Skip to content

[ci] Add FreeBSD port release job to GitHub Actions #4916

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
mlsmaycon wants to merge 19 commits into
base: main
Choose a base branch
from
+443 −0
Open

[ci] Add FreeBSD port release job to GitHub Actions #4916

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
19 commits
Select commit Hold shift + click to select a range
0397d5e
[ci] Add FreeBSD port release job to GitHub Actions
mlsmaycon Dec 5, 2025
04b47b9
test steps
mlsmaycon Dec 5, 2025
7c44f60
fix tests
mlsmaycon Dec 5, 2025
0f697a9
[ci] Fix FreeBSD port diff handling in release workflow
mlsmaycon Dec 5, 2025
3ab0d09
[ci] Update release workflow to fix FreeBSD port diff file lookup
mlsmaycon Dec 5, 2025
fff3992
[ci] Fix release workflow to use absolute path for diff file lookup
mlsmaycon Dec 5, 2025
5078da2
[ci] Fix patch application path in FreeBSD release workflow
mlsmaycon Dec 5, 2025
aa2e6fb
[ci] Update FreeBSD release workflow to adjust sparse-checkout paths
mlsmaycon Dec 5, 2025
701144a
[ci] Update FreeBSD workflow to refine patch application and Makefile…
mlsmaycon Dec 5, 2025
329de3e
update-test
mlsmaycon Dec 7, 2025
37acb2a
remove sparse
mlsmaycon Dec 8, 2025
d155230
remove sparse
mlsmaycon Dec 8, 2025
8b8b798
update freebsd release
mlsmaycon Dec 8, 2025
f066868
install netbird
mlsmaycon Dec 8, 2025
6f6da27
use pkg
mlsmaycon Dec 8, 2025
b8ab864
make package
mlsmaycon Dec 8, 2025
ef5aa2e
export batch=yes
mlsmaycon Dec 8, 2025
b38d425
install go on pre
mlsmaycon Dec 8, 2025
8750072
fix version grep
mlsmaycon Dec 8, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
81 changes: 81 additions & 0 deletions .github/workflows/release.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -19,6 +19,87 @@ concurrency:
cancel-in-progress: true

jobs:
release_freebsd_port:
name: "FreeBSD Port / Build & Test"
runs-on: ubuntu-22.04
steps:
- name: Checkout
uses: actions/checkout@v4

- name: Generate FreeBSD port diff
run: bash release_files/freebsd-port-diff.sh

- name: Generate FreeBSD port issue body
run: bash release_files/freebsd-port-issue-body.sh

- name: Extract version
id: version
run: |
VERSION=$(ls netbird-*.diff | sed 's/netbird-\(.*\)\.diff/\1/')
echo "version=$VERSION" >> $GITHUB_OUTPUT
echo "Generated files for version: $VERSION"
cat netbird-*.diff
Comment on lines +35 to +41
Copy link
Contributor

@coderabbitai coderabbitai bot Dec 5, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟠 Major

Harden version extraction to handle edge cases.

Line 38 uses ls netbird-*.diff which could match multiple files, causing the version extraction to fail or produce unexpected results. Additionally, the script outputs all diff file contents to logs (line 41), which may not be necessary.

Consider strengthening the version extraction:

-          VERSION=$(ls netbird-*.diff | sed 's/netbird-\(.*\)\.diff/\1/')
-          echo "version=$VERSION" >> $GITHUB_OUTPUT
-          echo "Generated files for version: $VERSION"
-          cat netbird-*.diff
+          DIFF_FILE=$(ls netbird-*.diff | head -1)
+          if [ -z "$DIFF_FILE" ]; then
+            echo "ERROR: No diff file found"
+            exit 1
+          fi
+          VERSION=$(basename "$DIFF_FILE" | sed 's/netbird-\(.*\)\.diff/\1/')
+          echo "version=$VERSION" >> $GITHUB_OUTPUT
+          echo "Generated files for version: $VERSION"

This ensures:

