mirror of
https://github.com/freedomofpress/dangerzone.git
synced 2025-05-06 13:31:50 +02:00
Compare commits
No commits in common. "0cfa86bf580c9d1d8df540484655d6084c55da70" and "0e79d01ed6861fd3fc6fe0d7b40d116727c7b72c" have entirely different histories.
0cfa86bf58
...
0e79d01ed6
1 changed files with 134 additions and 129 deletions
217
dodo.py
217
dodo.py
|
|
@ -31,29 +31,22 @@ PARAM_APPLE_ID = {
|
|||
}
|
||||
|
||||
|
||||
def list_files(path, recursive=False):
|
||||
def list_files(path):
|
||||
filepaths = []
|
||||
for root, _, files in os.walk(path):
|
||||
for f in files:
|
||||
if f.endswith(".pyc"):
|
||||
continue
|
||||
filepaths.append(Path(root) / f)
|
||||
if not recursive:
|
||||
break
|
||||
return filepaths
|
||||
|
||||
|
||||
def copy_dz_dir(src, dst):
|
||||
shutil.rmtree(dst, ignore_errors=True)
|
||||
shutil.rmtree(dst)
|
||||
dst.mkdir(exist_ok=True)
|
||||
shutil.copytree(src, dst)
|
||||
|
||||
|
||||
def create_release_dir():
|
||||
RELEASE_DIR.mkdir(parents=True, exist_ok=True)
|
||||
(RELEASE_DIR / "assets").mkdir(exist_ok=True)
|
||||
(RELEASE_DIR / "tmp").mkdir(exist_ok=True)
|
||||
|
||||
|
||||
def cmd_build_linux_pkg(distro, version, cwd, qubes=False):
|
||||
pkg = "rpm" if distro == "fedora" else "deb"
|
||||
cmd = [
|
||||
|
|
@ -64,13 +57,12 @@ def cmd_build_linux_pkg(distro, version, cwd, qubes=False):
|
|||
"--version",
|
||||
version,
|
||||
"run",
|
||||
"--no-gui",
|
||||
"--dev",
|
||||
"--dev"
|
||||
f"./dangerzone/install/linux/build-{pkg}.py"
|
||||
]
|
||||
if qubes:
|
||||
cmd += ["--qubes"]
|
||||
return CmdAction(" ".join(cmd), cwd=cwd)
|
||||
return CmdAction(cmd, cwd=cwd)
|
||||
|
||||
|
||||
def task_clean_container_runtime():
|
||||
|
|
@ -78,24 +70,35 @@ def task_clean_container_runtime():
|
|||
return {
|
||||
"actions": None,
|
||||
"clean": [
|
||||
[CONTAINER_RUNTIME, "system", "prune", "-a", "-f"],
|
||||
[CONTAINER_RUNTIME, "system", "prune", "-f"],
|
||||
],
|
||||
}
|
||||
|
||||
|
||||
#def task_check_python():
|
||||
# """Check that the latest supported Python version is installed (WIP).
|
||||
#
|
||||
# This task does not work yet, and is currently short-circuited.
|
||||
# """
|
||||
# def check_python_updated():
|
||||
# # FIXME: Check that the latest supported Python release is installed. Use the
|
||||
# # same logic as we do in dev_scripts/qa.py.
|
||||
# return True
|
||||
#
|
||||
# return {
|
||||
# "actions": [check_python_updated],
|
||||
# }
|
||||
def task_clean_git():
|
||||
"""Clean the Git repo."""
|
||||
return {
|
||||
"actions": None,
|
||||
"clean": [
|
||||
"git clean -fdx",
|
||||
"git checkout -f",
|
||||
],
|
||||
}
|
||||
|
||||
|
||||
def task_check_python():
|
||||
"""Check that the latest supported Python version is installed (WIP).
|
||||
|
||||
This task does not work yet, and is currently short-circuited.
