Add Ubuntu PPA packaging support (#47)

Adds Ubuntu PPA packaging with automated GitHub Actions workflow. - Debian packaging files in debian/ directory - GitHub Actions workflow for automated PPA uploads - Targets Ubuntu Questing (25.10) with Rust 1.88
2026-02-13 09:48:37 -06:00 · 2025-10-14 09:24:53 +02:00
parent a2b2e09b0b
commit 3c4d5e4bc1
8 changed files with 166 additions and 51 deletions
--- a/.github/workflows/ppa-release.yml
+++ b/.github/workflows/ppa-release.yml
@@ -6,11 +6,16 @@ on:
      ubuntu_release:
        description: 'Ubuntu release codename'
        required: true
-        default: 'noble'
+        default: 'oracular'
        type: choice
        options:
-          - noble   # 24.04 LTS
-          - jammy   # 22.04 LTS
+          - oracular # 24.10 with Rust 1.81
+          - noble # 24.04 LTS with Rust 1.82
+      tarball_suffix:
+        description: 'Tarball suffix (e.g., ds1, ds2) - leave empty for new releases'
+        required: false
+        default: ''
+        type: string
  push:
    tags:
      - 'v*'
@@ -22,12 +27,11 @@ env:

 jobs:
  build-and-upload:
-    runs-on: ubuntu-22.04
+    runs-on: ubuntu-24.04
    strategy:
      matrix:
        ubuntu_release:
-          - noble
-          - jammy
+          - questing

    steps:
      - name: Checkout code
@@ -67,58 +71,91 @@ jobs:
        id: version
        run: |
          VERSION=$(grep '^version = ' Cargo.toml | head -1 | sed 's/version = "\(.*\)"/\1/')
-          echo "version=$VERSION" >> $GITHUB_OUTPUT

-          # Set debian revision
-          if [ "${{ matrix.ubuntu_release }}" = "noble" ]; then
-            DEBIAN_REVISION="1ubuntu1"
+          # Add tarball suffix if provided (e.g., +ds1, +ds2)
+          TARBALL_SUFFIX="${{ github.event.inputs.tarball_suffix }}"
+          if [ -n "$TARBALL_SUFFIX" ]; then
+            TARBALL_VERSION="${VERSION}+${TARBALL_SUFFIX}"
+            echo "version=$TARBALL_VERSION" >> $GITHUB_OUTPUT
+            echo "Using tarball version: $TARBALL_VERSION"
          else
-            DEBIAN_REVISION="1ubuntu1~${{ matrix.ubuntu_release }}1"
+            echo "version=$VERSION" >> $GITHUB_OUTPUT
+            echo "Using version: $VERSION"
          fi
+
+          # Extract Debian revision from changelog
+          DEBIAN_REVISION=$(head -1 debian/changelog | sed 's/.*(\(.*\)-\(.*\)).*/\2/')
          echo "debian_revision=$DEBIAN_REVISION" >> $GITHUB_OUTPUT

-      - name: Update debian/changelog
+      - name: Update changelog
        run: |
-          cd debian
+          VERSION="${{ steps.version.outputs.version }}"
+          CURRENT_VERSION=$(head -1 debian/changelog | sed 's/.*(\(.*\)).*/\1/')

-          # Update distribution
-          sed -i "s/) noble;/) ${{ matrix.ubuntu_release }};/" changelog
+          if [ "$VERSION-1ubuntu1" != "$CURRENT_VERSION" ]; then
+            echo "Updating changelog from $CURRENT_VERSION to $VERSION-1ubuntu1"

-          # For jammy, add backport entry
-          if [ "${{ matrix.ubuntu_release }}" = "jammy" ]; then
-            VERSION="${{ steps.version.outputs.version }}"
-            REVISION="${{ steps.version.outputs.debian_revision }}"
-            TIMESTAMP=$(date -R)
+            # Create new changelog entry
+            DEBFULLNAME="${{ env.DEBFULLNAME }}" DEBEMAIL="${{ env.DEBEMAIL }}" \
+              dch --newversion "$VERSION-1ubuntu1" \
+                  --distribution "questing" \
+                  "New upstream release $VERSION"

-            echo "rustnet-monitor ($VERSION-$REVISION) jammy; urgency=medium" > changelog.new
-            echo "" >> changelog.new
-            echo "  * Backport to Ubuntu 22.04 Jammy" >> changelog.new
-            echo "" >> changelog.new
-            echo " -- Marco Cadetg <cadetg@gmail.com>  $TIMESTAMP" >> changelog.new
-            echo "" >> changelog.new
-            cat changelog >> changelog.new
-            mv changelog.new changelog
+            echo "✓ Changelog updated"
+          else
+            echo "✓ Changelog already at correct version"
          fi

      - name: Build source package
        run: |
          VERSION="${{ steps.version.outputs.version }}"
+          BASE_VERSION=$(grep '^version = ' Cargo.toml | head -1 | sed 's/version = "\(.*\)"/\1/')
          PACKAGE_NAME="rustnet-monitor"

