This patchset adds openbsd/current, and also includes a minor patch that runs syspatch by default on stable builds so that they get the latest patches. I ran builds for the 6.8 and current using the existing 6.8 image: https://builds.sr.ht/~oranenj/job/433429 https://builds.sr.ht/~oranenj/job/433430 At this point -current doesn't seem to require running the build in bootstrap mode Jarkko Oranen (3): Use short version based on $openbsd_version instead of hardcoding set filenames OpenBSD:current openbsd: run syspatch on amd64 by default images/openbsd/6.7/genimg | 3 +-- images/openbsd/6.8/genimg | 3 +-- images/openbsd/current/functions | 1 + images/openbsd/current/genimg | 8 +++++++ images/openbsd/genimg | 37 ++++++++++++++++++++++++++------ 5 files changed, 41 insertions(+), 11 deletions(-) create mode 120000 images/openbsd/current/functions create mode 100755 images/openbsd/current/genimg -- 2.30.1
Why is this desirable? As far as I can tell, it introduces some hacks which we cannot expect to be reliable.
The problem with -current is that around release time, the filenames for current will be the same as the previous version (ie. after 6.9 is released, current will still be "6.9" for some time after that, despite the snapshots being newer). Without autodetecting the version number, the current image would break at random some time after release when the filenames change, requiring a patch to fix it. There's a chance that the "autodetection" will break eventually too, but the OpenBSD repository structure has been fairly stable for a long time, so I'm willing to bet that it will break less often than once per release cycle. -- Jarkko
Ah, one more small thing: maybe the commit message can be improved a bit. Maybe something like "openbsd: add current"?
builds.sr.ht/patches: SUCCESS in 3m21s [OpenBSD -current support and syspatch enablement][0] from [~oranenj][1] [0]: https://lists.sr.ht/~sircmpwn/sr.ht-dev/patches/20402 [1]: mailto:oranenj@iki.fi ✓ #433483 SUCCESS builds.sr.ht/patches/alpine.yml https://builds.sr.ht/~sircmpwn/job/433483 ✓ #433484 SUCCESS builds.sr.ht/patches/archlinux.yml https://builds.sr.ht/~sircmpwn/job/433484 ✓ #433485 SUCCESS builds.sr.ht/patches/debian.yml https://builds.sr.ht/~sircmpwn/job/433485
What is syspatch for? I'm not familiar with OpenBSD.
It installs the OpenBSD base system errata patches, which are available in binary form for some architectures, see eg. https://www.openbsd.org/errata68.html Generally they're not critical for build images, but having them can't hurt; I should've enabled them earlier, but forgot. -- Jarkko
Is there a reason why this is not enabled on all architectures? Is it only available on amd64?
I'd rather not add releases which are not well-supported for downstream use by the upstream distributor - in this case, it doesn't seem like OpenBSD current is very conducive to downstream use. Am I wrong? FreeBSD current causes us a lot of headaches.
With OpenBSD, using -current is actually reasonably supported as long as you use snapshots. Building your own is actively discouraged. I'll expect there will be occasional breakage and the image will fail to build for whatever reason, but I imagine it will still be useful in allowing projects to test against an upcoming OpenBSD release, especially given that they often make quite drastic changes. If you set up automation to rebuild -current images, say, once a week, it's probably best to make it so that it ignores one failure and just tries again the next day (or week) with a new snapshot. If it turns out to be too big a headache or not in demand, I suppose we can always just stop supporting it. :/FreeBSD current was introduced for the same reasons, works similarily, and was dropped because it kept breaking. I'm not against adding it, maybe OpenBSD current will break less often. We just need to be careful not to waste too much effort into this.-- Jarkko
Copy & paste the following snippet into your terminal to import this patchset into git:
curl -s https://lists.sr.ht/~sircmpwn/sr.ht-dev/patches/20402/mbox | git am -3Learn more about email & git
From: Jarkko Oranen <oranen@iki.fi> This is in preparation for -current support --- images/openbsd/6.7/genimg | 3 +-- images/openbsd/6.8/genimg | 3 +-- images/openbsd/genimg | 30 ++++++++++++++++++++++++------ 3 files changed, 26 insertions(+), 10 deletions(-) diff --git a/images/openbsd/6.7/genimg b/images/openbsd/6.7/genimg index cf67d6e..51eec5a 100755 --- a/images/openbsd/6.7/genimg +++ b/images/openbsd/6.7/genimg @@ -2,8 +2,7 @@ export arch="${1:-amd64}" export openbsd_version="6.7" # QEMU requires xbase -export openbsd_sets="base67.tgz comp67.tgz xbase67.tgz xshare67.tgz" +export openbsd_sets="base comp xbase xshare"
It's nice to remove the version numbers from $openbsd_sets. Now that it doesn't depend on the version, it should be the same for all OpenBSD versions. Can we move it out of image-specific genimg scripts into the common genimg script?
export openbsd_kernel="bsd.mp" export openbsd_installurl="https://cdn.openbsd.org/pub/OpenBSD"
This also seems to not depend on the OpenBSD version, would be a good candidate to be moved, even if not really related to this patch.
