fix: use mirrors metalink as a submodule

2025-02-22 15:59:50 -05:00 · 2024-07-04 11:24:21 +02:00 · 2024-07-04 11:24:21 +02:00 · 91cf478908
commit 91cf478908
parent 06af125458
2 changed files with 45 additions and 33 deletions
--- a/salt/qubes-builder/README.md
+++ b/salt/qubes-builder/README.md
@ -31,6 +31,18 @@ Qubes Executor lacking some dependencies on Debian such as
 builder qube was Debian based, the executor qube still needs to be a Fedora
 template.

+<!-- TODO: remove after 1 month: 2024-08-4 -->
+If installation fails on non existent qubes-infrastructure-mirrors directory
+during the `qubes-builder.configure` state, please
+[manually pull new commits](#Pulling new commits) and then run the state
+again. This issue will occur to everyone that ran the same state before
+`2024-07-01`, due to [submodule addition](https://github.com/QubesOS/qubes-builderv2/commit/bc6d9a9954d985d2be3ec76ce86d44fea13d345b).
+Qusal maintainer decision is not to handle such issue automatically as it
+can lead to data loss in case user does manual changes, the installation would
+need to `reset` the user changes and to do a clean `pull` that wouldn't fail.
+After you've pulled the commit including the `.gitmodules` once, future
+installations won't have this issue.
+
 - Top
 ```sh
 sudo qubesctl top.enable qubes-builder
@ -76,13 +88,25 @@ The installation will clone the repository but not pull new commits. You will
 need to pull new commits from time to time, their signature will be
 automatically verified before merging them to your git index.

+Pull `qubes-builderv2` commits:
+```sh
+git pull
+```
+
+Initialize and merge submodules:
+```
+git submodule update --init
+git submodule update --merge
+```
+
 ### Add PGP public key to qubes-builder GPG home directory

 If you need to pull commits signed by someone with a key not deployed by
 default, import their key to the GPG home directory of qubes-builder:
 ```sh
-gpg --homedir "$HOME/.gnupg/qubes-builder" --import KEY
+gpg-qubes-builder --import /path/to/key
 ```
+
 ### Builder configuration

 When using the Qubes Executor, configure the `builder.yml` `dispvm` option to
@ -96,10 +120,14 @@ executor:
  options:
    dispvm: "dom0"
    #dispvm: "dvm-qubes-builder"
+
+gpg-client: gpg
 ```
 Setting the Disposable VM  to Dom0 works because it will use the
 `default_dispvm` preference of `qubes-builder`, which is `dvm-qubes-builder`.

+Setting the `gpg-client` explicitly to enforce the use of `split-gpg2`.
+
 ### Build Qusal

 **Warning**: development only.
--- a/salt/qubes-builder/configure.sls
+++ b/salt/qubes-builder/configure.sls
@ -68,24 +68,14 @@ include:
    - user: user

 "{{ slsdotpath }}-git-clone-infrastructure-mirrors":
-  git.cloned:
+  cmd.run:
    - require:
      - cmd: "{{ slsdotpath }}-import-keys"
-    - name: https://github.com/QubesOS/qubes-infrastructure-mirrors.git
-    - target: /home/user/src/qubes-infrastructure-mirrors
-    - user: user
+    - name: git submodule update --init
+    - cwd: /home/user/src/qubes-builderv2
+    - runas: user

 "{{ slsdotpath }}-git-config-gpg.program-for-builder":
-  git.config_set:
-    - require:
-      - cmd: "{{ slsdotpath }}-import-keys"
-      - git: "{{ slsdotpath }}-git-clone-infrastructure-mirrors"
-    - name: gpg.program
-    - value: gpg-qubes-builder
-    - repo: /home/user/src/qubes-infrastructure-mirrors
-    - user: user
-
-"{{ slsdotpath }}-git-config-gpg.program-for-mirrors":
  git.config_set:
    - require:
      - cmd: "{{ slsdotpath }}-import-keys"
@ -95,6 +85,16 @@ include:
    - repo: /home/user/src/qubes-builderv2
    - user: user

+"{{ slsdotpath }}-git-config-gpg.program-for-mirrors":
+  git.config_set:
+    - require:
+      - cmd: "{{ slsdotpath }}-import-keys"
+      - cmd: "{{ slsdotpath }}-git-clone-infrastructure-mirrors"
+    - name: gpg.program
+    - value: gpg-qubes-builder
+    - repo: /home/user/src/qubes-builderv2/qubesbuilder/plugins/publish/mirrors
+    - user: user
+
 "{{ slsdotpath }}-git-verify-HEAD-builderv2":
  cmd.run:
    - require:
@ -107,26 +107,10 @@ include:
 "{{ slsdotpath }}-git-verify-HEAD-infrastructure-mirrors":
  cmd.run:
    - require:
-      - git: "{{ slsdotpath }}-git-clone-infrastructure-mirrors"
+      - cmd: "{{ slsdotpath }}-git-clone-infrastructure-mirrors"
      - cmd: "{{ slsdotpath }}-import-ownertrust"
    - name: GNUPGHOME="$HOME/.gnupg/qubes-builder" git -c gpg.program=gpg2 verify-commit "HEAD^{commit}"
-    - cwd: /home/user/src/qubes-infrastructure-mirrors
-    - runas: user
-
-"{{ slsdotpath }}-build-infrastructure-mirrors":
-  cmd.run:
-    - require:
-      - cmd: "{{ slsdotpath }}-git-verify-HEAD-infrastructure-mirrors"
-    - name: sudo python3 setup.py build
-    - cwd: /home/user/src/qubes-infrastructure-mirrors
-    - runas: user
-
-"{{ slsdotpath }}-install-infrastructure-mirrors":
-  cmd.run:
-    - require:
-      - cmd: "{{ slsdotpath }}-build-infrastructure-mirrors"
-    - name: sudo python3 setup.py install
-    - cwd: /home/user/src/qubes-infrastructure-mirrors
+    - cwd: /home/user/src/qubes-builderv2/qubesbuilder/plugins/publish/mirrors
    - runas: user

 {% endif -%}