          # Create build directory
          mkdir -p build-ppa

-          # Create orig tarball
-          git archive --format=tar.gz --prefix="${PACKAGE_NAME}-${VERSION}/" HEAD \
-            > "build-ppa/${PACKAGE_NAME}_${VERSION}.orig.tar.gz"
+          # Extract source from release tag
+          RELEASE_TAG="v${BASE_VERSION}"
+          if git rev-parse "$RELEASE_TAG" >/dev/null 2>&1; then
+            echo "✓ Found release tag: $RELEASE_TAG"
+            git archive --format=tar --prefix="${PACKAGE_NAME}-${VERSION}/" "$RELEASE_TAG" | tar -x -C build-ppa
+          else
+            echo "⚠ Release tag $RELEASE_TAG not found, using HEAD"
+            git archive --format=tar --prefix="${PACKAGE_NAME}-${VERSION}/" HEAD | tar -x -C build-ppa
+          fi

-          # Extract and add debian directory
-          cd build-ppa
-          tar -xzf "${PACKAGE_NAME}_${VERSION}.orig.tar.gz"
+          # Vendor dependencies separately from orig tarball
+          echo "Vendoring Rust dependencies..."
+          cd build-ppa/${PACKAGE_NAME}-${VERSION}
+
+          cargo vendor vendor
+
+          # Remove prebuilt static libraries (keep .dll for tests)
+          echo "Cleaning vendor directory..."
+          find vendor -name "*.a" -delete
+          find vendor -name "*.lib" -delete
+
+          # Pack vendor directory as separate tarball in debian/
+          echo "Creating vendor tarball..."
+          tar -cJf ../vendor.tar.xz vendor
+          rm -rf vendor
+
+          # Create orig tarball (without vendor directory)
+          echo "Creating orig tarball..."
+          cd ..
+          ORIG_TARBALL="${PACKAGE_NAME}_${VERSION}.orig.tar.gz"
+          tar -czf "${ORIG_TARBALL}" "${PACKAGE_NAME}-${VERSION}"
+
+          # Add debian directory and vendor tarball
          cp -r "$GITHUB_WORKSPACE/debian" "${PACKAGE_NAME}-${VERSION}/"
+          mv vendor.tar.xz "${PACKAGE_NAME}-${VERSION}/debian/"

          # Build source package
          cd "${PACKAGE_NAME}-${VERSION}"
+
+          # Always use -sa to include orig tarball
+          # Launchpad will reuse existing file if hash matches
          debuild -S -sa -d -us -uc

