mirrors/flatcar-scripts
1
0
Fork 0
mirror of https://github.com/flatcar/scripts.git synced 2025-09-22 14:11:07 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #735 from bgilbert/signing

Browse Source 
offline_signing: Allow download/upload for multiple releases with a single invocation
This commit is contained in:
Benjamin Gilbert 2017-09-06 12:38:19 -07:00 committed by GitHub
commit 97ab652443
2 changed files with 113 additions and 29 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

29
offline_signing/download.sh
View File

@ -1,29 +0,0 @@
#!/usr/bin/env bash
set -eux
BOARD="${1?Must provide a board (e.g. amd64-usr)}"
VERSION="${2?Must provide a version (e.g. 1234.0.0)}"
CHANNEL="${3?Must provide a channel (e.g. alpha)}"
if ! [[ "${CHANNEL}" =~ alpha|beta|stable ]]; then
echo "Invalid channel ${CHANNEL}"
echo "Usage: $0 <BOARD> <VERSION> <CHANNEL> [OUTPUT DIR]"
exit 1
fi
GS="gs://builds.release.core-os.net/${CHANNEL}/boards/$BOARD/$VERSION"
cd "${4:-.}"
gsutil cp \
"${GS}/coreos_production_image.vmlinuz" \
"${GS}/coreos_production_image.vmlinuz.sig" \
"${GS}/coreos_production_update.bin.bz2" \
"${GS}/coreos_production_update.bin.bz2.sig" \
"${GS}/coreos_production_update.zip" \
"${GS}/coreos_production_update.zip.sig" ./
gpg --verify "coreos_production_image.vmlinuz.sig"
gpg --verify "coreos_production_update.bin.bz2.sig"
gpg --verify "coreos_production_update.zip.sig"

113
offline_signing/transfer.sh Executable file
View File

@ -0,0 +1,113 @@
#!/usr/bin/env bash
set -eux
download() {
local channel="$1"
local version="$2"
local board="$3"
local gs="gs://builds.release.core-os.net/${channel}/boards/${board}/${version}"
local dir="${BASEDIR}/${board}/${version}"
mkdir -p "${dir}"
pushd "${dir}" >/dev/null
gsutil cp \
"${gs}/coreos_production_image.vmlinuz" \
"${gs}/coreos_production_image.vmlinuz.sig" \
"${gs}/coreos_production_update.bin.bz2" \
"${gs}/coreos_production_update.bin.bz2.sig" \
"${gs}/coreos_production_update.zip" \
"${gs}/coreos_production_update.zip.sig" ./
gpg2 --verify "coreos_production_image.vmlinuz.sig"
gpg2 --verify "coreos_production_update.bin.bz2.sig"
gpg2 --verify "coreos_production_update.zip.sig"
popd >/dev/null
}
upload() {
local channel="$1"
local version="$2"
local board="$3"
local payload="${BASEDIR}/${board}/${version}/coreos_production_update.gz"
if [[ ! -e "${payload}" ]]; then
echo "No such file: ${payload}" >&2
exit 1
fi
declare -A appid
appid[amd64-usr]=e96281a6-d1af-4bde-9a0a-97b76e56dc57
appid[arm64-usr]=103867da-e3a2-4c92-b0b3-7fbd7f7d8b71
"$(dirname $0)/../core_roller_upload" \
--user="${ROLLER_USERNAME}" \
--api_key="${ROLLER_API_KEY}" \
--app_id="${appid[${board}]}" \
--board="${board}" \
--version="${version}" \
--payload="${payload}"
}
usage() {
echo "Usage: $0 {download|upload} <ARTIFACT-DIR> [{-a|-b|-s} <VERSION>]..." >&2
exit 1
}
# Parse base arguments.
CMD="${1:-}"
BASEDIR="${2:-}"
shift 2 ||:
case "${CMD}" in
download)
;;
upload)
if [[ -e "${HOME}/.config/roller.conf" ]]; then
. "${HOME}/.config/roller.conf"
fi
if [[ -z "${ROLLER_USERNAME:-}" || -z "${ROLLER_API_KEY:-}" ]]; then
echo 'Missing $ROLLER_USERNAME or $ROLLER_API_KEY.' >&2
echo "Consider adding shell assignments to ~/.config/roller.conf." >&2
exit 1
fi
;;
*)
usage
;;
esac
if [[ -z "${BASEDIR}" ]]; then
usage
fi
if [[ -d "${BASEDIR}" && ! -O "${BASEDIR}" ]]; then
echo "Fixing ownership of ${BASEDIR}..."
sudo chown -R "${USER}" "${BASEDIR}"
fi
# Walk argument pairs.
while [[ $# > 0 ]]; do
c="$1"
v="${2?Must provide a version (e.g. 1234.0.0)}"
shift 2
case "${c}" in
-a)
$CMD "alpha" "${v}" "amd64-usr"
$CMD "alpha" "${v}" "arm64-usr"
;;
-b)
$CMD "beta" "${v}" "amd64-usr"
$CMD "beta" "${v}" "arm64-usr"
;;
-s)
$CMD "stable" "${v}" "amd64-usr"
;;
*)
usage
;;
esac
done