Add Ubuntu PPA packaging support

.github/workflows/ppa-release.yml

@@ -6,11 +6,16 @@
       ubuntu_release:
         description: 'Ubuntu release codename'
         required: true
-        default: 'noble'
+        default: 'oracular'
         type: choice
         options:
-          - noble   # 24.04 LTS
-          - jammy   # 22.04 LTS
+          - oracular # 24.10 with Rust 1.81
+          - noble # 24.04 LTS with Rust 1.82
+      tarball_suffix:
+        description: 'Tarball suffix (e.g., ds1, ds2) - leave empty for new releases'
+        required: false
+        default: ''
+        type: string
   push:
     tags:
       - 'v*'
@@ -22,147 +27,179 @@
 
 jobs:
   build-and-upload:
-    runs-on: ubuntu-22.04
+    runs-on: ubuntu-24.04
     strategy:
       matrix:
         ubuntu_release:
-          - noble
-          - jammy
+          - questing
 
     steps:
       - name: Checkout code
         uses: actions/checkout@v4
         with:
           fetch-depth: 0
 
       - name: Install dependencies
         run: |
           sudo apt-get update
           sudo apt-get install -y \
             debhelper \
             devscripts \
             dput \
             gnupg \
             libpcap-dev \
             libelf-dev \
             elfutils \
             zlib1g-dev \
             clang \
             llvm \
             pkg-config
 
       - name: Install Rust
         uses: dtolnay/rust-toolchain@stable
         with:
           toolchain: stable
 
       - name: Import GPG key
         env:
           GPG_PRIVATE_KEY: ${{ secrets.GPG_PRIVATE_KEY }}
         run: |
           echo "$GPG_PRIVATE_KEY" | gpg --batch --import
           gpg --list-secret-keys
 
       - name: Get version
         id: version
         run: |
           VERSION=$(grep '^version = ' Cargo.toml | head -1 | sed 's/version = "\(.*\)"/\1/')
-          echo "version=$VERSION" >> $GITHUB_OUTPUT
 
-          # Set debian revision
-          if [ "${{ matrix.ubuntu_release }}" = "noble" ]; then
-            DEBIAN_REVISION="1ubuntu1"
+          # Add tarball suffix if provided (e.g., +ds1, +ds2)
+          TARBALL_SUFFIX="${{ github.event.inputs.tarball_suffix }}"
+          if [ -n "$TARBALL_SUFFIX" ]; then
+            TARBALL_VERSION="${VERSION}+${TARBALL_SUFFIX}"
+            echo "version=$TARBALL_VERSION" >> $GITHUB_OUTPUT
+            echo "Using tarball version: $TARBALL_VERSION"
           else
-            DEBIAN_REVISION="1ubuntu1~${{ matrix.ubuntu_release }}1"
+            echo "version=$VERSION" >> $GITHUB_OUTPUT
+            echo "Using version: $VERSION"
           fi
+
+          # Extract Debian revision from changelog
+          DEBIAN_REVISION=$(head -1 debian/changelog | sed 's/.*(\(.*\)-\(.*\)).*/\2/')
           echo "debian_revision=$DEBIAN_REVISION" >> $GITHUB_OUTPUT
 
-      - name: Update debian/changelog
+      - name: Update changelog
         run: |
-          cd debian
-
-          # Update distribution
-          sed -i "s/) noble;/) ${{ matrix.ubuntu_release }};/" changelog
-
-          # For jammy, add backport entry
-          if [ "${{ matrix.ubuntu_release }}" = "jammy" ]; then
-            VERSION="${{ steps.version.outputs.version }}"
-            REVISION="${{ steps.version.outputs.debian_revision }}"
-            TIMESTAMP=$(date -R)
-
-            echo "rustnet-monitor ($VERSION-$REVISION) jammy; urgency=medium" > changelog.new
-            echo "" >> changelog.new
-            echo "  * Backport to Ubuntu 22.04 Jammy" >> changelog.new
-            echo "" >> changelog.new
-            echo " -- Marco Cadetg <cadetg@gmail.com>  $TIMESTAMP" >> changelog.new
-            echo "" >> changelog.new
-            cat changelog >> changelog.new
-            mv changelog.new changelog
+          VERSION="${{ steps.version.outputs.version }}"
+          CURRENT_VERSION=$(head -1 debian/changelog | sed 's/.*(\(.*\)).*/\1/')
+
+          if [ "$VERSION-1ubuntu1" != "$CURRENT_VERSION" ]; then
+            echo "Updating changelog from $CURRENT_VERSION to $VERSION-1ubuntu1"
+
+            # Create new changelog entry
+            DEBFULLNAME="${{ env.DEBFULLNAME }}" DEBEMAIL="${{ env.DEBEMAIL }}" \
+              dch --newversion "$VERSION-1ubuntu1" \
+                  --distribution "questing" \
+                  "New upstream release $VERSION"
+
+            echo "✓ Changelog updated"
+          else
+            echo "✓ Changelog already at correct version"
           fi
 
