.gitlab-ci.yml:
Set all build steps to be interruptable, so they will be interrupted if a newer commit is pushed on the same branch,
which also triggers CI.
.gitlab-ci.yml:
Install the latest archlinux-keyring before installing anything else.
This is to make sure to not run into outdated keys upon updating, which
is a problem because we can currently not even ensure a keyring that is
valid longer than one month...
https://gitlab.archlinux.org/archlinux/archlinux-keyring/-/issues/4
By weltio weltio
move $arch override to before it is used
closes https://gitlab.archlinux.org/archlinux/archiso/-/issues/163
* initial: arch=""
* _read_profile: packages="${profile}/packages.${arch}"
* _set_overrides: [[ -n "$arch" ]] || arch="$(uname -m)"
$arch is not defined in _read_profile if arch is not defined in profiledef.sh and packages is not updated after _set_overrides
[[ -n "$arch" ]] || arch="$(uname -m)" should be moved from _set_overrides to _read_profile.
* 151-mkarchiso-should-show-code-signing-certificates-none-if-no-keys-cerfificates-are-specified:
mkarchiso: show "Code signing certificates: None" if no keys/certificates are specified
The curl --retry-connrefused option is used with not instead of the --retry <num> option to add an extra type of failure to retry on, without --retry <num> it does not retry at all even on a connection refused.
https://man.archlinux.org/man/curl.1.en
"rescue/installation actions for {grub,refind} should be run from
within a chroot" is a false statement. See --boot-directory of
grub-install and --root of refind-install. (In the case of grub,
there are people that do not use the ugly grub-mkconfig at all.)
* nl6720/more-quiet:
mkarchiso: use mkfs.erofs --quiet in quiet mode
mkarchiso: use mksquashfs -quiet instead of redirecting its stdout to /dev/null
mkarchiso: do not show subdirectory sizes in netboot mode
mkarchiso: redirect command -v output to /dev/null
mkarchiso: silence xorriso's note about SOURCE_DATE_EPOCH
mkarchiso: silence mkfs.fat in quiet mode
mksquashfs supports a -quiet option since squashfs-tools 4.4.
Use this option in non-verbose mode instead of redirecting stdout of the whole command to /dev/null.
This allows to have only one instance of mksquashfs in _run_mksquashfs instead of multiple ones in if-then-else.
Related to #148.
The `xorriso -as mkisofs` option `-quiet` is interpreted too late. Use native xorriso option `-report_about SORRY` instead and ensure it is the first option.
Related to #148.
printf is a bash builtin, so by using it an external command can be avoided.
Due to the differences between date(1) and strftime(3), the time zone output will not contain a colon anymore. Fortunately, that is still a supported format according to https://en.wikipedia.org/wiki/ISO_8601#Time_offsets_from_UTC .
* nl6720/fix-unbound-variables-in-_validate_options:
mkarchiso: error out of iso and netboot build modes if no boot modes are specified
mkarchiso: split out build mode specific checks from _validate_options to _validate_requirements_buildmode_*
mkarchiso: fix unbound variable errors in _validate_options
The bootstrap build mode does not use packages.${arch}, ${bootmodes[@]} or $airootfs_image_type so there's no need to validate them.
Requirements common to iso and netboot are checked with the _validate_common_requirements_buildmode_iso_netboot function.
Fixes#149.
* Rename _validate_requirements_buildmode_all to _validate_common_requirements_buildmode_all to prevent potential conflicts since we are using _validate_requirements_buildmode_${_buildmode} to run the functions.
* Improve searching in an array. See https://stackoverflow.com/a/15394738.
$pkg_list_from_file and $bootstrap_pkg_list_from_file are arrays, they must be referenced as such. Fixes https://bugs.archlinux.org/task/71852.
Remove quotes from arithmetic expressions.
* nl6720/gpg-sender:
.gitlab/ci/build_archiso.sh: use mkarchiso's -G option
mkarchiso: support setting gpg sender
mkarchiso: add some sane gpg options to override those set in user's gpg.conf
Add new -G option to set gpg's --sender. This allows to see who signed the rootfs image without needing to import the gpg key from the keyring in initramfs.