Skip to content

Commit

Permalink
feat: use Flathub's patched flatpak-builder
Browse files Browse the repository at this point in the history
Build the same version of flatpak-builder run on Flathub, to support
backported features and CI-specific behaviours.
  • Loading branch information
andyholmes committed Oct 23, 2024
1 parent 440df4a commit e45534f
Show file tree
Hide file tree
Showing 12 changed files with 647 additions and 1 deletion.
2 changes: 1 addition & 1 deletion .github/workflows/scan.yml
Original file line number Diff line number Diff line change
Expand Up @@ -20,7 +20,7 @@ jobs:
- name: Spell Check
uses: codespell-project/actions-codespell@master
with:
skip: .git,dist
skip: .git,build-aux,dist

codeql:
name: CodeQL
Expand Down
42 changes: 42 additions & 0 deletions Dockerfile
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,8 @@

FROM registry.fedoraproject.org/fedora:latest

COPY build-aux/ /build-aux/

# Notes:
# - docker: docker/setup-qemu-action
# - python3-*: flatpak/flatpak-external-data-checker
Expand All @@ -14,14 +16,54 @@ RUN dnf install -y ccache flatpak flatpak-builder git git-lfs \
python3-{aiohttp,apt,editorconfig,github,gobject,jsonschema,lxml,magic,packaging,pyelftools,ruamel-yaml,semver,toml} \
rsync \
zstd && \
dnf install -y 'dnf-command(builddep)' && \
dnf builddep -y appstream flatpak-builder && \
dnf clean all && rm -rf /var/cache/dnf

#
# AppStream & Flatpak Builder with compose pass-through
#
RUN git clone https://github.com/ximion/appstream.git \
--branch v1.0.3 \
--single-branch && \
cd appstream && \
git apply /build-aux/patches/appstream-demotion-allowlist.patch && \
git apply /build-aux/patches/appstream-compose-default-propagate-custom.patch && \
git apply /build-aux/patches/asc-hint-tags-silence-some-vague-validation-errors.patch && \
git apply /build-aux/patches/compose-seperate-file-read-error.patch && \
git apply /build-aux/patches/appstream-compose-lang-symlinks.patch && \
meson setup -Dapidocs=false \
-Dgir=false \
-Dcompose=true \
_build && \
meson install -C _build

RUN git clone https://github.com/flatpak/flatpak-builder.git \
--branch 1.4.4 \
--single-branch && \
cd flatpak-builder && \
git apply /build-aux/patches/flatpak-builder-lfs.patch && \
git apply /build-aux/patches/flatpak-builder-appstream-cli-urls.patch && \
git apply /build-aux/patches/flatpak-builder-disable-compressed-downloads.patch && \
meson setup -Ddocs=disabled \
-Dfuse=2 \
-Dtests=false \
_build && \
meson install -C _build

#
# Flatpak Dependency Checker
#
RUN git clone https://github.com/flathub/flatpak-external-data-checker.git \
--branch master \
--single-branch && \
ln -sf $(pwd)/flatpak-external-data-checker/flatpak-external-data-checker \
/usr/bin/flatpak-external-data-checker

#
# Default Remotes
#
RUN flatpak remote-add --if-not-exists flathub https://flathub.org/repo/flathub.flatpakrepo && \
flatpak remote-add --if-not-exists flathub-beta https://flathub.org/beta-repo/flathub-beta.flatpakrepo && \
flatpak remote-add --if-not-exists gnome-nightly https://nightly.gnome.org/gnome-nightly.flatpakrepo

176 changes: 176 additions & 0 deletions LICENSES/LGPL-2.1-or-later.txt

Large diffs are not rendered by default.

7 changes: 7 additions & 0 deletions REUSE.toml
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,13 @@ precedence = "aggregate"
SPDX-FileCopyrightText = "No rights reserved"
SPDX-License-Identifier = "CC0-1.0"

# This may not be entirely correct; some patches contain copyrights
[[annotations]]
path = ["build-aux/patches/**"]
precedence = "aggregate"
SPDX-FileCopyrightText = "Flathub Contributors"
SPDX-License-Identifier = "LGPL-2.1-or-later"

[[annotations]]
path = ["dist/**", "package.json"]
precedence = "aggregate"
Expand Down
13 changes: 13 additions & 0 deletions build-aux/patches/appstream-compose-default-propagate-custom.patch
Original file line number Diff line number Diff line change
@@ -0,0 +1,13 @@
diff --git a/compose/asc-compose.c b/compose/asc-compose.c
index 0b746ad9..a3050b0e 100644
--- a/compose/asc-compose.c
+++ b/compose/asc-compose.c
@@ -101,7 +101,7 @@ asc_compose_init (AscCompose *compose)
priv->flags = ASC_COMPOSE_FLAG_USE_THREADS | ASC_COMPOSE_FLAG_ALLOW_NET |
ASC_COMPOSE_FLAG_VALIDATE | ASC_COMPOSE_FLAG_STORE_SCREENSHOTS |
ASC_COMPOSE_FLAG_ALLOW_SCREENCASTS | ASC_COMPOSE_FLAG_PROCESS_FONTS |
- ASC_COMPOSE_FLAG_PROCESS_TRANSLATIONS;
+ ASC_COMPOSE_FLAG_PROCESS_TRANSLATIONS | ASC_COMPOSE_FLAG_PROPAGATE_CUSTOM;