       - name: Build source package
         run: |
           VERSION="${{ steps.version.outputs.version }}"
+          BASE_VERSION=$(grep '^version = ' Cargo.toml | head -1 | sed 's/version = "\(.*\)"/\1/')
           PACKAGE_NAME="rustnet-monitor"
 
           # Create build directory
           mkdir -p build-ppa
 
-          # Create orig tarball
-          git archive --format=tar.gz --prefix="${PACKAGE_NAME}-${VERSION}/" HEAD \
-            > "build-ppa/${PACKAGE_NAME}_${VERSION}.orig.tar.gz"
+          # Extract source from release tag
+          RELEASE_TAG="v${BASE_VERSION}"
+          if git rev-parse "$RELEASE_TAG" >/dev/null 2>&1; then
+            echo "✓ Found release tag: $RELEASE_TAG"
+            git archive --format=tar --prefix="${PACKAGE_NAME}-${VERSION}/" "$RELEASE_TAG" | tar -x -C build-ppa
+          else
+            echo "⚠ Release tag $RELEASE_TAG not found, using HEAD"
+            git archive --format=tar --prefix="${PACKAGE_NAME}-${VERSION}/" HEAD | tar -x -C build-ppa
+          fi
 
-          # Extract and add debian directory
-          cd build-ppa
-          tar -xzf "${PACKAGE_NAME}_${VERSION}.orig.tar.gz"
+          # Vendor dependencies separately from orig tarball
+          echo "Vendoring Rust dependencies..."
+          cd build-ppa/${PACKAGE_NAME}-${VERSION}
+
+          cargo vendor vendor
+
+          # Remove prebuilt static libraries (keep .dll for tests)
+          echo "Cleaning vendor directory..."
+          find vendor -name "*.a" -delete
+          find vendor -name "*.lib" -delete
+
+          # Pack vendor directory as separate tarball in debian/
+          echo "Creating vendor tarball..."
+          tar -cJf ../vendor.tar.xz vendor
+          rm -rf vendor
+
+          # Create orig tarball (without vendor directory)
+          echo "Creating orig tarball..."
+          cd ..
+          ORIG_TARBALL="${PACKAGE_NAME}_${VERSION}.orig.tar.gz"
+          tar -czf "${ORIG_TARBALL}" "${PACKAGE_NAME}-${VERSION}"
+
+          # Add debian directory and vendor tarball
           cp -r "$GITHUB_WORKSPACE/debian" "${PACKAGE_NAME}-${VERSION}/"
+          mv vendor.tar.xz "${PACKAGE_NAME}-${VERSION}/debian/"
 
           # Build source package
           cd "${PACKAGE_NAME}-${VERSION}"
+
+          # Always use -sa to include orig tarball
+          # Launchpad will reuse existing file if hash matches
           debuild -S -sa -d -us -uc
 
       - name: Sign and upload
         env:
           GPG_KEY_ID: ${{ secrets.GPG_KEY_ID }}
         run: |
           cd build-ppa
           VERSION="${{ steps.version.outputs.version }}"
           DEBIAN_REVISION="${{ steps.version.outputs.debian_revision }}"
           CHANGES_FILE="rustnet-monitor_${VERSION}-${DEBIAN_REVISION}_source.changes"
 
           # Sign
           debsign -k${GPG_KEY_ID} ${CHANGES_FILE}
 
           # Verify
           gpg --verify ${CHANGES_FILE}
 
           # Upload to PPA
           dput ${{ env.PPA }} ${CHANGES_FILE}
 
       - name: Upload artifacts
         uses: actions/upload-artifact@v4
         with:
           name: ppa-source-${{ matrix.ubuntu_release }}
           path: |
             build-ppa/*.dsc
             build-ppa/*.tar.gz
             build-ppa/*.tar.xz
             build-ppa/*.changes
             build-ppa/*.buildinfo
           retention-days: 30
 