-export openbsd_public_key="openbsd-67-base.pub" exec ../genimg "$@" diff --git a/images/openbsd/6.8/genimg b/images/openbsd/6.8/genimg index c381d54..d6b7281 100755 --- a/images/openbsd/6.8/genimg +++ b/images/openbsd/6.8/genimg @@ -2,8 +2,7 @@ export arch="${1:-amd64}" export openbsd_version="6.8" # QEMU requires xbase -export openbsd_sets="base68.tgz comp68.tgz xbase68.tgz xshare68.tgz" +export openbsd_sets="base comp xbase xshare"
Same here.
export openbsd_kernel="bsd.mp" export openbsd_installurl="https://cdn.openbsd.org/pub/OpenBSD" -export openbsd_public_key="openbsd-68-base.pub" exec ../genimg "$@" diff --git a/images/openbsd/genimg b/images/openbsd/genimg index 3e02ff0..0e7d83a 100755 --- a/images/openbsd/genimg +++ b/images/openbsd/genimg @@ -3,17 +3,29 @@ : "$openbsd_sets" : "$openbsd_kernel" : "$openbsd_installurl" -: "$openbsd_public_key" image_size="16g" run_syspatch="${run_syspatch:-NO}" image_packages="bash git" -snapshot="${snapshot:-NO}" pkg_add_params="" +snapshot="NO" + +if [ "$openbsd_version" = "current" ]; then
Can we keep this for the next patch? I'd rather not add any current-specific logic in this commit, so that a clean revert is possible if necessary.
+ snapshot="YES" +fi + +if [ "$snapshot" = "YES" ]; then + # hackish, but should work + short_version="$(ftp -Vo- "$openbsd_installurl/snapshots/${arch}/index.txt" | grep -Eo 'install[0-9]+.img' | grep -Eo '[0-9]+')"
Same here, please keep it for the next patch that adds current. I think awk can do a better job than grep here.
+else + short_version="$(echo $openbsd_version | tr -d .)" +fi + +openbsd_public_key="openbsd-${short_version}-base.pub" openbsd_bootstrap="${openbsd_bootstrap:-NO}" # Force bootstrap mode when cross-building, unless we're building snapshots -if [ "$(uname -r)" != "$openbsd_version" ] && [ "$snapshot" = "NO" ]; then +if [ "$(uname -r)" != "$openbsd_version" ] && [ "$snapshot" != "YES" ]; then openbsd_bootstrap=YES fi @@ -40,13 +52,19 @@ cd_workdir() { } cd_workdir -for f in $openbsd_sets $openbsd_kernel SHA256.sig SHA256 + +set_files="" +for s in $openbsd_sets; do + set_files="$set_files ${s}${short_version}.tgz" +done + +for f in $set_files $openbsd_kernel SHA256.sig SHA256 do test -f "$f" || ftp "${openbsd_installurl}/${mirror_dir}/${arch}/${f}" done signify -Cp /etc/signify/"$openbsd_public_key" \ - -x SHA256.sig $openbsd_sets $openbsd_kernel + -x SHA256.sig $set_files $openbsd_kernel # Create image that will host the filesystem rm -f root.img @@ -59,7 +77,7 @@ EOF disklabel -w -A -T /tmp/partitions vnd0 # prepare root filesystem under /mnt -for f in $openbsd_sets +for f in $set_files do tar -zxphf "$f" -C /mnt done -- 2.30.1
Why is this desirable? As far as I can tell, it introduces some hacks which we cannot expect to be reliable.
From: Jarkko Oranen <oranen@iki.fi> --- images/openbsd/current/functions | 1 + images/openbsd/current/genimg | 8 ++++++++ 2 files changed, 9 insertions(+) create mode 120000 images/openbsd/current/functions create mode 100755 images/openbsd/current/genimg diff --git a/images/openbsd/current/functions b/images/openbsd/current/functions new file mode 120000 index 0000000..c0b5bcc --- /dev/null +++ b/images/openbsd/current/functions @@ -0,0 +1 @@ +../functions \ No newline at end of file diff --git a/images/openbsd/current/genimg b/images/openbsd/current/genimg new file mode 100755 index 0000000..3e52bd3 --- /dev/null +++ b/images/openbsd/current/genimg @@ -0,0 +1,8 @@ +#!/bin/sh +export arch="${1:-amd64}"
Seems like this is unused in this file, and repeated in the common genimg script.
+export openbsd_version="current" +# QEMU requires xbase +export openbsd_sets="base comp xbase xshare" +export openbsd_kernel="bsd.mp" +export openbsd_installurl="https://cdn.openbsd.org/pub/OpenBSD"
As mentionned previously, these three variables are the same for all OpenBSD versions.
+exec ../genimg "$@"
--
2.30.1
Ah, one more small thing: maybe the commit message can be improved a bit. Maybe something like "openbsd: add current"?
From: Jarkko Oranen <oranen@iki.fi> --- images/openbsd/genimg | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/images/openbsd/genimg b/images/openbsd/genimg index 0e7d83a..de7dcce 100755 --- a/images/openbsd/genimg +++ b/images/openbsd/genimg @@ -5,11 +5,16 @@ : "$openbsd_installurl" image_size="16g" -run_syspatch="${run_syspatch:-NO}" image_packages="bash git" pkg_add_params="" snapshot="NO" +if [ "$arch" = "amd64" ]; then + run_syspatch="${run_syspatch:-YES}" +else + run_syspatch="${run_syspatch:-NO}" +fi + if [ "$openbsd_version" = "current" ]; then snapshot="YES" fi -- 2.30.1
builds.sr.htbuilds.sr.ht/patches: SUCCESS in 3m21s [OpenBSD -current support and syspatch enablement][0] from [~oranenj][1] [0]: https://lists.sr.ht/~sircmpwn/sr.ht-dev/patches/20402 [1]: mailto:oranenj@iki.fi ✓ #433483 SUCCESS builds.sr.ht/patches/alpine.yml https://builds.sr.ht/~sircmpwn/job/433483 ✓ #433484 SUCCESS builds.sr.ht/patches/archlinux.yml https://builds.sr.ht/~sircmpwn/job/433484 ✓ #433485 SUCCESS builds.sr.ht/patches/debian.yml https://builds.sr.ht/~sircmpwn/job/433485
What is syspatch for? I'm not familiar with OpenBSD.
Is there a reason why this is not enabled on all architectures? Is it only available on amd64?