Commit fbb45e7f authored by Vitaly Lipatov's avatar Vitaly Lipatov

rpmgs: git_to_tarball: checkout tag matching spec Version

When Source-url points to a .git URL without /tree/<ref> or /commit/<sha>, git_to_tarball just cloned and packed HEAD. If upstream HEAD had moved past the spec Version, the resulting tarball contained sources from a different release than the spec claimed (observed in hddfancontrol 2.1.0-alt1, which shipped 2.1.1 sources because HEAD was already at 2.1.1 when packaged). Now if no explicit checkout is given via URL, try to checkout 'v$VERSION' or '$VERSION' tag and fail loudly if neither exists. To get a HEAD snapshot intentionally, pass HEAD as the version (rpmgs already supports this) or use # Source-url: ...git/tree/<ref>. Also init submodules after checkout so the packed tree reflects the tag.
parent 100bfe8d
......@@ -125,9 +125,27 @@ git_to_tarball()
local d="$(basename "$URL" .git)"
git clone --recurse-submodules "$URL" "$d" || fatal
if [ -n "$CHECKOUT" ] ; then
# No explicit checkout from URL: try to checkout tag matching spec Version,
# so we don't silently ship HEAD content under a fixed version label.
# Use HEAD intentionally by passing 'HEAD' as version.
if [ -z "$CHECKOUT" ] && [ -n "$VERSION" ] && [ "$VERSION" != "HEAD" ] ; then
cd "$d" || fatal
if git rev-parse --verify --quiet "refs/tags/v$VERSION" >/dev/null ; then
CHECKOUT="v$VERSION"
elif git rev-parse --verify --quiet "refs/tags/$VERSION" >/dev/null ; then
CHECKOUT="$VERSION"
else
cd - >/dev/null
rm -rf "$d"
fatal "git_to_tarball: no tag matching version '$VERSION' (tried v$VERSION, $VERSION) in $URL. Use # Source-url with /tree/<ref> for explicit checkout, or pass HEAD as version."
fi
cd - >/dev/null
fi
if [ -n "$CHECKOUT" ] && [ "$CHECKOUT" != "HEAD" ] ; then
cd "$d" || fatal
git checkout $CHECKOUT || fatal
git submodule update --init --recursive
cd - >/dev/null
fi
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment