scripts/qa.sh


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130

#!/bin/bash
# Copyright 2007 Wulf C. Krueger <philantrop@gentoo.org>
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; version 3 of the License.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program.  If not, see <http://www.gnu.org/licenses/>.

# This is a script for running QA checks in both the official Gentoo Portage Tree
# as well as any overlay. 
# To see what it needs, how to use it and how to set some configuration options,
# please read on.

# Requirements:
# sys-apps/portage
# >=sys-apps/paludis-0.24.6 (with the "qa" USE flag set)
# dev-util/pkgcore-checks
# www-client/pybugz-0.7.0 (0.7.1 is broken, bug 197874)
# app-crypt/gnupg
# dev-util/cvs

# NOTE: The current directory must be the one to check for QA issues! 

# Parameters: 
# $1 = package name without (!) category
# $2 = path to the repository
#
# Example for app-editors/beaver in the official Gentoo Portage Tree:
# $1 = beaver 
# $2 = /home/krueger/workspace/gentoo-x86

# Configuration options:
# (All paths shouldn't have trailing slashes.)
# The path to the Gentoo Portage tree
GENTOO_PORTAGE_TREE="/home/krueger/workspace/gentoo-x86"
# The path to the Gentoo GLSAs
GLSA_DIR="/home/krueger/workspace/gentoo/xml/htdocs/security/en/glsa"
# Path for temporary files like the qa-results, glsa update timestamp file, etc.
TMP_DIR="/home/krueger/workspace/gentoo-stuff/tmp"
# The signing user's GPG directory
GPG_DIR="/home/krueger/.gnupg"
# A file that holds the password to the Manifest signing key (secure it!)
GPG_PASSWD_FILE="gentoo_pass"
# Defines which GPG key is used for Manifest signing 
GPG_KEY="CABCD089"

# Search for open bugs for the current package name
/usr/bin/bugz search "$1"

# We'll change dirs so keep the current one in mind.
pushd . >/dev/null 

# Delete the Manifest to avoid double-signing
rm -f Manifest 

# Delete digests to avoid leaving stray digest files behind when dropping old 
# ebuilds.
rm -f files/digest-*

# Fetch all files
for x in $(find . -type f -name "*.ebuild"); do
	echo "Fetching distfiles for $x..."
	USE=$(grep -h "IUSE=" *.ebuild | cut -d "=" -f 2 | tr ' ' '\n' | sed "s/[\n\"]//g" | sed "s/\+//g" | sort -u | tr '\n' ' ')
	export USE="${USE} $(grep -v '^#' < ${GENTOO_PORTAGE_TREE}/profiles/desc/linguas.desc | cut -d ' ' -f1 | sed '/./,$!d' | sed -e 's:^:linguas_:' | sort -u | tr '\n' ' ')"
	RESTRICT="mirror" ebuild $x fetch >/dev/null 2>&1
	# Make sure we *really* got all :-)
	RESTRICT="mirror" emerge --nodeps --fetch-all-uri $x >/dev/null 2>&1
    /usr/bin/ebuild $x manifest
done
unset USE

# Show the KEYWORDS matrix
echo 
# adjutrix -k --log-level silent
if [[ ${2: -10} = ${GENTOO_PORTAGE_TREE: -10} ]] ; then
	adjutrix -k --log-level warning
elif [[ $2 != ${GENTOO_PORTAGE_TREE} ]] ; then
	adjutrix -k --log-level warning --master-repository-dir ${GENTOO_PORTAGE_TREE}
fi
echo

# I wanted use reprehendo but it requires >=paludis-0.25.0 or paludis-scm.
# reprehendo --sign --key-id ${GPG_KEY}

# Sign the manifest
gpg -q --batch --passphrase-fd 0 --sign --clearsign --yes --default-key ${GPG_KEY} --homedir ${GPG_DIR} Manifest < "${GPG_DIR}/${GPG_PASSWD_FILE}" >/dev/null 2>&1 
mv Manifest.asc Manifest

# See what Qualudis has to say about it...
#QA_DIR=$(pwd | sed -e "s:$2/::")
#cd "$2"

if [[ ${2: -10} = ${GENTOO_PORTAGE_TREE: -10} ]] ; then
#	qualudis --log-level warning ${QA_DIR}
	qualudis --log-level warning
elif [[ $2 != ${GENTOO_PORTAGE_TREE} ]] ; then
#	qualudis --log-level warning --master-repository-dir ${GENTOO_PORTAGE_TREE} ${QA_DIR}
	qualudis --log-level warning --master-repository-dir ${GENTOO_PORTAGE_TREE}
fi
echo

if [[ $(find "${TMP_DIR}" -type f -amin +1440 -name "glsa_update") != "" ]] ; then
	touch "${TMP_DIR}/glsa_update"
	echo "Updating GLSAs..."
	cd "${GLSA_DIR}/../../"
	cvs update -d -P >/dev/null 2>&1
fi

# The following GLSA is broken.
rm -f "${GLSA_DIR}"/glsa-200710-22.xml

# Change back to the original directory we were in.
popd >/dev/null

# pkgcore's pcheck is useful, too.
if [[ "$2" != ${GENTOO_PORTAGE_TREE} ]] ; then 
	pcheck --nocolor -o ${GENTOO_PORTAGE_TREE} --profile-base=${GENTOO_PORTAGE_TREE}/profiles --license-dir=${GENTOO_PORTAGE_TREE}/licenses --glsa-dir=${GLSA_DIR} -d UnusedLicense -d CategoryMetadataXmlCheck -d UnusedGlobalFlags
else
	pcheck --nocolor -r "$2" --profile-base=${GENTOO_PORTAGE_TREE}/profiles --license-dir=${GENTOO_PORTAGE_TREE}/licenses --glsa-dir=${GLSA_DIR} -d UnusedLicense -d CategoryMetadataXmlCheck -d UnusedGlobalFlags
fi

# And, finally, of course, repoman does its job.
repoman -q -x full | tail -n+5