diff --git a/.github/workflows/acceptance_tests.yml b/.github/workflows/acceptance_tests.yml index 60132de1f0..166492e9d6 100644 --- a/.github/workflows/acceptance_tests.yml +++ b/.github/workflows/acceptance_tests.yml @@ -11,7 +11,7 @@ jobs: with: submodules: recursive - name: Install dependencies - run: sudo apt-get update -y && sudo apt-get install -y libssl-dev libpam0g-dev liblmdb-dev byacc curl libyaml-dev librsync-dev + run: ./ci/dependencies.sh - name: Run autotools / configure run: ./autogen.sh --enable-debug - name: Compile and link (make) diff --git a/.github/workflows/asan_unit_tests.yml b/.github/workflows/asan_unit_tests.yml index 5958e1998d..6c3dec8517 100644 --- a/.github/workflows/asan_unit_tests.yml +++ b/.github/workflows/asan_unit_tests.yml @@ -11,7 +11,7 @@ jobs: with: submodules: recursive - name: Install dependencies - run: sudo apt-get update -y && sudo apt-get install -y libssl-dev libpam0g-dev liblmdb-dev byacc curl librsync-dev + run: ./ci/dependencies.sh - name: Run autotools / configure run: ./autogen.sh --enable-debug - name: Compile and link (make) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index e9381fdb77..18d404cc1f 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -41,7 +41,7 @@ jobs: - name: Install dependencies (C) if: ${{ matrix.language == 'cpp' }} - run: sudo apt-get update -y && sudo apt-get install -y libssl-dev libpam0g-dev liblmdb-dev byacc curl librsync-dev + run: ./ci/dependencies.sh - name: Build (C) if: ${{ matrix.language == 'cpp' }} diff --git a/.github/workflows/shellcheck.yml b/.github/workflows/shellcheck.yml index b5de17ec7c..bbe1c10218 100644 --- a/.github/workflows/shellcheck.yml +++ b/.github/workflows/shellcheck.yml @@ -12,7 +12,9 @@ jobs: with: submodules: recursive - name: Install dependencies - run: sudo apt-get update -y && sudo apt-get install -y libssl-dev libpam0g-dev liblmdb-dev byacc curl shellcheck librsync-dev + run: | + ./ci/dependencies.sh + sudo apt install -y shellcheck - name: Run autotools / configure run: ./autogen.sh --enable-debug - name: Run shellcheck diff --git a/.github/workflows/unit_tests.yml b/.github/workflows/unit_tests.yml index 8115a911b6..ad142ac402 100644 --- a/.github/workflows/unit_tests.yml +++ b/.github/workflows/unit_tests.yml @@ -12,7 +12,7 @@ jobs: with: submodules: recursive - name: Install dependencies - run: sudo apt-get update -y && sudo apt-get install -y libssl-dev libpam0g-dev liblmdb-dev byacc curl librsync-dev + run: ./ci/dependencies.sh - name: Run autotools / configure run: ./autogen.sh --enable-debug - name: Compile and link (make) diff --git a/.github/workflows/valgrind.yml b/.github/workflows/valgrind.yml index 6b0f780708..38b0e71b34 100644 --- a/.github/workflows/valgrind.yml +++ b/.github/workflows/valgrind.yml @@ -27,7 +27,9 @@ jobs: path: masterfiles submodules: recursive - name: Install dependencies - run: sudo apt-get update -y && sudo apt-get install -y libssl-dev libpam0g-dev liblmdb-dev byacc curl libyaml-dev valgrind librsync-dev + run: | + ./ci/dependencies.sh + sudo apt install -y valgrind - name: Run autotools / configure run: ./autogen.sh --enable-debug --with-systemd-service - name: Compile and link (make) diff --git a/ci/build.sh b/ci/build.sh index 2cb55a9845..8ecc958d32 100755 --- a/ci/build.sh +++ b/ci/build.sh @@ -1,14 +1,8 @@ #!/usr/bin/env bash -# build.sh runs autogen/configure and then builds CFEngine core +# build.sh runs after dependencies and configure scripts and builds CFEngine core # the script should take into account the operating system environment and adjust, such as --without-pam on termux, BSDs and such set -ex thisdir="$(dirname "$0")" cd "$thisdir"/.. -OPTS="--enable-debug" -if [ -n "$TERMUX_VERSION" ]; then - OPTS="$OPTS --without-pam" -fi - -./autogen.sh $OPTS -make +make -j8 CFLAGS="-Werror -Wall" diff --git a/ci/configure.sh b/ci/configure.sh new file mode 100755 index 0000000000..816fff6133 --- /dev/null +++ b/ci/configure.sh @@ -0,0 +1,13 @@ +#!