw/libhal
@@ -0,0 +1 @@
+Subproject commit 52f1eb5c3dccd47d2434e0c7a302c23363790e1d
diff --git a/sw/pkcs11 b/sw/pkcs11
new file mode 160000
index 0000000..6e7aabc
--- /dev/null
+++ b/sw/pkcs11
@@ -0,0 +1 @@
+Subproject commit 6e7aabc780ff9f70bf05d41b97cc973451e0b2ee
diff --git a/sw/thirdparty/libtfm b/sw/thirdparty/libtfm
new file mode 160000
index 0000000..357ca59
--- /dev/null
+++ b/sw/thirdparty/libtfm
@@ -0,0 +1 @@
+Subproject commit 357ca59060848fb72367b67ccae137d66de6fe34
diff --git a/sw/thirdparty/sqlite3 b/sw/thirdparty/sqlite3
new file mode 160000
index 0000000..be705c3
--- /dev/null
+++ b/sw/thirdparty/sqlite3
@@ -0,0 +1 @@
+Subproject commit be705c3aecaf201b7f9c649cfed01e38e73c8f68
More information about the Commits
mailing list