|
||||
"""
|
||||
def check_python():
|
||||
# FIXME: Check that the latest supported Python release is installed. Use the
|
||||
# same logic as we do in dev_scripts/qa.py.
|
||||
return True
|
||||
|
||||
return {
|
||||
"actions": [check_python],
|
||||
}
|
||||
|
||||
|
||||
def task_check_container_runtime():
|
||||
|
|
@ -113,7 +116,7 @@ def task_check_system():
|
|||
return {
|
||||
"actions": None,
|
||||
"task_dep": [
|
||||
#"check_python",
|
||||
"check_python",
|
||||
"check_container_runtime",
|
||||
],
|
||||
}
|
||||
|
|
@ -129,26 +132,26 @@ def task_macos_check_cert():
|
|||
}
|
||||
|
||||
|
||||
#def task_macos_check_docker_containerd():
|
||||
# """Test that Docker uses the containard image store."""
|
||||
# def check_containerd_store():
|
||||
# cmd = ["docker", "info", "-f", "{{ .DriverStatus }}"]
|
||||
# driver = subprocess.check_output(cmd, text=True).strip()
|
||||
# if driver != "[[driver-type io.containerd.snapshotter.v1]]":
|
||||
# raise RuntimeError(
|
||||
# f"Probing the Docker image store with {cmd} returned {driver}."
|
||||
# " Switch to Docker's containerd image store from the Docker Desktop"
|
||||
# " settings."
|
||||
# )
|
||||
#
|
||||
# return {
|
||||
# "actions": [
|
||||
# "which docker",
|
||||
# "docker ps",
|
||||
# check_containerd_store,
|
||||
# ],
|
||||
# "params": [PARAM_APPLE_ID],
|
||||
# }
|
||||
def task_macos_check_docker_containerd():
|
||||
"""Test that Docker uses the containard image store."""
|
||||
def check_containerd_store():
|
||||
cmd = ["docker", "info", "-f", "{{ .DriverStatus }}"]
|
||||
driver = subprocess.check_output(cmd, text=True).strip()
|
||||
if driver != "[[driver-type io.containerd.snapshotter.v1]]":
|
||||
raise RuntimeError(
|
||||
f"Probing the Docker image store with {cmd} returned {driver}."
|
||||
" Switch to Docker's containerd image store from the Docker Desktop"
|
||||
" settings."
|
||||
)
|
||||
|
||||
return {
|
||||
"actions": [
|
||||
"which docker",
|
||||
"docker ps",
|
||||
check_containerd_store,
|
||||
],
|
||||
"params": [PARAM_APPLE_ID],
|
||||
}
|
||||
|
||||
|
||||
def task_macos_check_system():
|
||||
|
|
@ -158,13 +161,18 @@ def task_macos_check_system():
|
|||
"task_dep": [
|
||||
"check_system",
|
||||
"macos_check_cert",
|
||||
#"macos_check_docker_containerd",
|
||||
"macos_check_docker_containerd",
|
||||
],
|
||||
}
|
||||
|
||||
|
||||
def task_init_release_dir():
|
||||
"""Create a directory for release artifacts."""