/* the icon policy will initialize with default settings */
priv->icon_policy = asc_icon_policy_new ();
107 changes: 107 additions & 0 deletions build-aux/patches/appstream-compose-lang-symlinks.patch
Original file line number Diff line number Diff line change
@@ -0,0 +1,107 @@
From 6f6986c333ed9d56c28e5ff419b33fb4eb158bc2 Mon Sep 17 00:00:00 2001
From: Matthias Klumpp <[email protected]>
Date: Wed, 5 Jun 2024 21:44:01 +0200
Subject: [PATCH] compose: Allow file discovery even in symlinked directories

This was discovered to be an issue on Flathub with some component
localizations being placed in symlinked directories.

CC: https://github.com/flathub/flathub/issues/5272
---
compose/asc-directory-unit.c | 69 +++++++++++++++----
5 files changed, 65 insertions(+), 21 deletions(-)

diff --git a/compose/asc-directory-unit.c b/compose/asc-directory-unit.c
index 80698e873..10c9c3de1 100644
--- a/compose/asc-directory-unit.c
+++ b/compose/asc-directory-unit.c
@@ -81,11 +81,12 @@ asc_directory_unit_class_init (AscDirectoryUnitClass *klass)
}

static gboolean
-asc_directory_unit_find_files_recursive (GPtrArray *files,
- const gchar *path_orig,
- guint path_orig_len,
- const gchar *path,
- GError **error)
+asc_directory_unit_find_files_recursive_internal (GPtrArray *files,
+ const gchar *path_orig,
+ guint path_orig_len,
+ const gchar *path,
+ GHashTable *visited_dirs,
+ GError **error)
{
const gchar *tmp;
g_autoptr(GDir) dir = NULL;
@@ -104,14 +105,38 @@ asc_directory_unit_find_files_recursive (GPtrArray *files,
g_autofree gchar *path_new = NULL;
path_new = g_build_filename (path, tmp, NULL);

- /* search recursively, don't follow symlinks */
- if (g_file_test (path_new, G_FILE_TEST_IS_DIR) &&
- !g_file_test (path_new, G_FILE_TEST_IS_SYMLINK)) {
- if (!asc_directory_unit_find_files_recursive (files,
- path_orig,
- path_orig_len,
- path_new,
- error))
+ /* search recursively */
+ if (g_file_test (path_new, G_FILE_TEST_IS_DIR)) {
+ if (g_file_test (path_new, G_FILE_TEST_IS_SYMLINK)) {
+ g_autofree gchar *real_path = realpath (path_new, NULL);
+
+ if (!real_path) {
+ /* error if realpath fails (like memory allocation error or invalid path) */
+ g_set_error (error,
+ G_FILE_ERROR,
+ g_file_error_from_errno (errno),
+ "Failed to resolve real path");
+ return FALSE;
+ }
+
+ /* don't visit paths twice to avoid loops */
+ if (g_hash_table_contains (visited_dirs, real_path))
+ return TRUE;
+
+ g_hash_table_add (visited_dirs, g_steal_pointer (&real_path));
+ } else {
+ if (g_hash_table_contains (visited_dirs, path_new))
+ return TRUE;
+
+ g_hash_table_add (visited_dirs, g_strdup (path_new));
+ }
+
+ if (!asc_directory_unit_find_files_recursive_internal (files,
+ path_orig,
+ path_orig_len,
+ path_new,
+ visited_dirs,
+ error))
return FALSE;
} else {
g_ptr_array_add (files, g_strdup (path_new + path_orig_len));
@@ -121,6 +146,24 @@ asc_directory_unit_find_files_recursive (GPtrArray *files,
return TRUE;
}

+static gboolean
+asc_directory_unit_find_files_recursive (GPtrArray *files,
+ const gchar *path_orig,
+ guint path_orig_len,
+ const gchar *path,
+ GError **error)
+{
+ g_autoptr(GHashTable) visited_dirs = NULL;
+ visited_dirs = g_hash_table_new_full (g_str_hash, g_str_equal, g_free, NULL);
+
+ return asc_directory_unit_find_files_recursive_internal (files,
+ path_orig,
+ path_orig_len,
+ path,
+ visited_dirs,
+ error);
+}
+
static gboolean
asc_directory_unit_open (AscUnit *unit, GError **error)
{
20 changes: 20 additions & 0 deletions build-aux/patches/appstream-demotion-allowlist.patch
Original file line number Diff line number Diff line change
@@ -0,0 +1,20 @@
diff --git a/src/as-validator.c b/src/as-validator.c
index 849338c7..c4da24af 100644
--- a/src/as-validator.c
+++ b/src/as-validator.c
@@ -653,6 +653,15 @@ as_validator_add_override (AsValidator *validator,
"developer-id-missing",
/* allow in case a component really doesn't have an active homepage */
"url-homepage-missing",
+ /* flathub apps often instruct users to follow some additional steps for sandbox-breaking apps */
+ "description-has-plaintext-url",
+ /* we have our own validation for these fields */
+ "component-name-too-long",
+ "summary-too-long",
+ /* this is a breaking change as 1.0.0 allowed this field to be anything */
+ "developer-id-invalid",
+ /* this has not been the case with appstream-glib */
+ "cid-domain-not-lowercase",
NULL
};