       - name: Summary
         run: |
           echo "## 🎉 PPA Upload Complete" >> $GITHUB_STEP_SUMMARY
           echo "" >> $GITHUB_STEP_SUMMARY
           echo "- **Package**: rustnet-monitor" >> $GITHUB_STEP_SUMMARY
           echo "- **Version**: ${{ steps.version.outputs.version }}-${{ steps.version.outputs.debian_revision }}" >> $GITHUB_STEP_SUMMARY
           echo "- **Ubuntu**: ${{ matrix.ubuntu_release }}" >> $GITHUB_STEP_SUMMARY
           echo "" >> $GITHUB_STEP_SUMMARY
           echo "### Installation" >> $GITHUB_STEP_SUMMARY
           echo '```bash' >> $GITHUB_STEP_SUMMARY
           echo "sudo add-apt-repository ppa:domcyrus/rustnet" >> $GITHUB_STEP_SUMMARY
           echo "sudo apt update && sudo apt install rustnet" >> $GITHUB_STEP_SUMMARY
           echo '```' >> $GITHUB_STEP_SUMMARY
           echo "" >> $GITHUB_STEP_SUMMARY
           echo "[View PPA →](https://launchpad.net/~domcyrus/+archive/ubuntu/rustnet/+packages)" >> $GITHUB_STEP_SUMMARY