  • Only one diff file is selected (first match)
  • Explicit error if no file is found
  • Clearer intent with variable naming
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
- name: Extract version
id: version
run: |
VERSION=$(ls netbird-*.diff | sed 's/netbird-\(.*\)\.diff/\1/')
echo "version=$VERSION" >> $GITHUB_OUTPUT
echo "Generated files for version: $VERSION"
cat netbird-*.diff
- name: Extract version
id: version
run: |
DIFF_FILE=$(ls netbird-*.diff | head -1)
if [ -z "$DIFF_FILE" ]; then
echo "ERROR: No diff file found"
exit 1
fi
VERSION=$(basename "$DIFF_FILE" | sed 's/netbird-\(.*\)\.diff/\1/')
echo "version=$VERSION" >> $GITHUB_OUTPUT
echo "Generated files for version: $VERSION"
🤖 Prompt for AI Agents 
.github/workflows/release.yml lines 35-41: harden version extraction to handle
multiple or missing diff files and avoid dumping diffs to logs; change the
script to explicitly glob and select only the first matching file (e.g., capture
matches into an array and pick element 0), check and fail with a clear error if
no netbird-*.diff file is found, derive VERSION from that single filename using
a precise pattern/substitution, export it to GITHUB_OUTPUT as before, and remove
or comment out the cat netbird-*.diff line so diff contents are not printed to
logs.


- name: Test FreeBSD port
uses: vmactions/freebsd-vm@v1
with:
usesh: true
copyback: false
release: "15.0"
prepare: |
# Install required packages
pkg install -y git curl portlint go

# Install Go for building
GO_TARBALL="go1.24.10.freebsd-amd64.tar.gz"
Copy link
Contributor

@coderabbitai coderabbitai bot Dec 8, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🔴 Critical

🧩 Analysis chain

🌐 Web query:

Go 1.24.10 download availability FreeBSD amd64

💡 Result:

Go 1.24.10 — there is no official prebuilt freebsd/amd64 binary on the Go downloads page. The go1.24.10 builds on the dl page include freebsd/arm, freebsd/arm64 and freebsd/riscv64 but not freebsd-amd64. [1][2]

Options: build from source (go1.24.10.src.tar.gz) or use a different release that provides freebsd-amd64 binaries (for example go1.25.5 does). [1][2]

Sources:
[1] go.dev — All releases (shows go1.25.5.freebsd-amd64).
[2] go.dev — All releases (shows go1.24.10 freebsd entries: arm, arm64, riscv64; no freebsd-amd64).

Update Go version to one with official freebsd-amd64 binary support.

Go 1.24.10 does not have an official prebuilt binary for freebsd-amd64 on the Go downloads page. Available architectures for 1.24.10 are freebsd/arm, freebsd/arm64, and freebsd/riscv64 only. This will cause the download to fail. Use a version like 1.25.5 that provides freebsd-amd64, or build from source using go1.24.10.src.tar.gz.

🤖 Prompt for AI Agents 
.github/workflows/release.yml around line 54: the workflow sets GO_TARBALL to
"go1.24.10.freebsd-amd64.tar.gz" but Go 1.24.10 has no official freebsd-amd64
binary; update this to a release that provides freebsd-amd64 (for example change
to "go1.25.5.freebsd-amd64.tar.gz") or else point to the source tarball
"go1.24.10.src.tar.gz" and adjust the install steps to build from source; ensure
any GO_VERSION or related variables are kept consistent with the chosen tarball.

GO_URL="https://go.dev/dl/$GO_TARBALL"
curl -LO "$GO_URL"
tar -C /usr/local -xzf "$GO_TARBALL"

# Clone ports tree (shallow, only what we need)
git clone --depth 1 --filter=blob:none https://git.FreeBSD.org/ports.git /usr/ports
cd /usr/ports

run: |
set -e -x
export PATH=$PATH:/usr/local/go/bin

# Find the diff file
echo "Finding diff file..."
DIFF_FILE=$(find $PWD -name "netbird-*.diff" -type f 2>/dev/null | head -1)
echo "Found: $DIFF_FILE"

if [ -z "$DIFF_FILE" ]; then
echo "ERROR: Could not find diff file"
find ~ -name "*.diff" -type f 2>/dev/null || true
exit 1
fi

# Apply the generated diff from /usr/ports (diff has a/security/netbird/... paths)
cd /usr/ports
patch -p1 -V none < "$DIFF_FILE"

# Show patched Makefile
version=$(cat security/netbird/Makefile | grep -E '^DISTVERSION=' | awk '{print $NF}')

cd /usr/ports/security/netbird
export BATCH=yes
make package
pkg add ./work/pkg/netbird-*.pkg

netbird version | grep $version
Copy link
Contributor

@coderabbitai coderabbitai bot Dec 8, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟡 Minor

Quote the version variable in grep pattern.

