How do I force update local packages using pbuilder?

Question

I have two packages (cainteoir-engine and cainteoir-gtk) that I am building using pbuilder, where cainteoir-gtk depends on cainteoir-engine.

I have pdebuild picking up the local dependencies. However, if I make a change to the build scripts (e.g. changed from an unsigned to a signed build via pdebuild --auto-debsign), it does not pick up the changes after a pbuilder --update.

Is there a way to update the local debian files used by the pbuilder chroot without changing the version number (as these are local test builds to test/develop the packages)?

---

I am using the --bindmounts and --othermirror options with pbuilder --update --override-config to update the base chroot images. I am using dpkg-scanpackages to generate the local Packages.gz file.

This is the helper function script I am using (from https://raw.github.com/rhdunn/cainteoir-engine/debian/build.sh):

doscanpackages() {
    pushd $1
    dpkg-scanpackages . /dev/null | gzip -9 > Packages.gz
    popd
}

dopbuild() {
    COMMAND=$1
    ARCH=$3

    case "$2" in
        stable|wheezy)
            DIST=debian
            RELEASE=wheezy
            ;;
        testing|jessie)
            DIST=debian
            RELEASE=jessie
            ;;
        unstable|sid)
            DIST=debian
            RELEASE=sid
            ;;
        precise|quantal|raring|saucy|trusty)
            DIST=ubuntu
            RELEASE=$2
            ;;
        *)
            echo "Unknown distribution release : $1"
            exit 1
            ;;
    esac

    case "${DIST}" in
        debian)
            MIRROR=ftp://mirror.ox.ac.uk/debian/
            KEYRING=/usr/share/keyrings/debian-archive-keyring.gpg
            ;;
        ubuntu)
            MIRROR=ftp://archive.ubuntu.com/ubuntu/
            KEYRING=/usr/share/keyrings/ubuntu-archive-keyring.gpg
            ;;
    esac

    REF=${DIST}-${RELEASE}-${ARCH}
    BASETGZ=${PBUILD_DIR}/${REF}.tgz
    OUTPUT=${PBUILD_DIR}/${REF}

    shift
    shift
    shift

    case "${COMMAND}" in
        create|update)
            if [[ -e ${BASETGZ} ]] ; then
                sudo pbuilder --update --override-config --distribution ${RELEASE} --mirror ${MIRROR} --basetgz ${BASETGZ} --debootstrapopts "--keyring=${KEYRING}" --bindmounts "${OUTPUT}" --othermirror "deb file:${OUTPUT} ./"
            else
                mkdir -pv ${PBUILD_IMGDIR}
                sudo pbuilder --create --distribution ${RELEASE} --mirror ${MIRROR} --basetgz ${BASETGZ} --debootstrapopts "--keyring=${KEYRING}" --bindmounts "${OUTPUT}" --othermirror "deb file:${OUTPUT} ./"
            fi
            ;;
        build)
            mkdir -pv ${OUTPUT}
            dopredebbuild ${RELEASE}
            if [[ ! -e builddeb.failed ]] ; then
                (pdebuild --buildresult ${OUTPUT} $@ -- --basetgz ${BASETGZ} --debootstrapopts "--keyring=${KEYRING}" --bindmounts "${OUTPUT}" || touch builddeb.failed) 2>&1 | tee build.log
            fi
            if [[ ! -e builddeb.failed ]] ; then
                doscanpackages ${OUTPUT}
            fi
            dopostdebbuild ${RELEASE}
            ;;
    esac
}

Answer 1

Upon investigation, pbuilder appears to be always adding -us -uc to the build, so it does not sign the debian files.

The approach that I have taken is:

1. Use sbuild instead of pbuilder, creating unsigned Debian files.
2. Add the Debian files to a signed reprepro repository (hosted on /home, so they can be accessed by sbuild).
3. Use a --chroot-setup-commands hook to add the repository and signing key before the build.

This should be doable without using sbuild, just:

1. Point the --othermirror to the reprepro repository.
2. Add the signing key to the pbuilder chroot (not sure how to do this).