debian/README.md

@@ -11,7 +11,7 @@ git tag v0.15.0
 git push origin v0.15.0
 ```
 
-This automatically builds and uploads to both Ubuntu 22.04 (Jammy) and 24.04 (Noble).
+This automatically builds and uploads to Ubuntu 25.04 (Questing) which has Rust 1.85 for edition 2024 support.
 
 ## GitHub Secrets Setup
 
@@ -49,7 +49,7 @@ sudo apt install rustnet
 - **Binary**: rustnet
 - **Maintainer**: Marco Cadetg <cadetg@gmail.com>
 - **PPA**: https://launchpad.net/~domcyrus/+archive/ubuntu/rustnet
-- **Supported**: Ubuntu 22.04 LTS, 24.04 LTS
+- **Supported**: Ubuntu 24.04 LTS (Noble) and later
 - **Architectures**: amd64, arm64, armhf
 
 ## Workflow

debian/cargo.config

@@ -0,0 +1,5 @@
+[source.crates-io]
+replace-with = "vendored-sources"
+
+[source.vendored-sources]
+directory = "vendor"

debian/changelog

@@ -1,14 +1,13 @@
-rustnet-monitor (0.14.0-1ubuntu1) noble; urgency=medium
+rustnet-monitor (0.14.0+ds6-1ubuntu1) questing; urgency=medium
 
-  * Initial Ubuntu PPA release
+  * Refactored packaging with vendored dependencies in debian/vendor.tar.xz
+  * Target Ubuntu Questing (25.10) with Rust 1.88 for edition 2024 support
+  * Use versioned cargo-1.88 and rustc-1.88 packages
   * eBPF enabled by default on Linux with automatic procfs fallback
   * JSON logging for SIEM integration
   * TUN/TAP interface support for VPN monitoring
-  * Multi-architecture support (amd64, arm64, armhf)
-  * Desktop integration with .desktop file and icon
-  * Automatic capability setting for non-root packet capture
 
- -- Marco Cadetg <domcyrus@example.com>  Mon, 13 Oct 2025 12:00:00 +0000
+ -- Marco Cadetg <cadetg@gmail.com>  Mon, 13 Oct 2025 21:32:00 +0000
 
 rustnet-monitor (0.14.0-1) unstable; urgency=medium
 
@@ -20,4 +19,4 @@ rustnet-monitor (0.14.0-1) unstable; urgency=medium
   * Fixed high CPU usage on Linux
   * Bundled vmlinux.h files to eliminate network dependency during builds
 
- -- Marco Cadetg <domcyrus@example.com>  Sat, 12 Oct 2025 00:00:00 +0000
+ -- Marco Cadetg <cadetg@gmail.com>  Sat, 12 Oct 2025 00:00:00 +0000

debian/control

@@ -3,8 +3,8 @@ Section: net
 Priority: optional
 Maintainer: Marco Cadetg <domcyrus@example.com>
 Build-Depends: debhelper-compat (= 13),
-               cargo,
-               rustc,
+               cargo-1.88,
+               rustc-1.88,
                libpcap-dev,
                libelf-dev,
                elfutils,

debian/rules

@@ -3,8 +3,10 @@
 export DH_VERBOSE = 1
 export RUSTFLAGS = -C strip=symbols
 
-# Use rustup-installed cargo/rustc instead of system version
-export PATH := $(HOME)/.cargo/bin:$(PATH)
+# Use versioned Rust 1.88 from Ubuntu Questing
+export CARGO = /usr/bin/cargo-1.88
+export RUSTC = /usr/bin/rustc-1.88
+export RUSTDOC = /usr/bin/rustdoc-1.88
 
 # eBPF is enabled by default, no need for explicit feature flag
 export CARGO_BUILD_FLAGS = --release
@@ -16,14 +18,19 @@ export RUSTNET_ASSET_DIR = $(CURDIR)/debian/tmp/assets
 	dh $@
 
 override_dh_auto_clean:
-	# Use rustup cargo for clean
-	[ ! -f Cargo.toml ] || cargo clean || true
+	$(CARGO) clean || true
+	rm -rf target vendor .cargo
 
 override_dh_auto_build:
+	# Setup cargo to use vendored dependencies
+	mkdir -p .cargo
+	cp debian/cargo.config .cargo/config.toml
+	# Extract vendored dependencies
+	tar xJf debian/vendor.tar.xz
 	# Create asset directory for build.rs
 	mkdir -p $(RUSTNET_ASSET_DIR)
-	# Build with rustup cargo (supports edition 2024)
-	cargo build --release --verbose
+	# Build with cargo-1.88 using vendored dependencies
+	$(CARGO) build --release --frozen
 
 override_dh_auto_install:
 	# Install binary

debian/source/include-binaries

@@ -0,0 +1 @@
+debian/vendor.tar.xz

scripts/test-deb-build.sh

@@ -0,0 +1,66 @@
+#!/bin/bash
+set -e
+
+UBUNTU_RELEASE=${1:-noble}
+SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
+PROJECT_DIR="$(dirname "$SCRIPT_DIR")"
+
+echo "Testing Debian package build for Ubuntu $UBUNTU_RELEASE"
+echo "=================================================="
+
+# Build the Docker container
+docker build -t rustnet-deb-test:$UBUNTU_RELEASE -f - "$PROJECT_DIR" <<EOF
+FROM ubuntu:$UBUNTU_RELEASE
+
+# Install build dependencies
+RUN apt-get update && apt-get install -y \\
+    debhelper \\
+    devscripts \\
+    dpkg-dev \\
+    rustup \\
+    libpcap-dev \\
+    libelf-dev \\
+    elfutils \\
+    zlib1g-dev \\
+    clang \\
+    llvm \\
+    pkg-config \\
+    lintian \\
+    file
+
+WORKDIR /build
+COPY . /build/
+
+# Build the source package
+RUN echo "Building source package..." && \\
+    debuild -S -sa -d -us -uc
+
+# Build the binary package (simulates what Launchpad does)
+RUN echo "Building binary package..." && \\
+    cd .. && \\
+    dpkg-source -x rustnet-monitor_*.dsc extracted && \\
+    cd extracted && \\
+    dpkg-buildpackage -b -uc -us
+
+# List the built packages
+RUN echo "Built packages:" && \\
+    ls -lh /build/../*.deb || true
+
+# Run lintian on the package
+RUN echo "Running lintian checks..." && \\
+    lintian /build/../*.deb || true
+
+# Test the package contents
+RUN echo "Package contents:" && \\
+    dpkg-deb -c /build/../rustnet_*.deb
+
+CMD ["/bin/bash"]
+EOF
+
+echo ""
+echo "Build completed successfully!"
+echo ""
+echo "To extract the .deb file, run:"
+echo "  docker create --name rustnet-deb-extract rustnet-deb-test:$UBUNTU_RELEASE"
+echo "  docker cp rustnet-deb-extract:/build/../rustnet_*.deb ."
+echo "  docker rm rustnet-deb-extract"