      - name: Sign and upload
--- a/debian/README.md
+++ b/debian/README.md
@@ -11,7 +11,7 @@ git tag v0.15.0
 git push origin v0.15.0
 ```

-This automatically builds and uploads to both Ubuntu 22.04 (Jammy) and 24.04 (Noble).
+This automatically builds and uploads to Ubuntu 25.04 (Questing) which has Rust 1.85 for edition 2024 support.

 ## GitHub Secrets Setup

@@ -49,7 +49,7 @@ sudo apt install rustnet
 - **Binary**: rustnet
 - **Maintainer**: Marco Cadetg <cadetg@gmail.com>
 - **PPA**: https://launchpad.net/~domcyrus/+archive/ubuntu/rustnet
- **Supported**: Ubuntu 22.04 LTS, 24.04 LTS
+- **Supported**: Ubuntu 24.04 LTS (Noble) and later
 - **Architectures**: amd64, arm64, armhf

 ## Workflow
--- a/debian/cargo.config
+++ b/debian/cargo.config
@@ -0,0 +1,5 @@
+[source.crates-io]
+replace-with = "vendored-sources"
+
+[source.vendored-sources]
+directory = "vendor"
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,14 +1,13 @@
-rustnet-monitor (0.14.0-1ubuntu1) noble; urgency=medium
+rustnet-monitor (0.14.0+ds6-1ubuntu1) questing; urgency=medium

-  * Initial Ubuntu PPA release
+  * Refactored packaging with vendored dependencies in debian/vendor.tar.xz
+  * Target Ubuntu Questing (25.10) with Rust 1.88 for edition 2024 support
+  * Use versioned cargo-1.88 and rustc-1.88 packages
  * eBPF enabled by default on Linux with automatic procfs fallback
  * JSON logging for SIEM integration
  * TUN/TAP interface support for VPN monitoring
-  * Multi-architecture support (amd64, arm64, armhf)
-  * Desktop integration with .desktop file and icon
-  * Automatic capability setting for non-root packet capture

- -- Marco Cadetg <domcyrus@example.com>  Mon, 13 Oct 2025 12:00:00 +0000
+ -- Marco Cadetg <cadetg@gmail.com>  Mon, 13 Oct 2025 21:32:00 +0000

 rustnet-monitor (0.14.0-1) unstable; urgency=medium

@@ -20,4 +19,4 @@ rustnet-monitor (0.14.0-1) unstable; urgency=medium
  * Fixed high CPU usage on Linux
  * Bundled vmlinux.h files to eliminate network dependency during builds

- -- Marco Cadetg <domcyrus@example.com>  Sat, 12 Oct 2025 00:00:00 +0000
+ -- Marco Cadetg <cadetg@gmail.com>  Sat, 12 Oct 2025 00:00:00 +0000
--- a/debian/control
+++ b/debian/control
@@ -3,8 +3,8 @@ Section: net
 Priority: optional
 Maintainer: Marco Cadetg <domcyrus@example.com>
 Build-Depends: debhelper-compat (= 13),
-               cargo,
-               rustc,
+               cargo-1.88,
+               rustc-1.88,
               libpcap-dev,
               libelf-dev,
               elfutils,
--- a/debian/rules
+++ b/debian/rules
@@ -3,8 +3,10 @@
 export DH_VERBOSE = 1
 export RUSTFLAGS = -C strip=symbols

-# Use rustup-installed cargo/rustc instead of system version
-export PATH := $(HOME)/.cargo/bin:$(PATH)
+# Use versioned Rust 1.88 from Ubuntu Questing
+export CARGO = /usr/bin/cargo-1.88
+export RUSTC = /usr/bin/rustc-1.88
+export RUSTDOC = /usr/bin/rustdoc-1.88

 # eBPF is enabled by default, no need for explicit feature flag
 export CARGO_BUILD_FLAGS = --release
@@ -16,14 +18,19 @@ export RUSTNET_ASSET_DIR = $(CURDIR)/debian/tmp/assets
 	dh $@

 override_dh_auto_clean:
-	# Use rustup cargo for clean
-	[ ! -f Cargo.toml ] || cargo clean || true
+	$(CARGO) clean || true
+	rm -rf target vendor .cargo

 override_dh_auto_build:
+	# Setup cargo to use vendored dependencies
+	mkdir -p .cargo
+	cp debian/cargo.config .cargo/config.toml
+	# Extract vendored dependencies
+	tar xJf debian/vendor.tar.xz
 	# Create asset directory for build.rs
 	mkdir -p $(RUSTNET_ASSET_DIR)
-	# Build with rustup cargo (supports edition 2024)
-	cargo build --release --verbose
+	# Build with cargo-1.88 using vendored dependencies
+	$(CARGO) build --release --frozen

 override_dh_auto_install:
 	# Install binary
--- a/debian/source/include-binaries
+++ b/debian/source/include-binaries
@@ -0,0 +1 @@
+debian/vendor.tar.xz
--- a/scripts/test-deb-build.sh
+++ b/scripts/test-deb-build.sh
@@ -0,0 +1,66 @@
+#!/bin/bash
+set -e
+
+UBUNTU_RELEASE=${1:-noble}
+SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
+PROJECT_DIR="$(dirname "$SCRIPT_DIR")"
+
+echo "Testing Debian package build for Ubuntu $UBUNTU_RELEASE"
+echo "=================================================="
+
+# Build the Docker container
+docker build -t rustnet-deb-test:$UBUNTU_RELEASE -f - "$PROJECT_DIR" <<EOF
+FROM ubuntu:$UBUNTU_RELEASE
+
+# Install build dependencies
+RUN apt-get update && apt-get install -y \\
+    debhelper \\
+    devscripts \\
+    dpkg-dev \\
+    rustup \\
+    libpcap-dev \\
+    libelf-dev \\
+    elfutils \\
+    zlib1g-dev \\
+    clang \\
+    llvm \\
+    pkg-config \\
+    lintian \\
+    file
+
+WORKDIR /build
+COPY . /build/
+
+# Build the source package
+RUN echo "Building source package..." && \\
+    debuild -S -sa -d -us -uc
+
+# Build the binary package (simulates what Launchpad does)
+RUN echo "Building binary package..." && \\
+    cd .. && \\
+    dpkg-source -x rustnet-monitor_*.dsc extracted && \\
+    cd extracted && \\
+    dpkg-buildpackage -b -uc -us
+
+# List the built packages
+RUN echo "Built packages:" && \\
+    ls -lh /build/../*.deb || true
+
+# Run lintian on the package
+RUN echo "Running lintian checks..." && \\
+    lintian /build/../*.deb || true
+
+# Test the package contents
+RUN echo "Package contents:" && \\
+    dpkg-deb -c /build/../rustnet_*.deb
+
+CMD ["/bin/bash"]
+EOF
+
+echo ""
+echo "Build completed successfully!"
+echo ""
+echo "To extract the .deb file, run:"
+echo "  docker create --name rustnet-deb-extract rustnet-deb-test:$UBUNTU_RELEASE"
+echo "  docker cp rustnet-deb-extract:/build/../rustnet_*.deb ."
+echo "  docker rm rustnet-deb-extract"