|
||||
def create_release_dir():
|
||||
RELEASE_DIR.mkdir(parents=True, exist_ok=True)
|
||||
(RELEASE_DIR / "assets").mkdir(exist_ok=True)
|
||||
(RELEASE_DIR / "tmp").mkdir(exist_ok=True)
|
||||
|
||||
return {
|
||||
"actions": [create_release_dir],
|
||||
"clean": [f"rm -rf {RELEASE_DIR}"],
|
||||
|
|
@ -255,21 +263,20 @@ def task_macos_build_dmg():
|
|||
f" --keychain-profile dz-notarytool-release-key {dmg_src}"),
|
||||
f"xcrun stapler staple {dmg_src}",
|
||||
["cp", "-r", dmg_src, dmg_dst],
|
||||
["rm", "-rf", dz_dir],
|
||||
["rm", "-r", dz_dir],
|
||||
],
|
||||
"params": [PARAM_APPLE_ID],
|
||||
"file_dep": [
|
||||
"poetry.lock",
|
||||
"install/macos/build-app.py",
|
||||
"install/macos/build.app.py",
|
||||
*list_files("assets"),
|
||||
*list_files("share", recursive=True),
|
||||
*list_files("dangerzone", recursive=True),
|
||||
*list_files("share"),
|
||||
*list_files("dangerzone"),
|
||||
f"share/container-{VERSION}.tar.gz",
|
||||
],
|
||||
"task_dep": [
|
||||
"init_release_dir",
|
||||
"poetry_install",
|
||||
"download_tessdata",
|
||||
"poetry_install"
|
||||
],
|
||||
"targets": [dmg_dst],
|
||||
"clean": True,
|
||||
|
|
@ -307,7 +314,6 @@ def task_debian_env():
|
|||
"build-dev",
|
||||
]
|
||||
],
|
||||
"task_dep": ["check_container_runtime"],
|
||||
}
|
||||
|
||||
|
||||
|
|
@ -322,14 +328,14 @@ def task_debian_deb():
|
|||
(copy_dz_dir, [".", dz_dir]),
|
||||
cmd_build_linux_pkg("debian", "bookworm", cwd=dz_dir),
|
||||
["cp", deb_src, deb_dst],
|
||||
["rm", "-rf", dz_dir],
|
||||
["rm", "-r", dz_dir],
|
||||
],
|
||||
"file_dep": [
|
||||
"poetry.lock",
|
||||
"install/linux/build-deb.py",
|
||||
*list_files("assets"),
|
||||
*list_files("share"),
|
||||
*list_files("dangerzone", recursive=True),
|
||||
*list_files("dangerzone"),
|
||||
f"share/container-{VERSION}.tar.gz",
|
||||
],
|
||||
"task_dep": [
|
||||
|
|
@ -357,35 +363,35 @@ def task_fedora_env():
|
|||
"build-dev",
|
||||
],
|
||||
],
|
||||
"task_dep": ["check_container_runtime"],
|
||||
}
|
||||
|
||||
def task_fedora_rpm():
|
||||
for version in FEDORA_VERSIONS:
|
||||
for qubes in (True, False):
|
||||
qubes_ident = "-qubes" if qubes else ""
|
||||
dz_dir = RELEASE_DIR / "tmp" / f"f{version}{qubes_ident}"
|
||||
dz_dir = RELEASE_DIR / "tmp" / f"f{version}"
|
||||
rpm_names = [
|
||||
f"dangerzone{qubes_ident}-{VERSION}-1.fc{version}.x86_64.rpm",
|
||||
f"dangerzone{qubes_ident}-{VERSION}-1.fc{version}.src.rpm",
|
||||
f"dangerzone-{VERSION}-1.fc{version}.x86_64.rpm",
|
||||
f"dangerzone-{VERSION}-1.fc{version}.src.rpm",
|
||||
f"dangerzone-qubes-{VERSION}-1.fc{version}.x86_64.rpm",
|
||||
f"dangerzone-qubes-{VERSION}-1.fc{version}.src.rpm",
|
||||
]
|
||||
rpm_src = [dz_dir / "dist" / rpm_name for rpm_name in rpm_names]
|
||||
rpm_dst = [RELEASE_DIR / rpm_name for rpm_name in rpm_names]
|
||||
|
||||
yield {
|
||||
"name": version + qubes_ident,
|
||||
"name": version,
|
||||
"actions": [
|
||||
(copy_dz_dir, [".", dz_dir]),
|
||||
cmd_build_linux_pkg("fedora", version, cwd=dz_dir, qubes=qubes),
|
||||
cmd_build_linux_pkg("fedora", version, cwd=dz_dir),
|
||||
cmd_build_linux_pkg("fedora", version, cwd=dz_dir, qubes=True),
|
||||
["cp", *rpm_src, RELEASE_DIR],
|
||||
["rm", "-rf", dz_dir],
|
||||
["rm", "-r", dz_dir],
|
||||
],
|
||||
"file_dep": [
|
||||
"poetry.lock",
|
||||
"install/linux/build-rpm.py",
|
||||
*list_files("assets"),
|
||||
*list_files("share"),
|
||||
*list_files("dangerzone", recursive=True),
|
||||
*list_files("dangerzone"),
|
||||
f"share/container-{VERSION}.tar.gz",
|
||||
],
|
||||
"task_dep": [
|
||||
|
|
@ -397,41 +403,40 @@ def task_fedora_rpm():
|
|||
}
|
||||
|
||||
|
||||
#def copy_files(dz_dir, apt_dir, src, bookworm_deb, other_debs):
