Initial commit

namecoin · Jan 11, 2019 · d1159b3 · d1159b3
commit d1159b3
Show file tree

Hide file tree

Showing 42 changed files with 1,356 additions and 0 deletions.
diff --git a/.gitignore b/.gitignore
@@ -0,0 +1,3 @@
+out/
+tmp/
+*.swp
diff --git a/.gitmodules b/.gitmodules
@@ -0,0 +1,3 @@
+[submodule "rbm"]
+	path = rbm
+	url = https://git.torproject.org/builders/rbm.git
diff --git a/ENTER b/ENTER
@@ -0,0 +1,2 @@
+#!/bin/sh
+exec nix-shell -p perl perlPackages.PathTiny perlPackages.YAMLLibYAML perlPackages.TemplateToolkit perlPackages.IOCaptureOutput perlPackages.FileCopyRecursive perlPackages.StringShellQuote perlPackages.SortVersions perlPackages.DataUUID perlPackages.DataDump perlPackages.DigestSHA perlPackages.FileTemp perlPackages.JSON debootstrap runc
diff --git a/Makefile b/Makefile
@@ -0,0 +1,12 @@
+RBM=./rbm/rbm
+
+all: release
+
+release:
+	$(RBM) build ncdns --target ncdns-linux-x86_64
+
+submodule-update:
+	git submodule update --init
+
+fetch: submodule-update
+	$(RBM) fetch
diff --git a/README.md b/README.md
@@ -0,0 +1,5 @@
+# ncdns-repro
+
+ncdns reproducible build harnesses for RBM.
+
+MIT License.
diff --git a/hashlist b/hashlist
@@ -0,0 +1,25 @@
+git github.com/alecthomas/template b867cc6ab45cece8143cfcc6fc9c77cf3f2c23c0 heads/master
+git github.com/alecthomas/units 2efee857e7cfd4f3d0138cc3cbb1b4966962b93a heads/master
+git github.com/BurntSushi/toml 056c9bc7be7190eaa7715723883caffa5f8fa3e4 heads/master
+git github.com/coreos/go-systemd a831f36d09de8f095c28eeee839df52e9de5031f heads/master
+git github.com/golang/groupcache 604ed5785183e59ae2789449d89e73f3a2a77987 heads/master
+git github.com/hlandau/buildinfo 337a29b5499734e584d4630ce535af64c5fe7813 heads/master
+git github.com/hlandau/degoutils 8fa2440b63444dad556d76366f1c3ee070c8a577 heads/master+
+git github.com/hlandau/dexlogconfig 244f29bd260884993b176cd14ef2f7631f6f3c18 heads/master
+git github.com/hlandauf/btcjson e204653fd7386803f14e4ec744ab63dde15002dc heads/master
+git github.com/hlandau/ncbtcjsontypes 02ea7272dd11bb6153a3cd06899a0999ac6a16e0 heads/master
+git github.com/hlandau/xlog 197ef798aed28e08ed3e176e678fda81be993a31 tags/v1.0.0
+git github.com/kr/pretty e6ac2fc51e89a3249e82157fa0bb7a18ef9dd5bb heads/master
+git github.com/kr/text bb797dc4fb8320488f47bf11de07a733d7233e1f heads/master
+git github.com/mattn/go-isatty 7fcbc72f853b92b5720db4a6b8482be612daef24 heads/master
+git github.com/miekg/dns c144371d31e35dc0588755ada496462c102c90a6 heads/master
+git github.com/namecoin/ncdns 19534f1dcfd1151bd9c072459caac12f6fb384df tags/v0.0.6
+git github.com/ogier/pflag 6f7159c3154e7cd4ab30f6cc9c58fa3fd0f22325 heads/master
+git github.com/shiena/ansicolor a5e2b567a4dd6cc74545b8a4f27c9d63b9e7735b heads/master
+git golang.org/x/net e0c57d8f86c17f0724497efcb3bc617e82834821 heads/master
+git gopkg.in/alecthomas/kingpin.v2 7f0871f2e17818990e4eed73f9b5c2f429501228 tags/v2.2.4
+git gopkg.in/hlandau/configurable.v1 34642c4c8cbf56801d0e34f0e82187305983ac26 heads/master