Original file line number Diff line number Diff line change
@@ -0,0 +1,92 @@
From cd5dd2c083e34456744d0fe7778efccadac67b18 Mon Sep 17 00:00:00 2001
From: bbhtt <[email protected]>
Date: Sat, 20 Apr 2024 07:56:19 +0530
Subject: [PATCH] asc-hint-tags: Silence some vague validation errors during
compose

These are either covered by `appstreamcli validate` or by the linter's
own checks and provide better and clearer error messages.

The following are lowered to INFO:

* ancient-metadata
* metainfo-unknown-type
* icon-not-found
* metainfo-screenshot-but-no-media
* gui-app-without-icon
* no-metainfo
* no-valid-category
---
compose/asc-hint-tags.c | 14 +++++++-------
1 file changed, 7 insertions(+), 7 deletions(-)

diff --git a/compose/asc-hint-tags.c b/compose/asc-hint-tags.c
index cf91318e..2dc0feef 100644
--- a/compose/asc-hint-tags.c
+++ b/compose/asc-hint-tags.c
@@ -57,7 +57,7 @@ AscHintTagStatic asc_hint_tag_list[] = {
},

{ "ancient-metadata",
- AS_ISSUE_SEVERITY_WARNING,
+ AS_ISSUE_SEVERITY_INFO,
"The AppStream metadata should be updated to follow a more recent version of the specification.<br/>"
"Please consult <a href=\"http://freedesktop.org/software/appstream/docs/chap-Quickstart.html\">the XML quickstart guide</a> for "
"more information."
@@ -99,7 +99,7 @@ AscHintTagStatic asc_hint_tag_list[] = {
},

{ "metainfo-unknown-type",
- AS_ISSUE_SEVERITY_ERROR,
+ AS_ISSUE_SEVERITY_INFO,
"The component has an unknown type. Please make sure this component type is mentioned in the specification, and that the"
"<code>type=</code> property of the component root-node in the MetaInfo XML file does not contain a spelling mistake."
},
@@ -158,7 +158,7 @@ AscHintTagStatic asc_hint_tag_list[] = {
},

{ "icon-not-found",
- AS_ISSUE_SEVERITY_ERROR,
+ AS_ISSUE_SEVERITY_INFO,
"The icon <em>{{icon_fname}}</em> was not found in the archive. This issue can have multiple reasons, "
"like the icon being in a wrong directory or not being available in a suitable size (at least 64x64px). "
"To make the icon easier to find, place it in <code>/usr/share/icons/hicolor/&lt;size&gt;/apps</code> and ensure the <code>Icon=</code> value"
@@ -182,7 +182,7 @@ AscHintTagStatic asc_hint_tag_list[] = {
},

{ "metainfo-screenshot-but-no-media",
- AS_ISSUE_SEVERITY_WARNING,
+ AS_ISSUE_SEVERITY_INFO,
"A screenshot has been found for this component, but apparently it does not have any images or videos defined. "
"The screenshot entry has been ignored."
},
@@ -255,7 +255,7 @@ AscHintTagStatic asc_hint_tag_list[] = {
},

{ "gui-app-without-icon",
- AS_ISSUE_SEVERITY_ERROR,
+ AS_ISSUE_SEVERITY_INFO,
"The component is a GUI application (application which has a .desktop file for the XDG menu and <code>Type=Application</code>), "
"but we could not find a matching icon for this application."
},
@@ -278,7 +278,7 @@ AscHintTagStatic asc_hint_tag_list[] = {
},

{ "no-valid-category",
- AS_ISSUE_SEVERITY_ERROR,
+ AS_ISSUE_SEVERITY_INFO,
"This software component is no member of any valid category (note that custom categories and toolkit categories like 'Qt' or 'GTK' are ignored)."
},

@@ -288,7 +288,7 @@ AscHintTagStatic asc_hint_tag_list[] = {
},

{ "no-metainfo",
- AS_ISSUE_SEVERITY_WARNING,
+ AS_ISSUE_SEVERITY_INFO,
"This software component is missing a <a href=\"https://freedesktop.org/software/appstream/docs/chap-Metadata.html#sect-Metadata-GenericComponent\">MetaInfo file</a> "
"as metadata source.<br/>"
"To synthesize suitable metadata anyway, we took some data from its desktop-entry file.<br/>"
--
2.44.0

Loading

0 comments on commit e45534f

Please sign in to comment.