From 788017f6860f75080b6917bdc225f2f815c6be74 Mon Sep 17 00:00:00 2001 From: Paul Taylor <178183+trxcllnt@users.noreply.github.com> Date: Fri, 26 Jul 2024 10:26:19 -0700 Subject: [PATCH] Fix installing latest git from PPA in bionic (#1056) * add failing bionic test * Enforce keyserver test order (fixes #1055) * bump feature version * remove check for gettext * update centos7 .repo files to reference vault.centos.org instead of mirrorlist.centos.org * fix centos7 build from source --- src/git/devcontainer-feature.json | 5 ++- src/git/install.sh | 56 +++++++++++++------------ test/git/install_git_from_ppa_bionic.sh | 16 +++++++ test/git/scenarios.json | 11 ++++- 4 files changed, 58 insertions(+), 30 deletions(-) create mode 100644 test/git/install_git_from_ppa_bionic.sh diff --git a/src/git/devcontainer-feature.json b/src/git/devcontainer-feature.json index 2d18b8d34..87fb2ab3f 100644 --- a/src/git/devcontainer-feature.json +++ b/src/git/devcontainer-feature.json @@ -1,6 +1,6 @@ { "id": "git", - "version": "1.3.1", + "version": "1.3.2", "name": "Git (from source)", "documentationURL": "https://github.com/devcontainers/features/tree/main/src/git", "description": "Install an up-to-date version of Git, built from source as needed. Useful for when you want the latest and greatest features. Auto-detects latest stable version and installs needed dependencies.", @@ -9,6 +9,7 @@ "type": "string", "proposals": [ "latest", + "system", "os-provided" ], "default": "os-provided", @@ -23,4 +24,4 @@ "installsAfter": [ "ghcr.io/devcontainers/features/common-utils" ] -} \ No newline at end of file +} diff --git a/src/git/install.sh b/src/git/install.sh index 974dc66c0..976eb348d 100755 --- a/src/git/install.sh +++ b/src/git/install.sh @@ -26,12 +26,20 @@ elif [ "${ID}" = "alpine" ]; then ADJUSTED_ID="alpine" elif [[ "${ID}" = "rhel" || "${ID}" = "fedora" || "${ID}" = "mariner" || "${ID_LIKE}" = *"rhel"* || "${ID_LIKE}" = *"fedora"* || "${ID_LIKE}" = *"mariner"* ]]; then ADJUSTED_ID="rhel" - VERSION_CODENAME="${ID}{$VERSION_ID}" + VERSION_CODENAME="${ID}${VERSION_ID}" else echo "Linux distro ${ID} not supported." exit 1 fi +if [ "${ADJUSTED_ID}" = "rhel" ] && [ "${VERSION_CODENAME-}" = "centos7" ]; then + # As of 1 July 2024, mirrorlist.centos.org no longer exists. + # Update the repo files to reference vault.centos.org. + sed -i s/mirror.centos.org/vault.centos.org/g /etc/yum.repos.d/*.repo + sed -i s/^#.*baseurl=http/baseurl=http/g /etc/yum.repos.d/*.repo + sed -i s/^mirrorlist=http/#mirrorlist=http/g /etc/yum.repos.d/*.repo +fi + if type apt-get > /dev/null 2>&1; then INSTALL_CMD=apt-get elif type apk > /dev/null 2>&1; then @@ -66,13 +74,6 @@ clean_up # Get the list of GPG key servers that are reachable get_gpg_key_servers() { - declare -A keyservers_curl_map=( - ["hkp://keyserver.ubuntu.com"]="http://keyserver.ubuntu.com:11371" - ["hkp://keyserver.ubuntu.com:80"]="http://keyserver.ubuntu.com" - ["hkps://keys.openpgp.org"]="https://keys.openpgp.org" - ["hkp://keyserver.pgp.com"]="http://keyserver.pgp.com:11371" - ) - local curl_args="" local keyserver_reachable=false # Flag to indicate if any keyserver is reachable @@ -80,15 +81,26 @@ get_gpg_key_servers() { curl_args="--proxy ${KEYSERVER_PROXY}" fi - for keyserver in "${!keyservers_curl_map[@]}"; do - local keyserver_curl_url="${keyservers_curl_map[${keyserver}]}" - if curl -s ${curl_args} --max-time 5 ${keyserver_curl_url} > /dev/null; then + test_keyserver() { + local keyserver="$1" + local keyserver_curl_url="$2" + if curl -s ${curl_args} --max-time 5 "${keyserver_curl_url}" > /dev/null; then echo "keyserver ${keyserver}" keyserver_reachable=true else echo "(*) Keyserver ${keyserver} is not reachable." >&2 fi - done + } + + # Explicitly test these in order because Bash v4.4.20 (Ubuntu Bionic) + # enumerates associative array keys in a different order than Bash v5 + test_keyserver "hkp://keyserver.ubuntu.com" "http://keyserver.ubuntu.com:11371" + test_keyserver "hkp://keyserver.ubuntu.com:80" "http://keyserver.ubuntu.com" + test_keyserver "hkp://keyserver.pgp.com" "http://keyserver.pgp.com:11371" + # Test this server last because keys.openpgp.org strips user IDs from keys unless + # the owner gives permission, which causes gpg in Ubuntu Bionic to reject the key + # (https://github.com/devcontainers/features/issues/1055) + test_keyserver "hkps://keys.openpgp.org" "https://keys.openpgp.org" if ! $keyserver_reachable; then echo "(!) No keyserver is reachable." >&2 @@ -96,7 +108,7 @@ get_gpg_key_servers() { fi } -# Import the specified key in a variable name passed in as +# Import the specified key in a variable name passed in as receive_gpg_keys() { local keys=${!1} local keyring_args="" @@ -109,7 +121,7 @@ receive_gpg_keys() { if ! type curl > /dev/null 2>&1; then check_packages curl fi - + # Use a temporary location for gpg keys to avoid polluting image export GNUPGHOME="/tmp/tmp-gnupg" mkdir -p ${GNUPGHOME} @@ -119,7 +131,7 @@ receive_gpg_keys() { local retry_count=0 local gpg_ok="false" set +e - until [ "${gpg_ok}" = "true" ] || [ "${retry_count}" -eq "5" ]; + until [ "${gpg_ok}" = "true" ] || [ "${retry_count}" -eq "5" ]; do echo "(*) Downloading GPG key..." ( echo "${keys}" | xargs -n 1 gpg -q ${keyring_args} --recv-keys) 2>&1 && gpg_ok="true" @@ -224,7 +236,7 @@ if ([ "${GIT_VERSION}" = "latest" ] || [ "${GIT_VERSION}" = "lts" ] || [ "${GIT_ receive_gpg_keys GIT_CORE_PPA_ARCHIVE_GPG_KEY /usr/share/keyrings/gitcoreppa-archive-keyring.gpg echo -e "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/gitcoreppa-archive-keyring.gpg] http://ppa.launchpad.net/git-core/ppa/ubuntu ${VERSION_CODENAME} main\ndeb-src [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/gitcoreppa-archive-keyring.gpg] http://ppa.launchpad.net/git-core/ppa/ubuntu ${VERSION_CODENAME} main" > /etc/apt/sources.list.d/git-core-ppa.list ${INSTALL_CMD} update - ${INSTALL_CMD} -y install --no-install-recommends git + ${INSTALL_CMD} -y install --no-install-recommends git rm -rf "/tmp/tmp-gnupg" rm -rf /var/lib/apt/lists/* exit 0 @@ -254,17 +266,7 @@ elif [ "${ADJUSTED_ID}" = "alpine" ]; then check_packages asciidoc curl-dev expat-dev g++ gcc openssl-dev pcre2-dev perl-dev perl-error python3-dev tcl tk xmlto elif [ "${ADJUSTED_ID}" = "rhel" ]; then - - if [ $VERSION_CODENAME = "centos7" ]; then - check_packages centos-release-scl - check_packages devtoolset-11 - source /opt/rh/devtoolset-11/enable - else - check_packages gcc - fi - - - check_packages libcurl-devel expat-devel gettext-devel openssl-devel perl-devel zlib-devel cmake pcre2-devel tar gzip ca-certificates + check_packages gcc libcurl-devel expat-devel gettext-devel openssl-devel perl-devel zlib-devel cmake pcre2-devel tar gzip ca-certificates if ! type curl > /dev/null 2>&1; then check_packages curl fi diff --git a/test/git/install_git_from_ppa_bionic.sh b/test/git/install_git_from_ppa_bionic.sh new file mode 100644 index 000000000..84800b543 --- /dev/null +++ b/test/git/install_git_from_ppa_bionic.sh @@ -0,0 +1,16 @@ +#!/bin/bash + +set -e + +# Optional: Import test library +source dev-container-features-test-lib + +# Definition specific tests +check "version" git --version + +cd /tmp && git clone https://github.com/devcontainers/feature-starter.git +cd feature-starter +check "perl" bash -c "git -c grep.patternType=perl grep -q 'a.+b'" + +# Report result +reportResults diff --git a/test/git/scenarios.json b/test/git/scenarios.json index 4d606c365..0f5d522b3 100644 --- a/test/git/scenarios.json +++ b/test/git/scenarios.json @@ -26,6 +26,15 @@ } } }, + "install_git_from_ppa_bionic": { + "image": "ubuntu:bionic", + "features": { + "git": { + "version": "latest", + "ppa": "true" + } + } + }, "install_git_from_src_bionic": { "image": "ubuntu:bionic", "features": { @@ -188,4 +197,4 @@ } } } -} \ No newline at end of file +}