+git gopkg.in/hlandau/easyconfig.v1 c31249162931b4963bbe6e501cccb60d23271a3f tags/v1.0.17
+git gopkg.in/hlandau/madns.v1 b82ebc776bd8a13824350c7c108180d601e38352 tags/v1.0.7+
+git gopkg.in/hlandau/service.v2 b64b3467ebd16f64faec1640c25e318efc0c0d7b tags/v2.0.16
+git gopkg.in/hlandau/svcutils.v1 c25dac49e50cbbcbef8c81b089f56156f4067729 tags/v1.0.10
diff --git a/listrepo b/listrepo
@@ -0,0 +1,3 @@
+#!/bin/sh
+set -e
+go list -f '{{range $imp := .Deps}}{{printf "%s\n" $imp}}{{end}}' 'github.com/namecoin/ncdns'|sort -u|xargs go list -f '{{if not .Standard}}{{.ImportPath}}{{end}}' | awk "{print \"$GOPATH/src/\" \$0}" | (while read line; do x="$line"; while [ ! -e "$x/.git" -a ! -e "$x/.hg" ]; do x=${x%/*}; if [ "$x" = "" ]; then break; fi; done; echo "$x"; done) | sort -u | (while read line; do echo ${line#$GOPATH/src/}; done)
diff --git a/projects/common/runc-config.json b/projects/common/runc-config.json
@@ -0,0 +1,268 @@
+{
+  "ociVersion": "1.0.0[% IF !c("var_p/runc_spec100") %]-rc1[% END %]",
+  "platform": {
+    "os": "linux",
+    "arch": "amd64"
+  },
+  "process": {
+    "terminal": [% IF c("interactive") %]true[% ELSE %]false[% END %],
+    "user": {
+      "uid": 0,
+      "gid": 0
+    },
+    "args": [
+      "/rbm/run"
+    ],
+    "env": [
+      "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
+      "TERM=xterm"
+    ],
+    "cwd": "/",
+[% IF c("var_p/runc_spec100") -%]
+    "capabilities": {
+      "bounding": [
+        "CAP_AUDIT_WRITE",
+        "CAP_KILL",
+        "CAP_NET_BIND_SERVICE",
+        "CAP_SETGID",
+        "CAP_SETUID",
+        "CAP_MKNOD",
+        "CAP_SYS_CHROOT",
+[% IF c("var/container/CAP_SYS_ADMIN") -%]
+        "CAP_SYS_ADMIN",
+[% END -%]
+        "CAP_FSETID",
+        "CAP_FOWNER",
+        "CAP_DAC_OVERRIDE",
+        "CAP_CHOWN"
+      ],
+      "effective": [
+        "CAP_AUDIT_WRITE",
+        "CAP_KILL",
+        "CAP_NET_BIND_SERVICE",
+        "CAP_SETGID",
+        "CAP_SETUID",
+        "CAP_MKNOD",
+        "CAP_SYS_CHROOT",
+[% IF c("var/container/CAP_SYS_ADMIN") -%]
+        "CAP_SYS_ADMIN",
+[% END -%]
+        "CAP_FSETID",
+        "CAP_FOWNER",
+        "CAP_DAC_OVERRIDE",
+        "CAP_CHOWN"
+      ],
+      "inheritable": [
+        "CAP_AUDIT_WRITE",
+        "CAP_KILL",
+        "CAP_NET_BIND_SERVICE",
+        "CAP_SETGID",
+        "CAP_SETUID",
+        "CAP_MKNOD",
+        "CAP_SYS_CHROOT",
+[% IF c("var/container/CAP_SYS_ADMIN") -%]
+        "CAP_SYS_ADMIN",
+[% END -%]
+        "CAP_FSETID",
+        "CAP_FOWNER",
+        "CAP_DAC_OVERRIDE",
+        "CAP_CHOWN"
+      ],
+      "permitted": [
+        "CAP_AUDIT_WRITE",
+        "CAP_KILL",
+        "CAP_NET_BIND_SERVICE",
+        "CAP_SETGID",
+        "CAP_SETUID",
+        "CAP_MKNOD",
+        "CAP_SYS_CHROOT",
+[% IF c("var/container/CAP_SYS_ADMIN") -%]
+        "CAP_SYS_ADMIN",
+[% END -%]
+        "CAP_FSETID",
+        "CAP_FOWNER",
+        "CAP_DAC_OVERRIDE",
+        "CAP_CHOWN"
+      ],
+      "ambient": [
+        "CAP_AUDIT_WRITE",
