From 92b70ced0c612ed5534302e44b09ed3183793e0b Mon Sep 17 00:00:00 2001 From: Kate Date: Tue, 15 Oct 2024 10:18:59 +0100 Subject: [PATCH 1/4] Upgrade the Alpine Linux container where the Linux release binaries are built from Alpine 3.13 to 3.20 --- master_changes.md | 1 + release/Dockerfile.in | 2 +- release/Makefile | 15 ++++++++------- 3 files changed, 10 insertions(+), 8 deletions(-) diff --git a/master_changes.md b/master_changes.md index 00be362c74e..c17fcb9c26f 100644 --- a/master_changes.md +++ b/master_changes.md @@ -73,6 +73,7 @@ users) ## Infrastructure ## Release scripts + * Upgrade the Alpine Linux container where the Linux release binaries are built from Alpine 3.13 to 3.20 [#6237 @kit-ty-kate] ## Install script diff --git a/release/Dockerfile.in b/release/Dockerfile.in index df94b4531ef..cdfce97c943 100644 --- a/release/Dockerfile.in +++ b/release/Dockerfile.in @@ -1,4 +1,4 @@ -FROM multiarch/alpine:%TARGET_TAG% +FROM ghcr.io/kit-ty-kate/alpine:%TARGET_TAG% # May need configuration on the host: # docker run --rm --privileged multiarch/qemu-user-static:register --reset LABEL Description="opam release builds" Vendor="OCamlPro" Version="1.0" diff --git a/release/Makefile b/release/Makefile index 85f527ffb73..cc1057a8160 100644 --- a/release/Makefile +++ b/release/Makefile @@ -9,6 +9,8 @@ FLEXDLLV = 0.43 OCAML_URL = https://github.com/ocaml/ocaml/archive/refs/tags/$(OCAMLV).tar.gz FLEXDLL_URL = https://github.com/ocaml/flexdll/archive/refs/tags/$(FLEXDLLV).tar.gz +ALPINE_VERSION = 3.20 + HOST_OS = $(shell uname -s | tr A-Z a-z | sed -e 's/_.*//' -e 's/darwin/macos/' -e 's/cygwin/windows/') HOST = $(shell uname -m | sed 's/amd64/x86_64/')-$(HOST_OS) OUTDIR = out/$(TAG) @@ -31,26 +33,25 @@ $(OUTDIR)/opam-full-$(VERSION).tar.gz: rm -rf "$(OUTDIR)/opam-full-$(VERSION)" build/Dockerfile.x86_64-linux: Dockerfile.in - mkdir -p build && sed -e "s/%OCAMLV%/$(OCAMLV)/g" -e 's/%TARGET_TAG%/x86_64-v3.13/g' -e 's/%CONF%//g' $^ >$@ + mkdir -p build && sed -e "s/%OCAMLV%/$(OCAMLV)/g" -e 's/%TARGET_TAG%/x86_64-v$(ALPINE_VERSION)/g' -e 's/%CONF%//g' $^ >$@ build/Dockerfile.i686-linux: Dockerfile.in - mkdir -p build && sed -e "s/%OCAMLV%/$(OCAMLV)/g" -e 's/%TARGET_TAG%/x86-v3.13/g' -e 's/%CONF%/-build i586-alpine-linux-musl/g' $^ >$@ + mkdir -p build && sed -e "s/%OCAMLV%/$(OCAMLV)/g" -e 's/%TARGET_TAG%/x86-v$(ALPINE_VERSION)/g' -e 's/%CONF%/-build i586-alpine-linux-musl/g' $^ >$@ # Need to lie about gnueabihf instead of musleabihf, because of a ./configure bug build/Dockerfile.armhf-linux: Dockerfile.in - mkdir -p build && sed -e "s/%OCAMLV%/$(OCAMLV)/g" -e 's/%TARGET_TAG%/armv7-v3.13/g' -e 's/%CONF%//g' $^ >$@ + mkdir -p build && sed -e "s/%OCAMLV%/$(OCAMLV)/g" -e 's/%TARGET_TAG%/armv7-v$(ALPINE_VERSION)/g' -e 's/%CONF%//g' $^ >$@ build/Dockerfile.arm64-linux: Dockerfile.in - mkdir -p build && sed -e "s/%OCAMLV%/$(OCAMLV)/g" -e 's/%TARGET_TAG%/arm64-v3.13/g' -e 's/%CONF%//g' $^ >$@ + mkdir -p build && sed -e "s/%OCAMLV%/$(OCAMLV)/g" -e 's/%TARGET_TAG%/arm64-v$(ALPINE_VERSION)/g' -e 's/%CONF%//g' $^ >$@ build/Dockerfile.ppc64le-linux: Dockerfile.in - mkdir -p build && sed -e "s/%OCAMLV%/$(OCAMLV)/g" -e 's/%TARGET_TAG%/ppc64le-v3.13/g' -e 's/%CONF%//g' $^ >$@ + mkdir -p build && sed -e "s/%OCAMLV%/$(OCAMLV)/g" -e 's/%TARGET_TAG%/ppc64le-v$(ALPINE_VERSION)/g' -e 's/%CONF%//g' $^ >$@ build/Dockerfile.s390x-linux: Dockerfile.in - mkdir -p build && sed -e "s/%OCAMLV%/$(OCAMLV)/g" -e 's/%TARGET_TAG%/s390x-v3.13/g' -e 's/%CONF%//g' $^ >$@ + mkdir -p build && sed -e "s/%OCAMLV%/$(OCAMLV)/g" -e 's/%TARGET_TAG%/s390x-v$(ALPINE_VERSION)/g' -e 's/%CONF%//g' $^ >$@ build/%.image: build/Dockerfile.