RPM build updates (#718)

Addresses findings from the first Fedora review. Also includes some other distantly related, but supportive, changes. Addresses several findings from first Fedora review (#715): - Adding desktop file - Adding man page - Proper installation of translated help - Cleaning up lints in the spec - Reduces rpm deps by removing tool-only deps Also - Upgrades Clap - Makes the top level Rust project a virtual project - Makes crates/tools a standalone crate - Upgrades some Actions - Adds a checksum to wf to aid in debugging Closes #616 Closes #722 Closes #723 # Conflicts: # Cargo.toml # crates/pyo3/src/check.rs # crates/tools/src/fapolicy_profiler.rs # fapolicy-analyzer.spec # help/__init__.py # scripts/srpm/fapolicy-analyzer.spec
ctc-oss · Dec 30, 2022 · e1ca7d4 · e1ca7d4
1 parent 36299c7
commit e1ca7d4
Show file tree

Hide file tree

Showing 12 changed files with 162 additions and 138 deletions.
diff --git a/.github/workflows/rpm.yml b/.github/workflows/rpm.yml
@@ -108,19 +108,23 @@ jobs:
           PLATFORM: ${{ matrix.props.dist }}
 
       - name: Upload tarballs
-        uses: actions/upload-artifact@v2
+        uses: actions/upload-artifact@v3
         with:
           name: tarball-artifacts
           path: |
             /tmp/archives/*.tar.gz
 
       - name: Upload SRPMs
-        uses: actions/upload-artifact@v2
+        uses: actions/upload-artifact@v3
         with:
           name: srpm-artifacts
           path: |
             /tmp/archives/*.src.rpm
 
+      - name: Checksum artifacts
+        run: |
+          sha256sum /tmp/archives/*
+
   copr:
     needs: [ config, srpm ]
     name: Copr Build ${{ matrix.props.dist }}
@@ -141,6 +145,10 @@ jobs:
           name: srpm-artifacts
           path: /tmp/
 
+      - name: Checksum artifacts
+        run: |
+          sha256sum /tmp/*.src.rpm
+
       - name: Install Config
         run: |
           mkdir -p $HOME/.config
@@ -173,6 +181,10 @@ jobs:
           name: srpm-artifacts
           path: /tmp/src/
 
+      - name: Checksum artifacts
+        run: |
+          sha256sum /tmp/src/*
+
       - name: Enable EPEL
         if: startsWith(matrix.props.dist, 'el')
         run: |
@@ -194,7 +206,7 @@ jobs:
         working-directory: /github/home/rpmbuild/RPMS/x86_64
 
       - name: Upload RPMs
-        uses: actions/upload-artifact@v2
+        uses: actions/upload-artifact@v3
         with:
           name: rpm-artifacts
           path: |

diff --git a/.github/workflows/tools.yml b/.github/workflows/tools.yml
@@ -42,7 +42,7 @@ jobs:
         uses: actions-rs/cargo@v1
         with:
           command: build
-          args: --release
+          args: --bins --release
 
       - name: Strip ref to tag
         id: tag_name
@@ -56,7 +56,7 @@ jobs:
           mv target/release/rulec /tmp/tools/rulec-${{ steps.tag_name.outputs.VERSION }}
 
       - name: Archive Tools
-        uses: actions/upload-artifact@v2
+        uses: actions/upload-artifact@v3
         with:
           name: fapolicy-analyzer-tools
           path: /tmp/tools/*

