- Ability to skip %clean build stage was requested as RhBug:756531,
--nocheck seems otherwise useful to have as %check can take a lot of
time, time you might not want to spend for a trivial spec change or such.
- The call to rpmSetTables() from rpmbuild is simply redundant for
all I can tell, it gets called from inside rpmrc/config processing
with the same values and the extra call here never changes anything
as the tables have already been set through rpmReadConfigFiles()
whether building for several targets or not.
- The common pattern here is grabbing current flags to a local
variable, modifying them for an operation and then restoring,
which is fine... but we dont care about the previous flags
when we're restoring them.
- fopen() returns NULL on errors, never an opened stream with error
flag set. These are leftovers from past where rpmio fd was used
instead of FILE and probably the checks were bogus even back then too.
- The various --nosignature etc verification switches are common to
everything, and have been available through rpmcliQueryFlags via
the common popt table since 2002. Might as well finally use it
to limit the amount of duplicate popt goo.
- Add new public rpmSpecCheckDeps() function which can be used for
checking build dependencies of a spec against a transaction set.
- Change checkSpec() in rpmbuild cli to use the new interface
- rpmbuild.c is now free of direct spec structure accesses
- Spec parse flags are specific to parsing a spec, not building it.
This could be relevant again if a higher level build API is added
to the library but not ATM.
- Targets are obviously relevant for building but not in the
context of rpmSpecBuild which expects the environment to be set up
already. If/when we add a higher level build interface to librpmbuild
this comes relevant again, until then bury inside the cli-tool.
- Simplify the target parsery by using argvSplit() and friends.
- The mode letters are only relevant for the rpmbuild cli tool. If/when
some of the related build logic is moved from the cli tool to the
library, we'll need a better way of expressing these combinations
than letters.
- Transaction set verification bits are not relevant to building,
bury inside the rpmbuild cli utility.
- Also the type was wrong, its rpmVerifyFlags, not rpmQueryFlags, duh
- Call freeNames() at end of buildSpec() instead of requiring API
users to clean up after us. This does mean losing some of the
supposed caching advantage when building on more than one spec,
but hardly matters, one spec at a time is the typical build usage
anyway.
- The whole rootDir seems dubious for build purposes, but in any case its
only relevant during the actual build process, not for spec parsing.
Set spec->rootDir from buildSpec() for the duration of the
build to avoid having to refactor doScript() and all right now.
- Cookies are not a property of spec but a given build, handle this
internally to buildSpec() except for --rebuild which passes the
srpm identifier cookie through buildArgs
- Accept the entire build arguments structure along with a spec, these
contain everything that we'll need
- Just a convenience wrapper for buildSpec() for now, more things
to follow...
- Update the sole existing caller accordingly
- Yank everything qualifying as "internal helper function" into
internal-only headers, loosely grouped as follows:
1) Everything involving spec-manipulation goes into rpmbuild_internal.h
2) All other miscellaneous helpers go into rpmbuild_misc.h
- This leaves us a rather minimal, and nearly useful API into librpmbuild:
Users need to be able to parse a spec, query or build (parts of) it
and free up the spec structure when done. This is what we have now,
various still exposed structures not counting.
- This is where it logically seems to belong to, after all parseSpec()
similarly populates all other metadata of the binaries etc too.
No point requiring callers to do this obscure extra call.
- Signing is better done in an environment completely separated from
the process of actually building packages. This is how its generally
done anyway by distros, this change just forces the issue.
- While signing on build seems handy and saves some io-churn, this
is very insecure as your precious secret passphrase remains unencrypted
in memory for the entire duration of the build where it's accessible
to whatever happens to be building. This change doesn't
affect fix the issue of unencrypted passphrase residing in memory
and potentially getting swapped out, it only limits the exposure
to the actual signing process which isn't subject to unknown scripts
poking around.
- Minimally preserve rpmbuild's --sign functionality via popt --pipe hack
to call rpm --addsign when build completes
- rpmcliInit() and rpmcliFini() do almost exactly the same as our
newborn cli-helpers, but they've been almost unused until now.
Use them and lose the new ones.. doh.
- The downside is that popt aliases are now broken when running commands
from the build tree due to lt-foo in argv[0], whereas initCli() took
and explicit popt context name argument. Oh well...
- rpmcliFini() was missing several necessary memory cleanup calls,
add them there while at it.
- Instead of bothering with different error messages for tar/spec/pkg
messages, just dump usage when no arguments present.
- Testing argument file existence for signing is meaningless on build
as we're not signing the specs or tarballs present there but the
build result.
- Make a copy of the entire rpmqv.c source to rpmbuild.c and switch
make to use the new copy. No functional changes. Making a copy first
means we get much easier to follow patch-series on the changes
that will follow.
Panu Matilainen