+        "CAP_KILL",
+        "CAP_NET_BIND_SERVICE",
+        "CAP_SETGID",
+        "CAP_SETUID",
+        "CAP_MKNOD",
+        "CAP_SYS_CHROOT",
+[% IF c("var/container/CAP_SYS_ADMIN") -%]
+        "CAP_SYS_ADMIN",
+[% END -%]
+        "CAP_FSETID",
+        "CAP_FOWNER",
+        "CAP_DAC_OVERRIDE",
+        "CAP_CHOWN"
+      ]
+    },
+[% ELSE -%]
+    "capabilities": [
+      "CAP_AUDIT_WRITE",
+      "CAP_KILL",
+      "CAP_NET_BIND_SERVICE",
+      "CAP_SETGID",
+      "CAP_SETUID",
+      "CAP_MKNOD",
+      "CAP_SYS_CHROOT",
+[% IF c("var/container/CAP_SYS_ADMIN") -%]
+      "CAP_SYS_ADMIN",
+[% END -%]
+      "CAP_FSETID",
+      "CAP_FOWNER",
+      "CAP_DAC_OVERRIDE",
+      "CAP_CHOWN"
+    ],
+[% END -%]
+    "rlimits": [
+      {
+        "type": "RLIMIT_NOFILE",
+        "hard": 1024,
+        "soft": 1024
+      }
+    ],
+    "noNewPrivileges": true
+  },
+  "root": {
+      "path": "rootfs",
+      "readonly": false
+  },
+  "hostname": "runc",
+  "mounts": [
+    {
+      "destination": "/proc",
+      "type": "proc",
+      "source": "proc"
+    },
+    {
+      "type": "bind",
+      "source": "/etc/resolv.conf",
+      "destination": "/etc/resolv.conf",
+      "options": [
+        "rbind",
+        "ro"
+      ]
+    },
+    {
+      "destination": "/dev",
+      "type": "tmpfs",
+      "source": "tmpfs",
+      "options": [
+        "nosuid",
+        "strictatime",
+        "mode=755",
+        "size=65536k"
+      ]
+    },
+    {
+      "destination": "/dev/pts",
+      "type": "devpts",
+      "source": "devpts",
+      "options": [
+        "nosuid",
+        "noexec",
+        "newinstance",
+        "ptmxmode=0666",
+        "mode=0620",
+        "gid=5"
+      ]
+    },
+    {
+      "destination": "/dev/shm",
+      "type": "tmpfs",
+      "source": "shm",
+      "options": [
+        "nosuid",
+        "noexec",
+        "nodev",
+        "mode=1777",
+        "size=65536k"
+      ]
+    },
+    {
+      "destination": "/dev/mqueue",
+      "type": "mqueue",
+      "source": "mqueue",
+      "options": [
+        "nosuid",
+        "noexec",
+        "nodev"
+      ]
+    },
+    {
+      "destination": "/sys",
+      "type": "sysfs",
+      "source": "sysfs",
+      "options": [
+        "nosuid",
+        "noexec",
+        "nodev",
+        "ro"
+      ]
+    },
+    {
+      "destination": "/sys/fs/cgroup",
+      "type": "cgroup",
+      "source": "cgroup",
+      "options": [
+        "nosuid",
+        "noexec",
+        "nodev",
+        "relatime",
+        "ro"
+      ]
+    }
+  ],
+  "hooks": {},
+  "linux": {
+    "resources": {
+      "devices": [
+        {
+          "allow": false,
+          "access": "rwm"
+        }
+      ]
+    },
+    "namespaces": [
+      {
+        "type": "pid"
+      },
+      {
+        "type": "ipc"
+      },
+      {
+        "type": "uts"
+      },
+      {
+        "type": "mount"
+      }
+    ],
+    "maskedPaths": [
+      "/proc/kcore",
+      "/proc/latency_stats",