% docker build -t opam-build-$* -f $^ build touch $@ -# Actually, this is for alpine 3.13, and varies CLINKING_linux = \ -Wl,-Bstatic \ -lunix -lmccs_stubs -lmccs_glpk_stubs -lsha_stubs -lopam_core_stubs \ From b675edb99d37204f4b082b92988bfa9e1438b76c Mon Sep 17 00:00:00 2001 From: Kate Date: Tue, 15 Oct 2024 10:19:36 +0100 Subject: [PATCH 2/4] Make the release script produce a Linux/riscv64 binary --- doc/pages/Install.md | 2 +- master_changes.md | 1 + release/Makefile | 3 +++ release/release.sh | 1 + 4 files changed, 6 insertions(+), 1 deletion(-) diff --git a/doc/pages/Install.md b/doc/pages/Install.md index 4c484372f03..453821a10f0 100644 --- a/doc/pages/Install.md +++ b/doc/pages/Install.md @@ -39,7 +39,7 @@ pre-compiled binary, backup your opam data if from an older version, and run and run `sh install.sh`) We provide pre-compiled binaries for: -- Linux (amd64, arm64, ppc64le, s390x, arm7, i686) +- Linux (amd64, arm64, ppc64le, s390x, riscv64, armhf, i686) - macOS (amd64, arm64) - FreeBSD (amd64) - OpenBSD (amd64) diff --git a/master_changes.md b/master_changes.md index c17fcb9c26f..2b9641e6c6d 100644 --- a/master_changes.md +++ b/master_changes.md @@ -74,6 +74,7 @@ users) ## Release scripts * Upgrade the Alpine Linux container where the Linux release binaries are built from Alpine 3.13 to 3.20 [#6237 @kit-ty-kate] + * Make the release script produce a Linux/riscv64 binary [#6237 @kit-ty-kate] ## Install script diff --git a/release/Makefile b/release/Makefile index cc1057a8160..83bdc492c74 100644 --- a/release/Makefile +++ b/release/Makefile @@ -24,6 +24,7 @@ armhf-linux: $(OUTDIR)/opam-$(VERSION)-armhf-linux arm64-linux: $(OUTDIR)/opam-$(VERSION)-arm64-linux ppc64le-linux: $(OUTDIR)/opam-$(VERSION)-ppc64le-linux s390x-linux: $(OUTDIR)/opam-$(VERSION)-s390x-linux +riscv64-linux: $(OUTDIR)/opam-$(VERSION)-riscv64-linux $(OUTDIR)/opam-full-$(VERSION).tar.gz: mkdir -p "$(OUTDIR)" @@ -46,6 +47,8 @@ build/Dockerfile.ppc64le-linux: Dockerfile.in mkdir -p build && sed -e "s/%OCAMLV%/$(OCAMLV)/g" -e 's/%TARGET_TAG%/ppc64le-v$(ALPINE_VERSION)/g' -e 's/%CONF%//g' $^ >$@ build/Dockerfile.s390x-linux: Dockerfile.in mkdir -p build && sed -e "s/%OCAMLV%/$(OCAMLV)/g" -e 's/%TARGET_TAG%/s390x-v$(ALPINE_VERSION)/g' -e 's/%CONF%//g' $^ >$@ +build/Dockerfile.riscv64-linux: Dockerfile.in + mkdir -p build && sed -e "s/%OCAMLV%/$(OCAMLV)/g" -e 's/%TARGET_TAG%/riscv64-v$(ALPINE_VERSION)/g' -e 's/%CONF%//g' $^ >$@ build/%.image: build/Dockerfile.% diff --git a/release/release.sh b/release/release.sh index fa34171aadb..2c168adfe7a 100755 --- a/release/release.sh +++ b/release/release.sh @@ -86,6 +86,7 @@ make JOBS="${JOBS}" TAG="$TAG" armhf-linux make JOBS="${JOBS}" TAG="$TAG" arm64-linux make JOBS="${JOBS}" TAG="$TAG" ppc64le-linux make JOBS="${JOBS}" TAG="$TAG" s390x-linux +make JOBS="${JOBS}" TAG="$TAG" riscv64-linux [ -f "${OUTDIR}/opam-$TAG-x86_64-macos" ] || make TAG="$TAG" JOBS="${JOBS}" macos-local MACOS_ARCH=x86_64 REMOTE_DIR=opam-release-$TAG GIT_URL="$CWD/.." [ -f "${OUTDIR}/opam-$TAG-arm64-macos" ] || make TAG="$TAG" JOBS="${JOBS}" macos-local MACOS_ARCH=arm64 REMOTE_DIR=opam-release-$TAG GIT_URL="$CWD/.." [ -d ./qemu-base-images ] || git clone https://gitlab.com/kit-ty-kate/qemu-base-images.git From 0d3bdaf6ad817e4030fb6eb63a7f28c9ad5f5453 Mon Sep 17 00:00:00 2001 From: Kate Date: Tue, 15 Oct 2024 10:22:39 +0100 Subject: [PATCH 3/4] Upgrade the release binaries to FreeBSD 14.1 and OpenBSD 7.6 and switch away from a passwordless setup for simplification --- master_changes.md | 3 +++ release/Makefile | 4 ++-- release/readme.md | 17 ++++++----------- release/release.sh | 8 ++++---- 4 files changed, 15 insertions(+), 17 deletions(-) diff --git a/master_changes.md b/master_changes.md index 2b9641e6c6d..f3cfda12a3e 100644 --- a/master_changes.md +++ b/master_changes.md @@ -75,6 +75,9 @@ users) ## Release scripts * Upgrade the Alpine Linux container where the Linux release binaries are built from Alpine 3.13 to 3.20 [#6237 @kit-ty-kate] * Make the release script produce a Linux/riscv64 binary [#6237 @kit-ty-kate] + * Upgrade the FreeBSD qemu image where the FreeBSD binary is built from FreeBSD 13.2 to 14.1 [#6237 @kit-ty-kate] + * Upgrade the OpenBSD qemu image where the OpenBSD binary is built from OpenBSD 7.4 to 7.6 [#6237 @kit-ty-kate] + * Simplify and improve the reliability of the one-click release script by switching away from a passwordless setup [#6237 @kit-ty-kate] ## Install script diff --git a/release/Makefile b/release/Makefile index 83bdc492c74..a5393069e27 100644 --- a/release/Makefile +++ b/release/Makefile @@ -151,8 +151,8 @@ distclean: clean REMOTE_DIR = /tmp/opam-release REMOTE_MAKE = make REMOTE_SHELL = /bin/sh -SSH = ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -SCP = scp -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no +SSH = sshpass -ppassword ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no +SCP = sshpass -ppassword scp -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no remote: $(OUTDIR)/opam-full-$(VERSION).tar.gz $(SSH) "$(REMOTE)" "mkdir -p $(REMOTE_DIR)/$(OUTDIR)" $(SCP) Makefile "$(REMOTE):$(REMOTE_DIR)/" diff --git a/release/readme.md b/release/readme.md index 5835abf7ebe..9a54f077d73 100644 --- a/release/readme.md +++ b/release/readme.md @@ -24,11 +24,13 @@ * no online account * yes, i want the limited experience * username: opam - * no password + * password: password + * 3 hints: just random or something * no location * no find my device - * send required diagnostic data * no improve inking & typing + * send required diagnostic data + * no advertising ID * no cortana * Open gpedit.msc and right-click on "Computer Configuration -> Administrative Templates -> Windows Components -> Windows Update -> Configure Automatic Updates", click Edit and in the new window click on Enabled and then select "2. Notify for download and auto install", click Apply and then Ok. * Start -> Power off @@ -36,18 +38,11 @@ * Answer yes to the "would you like to be discoverable on the network" prompt * Open the Settings app * "System -> Power & Sleep" and select "Never" on the "When plugged in, turn off after" drop-down menu + * Put the slider on "Best performance" * search for "Add an optional feature", then search for "OpenSSH" and install "OpenSSH Server" * Run services.msc * Double-click OpenSSH SSH Server then select Automatic from the Startup drop-down menu * Click Ok -* Open cmd.exe as administrator and run "net start sshd", then "notepad C:/ProgramData/ssh/sshd_config" - * Uncomment and set: - * PermitEmptyPasswords yes - * PermitRootLogin