|
||||
# # Delete previous Dangerzone files.
|
||||
# old_files = dz_dir.rglob("dangerzone_*j")
|
||||
# for f in old_files:
|
||||
# f.unlink()
|
||||
#
|
||||
# # Delete DB entries.
|
||||
# shutil.rmtree(apt_dir / "db")
|
||||
# shutil.rmtree(apt_dir / "public" / "dists")
|
||||
# shutil.rmtree(apt_dir / "public" / "pool")
|
||||
#
|
||||
# # Copy .deb to bookworm folder.
|
||||
# shutil.copy2(src, bookworm_deb)
|
||||
#
|
||||
# # Create the necessary symlinks
|
||||
# for deb in other_debs:
|
||||
# deb.symlink_to(f"../bookworm/{deb_name}")
|
||||
#
|
||||
#
|
||||
#@task_params([{
|
||||
# "name": "apt_tools_prod_dir",
|
||||
# "default": "~/release/apt-tools-prod"
|
||||
#}])
|
||||
#def task_apt_tools_prod_prep(apt_tools_prod_dir):
|
||||
# apt_dir = Path(apt_tools_prod_dir).expanduser()
|
||||
# dz_dir = apt_dir / "dangerzone"
|
||||
#
|
||||
# src = task_debian_deb()["targets"][0]
|
||||
# deb_name = src.name
|
||||
# bookworm_deb = dz_dir / "bookworm" / deb_name
|
||||
# other_debs = [dz_dir / version / deb_name for version in DEBIAN_VERSIONS]
|
||||
#
|
||||
# return {
|
||||
# "actions": [(copy_files, [dz_dir, apt_dir, src, bookworm_deb, other_debs])],
|
||||
# "file_dep": [src],
|
||||
# "targets": [bookworm_deb, *other_debs],
|
||||
# "clean": True,
|
||||
# }
|
||||
@task_params([{
|
||||
"name": "apt_tools_prod_dir",
|
||||
"default": "~/release/apt-tools-prod"
|
||||
}])
|
||||
def task_apt_tools_prod_prep(apt_tools_prod_dir):
|
||||
apt_dir = Path(apt_tools_prod_dir).expanduser()
|
||||
dz_dir = apt_dir / "dangerzone"
|
||||
|
||||
src = task_debian_deb()["targets"][0]
|
||||
deb_name = src.name
|
||||
bookworm_deb = dz_dir / "bookworm" / deb_name
|
||||
other_debs = [dz_dir / version / deb_name for version in DEBIAN_VERSIONS]
|
||||
|
||||
def copy_files():
|
||||
# Delete previous Dangerzone files.
|
||||
old_files = dz_dir.rglob("dangerzone_*j")
|
||||
for f in old_files:
|
||||
f.unlink()
|
||||
|
||||
# Delete DB entries.
|
||||
shutil.rmtree(apt_dir / "db")
|
||||
shutil.rmtree(apt_dir / "public" / "dists")
|
||||
shutil.rmtree(apt_dir / "public" / "pool")
|
||||
|
||||
# Copy .deb to bookworm folder.
|
||||
shutil.copy2(src, bookworm_deb)
|
||||
|
||||
# Create the necessary symlinks
|
||||
for deb in other_debs:
|
||||
deb.symlink_to(f"../bookworm/{deb_name}")
|
||||
|
||||
return {
|
||||
"actions": [copy_files],
|
||||
"file_dep": [src],
|
||||
"targets": [bookworm_deb, *other_debs],
|
||||
"clean": True,
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in a new issue