/usr/bin/env bash +# configure.sh runs autotools/configure as appropriate for the current environment +# the script should take into account the operating system environment and adjust, such as --without-pam on termux, BSDs and such +set -ex +thisdir="$(dirname "$0")" +cd "$thisdir"/.. +OPTS="--enable-debug" + +if [ -n "$TERMUX_VERSION" ]; then + OPTS="$OPTS --without-pam" +fi + +./autogen.sh $OPTS diff --git a/ci/dependencies.sh b/ci/dependencies.sh index ea31dbeeb2..297ebe52c1 100755 --- a/ci/dependencies.sh +++ b/ci/dependencies.sh @@ -1,6 +1,16 @@ #!/usr/bin/env bash # dependencies.sh is called by install.sh to install libraries and packages needed to build and install CFEngine from source. set -ex + +GAINROOT="" +if [ "$(id -u)" != "0" ]; then + GAINROOT="sudo" + if ! command -v sudo >/dev/null; then + echo "Sorry, either run $0 as root or install sudo." + exit 1 + fi +fi + # limited support here, focused on rhel-like on aarch64 which has no previous CFEngine version to leverage: ENT-13016 if [ -f /etc/os-release ]; then source /etc/os-release @@ -9,17 +19,17 @@ if [ -f /etc/os-release ]; then if [ "$VERSION_MAJOR" -ge "10" ]; then # note that having a redhat subscription makes things easier: lmdb-devel and librsync-devel are available from codeready-builder repo if subscription-manager status; then - sudo subscription-manager config --rhsm.manage_repos=1 - sudo subscription-manager repos --enable codeready-builder-for-rhel-"$VERSION_MAJOR"-"$(uname -m)"-rpms - sudo dnf install --assumeyes https://dl.fedoraproject.org/pub/epel/epel-release-latest-"$VERSION_MAJOR".noarch.rpm - sudo dnf install --assumeyes flex-devel lmdb-devel librsync-devel fakeroot # only available via subscription with codeready-builder installed + $GAINROOT subscription-manager config --rhsm.manage_repos=1 + $GAINROOT subscription-manager repos --enable codeready-builder-for-rhel-"$VERSION_MAJOR"-"$(uname -m)"-rpms + $GAINROOT dnf install --assumeyes https://dl.fedoraproject.org/pub/epel/epel-release-latest-"$VERSION_MAJOR".noarch.rpm + $GAINROOT dnf install --assumeyes flex-devel lmdb-devel librsync-devel fakeroot # only available via subscription with codeready-builder installed # flex-devel, libyaml-devel and fakeroot are also only available easily from codeready-builder but are not critical to building CFEngine usable enough to configure a build host. # fakeroot is only needed for running tests but can be worked around by using GAINROOT=env with tests/acceptance/testall script else # here we assume no subscription and so must build those two dependencies from source :) - sudo yum groups install -y 'Development Tools' - sudo yum update --assumeyes - sudo yum install -y gcc gdb make git libtool autoconf automake byacc flex openssl-devel pcre2-devel pam-devel libxml2-devel + $GAINROOT yum groups install -y 'Development Tools' + $GAINROOT yum update --assumeyes + $GAINROOT yum install -y gcc gdb make git libtool autoconf automake byacc flex openssl-devel pcre2-devel pam-devel libxml2-devel tmpdir="$(mktemp -d)" echo "Building lmdb and librsync in $tmpdir" ( @@ -27,20 +37,23 @@ if [ -f /etc/os-release ]; then git clone --recursive --depth 1 https://github.com/LMDB/lmdb cd lmdb/libraries/liblmdb make - sudo make install prefix=/usr + $GAINROOT make install prefix=/usr cd - - sudo dnf install -y cmake + $GAINROOT dnf install -y cmake git clone --recursive --depth 1 https://github.com/librsync/librsync cd librsync cmake -DCMAKE_INSTALL_PREFIX=/usr -DCMAKE_BUILD_TYPE=Release . make - sudo make install + $GAINROOT make install ) fi else echo "Unsupported version of redhat for $0" exit 1 fi + elif [ "$ID" = "debian" ] || [[ "$ID_LIKE" =~ "debian" ]]; then + $GAINROOT apt update -y + $GAINROOT apt install -y build-essential git libtool autoconf automake bison flex libssl-dev libpcre2-dev libbison-dev libacl1 libacl1-dev lmdb-utils liblmdb-dev libpam0g-dev libtool libyaml-dev libxml2-dev librsync-dev else echo "Unsupported distribution based on /etc/os-release." fi diff --git a/ci/install.sh b/ci/install.sh index 587836d0ef..bb9ccf96a6 100755 --- a/ci/install.sh +++ b/ci/install.sh @@ -3,11 +3,18 @@ set -ex thisdir=$(dirname $0) "$thisdir"/dependencies.sh +"$thisdir"/configure.sh "$thisdir"/build.sh cd "$thisdir"/.. GAINROOT="" if [ ! -n "$TERMUX_VERSION" ]; then - GAINROOT="sudo" + if [ "$(id -u)" != "0" ]; then + if ! command -v sudo >/dev/null; then + echo "Sorry, run $0 as root or install and configure sudo." + exit 1 + fi + GAINROOT="sudo" + fi fi $GAINROOT make install