yes - * PasswordAuthentication yes - * StrictMode no - * Save and close both applications -* Open regedit.exe and set HKey_Local_Machine\SYSTEM\CurrentControlSet\Control\Lsa\LimitBlankPasswordUse to 0 * Shutdown the computer using the startmenu button ## Github release @@ -92,6 +87,6 @@ ## Device requirements * Mac M1 or above with Rosetta2 * >=70GB of disk space free -* brew dependencies: git, gpg, qemu>=8.1.0, docker>=24.0.0 +* brew dependencies: git, gpg, qemu>=8.1.0 (avoid qemu 9.1.0, see https://gitlab.com/qemu-project/qemu/-/issues/2581), docker>=24.0.0, sshpass * opam repo with the tag fetched * Have the secret key available diff --git a/release/release.sh b/release/release.sh index 2c168adfe7a..00b47ff8827 100755 --- a/release/release.sh +++ b/release/release.sh @@ -27,7 +27,7 @@ cd "$DIR" LC_ALL=C CWD=$(pwd) JOBS=$(sysctl -n hw.ncpu) -SSH="ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no" +SSH="sshpass -ppassword ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no" OUTDIR="out/$TAG" mkdir -p "$OUTDIR" @@ -71,7 +71,7 @@ qemu_build() { if ! ${SSH} -p "${port}" root@localhost true; then qemu-img convert -O raw "./qemu-base-images/${image}.qcow2" "./qemu-base-images/${image}.raw" - "qemu-system-${arch}" -drive "file=./qemu-base-images/${image}.raw,format=raw" -nic "user,hostfwd=tcp::${port}-:22" -m 2G -smp "${JOBS}" & + "qemu-system-${arch}" -drive "file=./qemu-base-images/${image}.raw,format=raw" -nic "user,hostfwd=tcp::${port}-:22" -machine q35 -m 2G -smp "${JOBS}" & sleep 60 fi ${SSH} -p "${port}" root@localhost "${install}" @@ -90,6 +90,6 @@ make JOBS="${JOBS}" TAG="$TAG" riscv64-linux [ -f "${OUTDIR}/opam-$TAG-x86_64-macos" ] || make TAG="$TAG" JOBS="${JOBS}" macos-local MACOS_ARCH=x86_64 REMOTE_DIR=opam-release-$TAG GIT_URL="$CWD/.." [ -f "${OUTDIR}/opam-$TAG-arm64-macos" ] || make TAG="$TAG" JOBS="${JOBS}" macos-local MACOS_ARCH=arm64 REMOTE_DIR=opam-release-$TAG GIT_URL="$CWD/.." [ -d ./qemu-base-images ] || git clone https://gitlab.com/kit-ty-kate/qemu-base-images.git -[ -f "${OUTDIR}/opam-$TAG-x86_64-openbsd" ] || qemu_build 9999 OpenBSD-7.4-amd64 "pkg_add gmake curl bzip2" gmake x86_64 -[ -f "${OUTDIR}/opam-$TAG-x86_64-freebsd" ] || qemu_build 9998 FreeBSD-13.2-RELEASE-amd64 "env IGNORE_OSVERSION=yes pkg install -y gmake curl bzip2" gmake x86_64 +[ -f "${OUTDIR}/opam-$TAG-x86_64-openbsd" ] || qemu_build 9999 OpenBSD-7.6-amd64 "pkg_add gmake curl bzip2" gmake x86_64 +[ -f "${OUTDIR}/opam-$TAG-x86_64-freebsd" ] || qemu_build 9998 FreeBSD-14.1-RELEASE-amd64 "env IGNORE_OSVERSION=yes pkg install -y gmake curl bzip2" gmake x86_64 [ -f "${OUTDIR}/opam-$TAG-x86_64-windows" ] || windows_build 9997 Windows-10-x86_64 From a95d2ed1f115748da55f75188474535fb31baa44 Mon Sep 17 00:00:00 2001 From: Kate Date: Wed, 16 Oct 2024 17:08:12 +0100 Subject: [PATCH 4/4] [release] Add a reminder to update the blog post after publishing the discuss post --- release/readme.md | 1 + 1 file changed, 1 insertion(+) diff --git a/release/readme.md b/release/readme.md index 9a54f077d73..e428c12e7fc 100644 --- a/release/readme.md +++ b/release/readme.md @@ -70,6 +70,7 @@ * a blog entry in opam.ocaml.org * a announcement in discuss.ocaml.org +* update the link to the discuss post in the blog post * copy the blog entry from opam.ocaml.org for https://github.com/ocaml/ocaml.org/tree/main/data/changelog/opam * announce the release on the OCaml Discord server