The version variable used in the grep command is unquoted, which could cause issues if the extracted version contains regex special characters or spaces.

Apply this diff to fix the quoting:

-            netbird version | grep $version
+            netbird version | grep "$version"
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
netbird version | grep $version
netbird version | grep "$version"
🤖 Prompt for AI Agents 
.github/workflows/release.yml around line 90: the grep command uses an unquoted
variable (netbird version | grep $version) which can misinterpret regex
metacharacters or spaces; update the command to quote the variable (use grep
"$version") so the extracted version is treated as a literal string, ensuring
correct matching and avoiding unexpected shell/grep behavior.


echo "FreeBSD port test completed successfully!"

- name: Upload FreeBSD port files
uses: actions/upload-artifact@v4
with:
name: freebsd-port-files
path: |
./netbird-*-issue.txt
./netbird-*.diff
retention-days: 30

release:
runs-on: ubuntu-latest-m
env:
Expand Down
208 changes: 208 additions & 0 deletions release_files/freebsd-port-diff.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,208 @@
#!/bin/bash
#
# FreeBSD Port Diff Generator for NetBird
#
# This script generates the diff file required for submitting a FreeBSD port update.
# It works on macOS, Linux, and FreeBSD by fetching files from FreeBSD cgit and
# computing checksums from the Go module proxy.
#
# Usage: ./freebsd-port-diff.sh [new_version]
# Example: ./freebsd-port-diff.sh 0.60.7
#
# If no version is provided, it fetches the latest from GitHub.

set -e

GITHUB_REPO="netbirdio/netbird"
PORTS_CGIT_BASE="https://cgit.freebsd.org/ports/plain/security/netbird"
GO_PROXY="https://proxy.golang.org/github.com/netbirdio/netbird/@v"
OUTPUT_DIR="${OUTPUT_DIR:-.}"

fetch_all_tags() {

Check warning on line 21 in release_files/freebsd-port-diff.sh

View check run for this annotation

SonarQubeCloud / SonarCloud Code Analysis

Add an explicit return statement at the end of the function. 


See more on https://sonarcloud.io/project/issues?id=netbirdio_netbird&issues=AZruPwh3gZYxGT1njWpW&open=AZruPwh3gZYxGT1njWpW&pullRequest=4916
curl -sL "https://github.com/${GITHUB_REPO}/tags" 2>/dev/null | \
grep -oE '/releases/tag/v[0-9]+\.[0-9]+\.[0-9]+' | \
sed 's/.*\/v//' | \
sort -u -V
}

fetch_current_ports_version() {

Check warning on line 28 in release_files/freebsd-port-diff.sh

View check run for this annotation

SonarQubeCloud / SonarCloud Code Analysis

Add an explicit return statement at the end of the function. 


See more on https://sonarcloud.io/project/issues?id=netbirdio_netbird&issues=AZruPwh3gZYxGT1njWpX&open=AZruPwh3gZYxGT1njWpX&pullRequest=4916
echo "Fetching current version from FreeBSD ports..." >&2
curl -sL "${PORTS_CGIT_BASE}/Makefile" 2>/dev/null | \
grep -E "^DISTVERSION=" | \
sed 's/DISTVERSION=[[:space:]]*//' | \
tr -d '\t '
}

fetch_latest_github_release() {

Check warning on line 36 in release_files/freebsd-port-diff.sh

View check run for this annotation

SonarQubeCloud / SonarCloud Code Analysis

Add an explicit return statement at the end of the function. 