diff --git a/Cargo.lock b/Cargo.lock
diff --git a/Cargo.toml b/Cargo.toml
@@ -1,46 +1,11 @@
-[package]
-name = "fapolicy-tools"
-description = "Tools to assist with the configuration and maintenance of fapolicyd"
-license = "GPL-3.0-or-later"
-version = "0.5.0"
-edition = "2018"
-
-[[bin]]
-name = "tdb"
-path = "crates/tools/trust_db_util.rs"
-
-[[bin]]
-name = "rulec"
-path = "crates/tools/rule_check.rs"
-
-[[test]]
-name = "integration"
-path = "tests/tests.rs"
-
 [workspace]
 members = [
     "crates/analyzer",
     "crates/app",
     "crates/daemon",
     "crates/pyo3",
     "crates/rules",
+    "crates/tools",
     "crates/trust",
     "crates/util",
 ]
-
-[dev-dependencies]
-
-[dependencies]
-clap = "3.0.0-beta.2"
-lmdb-rkv = "0.14.0"
-nom = "6.1.0"
-rayon = "1.5"
-thiserror = "1.0"
-ariadne = "0.1"
-
-fapolicy-analyzer = { version = "*", path = "crates/analyzer" }
-fapolicy-app = { version = "*", path = "crates/app" }
-fapolicy-daemon = { version = "*", path = "crates/daemon" }
-fapolicy-rules = { version = "*", path = "crates/rules" }
-fapolicy-trust = { version = "*", path = "crates/trust" }
-fapolicy-util = { version = "*", path = "crates/util" }
diff --git a/crates/tools/Cargo.toml b/crates/tools/Cargo.toml
@@ -0,0 +1,33 @@
+[package]
+name = "fapolicy-tools"
+description = "Tools to assist with the configuration and maintenance of fapolicyd"
+license = "GPL-3.0-or-later"
+version = "0.5.0"
+edition = "2018"
+
+[[bin]]
+name = "tdb"
+path = "src/trust_db_util.rs"
+
+[[bin]]
+name = "rulec"
+path = "src/rule_check.rs"
+
+[[bin]]
+name = "faprofiler"
+path = "src/fapolicy_profiler.rs"
+
+[dependencies]
+clap = { version = "3.2.20", features = ["derive"] }
+lmdb-rkv = "0.14.0"
+nom = "6.1.0"
+rayon = "1.5"
+thiserror = "1.0"
+ariadne = "0.1"
+
+fapolicy-analyzer = { version = "*", path = "../analyzer" }
+fapolicy-app = { version = "*", path = "../app" }
+fapolicy-daemon = { version = "*", path = "../daemon" }
+fapolicy-rules = { version = "*", path = "../rules" }
+fapolicy-trust = { version = "*", path = "../trust" }
+fapolicy-util = { version = "*", path = "../util" }
diff --git a/crates/tools/rule_check.rs → crates/tools/src/rule_check.rs b/crates/tools/rule_check.rs → crates/tools/src/rule_check.rs
@@ -12,7 +12,7 @@ use std::path::PathBuf;
 
 use ariadne::Source;
 use ariadne::{Report, ReportKind};
-use clap::Clap;
+use clap::Parser;
 
 use fapolicy_rules::parser::errat::{ErrorAt, StrErrorAt};
 use fapolicy_rules::parser::parse::StrTrace;
@@ -27,7 +27,7 @@ use std::fs::File;
 use std::io;
 use std::io::{BufRead, BufReader};
 
-#[derive(Clap)]
+#[derive(Parser)]
 #[clap(name = "Rule Checker", version = "v0.0.0")]
 struct Opts {
     /// path to *.rules or rules.d

diff --git a/crates/tools/trust_db_util.rs → crates/tools/src/trust_db_util.rs b/crates/tools/trust_db_util.rs → crates/tools/src/trust_db_util.rs
@@ -13,7 +13,7 @@ use std::path::Path;
 use std::process::{Command, Output};
 use std::time::SystemTime;
 
-use clap::Clap;
+use clap::Parser;
 use lmdb::{Cursor, DatabaseFlags, Environment, Transaction, WriteFlags};
 use rayon::prelude::*;
 use thiserror::Error;
@@ -62,7 +62,7 @@ pub enum Error {
     ParseError(#[from] std::string::FromUtf8Error),
 }
 
-#[derive(Clap)]
+#[derive(Parser)]
 #[clap(name = "Trust DB Utils", version = "v0.1")]
 struct Opts {
     #[clap(subcommand)]
@@ -77,7 +77,7 @@ struct Opts {
     dbdir: Option<String>,
 }
 
-#[derive(Clap)]
+#[derive(Parser)]
 enum Subcommand {
     /// Clear the trust database of all entries
     Clear(ClearOpts),
@@ -99,10 +99,10 @@ enum Subcommand {
     Load(LoadOpts),
 }
 
-#[derive(Clap)]
+#[derive(Parser)]
 struct ClearOpts {}
 
-#[derive(Clap)]
+#[derive(Parser)]
 struct InitOpts {
     /// create an empty database
     #[clap(long)]
@@ -125,46 +125,46 @@ struct InitOpts {
     par: bool,
 }
 
-#[derive(Clap)]
+#[derive(Parser)]
 struct AddRecOpts {
     /// File to add
     path: String,
 }
 
-#[derive(Clap)]
+#[derive(Parser)]
 struct DelRecOpts {
     /// File to delete
     path: String,
 }
 
-#[derive(Clap)]
+#[derive(Parser)]
 struct DumpDbOpts {
     /// Optional file
     #[clap(short, long)]
     outfile: Option<String>,
 }
 
-#[derive(Clap)]
+#[derive(Parser)]
 struct SearchDbOpts {
     /// File to delete
     #[clap(long)]
     key: String,
 }
 
-#[derive(Clap)]
+#[derive(Parser)]
 struct CheckDbOpts {
     /// use par_iter
     #[clap(long)]
     par: bool,
 }
 
-#[derive(Clap)]
+#[derive(Parser)]
 struct LoadOpts {
     /// File trust source
     path: String,
 }
 
-#[derive(Clap)]
+#[derive(Parser)]
 struct CountOpts {}
 
 fn main() -> Result<(), Error> {