Fix #223

As /etc/apt/sources.list.d/local-apt-repository.list is a symlink, it
needs to be followed by cp in order to copy the real content instead of
a broken symlink.

Signed-off-by: Agustin Henze <tin@aayy.com.ar>

Since debian has changed its default from /etc/apt/sources.list by
/etc/apt/sources.list.d/debian.sources this job is broken when it's
running in a target != sid because it includes the default
debian.sources from the host and piuparts is executed always from sid.
This commit only includes the local-apt-repository into the target to
allow piuparts find the packages built in the current pipeline.

Signed-off-by: Agustin Henze <tin@aayy.com.ar>

All pipelines are currently failing in unstable:

    $ sed -n '/^deb\s/s//deb-src /p' /etc/apt/sources.list > /etc/apt/sources.list.d/deb-src.list
    sed: can't read /etc/apt/sources.list: No such file or directory

The APT sources list in the base image is now a deb822-style file at
/etc/apt/sources.list.d/debian.sources instead of the old-style
/etc/apt/sources.list.

Change the build-script in salsa-ci.yml to handle whichever of the two
files are present.

Change the Dockerfile for the gbp image similarly.

piuparts executes the scripts pre-post installation of the package

Fixes: #256

It allows to pass arbitrary arguments to autopkgtest via debci_autopkgtest_args

Triggers false positives when quilt is used to change files that
are installed in a package (eg: config).

Fixes #251

Fixes: #177

Build ARM images and let build jobs disabled by default.

Fixes: #205

Based on Iñaki Malerba's work on arm-support branch

#244

Johannes Schauer Marin Rodrigues authored Oct 11, 2021 and Johannes Schauer Marin Rodrigues committed Jan 31, 2022

eatmydata is not available in the reprotest build environment and thus
builds that use LD_PRELOAD may fail with: ERROR: ld.so: object
'libeatmydata.so' from LD_PRELOAD cannot be preloaded (cannot open
shared object file): ignored.

Also see: !309

Sometimes the directory WORKDIR/debci/binaries does not exist (eg. there
was no test to run), therefore running 'rm -r' fails, and in turn fails
the whole pipeline.

References:
- https://gitlab.com/kalilinux/packages/rootskel-gtk/-/jobs/1965033201
- #150

Closes #150

This reverts commit 6812b801.

Latest docker version should address libseccomp compatibility problems.

Due to some compatibility problems between Salsa shared hosts'
libseccomp version and the one currently present in unstable, it's
necessary to run the container as unconfined.

Workaround for #238

+ add a variable ${SALSA_CI_TIMEOUT_ARGS}

Since the runner has a timeout of 3h, default limit is set to 2h45min = 2.75h

The user can override the values to his wishes and also set other timeout parameters if he wants

This allows:
- to let the job finish cleanly by going through after_script and get artifacts, save the caches...
- to save ccache cache so that on the next run, there is more chance to finish the job since it can use ccache's cache

Fixes: #219

IOhannes m zmölnig authored Nov 28, 2021 and IOhannes zmölnig committed Nov 29, 2021

...whenever possible, else by shortish multiline commands.
this should make it more easy to spot where problems occur in the pipeline itself (as opposed to problems in the package build process)


gitlab-ci only shows the first line of a multiline command making it hard to debug problems in such black boxes



Closes: #232



Signed-off-by: IOhannes m zmölnig <zmoelnig@umlautS.umlaeute.mur.at>

Remove trailing dollar sign when defining aptopts value.

After 58880fce, some ifs were
not correctly stated.

Fixes #234

 * avoid installing devscripts, equivs, aptitude and dependencies in the build
   chroot. Compared to a chroot that only contains Essential, apt and
   build-essential a chroot with these packages contains 114 additional binary
   packages. This means that it was possible that a salsaci job does not error
   out if a developer forgot to add a build dependency if it happens to be one
   of those 114 packages (false positive).
 * when only building architecture dependent packages in the test-build-any
   job, only Build-Depends and Build-Depends-Arch must be installed and
   Build-Conflicts-Indep must be ignored. When only building architecture
   independent packages in the test-build-all job, only Build-Depends and
   Build-Depends-Indep must be installed and Build-Conflicts-Arch must be
   ignored. This was not respected before this commit due to bug #980058 in
   mk-build-deps. This leads to similar false-positive builds like the last
   point and wrong build depend...

Closes #231

Duplicated pipelines are happening on other projects.
Do not run dettached pipelines.

From Gitlab's documentation[0]:

> These pipelines are labeled as detached in the UI, and they
> do not have access to protected variables. Otherwise, these
> pipelines are the same as other pipelines.

[0] https://docs.gitlab.com/ee/ci/pipelines/merge_request_pipelines.html

- if HOST_ARCH is empty of equal to BUILD_ARCH, the job is skipped by the CI
- if d/control does not build a binary for the HOST_ARCHITECTURE, the job
  exits early with success.

- HOST_ARCH must be set to an architecture in order to enable cross-compilation
- cross-compilation is automatically disabled,
  if ${HOST_ARCH} == ${BUILD_ARCH}
- HOST_ARCH is added to the cache-key
- BUILD_LOGFILE_ARCH is now calculate solely from HOST_ARCH and BUILD_ARCH

there are other occurences of ARCH in .images-ci.yml, .images-debian.yml &
.images-kali.yml.
afaict, these are not related to our use of  BUILD_ARCH.

The awk code uses '/debian' as a delimiter, and looks for anything
before that, which breaks for package names that start with debian, such
as debian-installer.

This replaces that with a sed command that strips off the last part of
the path that includes two slashes.