# Makefile USE_GITLAB



## ruslan-gennadievich (Sep 11, 2020)

Hello

I need create Makefile to build forked port from my gitlab. I readied https://www.freebsd.org/doc/en_US.ISO8859-1/books/porters-handbook/makefile-distfiles.html  (*5.4.4. USE_GITLAB*) but it just make url to feth tar.gz via http link. It's not what i want.
I don't have any tar.gz in my gitlab (not use release, tag etc) so i want just git clone... How i can do it via Makefile ?
Thanks!


----------



## monwarez (Sep 12, 2020)

This is described on
*Example 5.18. Simple Use of USE_GITLAB*
You just need to get the 40 character hex sha1 hash of the desired commit (it does not matter if the commit is a tag or not)


----------



## ruslan-gennadievich (Sep 12, 2020)

monwarez said:


> This is described on
> *Example 5.18. Simple Use of USE_GITLAB*
> You just need to get the 40 character hex sha1 hash of the desired commit (it does not matter if the commit is a tag or not)


It will automatically have          MASTER_SITES set to gitlab.com          and WRKSRC to          ${WRKDIR}/libsignon-glib-e90302e342bfd27bc8c9132ab9d0ea3d8723fd03-e90302e342bfd27bc8c9132ab9d0ea3d8723fd03.
So it just for fetch http?

My Makefile:

```
# Created by: Riaan Kruger <riaank@gmail.com>
# $FreeBSD$

PORTNAME=       strongswan
PORTVERSION=    5.9.0
PORTREVISION=   1
CATEGORIES=     security net-vpn
#MASTER_SITES=  http://download.strongswan.org/ \
#               http://download2.strongswan.org/

DISTVERSION=    5.9.0

USE_GITLAB=     yes
GL_SITE=        https://git.local/
GL_ACCOUNT=    user:pass
GL_PROJECT=     ip-encryptor/ikev2
GL_COMMIT=      667a2b9001aa7d357c592954b15a48b860257072
```
root@OPNsense:/usr/ports/security/strongswan # make
/!\ WARNING /!\

You have security/openssl installed but do not have
DEFAULT_VERSIONS+=ssl=openssl set in your make.conf

pkg-static: Bad argument on pkg_set 1360042769
===>  License GPLv2 accepted by the user
===>   strongswan-5.9.0_1 depends on file: /usr/local/sbin/pkg - found
*===> Fetching all distfiles required by strongswan-5.9.0_1 for building*
===>  Extracting for strongswan-5.9.0_1
*=> SHA256 Checksum OK for strongswan-ip-encryptor/ikev2-667a2b9001aa7d357c592954b15a48b860257072_GL0.tar.gz*.
=> SHA256 Checksum OK for ZROUSER-ip-encryptor/ikev2-_GL0.tar.gz.
tar: Error opening archive: Unrecognized archive format
*** Error code 1

How i can use git clone method (not http) ?


----------



## ekvz (Sep 12, 2020)

I am not very good with git or even gitlab but could it be the case that the ports system is still fetching the right commit but just by http download? The tagged file seems to suggest that the commit requirement has been taken care of and if that's the case what would it matter if it was fetched by downloading from http or by cloning?


----------



## Alexander88207 (Sep 12, 2020)

ruslan-gennadievich said:


> It will automatically have          MASTER_SITES set to gitlab.com          and WRKSRC to          ${WRKDIR}/libsignon-glib-e90302e342bfd27bc8c9132ab9d0ea3d8723fd03-e90302e342bfd27bc8c9132ab9d0ea3d8723fd03.
> So it just for fetch http?
> 
> My Makefile:
> ...



Only set DIST or PORT -VERSION, not both


----------



## monwarez (Sep 13, 2020)

Can you show us your corresponding distinfo ?
I am not sure to understand the question: is it how to build port with custom gitlab or how to build port that require a git clone ?
Fetching by http is still secure since there is a hash of the source in distinfo, I don't see how performing a `git clone` would be allowed in the port framework since that will easily skip the checksum check.
Also it is a good idea to verify that the checksum correspond to the source tarball ( you take the source without the .git directory and compress it with `tar` and `gzip`, and then you run `sha256` on your archive and compare with what you have in your distinfo


----------



## ekvz (Sep 13, 2020)

I've been playing a bit with the ports system yesterday and at least USE_GIT seems to result in the appropriate versions being downloaded over HTTP. I don't really see where the advantage of cloning would be as long as the right version of the files is fetched.


----------