See more on https://sonarcloud.io/project/issues?id=netbirdio_netbird&issues=AZruPwh3gZYxGT1njWpY&open=AZruPwh3gZYxGT1njWpY&pullRequest=4916
echo "Fetching latest release from GitHub..." >&2
fetch_all_tags | tail -1
}

fetch_ports_file() {

Check warning on line 41 in release_files/freebsd-port-diff.sh

View check run for this annotation

SonarQubeCloud / SonarCloud Code Analysis

Add an explicit return statement at the end of the function. 


See more on https://sonarcloud.io/project/issues?id=netbirdio_netbird&issues=AZruPwh3gZYxGT1njWpZ&open=AZruPwh3gZYxGT1njWpZ&pullRequest=4916
local filename="$1"
curl -sL "${PORTS_CGIT_BASE}/${filename}" 2>/dev/null
}

compute_checksums() {
local version="$1"
local tmpdir
tmpdir=$(mktemp -d)
trap "rm -rf '$tmpdir'" EXIT
Copy link
Contributor

@coderabbitai coderabbitai bot Dec 5, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🛠️ Refactor suggestion | 🟠 Major

Use single quotes in trap to defer variable expansion.

Lines 50 and 166 use unquoted variables in trap commands, which expands them immediately rather than when the trap fires. This is a security best practice to ensure cleanup uses the variable value at exit time, not at definition time.

Apply these diffs to fix trap quoting per ShellCheck SC2064:

 compute_checksums() {
     local version="$1"
     local tmpdir
     tmpdir=$(mktemp -d)
-    trap "rm -rf '$tmpdir'" EXIT
+    trap "rm -rf \"$tmpdir\"" EXIT
 # Create temp files for diff
 TMPDIR=$(mktemp -d)
-trap "rm -rf '$TMPDIR'" EXIT
+trap "rm -rf \"$TMPDIR\"" EXIT

Actually, the safest approach is to use single quotes around the entire command:

-    trap "rm -rf '$tmpdir'" EXIT
+    trap 'rm -rf "$tmpdir"' EXIT

Also applies to: 166-166

🧰 Tools
🪛 Shellcheck (0.11.0)

[warning] 50-50: Use single quotes, otherwise this expands now rather than when signalled.

(SC2064)

🤖 Prompt for AI Agents 
In release_files/freebsd-port-diff.sh around lines 50 and 166, the trap commands
use double quotes which cause immediate variable expansion (triggers ShellCheck
SC2064); replace them so variable expansion is deferred by quoting the entire
command and protecting the variable with inner double quotes — i.e. change the
trap definitions to use single quotes around the whole command and double quotes
around $tmpdir so the value is expanded at trap execution time.


echo "Downloading files from Go module proxy for v${version}..." >&2

local mod_file="${tmpdir}/v${version}.mod"
local zip_file="${tmpdir}/v${version}.zip"

curl -sL "${GO_PROXY}/v${version}.mod" -o "$mod_file" 2>/dev/null
curl -sL "${GO_PROXY}/v${version}.zip" -o "$zip_file" 2>/dev/null
Comment on lines +57 to +58
Copy link
Contributor

@coderabbitai coderabbitai bot Dec 5, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟠 Major

Go module proxy downloads lack validation and timeout.

The curl commands on lines 57–58 download files from proxy.golang.org without:

  1. Timeout specifications (could hang indefinitely)
  2. Size limits (could download unexpectedly large files)
  3. Checksum pre-validation

If the Go proxy is down or returns garbage, the script proceeds with invalid data.

Add timeouts, size limits, and pre-download validation:

-    curl -sL "${GO_PROXY}/v${version}.mod" -o "$mod_file" 2>/dev/null
-    curl -sL "${GO_PROXY}/v${version}.zip" -o "$zip_file" 2>/dev/null
+    curl -sfL --max-time 30 --max-filesize 10M "${GO_PROXY}/v${version}.mod" -o "$mod_file" 2>/dev/null || return 1
+    curl -sfL --max-time 30 --max-filesize 100M "${GO_PROXY}/v${version}.zip" -o "$zip_file" 2>/dev/null || return 1

This ensures:

  • -f: Fail on HTTP errors
  • --max-time 30: Abort if download exceeds 30 seconds
  • --max-filesize N: Reject files larger than expected
  • Exit code handling with || return 1
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
curl -sL "${GO_PROXY}/v${version}.mod" -o "$mod_file" 2>/dev/null
curl -sL "${GO_PROXY}/v${version}.zip" -o "$zip_file" 2>/dev/null
curl -sfL --max-time 30 --max-filesize 10M "${GO_PROXY}/v${version}.mod" -o "$mod_file" 2>/dev/null || return 1
curl -sfL --max-time 30 --max-filesize 100M "${GO_PROXY}/v${version}.zip" -o "$zip_file" 2>/dev/null || return 1


if [ ! -s "$mod_file" ] || [ ! -s "$zip_file" ]; then

Check failure on line 60 in release_files/freebsd-port-diff.sh

View check run for this annotation

SonarQubeCloud / SonarCloud Code Analysis

Use '[[' instead of '[' for conditional tests. The '[[' construct is safer and more feature-rich. 


See more on https://sonarcloud.io/project/issues?id=netbirdio_netbird&issues=AZruPwh3gZYxGT1njWpL&open=AZruPwh3gZYxGT1njWpL&pullRequest=4916

Check failure on line 60 in release_files/freebsd-port-diff.sh

View check run for this annotation

SonarQubeCloud / SonarCloud Code Analysis

Use '[[' instead of '[' for conditional tests. The '[[' construct is safer and more feature-rich. 


See more on https://sonarcloud.io/project/issues?id=netbirdio_netbird&issues=AZruPwh3gZYxGT1njWpM&open=AZruPwh3gZYxGT1njWpM&pullRequest=4916
echo "Error: Could not download files from Go module proxy" >&2
return 1
fi

local mod_sha256 mod_size zip_sha256 zip_size

if command -v sha256sum &>/dev/null; then
mod_sha256=$(sha256sum "$mod_file" | awk '{print $1}')
zip_sha256=$(sha256sum "$zip_file" | awk '{print $1}')
elif command -v shasum &>/dev/null; then
mod_sha256=$(shasum -a 256 "$mod_file" | awk '{print $1}')
zip_sha256=$(shasum -a 256 "$zip_file" | awk '{print $1}')

Check warning on line 72 in release_files/freebsd-port-diff.sh

View check run for this annotation

SonarQubeCloud / SonarCloud Code Analysis

Define a constant instead of using the literal '{print $1}' 4 times. 


See more on https://sonarcloud.io/project/issues?id=netbirdio_netbird&issues=AZruPwh3gZYxGT1njWpK&open=AZruPwh3gZYxGT1njWpK&pullRequest=4916
else
echo "Error: No sha256 command found" >&2
return 1
fi

if [[ "$OSTYPE" == "darwin"* ]]; then
mod_size=$(stat -f%z "$mod_file")
zip_size=$(stat -f%z "$zip_file")
else
mod_size=$(stat -c%s "$mod_file")
zip_size=$(stat -c%s "$zip_file")
fi

echo "TIMESTAMP = $(date +%s)"
echo "SHA256 (go/security_netbird/netbird-v${version}/v${version}.mod) = ${mod_sha256}"
echo "SIZE (go/security_netbird/netbird-v${version}/v${version}.mod) = ${mod_size}"
echo "SHA256 (go/security_netbird/netbird-v${version}/v${version}.zip) = ${zip_sha256}"
echo "SIZE (go/security_netbird/netbird-v${version}/v${version}.zip) = ${zip_size}"
}

generate_new_makefile() {

Check warning on line 93 in release_files/freebsd-port-diff.sh

View check run for this annotation

SonarQubeCloud / SonarCloud Code Analysis

Add an explicit return statement at the end of the function. 


See more on https://sonarcloud.io/project/issues?id=netbirdio_netbird&issues=AZruPwh3gZYxGT1njWpa&open=AZruPwh3gZYxGT1njWpa&pullRequest=4916
local old_version="$1"

Check warning on line 94 in release_files/freebsd-port-diff.sh

View check run for this annotation

SonarQubeCloud / SonarCloud Code Analysis

Remove the unused local variable 'old_version'. 


See more on https://sonarcloud.io/project/issues?id=netbirdio_netbird&issues=AZruPwh3gZYxGT1njWpV&open=AZruPwh3gZYxGT1njWpV&pullRequest=4916
local new_version="$2"
local old_makefile="$3"

# Check if old version had PORTREVISION
if echo "$old_makefile" | grep -q "^PORTREVISION="; then
# Remove PORTREVISION line and update DISTVERSION
echo "$old_makefile" | \
sed "s/^DISTVERSION=.*/DISTVERSION= ${new_version}/" | \
grep -v "^PORTREVISION="
else
# Just update DISTVERSION
echo "$old_makefile" | \
sed "s/^DISTVERSION=.*/DISTVERSION= ${new_version}/"
fi
}

# Parse arguments
NEW_VERSION="${1:-}"

# Auto-detect versions if not provided
OLD_VERSION=$(fetch_current_ports_version)
if [ -z "$OLD_VERSION" ]; then

Check failure on line 116 in release_files/freebsd-port-diff.sh

View check run for this annotation

SonarQubeCloud / SonarCloud Code Analysis

Use '[[' instead of '[' for conditional tests. The '[[' construct is safer and more feature-rich. 


See more on https://sonarcloud.io/project/issues?id=netbirdio_netbird&issues=AZruPwh3gZYxGT1njWpN&open=AZruPwh3gZYxGT1njWpN&pullRequest=4916
echo "Error: Could not fetch current version from FreeBSD ports" >&2
exit 1
fi
echo "Current FreeBSD ports version: ${OLD_VERSION}" >&2

if [ -z "$NEW_VERSION" ]; then

Check failure on line 122 in release_files/freebsd-port-diff.sh

View check run for this annotation

SonarQubeCloud / SonarCloud Code Analysis

Use '[[' instead of '[' for conditional tests. The '[[' construct is safer and more feature-rich. 


See more on https://sonarcloud.io/project/issues?id=netbirdio_netbird&issues=AZruPwh3gZYxGT1njWpO&open=AZruPwh3gZYxGT1njWpO&pullRequest=4916
NEW_VERSION=$(fetch_latest_github_release)
if [ -z "$NEW_VERSION" ]; then

Check failure on line 124 in release_files/freebsd-port-diff.sh

View check run for this annotation

SonarQubeCloud / SonarCloud Code Analysis

Use '[[' instead of '[' for conditional tests. The '[[' construct is safer and more feature-rich. 


See more on https://sonarcloud.io/project/issues?id=netbirdio_netbird&issues=AZruPwh3gZYxGT1njWpP&open=AZruPwh3gZYxGT1njWpP&pullRequest=4916
echo "Error: Could not fetch latest release from GitHub" >&2
exit 1
fi
fi
echo "Target version: ${NEW_VERSION}" >&2

if [ "$OLD_VERSION" = "$NEW_VERSION" ]; then

Check failure on line 131 in release_files/freebsd-port-diff.sh

View check run for this annotation

SonarQubeCloud / SonarCloud Code Analysis

Use '[[' instead of '[' for conditional tests. The '[[' construct is safer and more feature-rich. 


See more on https://sonarcloud.io/project/issues?id=netbirdio_netbird&issues=AZruPwh3gZYxGT1njWpQ&open=AZruPwh3gZYxGT1njWpQ&pullRequest=4916
echo "Port is already at version ${NEW_VERSION}. Nothing to do." >&2
exit 0
fi

echo "" >&2

# Fetch current files
echo "Fetching current Makefile from FreeBSD ports..." >&2
OLD_MAKEFILE=$(fetch_ports_file "Makefile")
if [ -z "$OLD_MAKEFILE" ]; then

Check failure on line 141 in release_files/freebsd-port-diff.sh

View check run for this annotation

SonarQubeCloud / SonarCloud Code Analysis

Use '[[' instead of '[' for conditional tests. The '[[' construct is safer and more feature-rich. 


See more on https://sonarcloud.io/project/issues?id=netbirdio_netbird&issues=AZruPwh3gZYxGT1njWpR&open=AZruPwh3gZYxGT1njWpR&pullRequest=4916
echo "Error: Could not fetch Makefile" >&2
exit 1
fi

echo "Fetching current distinfo from FreeBSD ports..." >&2
OLD_DISTINFO=$(fetch_ports_file "distinfo")
if [ -z "$OLD_DISTINFO" ]; then

Check failure on line 148 in release_files/freebsd-port-diff.sh

View check run for this annotation

SonarQubeCloud / SonarCloud Code Analysis

Use '[[' instead of '[' for conditional tests. The '[[' construct is safer and more feature-rich. 


See more on https://sonarcloud.io/project/issues?id=netbirdio_netbird&issues=AZruPwh3gZYxGT1njWpS&open=AZruPwh3gZYxGT1njWpS&pullRequest=4916
echo "Error: Could not fetch distinfo" >&2
exit 1
fi

# Generate new files
echo "Generating new Makefile..." >&2
NEW_MAKEFILE=$(generate_new_makefile "$OLD_VERSION" "$NEW_VERSION" "$OLD_MAKEFILE")

echo "Computing checksums for new version..." >&2
NEW_DISTINFO=$(compute_checksums "$NEW_VERSION")
if [ -z "$NEW_DISTINFO" ]; then

Check failure on line 159 in release_files/freebsd-port-diff.sh

View check run for this annotation

SonarQubeCloud / SonarCloud Code Analysis

Use '[[' instead of '[' for conditional tests. The '[[' construct is safer and more feature-rich. 


See more on https://sonarcloud.io/project/issues?id=netbirdio_netbird&issues=AZruPwh3gZYxGT1njWpT&open=AZruPwh3gZYxGT1njWpT&pullRequest=4916
echo "Error: Could not compute checksums" >&2
exit 1
fi

# Create temp files for diff
TMPDIR=$(mktemp -d)
trap "rm -rf '$TMPDIR'" EXIT

mkdir -p "${TMPDIR}/a/security/netbird" "${TMPDIR}/b/security/netbird"

echo "$OLD_MAKEFILE" > "${TMPDIR}/a/security/netbird/Makefile"
echo "$OLD_DISTINFO" > "${TMPDIR}/a/security/netbird/distinfo"
echo "$NEW_MAKEFILE" > "${TMPDIR}/b/security/netbird/Makefile"
echo "$NEW_DISTINFO" > "${TMPDIR}/b/security/netbird/distinfo"

# Generate diff
OUTPUT_FILE="${OUTPUT_DIR}/netbird-${NEW_VERSION}.diff"

echo "" >&2
echo "Generating diff..." >&2

# Generate diff and clean up temp paths to show standard a/b paths
(cd "${TMPDIR}" && diff -ruN "a/security/netbird" "b/security/netbird") > "$OUTPUT_FILE" || true

if [ ! -s "$OUTPUT_FILE" ]; then

Check failure on line 184 in release_files/freebsd-port-diff.sh

View check run for this annotation

SonarQubeCloud / SonarCloud Code Analysis

Use '[[' instead of '[' for conditional tests. The '[[' construct is safer and more feature-rich. 


See more on https://sonarcloud.io/project/issues?id=netbirdio_netbird&issues=AZruPwh3gZYxGT1njWpU&open=AZruPwh3gZYxGT1njWpU&pullRequest=4916
echo "Error: Generated diff is empty" >&2
exit 1
fi

echo "" >&2
echo "========================================="
echo "Diff saved to: ${OUTPUT_FILE}"
echo "========================================="
echo ""
cat "$OUTPUT_FILE"
echo ""
echo "========================================="
echo ""
echo "Next steps:"
echo "1. Review the diff above"
echo "2. Submit to https://bugs.freebsd.org/bugzilla/"
echo "3. Use ./freebsd-port-issue-body.sh to generate the issue content"
echo ""
echo "For FreeBSD testing (optional but recommended):"
echo " cd /usr/ports/security/netbird"
echo " patch < ${OUTPUT_FILE}"
echo " make stage && make stage-qa && make package && make install"
echo " netbird status"
echo " make deinstall"
Loading
Loading