linux: ignore kernel branches older than min supported branch

Right now, hashes for 4.14 are kept (and thus also maintained by the hardened updater) even though we don't support that anymore, the oldest supported branch is 4.19. To avoid having to remember too many places where to drop a kernel when dropping an old one (next will be 4.19), the oldest kernel branch will be determined by the lowest version number in the keys of `kernels-org.json`. That way, it's sufficient to drop an old branch from this file and it will be ignored on the upcoming update runs. Yes, the code to read from that file is duplicated, but I'd expect the min version to change way more often than 3 lines of code reading a version from a JSON file[1]. The logic is fairly simple though: if the branch (i.e. MAJOR.MINOR) of a kernel that's listed on kernel.org[2] is older than the oldest version in `kernels-org.json`, it's omitted on update and a message is printed like this: [...] linux_5_4: 5.4.265 is latest, skipping... linux_4_19: 4.19.303 is latest, skipping... 4.14 is too old and not supported anymore, skipping... Kernels that have the branch `testing` are excluded from that check and always allowed. [1] Also, I'm unhappy already that I can't just do a relative import in here to deduplicate the function and for 3 lines of code it seems like unnecessarily much effort to create a python package structure here. [2] Kernels that got unlisted there are too old to be added/kept here anyways.
2023-12-30 11:40:59 +01:00 · 2023-12-30 11:40:59 +01:00 · 76d763eeb9
commit 76d763eeb9
parent af7fc05959
1 changed files with 24 additions and 1 deletions
--- a/pkgs/os-specific/linux/kernel/update-mainline.py
+++ b/pkgs/os-specific/linux/kernel/update-mainline.py
@ -1,5 +1,5 @@
 #!/usr/bin/env nix-shell
-#!nix-shell -i python3 -p "python3.withPackages (ps: [ ps.beautifulsoup4 ps.lxml ])"
+#!nix-shell -i python3 -p "python3.withPackages (ps: [ ps.beautifulsoup4 ps.lxml ps.packaging ])"
 import json
 import os
 import pathlib
@ -10,6 +10,8 @@ from dataclasses import dataclass
 from enum import Enum

 from bs4 import BeautifulSoup, NavigableString, Tag
+from packaging.version import parse as parse_version, Version
+from typing import List

 HERE = pathlib.Path(__file__).parent
 ROOT = HERE.parent.parent.parent.parent
@ -80,6 +82,18 @@ def get_hash(kernel: KernelRelease):
    return f"sha256:{hash}"


+def get_oldest_branch() -> Version:
+    with open(VERSIONS_FILE) as f:
+        return parse_version(sorted(json.load(f).keys())[0])
+
+
+def predates_oldest_branch(oldest: Version, to_compare: str) -> bool:
+    if to_compare == "testing":
+        return False
+
+    return parse_version(to_compare) < oldest
+
+
 def commit(message):
    return subprocess.check_call(["git", "commit", "-m", message, VERSIONS_FILE])

@ -97,6 +111,8 @@ def main():
    parsed_releases = filter(None, [parse_release(release) for release in releases])
    all_kernels = json.load(VERSIONS_FILE.open())

+    oldest_branch = get_oldest_branch()
+
    for kernel in parsed_releases:
        branch = get_branch(kernel.version)
        nixpkgs_branch = branch.replace(".", "_")
@ -106,6 +122,13 @@ def main():
            print(f"linux_{nixpkgs_branch}: {kernel.version} is latest, skipping...")
            continue

+        if predates_oldest_branch(oldest_branch, kernel.branch):
+            print(
+                f"{kernel.branch} is too old and not supported anymore, skipping...",
+                file=sys.stderr
+            )
+            continue
+
        if old_version is None:
            message = f"linux_{nixpkgs_branch}: init at {kernel.version}"
        else: