fix: Alpine install scripts - use separate files with valid abuild suffixes

Root cause: .apk-install is not a valid abuild suffix (lines 247-257 of abuild). abuild expects SEPARATE files: pkgname.pre-install, .post-install, .pre-deinstall, .post-deinstall. The old single .apk-install file caused abuild to die with "unknown install script suffix", but CI used || true which masked the failure, so APK was built WITHOUT install scripts. Verified on actual Alpine runner: install script suffixes now pass abuild validation. - configs/linux-patch-api.pre-install: create dirs, set permissions (matches Debian preinst) - configs/linux-patch-api.post-install: copy example configs, enable service (matches Debian postinst) - configs/linux-patch-api.pre-deinstall: stop and disable service (matches Debian prerm) - configs/linux-patch-api.post-deinstall: clean up empty dirs (matches Debian postrm) - Removed configs/linux-patch-api.apk-install (invalid format) - Updated build-alpine.sh: copy 4 install scripts to workspace, updated install= line in APKBUILD
2026-05-20 12:43:37 +00:00
parent dfc2370540
commit b8900d1eae
9 changed files with 109 additions and 94 deletions
--- a/configs/linux-patch-api.apk-install
+++ b/configs/linux-patch-api.apk-install
@ -1,81 +0,0 @@
-#!/bin/sh
-# Alpine Linux install hooks for linux-patch-api
-# Matches Debian preinst/postinst behavior: no system user, root:root ownership
-# Alpine APKBUILD install script format: pre-install, post-install, pre-deinstall, post-deinstall
-
-# Pre-install: Create directories before files are laid down
-pre_install() {
-    # Create required directories
-    mkdir -p /etc/linux_patch_api/certs
-    mkdir -p /var/lib/linux_patch_api
-    mkdir -p /var/log/linux_patch_api
-
-    # Set proper ownership (service runs as root)
-    chown -R root:root /var/lib/linux_patch_api
-    chown -R root:root /var/log/linux_patch_api
-
-    # Set secure permissions
-    chmod 750 /etc/linux_patch_api
-    chmod 750 /etc/linux_patch_api/certs
-    chmod 755 /var/lib/linux_patch_api
-    chmod 755 /var/log/linux_patch_api
-
-    echo "Pre-installation setup completed"
-}
-
-# Post-install: Copy example configs, enable service
-post_install() {
-    # Copy example configs if they don't exist
-    if [ ! -f "/etc/linux_patch_api/config.yaml" ]; then
-        if [ -f "/etc/linux_patch_api/config.yaml.example" ]; then
-            cp /etc/linux_patch_api/config.yaml.example /etc/linux_patch_api/config.yaml
-            chmod 640 /etc/linux_patch_api/config.yaml
-            chown root:root /etc/linux_patch_api/config.yaml
-        fi
-    fi
-
-    if [ ! -f "/etc/linux_patch_api/whitelist.yaml" ]; then
-        if [ -f "/etc/linux_patch_api/whitelist.yaml.example" ]; then
-            cp /etc/linux_patch_api/whitelist.yaml.example /etc/linux_patch_api/whitelist.yaml
-            chmod 640 /etc/linux_patch_api/whitelist.yaml
-            chown root:root /etc/linux_patch_api/whitelist.yaml
-        fi
-    fi
-
-    # Enable the service (but don't start automatically - admin should configure first)
-    rc-update add linux-patch-api default
-
-    echo ""
-    echo "linux-patch-api installed successfully!"
-    echo ""
-    echo "Next steps:"
-    echo "  1. Configure /etc/linux_patch_api/config.yaml with your settings"
-    echo "  2. Place TLS certificates in /etc/linux_patch_api/certs/"
-    echo "  3. Configure IP whitelist in /etc/linux_patch_api/whitelist.yaml"
-    echo "  4. Start the service: rc-service linux-patch-api start"
-    echo "  5. Check status: rc-service linux-patch-api status"
-    echo ""
-}
-
-# Pre-deinstall: Stop and disable service before files are removed
-pre_deinstall() {
-    # Stop the service if running
-    if rc-service linux-patch-api status >/dev/null 2>&1; then
-        rc-service linux-patch-api stop
-        echo "Service stopped"
-    else
-        echo "Service was not running"
-    fi
-
-    # Disable the service
-    rc-update del linux-patch-api default 2>/dev/null || true
-}
-
-# Post-deinstall: Clean up on removal
-post_deinstall() {
-    # Remove directories only if empty (preserve user data on reinstall)
-    rmdir /var/lib/linux_patch_api 2>/dev/null || true
-    rmdir /var/log/linux_patch_api 2>/dev/null || true
-
-    echo "linux-patch-api removed"
-}
--- a/configs/linux-patch-api.post-deinstall
+++ b/configs/linux-patch-api.post-deinstall
@ -0,0 +1,10 @@
+#!/bin/sh
+# Alpine Linux post-deinstall script for linux-patch-api
+# Runs after package files are removed
+# Matches Debian postrm behavior: clean up empty directories
+
+# Remove directories only if empty (preserve user data on reinstall)
+rmdir /var/lib/linux_patch_api 2>/dev/null || true
+rmdir /var/log/linux_patch_api 2>/dev/null || true
+
+echo "linux-patch-api removed"
--- a/configs/linux-patch-api.post-install
+++ b/configs/linux-patch-api.post-install
@ -0,0 +1,35 @@
+#!/bin/sh
+# Alpine Linux post-install script for linux-patch-api
+# Runs after package files are laid down
+# Matches Debian postinst behavior: copy example configs, enable service
+
+# Copy example configs if they don't exist
+if [ ! -f "/etc/linux_patch_api/config.yaml" ]; then
+    if [ -f "/etc/linux_patch_api/config.yaml.example" ]; then
+        cp /etc/linux_patch_api/config.yaml.example /etc/linux_patch_api/config.yaml
+        chmod 640 /etc/linux_patch_api/config.yaml
+        chown root:root /etc/linux_patch_api/config.yaml
+    fi
+fi
+
+if [ ! -f "/etc/linux_patch_api/whitelist.yaml" ]; then
+    if [ -f "/etc/linux_patch_api/whitelist.yaml.example" ]; then
+        cp /etc/linux_patch_api/whitelist.yaml.example /etc/linux_patch_api/whitelist.yaml
+        chmod 640 /etc/linux_patch_api/whitelist.yaml
+        chown root:root /etc/linux_patch_api/whitelist.yaml
+    fi
+fi
+
+# Enable the service (but don't start automatically - admin should configure first)
+rc-update add linux-patch-api default
+
+echo ""
+echo "linux-patch-api installed successfully!"
+echo ""
+echo "Next steps:"
+echo "  1. Configure /etc/linux_patch_api/config.yaml with your settings"
+echo "  2. Place TLS certificates in /etc/linux_patch_api/certs/"
+echo "  3. Configure IP whitelist in /etc/linux_patch_api/whitelist.yaml"
+echo "  4. Start the service: rc-service linux-patch-api start"
+echo "  5. Check status: rc-service linux-patch-api status"
+echo ""
--- a/configs/linux-patch-api.pre-deinstall
+++ b/configs/linux-patch-api.pre-deinstall
@ -0,0 +1,15 @@
+#!/bin/sh
+# Alpine Linux pre-deinstall script for linux-patch-api
+# Runs before package files are removed
+# Matches Debian prerm behavior: stop and disable service
+
+# Stop the service if running
+if rc-service linux-patch-api status >/dev/null 2>&1; then
+    rc-service linux-patch-api stop
+    echo "Service stopped"
+else
+    echo "Service was not running"
+fi
+
+# Disable the service
+rc-update del linux-patch-api default 2>/dev/null || true
--- a/configs/linux-patch-api.pre-install
+++ b/configs/linux-patch-api.pre-install
@ -0,0 +1,19 @@
+#!/bin/sh
+# Alpine Linux pre-install script for linux-patch-api
+# Runs before package files are laid down
+# Matches Debian preinst behavior: create directories, set permissions
+
+# Create required directories
+mkdir -p /etc/linux_patch_api/certs
+mkdir -p /var/lib/linux_patch_api
+mkdir -p /var/log/linux_patch_api
+
+# Set proper ownership (service runs as root)
+chown -R root:root /var/lib/linux_patch_api
+chown -R root:root /var/log/linux_patch_api
+
+# Set secure permissions
+chmod 750 /etc/linux_patch_api
+chmod 750 /etc/linux_patch_api/certs
+chmod 755 /var/lib/linux_patch_api
+chmod 755 /var/log/linux_patch_api