+      "/proc/timer_stats",
+[% IF c("var_p/runc_spec100") -%]
+      "/proc/timer_list",
+      "/sys/firmware",
+[% END -%]
+      "/proc/sched_debug"
+    ],
+    "readonlyPaths": [
+      "/proc/asound",
+      "/proc/bus",
+      "/proc/fs",
+      "/proc/irq",
+      "/proc/sys",
+      "/proc/sysrq-trigger"
+    ]
+  },
+  "solaris": {
+    "cappedCPU": {},
+    "cappedMemory": {}
+  }
+}
diff --git a/projects/container-image/build b/projects/container-image/build
@@ -0,0 +1,2 @@
+#!/bin/sh
+set -e
diff --git a/projects/container-image/config b/projects/container-image/config
@@ -0,0 +1,62 @@
+filename: 'container-image_[% c("var/container/suite") %]-[% c("var/container/arch") %]-[% sha256(c("pre")).substr(0,12) %].tar.gz'
+pkg_type: build
+
+var:
+  container:
+    use_container: 1
+    suite: '[% pc(c("origin_project"), "var/container/suite") %]'
+    arch:  '[% pc(c("origin_project"), "var/container/arch")  %]'
+
+lsb_release:
+  id: Debian
+  codename: wheezy
+  release: 7.11
+
+pre: |
+  #!/bin/sh
+  # [% c('var/container/suite') %]
+  set -e
+  [% IF pc(c('origin_project'), 'var/pre_pkginst') -%]
+  [% pc(c('origin_project'), 'var/pre_pkginst') %]
+  [% END -%]
+  apt-get update -y
+  apt-get upgrade -y
+  [%
+    deps = [];
+    IF pc(c('origin_project'), 'var/deps');
+      CALL deps.import(pc(c('origin_project'), 'var/deps'));
+    END;
+    IF pc(c('origin_project'), 'var/arch_deps');
+      CALL deps.import(pc(c('origin_project'), 'var/arch_deps'));
+    END;
+    IF deps.size;
+      IF pc(c('origin_project'), 'var/sort_deps');
+        deps = deps.sort;
+      END;
+      FOREACH pkg IN deps;
+        SET p = tmpl(pkg);
+        IF p;
+          GET c('install_package', { pkg_name => p });
+          GET "\n";
+        END;
+      END;
+    END;
+  -%]
+  [% IF pc(c('origin_project'), 'var/post_pkginst') -%]
+  [% pc(c('origin_project'), 'var/post_pkginst') %]
+  [% END -%]
+
+remote_get: |
+  #!/bin/sh
+  set -e
+  [%
+    SET src = shell_quote(c('get_src', { error_if_undef => 1 }));
+    SET dst = shell_quote(c('get_dst', { error_if_undef => 1 }));
+  -%]
+  mkdir -p "[% dst %]"
+  sudo tar -C "[% c("var/container/dir") %]/rootfs" -czf "[% dst %]/[% c("filename") %]" .
+
+input_files:
+  - project: debootstrap-image
+    target:
+      - '[% c("var/container/suite") %]-[% c("var/container/arch") %]'
diff --git a/projects/debootstrap-image/build b/projects/debootstrap-image/build
@@ -0,0 +1,2 @@
+#!/bin/sh
+set -e
-Original file line number
+Diff line change
@@ -0,0 +1,3 @@
+    out/
+    tmp/
+    *.swp
Original file line number	Diff line number	Diff line change
		@@ -0,0 +1,2 @@
		#!/bin/sh
		exec nix-shell -p perl perlPackages.PathTiny perlPackages.YAMLLibYAML perlPackages.TemplateToolkit perlPackages.IOCaptureOutput perlPackages.FileCopyRecursive perlPackages.StringShellQuote perlPackages.SortVersions perlPackages.DataUUID perlPackages.DataDump perlPackages.DigestSHA perlPackages.FileTemp perlPackages.JSON debootstrap runc