From a53ff2a03bc1efd90dd24bdcdeb5cfef3ce97ec6 Mon Sep 17 00:00:00 2001
From: Michael Marineau <michael.marineau@coreos.com>
Date: Mon, 28 Jul 2014 12:10:05 -0700
Subject: [PATCH] amis: run build script as normal user

This reduces the awkwardness of passing credentials to the build job.

Replace run.sh with assorted example scripts for prod, master, etc.
---
 oem/ami/build_ebs_on_ec2.sh | 12 ++++++------
 oem/ami/master.sh           | 13 +++++++++++++
 oem/ami/{run.sh => prod.sh} |  4 ++--
 oem/ami/user.sh             | 16 ++++++++++++++++
 4 files changed, 37 insertions(+), 8 deletions(-)
 create mode 100755 oem/ami/master.sh
 rename oem/ami/{run.sh => prod.sh} (79%)
 create mode 100755 oem/ami/user.sh

diff --git a/oem/ami/build_ebs_on_ec2.sh b/oem/ami/build_ebs_on_ec2.sh
index 4158e0b5e5..9fbd707f53 100755
--- a/oem/ami/build_ebs_on_ec2.sh
+++ b/oem/ami/build_ebs_on_ec2.sh
@@ -61,8 +61,8 @@ do
     esac
 done
 
-if [[ $(id -u) -ne 0 ]]; then
-    echo "$0: This command must be run as root!" >&2
+if [[ $(id -u) -eq 0 ]]; then
+    echo "$0: This command should not be ran run as root!" >&2
     exit 1
 fi
 
@@ -139,14 +139,14 @@ echo "Writing image from $IMG_URL to $dev"
 # if it is on the local fs, just use it, otherwise try to download it
 if [[ -n "$IMG_PATH" ]]; then
     if [[ "$IMG_PATH" =~ \.bz2$ ]]; then
-        bunzip2 -c "$IMG_PATH" > $dev
+        bunzip2 -c "$IMG_PATH" | sudo dd of=$dev bs=1M
     else
-        dd if="$IMG_PATH" of=$dev bs=1M
+        sudo dd if="$IMG_PATH" of=$dev bs=1M
     fi
 elif [[ "$IMG_URL" == gs://* ]]; then
-    gsutil cat "$IMG_URL" | bunzip2 > $dev
+    gsutil cat "$IMG_URL" | bunzip2 | sudo dd of=$dev bs=1M
 else
-    curl --fail "$IMG_URL" | bunzip2 > $dev
+    curl --fail "$IMG_URL" | bunzip2 | sudo dd of=$dev bs=1M
 fi
 
 echo "Detaching $volumeid and creating snapshot"
diff --git a/oem/ami/master.sh b/oem/ami/master.sh
new file mode 100755
index 0000000000..327dcfe559
--- /dev/null
+++ b/oem/ami/master.sh
@@ -0,0 +1,13 @@
+#!/bin/bash
+
+DIR=/home/ec2-user/scripts
+URL="https://commondatastorage.googleapis.com/storage.core-os.net/coreos/amd64-usr/master"
+
+set -e
+eval $(curl -f "${URL}/version.txt")
+
+source $DIR/marineam-auth.sh
+args="-b amd64-usr -g master -V ${COREOS_VERSION}"
+$DIR/build_ebs_on_ec2.sh ${args} -u "${URL}/coreos_production_ami_image.bin.bz2"
+$DIR/test_ami.sh -v ${args}
+#$DIR/copy_ami.sh ${args}
diff --git a/oem/ami/run.sh b/oem/ami/prod.sh
similarity index 79%
rename from oem/ami/run.sh
rename to oem/ami/prod.sh
index 7896760601..8d4c690404 100755
--- a/oem/ami/run.sh
+++ b/oem/ami/prod.sh
@@ -11,8 +11,8 @@ if [ -z "$GROUP" -o -z "$VER" ]; then
 fi
 
 set -e
-args="-b $BOARD -g $GROUP -V $VER"
-sudo bash -c ". $DIR/marineam-auth.sh && $DIR/build_ebs_on_ec2.sh ${args}"
 source $DIR/marineam-auth.sh
+args="-b $BOARD -g $GROUP -V $VER"
+$DIR/build_ebs_on_ec2.sh ${args}
 $DIR/test_ami.sh -v ${args}
 $DIR/copy_ami.sh ${args}
diff --git a/oem/ami/user.sh b/oem/ami/user.sh
new file mode 100755
index 0000000000..0e70eea1b9
--- /dev/null
+++ b/oem/ami/user.sh
@@ -0,0 +1,16 @@
+#!/bin/bash
+
+DIR=/home/ec2-user/scripts
+USER=someone
+TYPE=production
+VERSION="367.0.0+2014-07-10-1613"
+URL="http://users.developer.core-os.net/${USER}/boards/amd64-usr/${VERSION}"
+
+set -e
+eval $(curl -f "${URL}/version.txt")
+
+source $DIR/marineam-auth.sh
+args="-b amd64-usr -g ${USER} -V ${VERSION}"
+$DIR/build_ebs_on_ec2.sh ${args} -u "${URL}/coreos_${TYPE}_ami_image.bin.bz2"
+$DIR/test_ami.sh -v ${args}
+#$DIR/copy_ami.sh ${args}