Hi Nilesh,
On 7/3/21 6:39 AM, Nilesh Patra wrote: > Hi Alex, > > On 03/07/21 03:30 AM, Flu0r1ne wrote: >> Hi, >> >> >> I am in the process of packaging Nebula, a popular networking overlay. >> The binaries seem to build. Yet, two of the tests fail. I wanted to have >> someone double check my methodology since I'm still a novice when it >> comes to packaging. If you think it's a problem for the upstream, I'll >> submit an issue. >> >> >> I encounter an issue with two failing tests: >> TestMarshalingNebulaCertificate and Test_ca. These rely on the >> "marshaling" functionality in Google's protobuf library. These tests >> pass outside debuild so I'm guessing it's based on the version of some >> library. > I found out the reason -- this is basically due to incompatible > versions. > First off, you also need a B-D on golang-goprotobuf-dev - the > corresponding import path for the same is also mentioned in nebula's > go.mod (github.com/golang/protobuf v1.5.0) > > as you might notice, the version there mentioned is "1.5.0", and the > version in the archive (unstable) is "1.3.4-2". > However, the version in experimental is "1.4.3-1~exp1" > > When I try to build with the package in experimental, build goes just > fine! \o/ Indeed! I'm glad you were able to figure this out. I was able to build it on my host system after applying the patch. I am unsure how this package is auto discovered. mk-build-deps failed to pick up on the new version. I had to explicitly install it with apt, specifying the target release. It also prevents be from building in a chroot. I'm calling it as follows: sbuild -s -d unstable \ --extra-repository='deb http://ftp.us.debian.org/debian experimental main' \ --extra-package=path_to_golang-github-nbrownus-go-metrics-prometheus_all.deb \ --extra-package=path_to_golang-github-flynn-noise_all.deb I made some improvements: I added a systemd unit to nebula to mange the daemon. I also copied the example configuration file to /etc/nebula for ease of use. This is the de-facto way most people use the tool. There are still a couple Lintian issues I can't nail down. First, debuild emits hardening warnings for all the binaries in Nebula: - nebula: hardening-no-pie usr/bin/nebula - nebula: hardening-no-relro usr/bin/nebula I've added the "hardening=+all" flag to DEB_BUILD_MAINT_OPTIONS. I would like to enable all the hardening features if possible since Nebula is network facing. Is there a specific method to enable binary hardening features for go or dh-golang? It also complains that no manual pages are included. Although, the project hasn't produced any to my knowledge. > Oh, there is one more -- it also Build-Depends on > "golang-github-skip2-go-qrcode-dev" > that's not in the archive yet, please consider to package this too My understanding is that the go-qrcode [1] package in sid provides this functionality. I added it to the control file. > > I have a few reviews on these. First off, there's just one "main" > branch. This goes against the way go team packages should be > maintained. > > There's a debian/sid branch, along with an upstream branch. It also > seems like you used dh-make for nebula, please consider to use > dh-make-golang. I recreated all the repositories with dh-make-golang. The version of the tool in unstable automatically setup these branches. Given that they are completely new git repos (although I kept the paths the same), you'll probably want to clone them again. >> You'll receive a few Lintian errors that won't effect the build process. >> Lintian wants to: >> >> (1) Shorten golang-github-nbrownus-go-metrics-prometheus (I'm following >> the naming scheme. Let me know if i should rename it.) > I think we can simply ignore this warning as you might see on the > corresponding lintian report page here[1], there are several golang packages > with that warning > The naming scheme is correct, and that's fine. I agree. I repackaged it with the '-go' part. I think this will make it easier to find since it will match the upstream. >> (2) I'll submit ITPs once I can build Nebula > Cool, I'll be happy to sponsor you uploads, if you need :-) That would be great! > sbuild will help you do that easily, please set this up if you haven't > already. You can find the details here[2] I built both of the dependencies using sbuild. I'll build Nebula when I can figure out the package discovery issue above. Best, Alex [1]: https://packages.debian.org/us/sid/devel/go-qrcode <https://packages.debian.org/us/sid/devel/go-qrcode>
