1 files changed, 59 insertions, 45 deletions
diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index 33835ba71..71bb70b82 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -1,10 +1,13 @@
-# Basic notes: builds firejail on 5 different systems for 2 package systems:
+# Builds on multiple systems using different package managers:
-# 1. Debian-based systems. Use debian:jessie to ensure reasonable backwards
+#
-# compat and ubuntu:rolling for new setups
+# - Debian-based systems: Use oldest working/supported debian image for
-# 2. Redhat-based systems. Use centos:latest for reasonable backwards compat
+# reasonable backwards compatibility and ubuntu:rolling for new setups.
-# and fedora:latest for new setups
+# Additionally, ensure that the package works without apparmor.
-# 3. Alpine for installing directly from source
+#
-# Also builds apparmor package for Ubuntu LTS
+# - Redhat-based systems: Use a centos-like distribution for reasonable
+# backwards compatibility and fedora:latest for new setups.
+#
+# - Alpine: Use it for installing directly from source.
 build_ubuntu_package:
    image: ubuntu:rolling
@@ -19,9 +22,10 @@ build_ubuntu_package:
            | grep -Ev '^(Selecting|Preparing to unpack|Unpacking)'
        - ./ci/printenv.sh
        - ./configure || (cat config.log; exit 1)
-        - make deb
+        - make dist
-        - dpkg -i firejail*.deb
+        - ./mkdeb.sh --enable-fatal-warnings
-        - command -V firejail && firejail --version
+        - dpkg -i ./*.deb
+        - make print-version
 build_debian_package:
    image: debian:buster
@@ -36,9 +40,31 @@ build_debian_package:
            | grep -Ev '^(Selecting|Preparing to unpack|Unpacking)'
        - ./ci/printenv.sh
        - ./configure || (cat config.log; exit 1)
-        - make deb
+        - make dist
-        - dpkg -i firejail*.deb
+        - ./mkdeb.sh --enable-fatal-warnings
-        - command -V firejail && firejail --version
+        - dpkg -i ./*.deb
+        - make print-version
+build_no_apparmor:
+    image: ubuntu:latest
+    timeout: 10 minutes
+    variables:
+        DEBIAN_FRONTEND: noninteractive
+    script:
+        - apt-get update -qy
+        - >
+            apt-get install --no-install-recommends -qy
+            build-essential fakeroot lintian pkg-config gawk
+            | grep -Ev '^(Selecting|Preparing to unpack|Unpacking)'
+        - ./ci/printenv.sh
+        - ./configure || (cat config.log; exit 1)
+        - make dist
+        - >
+            ./mkdeb.sh --enable-fatal-warnings
+            --disable-apparmor
+        - dpkg -i ./*.deb
+        - make print-version
+        - make print-version | grep -F 'AppArmor support is disabled'
 build_redhat_package:
    image: almalinux:latest
@@ -48,9 +74,10 @@ build_redhat_package:
        - dnf install -y rpm-build gcc make
        - ./ci/printenv.sh
        - ./configure || (cat config.log; exit 1)
-        - make rpms
+        - make dist
-        - rpm -i firejail*.rpm
+        - ./platform/rpm/mkrpm.sh --enable-fatal-warnings
-        - command -V firejail && firejail --version
+        - rpm -i ./*.rpm
+        - make print-version
 build_fedora_package:
    image: fedora:latest
@@ -60,9 +87,10 @@ build_fedora_package:
        - dnf install -y rpm-build gcc make
        - ./ci/printenv.sh
        - ./configure || (cat config.log; exit 1)
-        - make rpms
+        - make dist
-        - rpm -i firejail*.rpm
+        - ./platform/rpm/mkrpm.sh --enable-fatal-warnings
-        - command -V firejail && firejail --version
+        - rpm -i ./*.rpm
+        - make print-version
 build_src_package:
    image: alpine:latest
@@ -72,29 +100,14 @@ build_src_package:
        - apk upgrade
        - apk add build-base linux-headers gawk
        - ./ci/printenv.sh
-        - ./configure --prefix=/usr || (cat config.log; exit 1)
+        # Note: Do not use ` --enable-fatal-warnings` because the build
+        # currently produces warnings on Alpine (see #6224).
+        - >
+            ./configure --prefix=/usr
+            || (cat config.log; exit 1)
        - make
        - make install-strip
-        - command -V firejail && firejail --version
+        - make print-version
-build_no_apparmor:
-    image: ubuntu:latest
-    timeout: 10 minutes
-    variables:
-        DEBIAN_FRONTEND: noninteractive
-    script:
-        - apt-get update -qy
-        - >
-            apt-get install --no-install-recommends -qy
-            build-essential fakeroot lintian pkg-config gawk
-            | grep -Ev '^(Selecting|Preparing to unpack|Unpacking)'
-        - ./ci/printenv.sh
-        - ./configure || (cat config.log; exit 1)
-        - make dist
-        - ./mkdeb.sh --disable-apparmor
-        - dpkg -i firejail*.deb
-        - command -V firejail && firejail --version
-        - firejail --version | grep -F 'AppArmor support is disabled'
 debian_ci:
    image: registry.salsa.debian.org/salsa-ci-team/ci-image-git-buildpackage:latest
@@ -103,6 +116,7 @@ debian_ci:
        DEBFULLNAME: "$GITLAB_USER_NAME"
        DEBEMAIL: "$GITLAB_USER_EMAIL"
        DEBIAN_FRONTEND: noninteractive
+        PKGNAME: firejail
    before_script:
        - git checkout -B ci_build "$CI_COMMIT_SHA"
        - gitlab-ci-enable-sid
@@ -117,17 +131,17 @@ debian_ci:
        - git config user.email "$DEBEMAIL"
        - |
            cd "$CI_PROJECT_DIR/.."
-            apt-get source --download-only -t experimental firejail ||
+            apt-get source --download-only -t experimental "$PKGNAME" ||
-            apt-get source --download-only firejail
+            apt-get source --download-only "$PKGNAME"
        - |
            cd "$CI_PROJECT_DIR"
-            tar xf ../firejail_*.debian.tar.*
+            tar xf "../${PKGNAME}"_*.debian.tar.*
        - rm -rf debian/patches/
        - |
            VERSION="$(grep ^PACKAGE_VERSION= configure | cut -d "'" -f 2)"
            dch -v "${VERSION}-0.1~ci" 'Non-maintainer upload.'
-            git archive -o "../firejail_${VERSION}.orig.tar.gz" HEAD
+            git archive -o "../${PKGNAME}_${VERSION}.orig.tar.gz" HEAD
-            pristine-tar commit "../firejail_${VERSION}.orig.tar.gz" ci_build
+            pristine-tar commit "../${PKGNAME}_${VERSION}.orig.tar.gz" ci_build
            git branch -m pristine-tar origin/pristine-tar
        - git add debian
        - git commit -m 'add debian/'