trigger.security: added

trigger.security will be called from security-master to update the
wanna-build database for security.  This was previously done on
security-master itself.

diff --git a/bin/trigger-wrapper b/bin/trigger-wrapper
index 7832f87b900354ac2c8d31e27529bf199bb12a9b..4c8a7b253c8b07c549b4bf7661d91847bbad9639 100755 (executable)
--- a/bin/trigger-wrapper
+++ b/bin/trigger-wrapper
@@ -9,6 +9,8 @@ if [ "$bn" = "trigger.daily" ]; then
        bin=/org/wanna-build/trigger.daily
 elif [ "$bn" = "trigger.often" ]; then
        bin=/org/wanna-build/trigger.often
+elif [ "$bn" = "trigger.security" ]; then
+       bin=/org/wanna-build/trigger.security
 else
        exit 1
 fi

diff --git a/trigger.security b/trigger.security
new file mode 100755 (executable)
index 0000000..b985f9b
--- /dev/null
+++ b/trigger.security
@@ -0,0 +1,74 @@
+#!/bin/bash
+#
+# This is the equivalent of trigger.often for security.
+#
+# Calling convention: trigger.security $basedist
+#  (i.e. the dist should not have a -security suffix)
+#
+
+if [ -n "$SSH_ORIGINAL_COMMAND" ]
+then
+    set -- $SSH_ORIGINAL_COMMAND
+    # The name of the script will be put into $1 instead of $0,
+    # so shift the arguments to discard our name.
+    shift
+fi
+
+LANG=C
+BASE_DIST="$1"
+SECMASTERBUILDD=http://security-master.debian.org/buildd
+BASEDIR="/org/wanna-build"
+TMPDIR="$BASEDIR/tmp"
+LIBTRIGGER="$BASEDIR/libtrigger.sh"
+LOCKFILE="$TMPDIR/DB_Maintenance_In_Progress"
+MERGELOG="$BASEDIR/db/merge.log"
+
+. "$LIBTRIGGER"
+
+if [ -z "$BASE_DIST" ]; then
+    echo "E: no base suite specified."
+fi
+
+if lockfile -! -l 3600 "$LOCKFILE"; then
+       echo "Cannot lock $LOCKFILE"
+       exit 1
+fi
+
+cleanup() {
+       rm -f "$LOCKFILE"
+}
+trap cleanup 0
+
+umask 027
+
+exec 3<&1 >> "$MERGELOG" 2>&1
+
+echo "security merge triggered for ${BASE_DIST}: `date`"
+
+cd "$TMPDIR"
+
+d="${BASE_DIST}-security"
+
+archs=ARCHS_${BASE_DIST}
+ARCHS=${!archs}
+
+echo "fetching $SECMASTERBUILDD/${BASE_DIST}/Sources.gz..."
+curl_index "$SECMASTERBUILDD/${BASE_DIST}/Sources.gz" "Sources-$d.accepted.gz" "Sources.$d.accepted"
+
+# NB: There is only one Packages file in the directory, with all
+# already built packages of all architectures in it.  It could thus
+# be reused for every one of them afterwards and quinn-diff will
+# pick the right information.
+echo "fetching $SECMASTERBUILDD/${BASE_DIST}/Packages.gz..."
+curl_index "$SECMASTERBUILDD/${BASE_DIST}/Packages.gz" "Packages-$d.accepted.gz" "Packages.$d.accepted"
+
+for a in $ARCHS; do
+    echo "processing $d/$a..."
+    quinn-diff -i -A $a -a "/srv/buildd.debian.org/web/quinn-diff/${BASE_DIST}/Packages-arch-specific" -s "Sources.$d.accepted" -p "Packages.$d.accepted" >> "quinn-$d.$a.accepted" 2>/dev/null
+    wanna-build -d $d -b $a/build-db --merge-partial-quinn < "quinn-$d.$a.accepted"
+    wanna-build -d $d -b $a/build-db -A $a --merge-packages < "Packages.$d.accepted"
+done
+
+echo "security merge for ${BASE_DIST} ended: `date`"
+exit 0
+