mirror of
https://src.koozali.org/infra/smeserver-koji.git
synced 2024-12-21 23:17:01 +01:00
add utils (e.g. sign_build.sh)
This commit is contained in:
parent
c5def4c5e6
commit
437b6abda0
12
utils/README.md
Normal file
12
utils/README.md
Normal file
@ -0,0 +1,12 @@
|
||||
# Supporting utility scripts
|
||||
|
||||
## sign_build.sh
|
||||
Sign all rpms for a particular build
|
||||
|
||||
## sign_build_list.sh
|
||||
Sign all rpms for each build specified in a file (1 line per build)
|
||||
|
||||
## queue_builds.sh
|
||||
Queue a build for each package supplied in a file
|
||||
|
||||
## parse-list.sh
|
71
utils/parse-list.sh
Executable file
71
utils/parse-list.sh
Executable file
@ -0,0 +1,71 @@
|
||||
#!/bin/bash
|
||||
#
|
||||
# Run script against every item in input file
|
||||
|
||||
if [[ -z $1 ]] ; then
|
||||
echo "parse a list of parameters and execute script with those parameters"
|
||||
echo "parse-list.sh <param file> <script> [<noisy> <additional> <additional> <additional>]"
|
||||
echo "<param file> name of file containing parameters"
|
||||
echo "<script> script to run (e.g. rename-e-smith-pkh.sh)"
|
||||
echo "optional params can appear in any order"
|
||||
echo " <review> show line being executed but do NOTHING!"
|
||||
echo " <noisy> show line being executed"
|
||||
echo " <additional> additional params to be passed (up to 3)"
|
||||
exit 0
|
||||
fi
|
||||
|
||||
# parse the command line parameters
|
||||
PROCESSORG=
|
||||
EXTRAPARAMS=
|
||||
# using a file as input
|
||||
if [[ ! -f $1 ]] ; then
|
||||
echo "Can NOT find $1 - Aborting"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
if [[ $(which $2 | grep "no $2") ]] ; then
|
||||
echo "Can NOT find $2 - Aborting"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
DEBUG=
|
||||
REVIEW=
|
||||
NOISY=
|
||||
for param in $3 $4 $5 $6; do
|
||||
if [ $param ] ; then
|
||||
case $param in
|
||||
review )
|
||||
REVIEW=true ;;
|
||||
noisy )
|
||||
NOISY=true ;;
|
||||
;;
|
||||
debug )
|
||||
DEBUG=true ;;
|
||||
* )
|
||||
EXTRAPARAMS=$EXTRAPARAMS" "$param ;;
|
||||
esac
|
||||
else
|
||||
break
|
||||
fi
|
||||
done
|
||||
|
||||
# Build array of parameters to cycle through
|
||||
PARAMLIST=()
|
||||
# load array of parameters from input file
|
||||
while read -r line ; do PARAMLIST+=($line) ; done < $1
|
||||
|
||||
# Cycle through array of parameters and execute script
|
||||
for param in ${PARAMLIST[@]}
|
||||
do
|
||||
if [[ $NOISY || $REVIEW ]] ; then echo "$2 $param $EXTRAPARAMS" ; fi
|
||||
if [[ -z $REVIEW ]] ; then
|
||||
if [[ $param ]] ; then
|
||||
RESPONSE=$($2 $param $EXTRAPARAMS) ; rc=$?
|
||||
if [ $rc -ne 0 ] ; then echo "($rc)\n$RESPONSE" ; fi
|
||||
if [ $DEBUG ] ; then echo "RESPONSE=$RESPONSE" ; fi
|
||||
fi
|
||||
fi
|
||||
done
|
||||
|
||||
exit 0
|
||||
|
34
utils/queue-builds.sh
Executable file
34
utils/queue-builds.sh
Executable file
@ -0,0 +1,34 @@
|
||||
#!/bin/bash
|
||||
|
||||
if [[ -z $1 ]] ; then
|
||||
echo "You need to pass the filename of a list of pkgs to compile"
|
||||
echo "queue-builds.sh <filename> [ <wait> | <org=smeserver> ]"
|
||||
echo "- <wait> to wait for one build to complete before submitting the next one (default is nowait - queue them all)"
|
||||
echo "- <org=organisation> (default is smecontribs)"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
ORG="smecontribs"
|
||||
WAIT="--nowait"
|
||||
for var in $2 $3 ; do
|
||||
case $var in
|
||||
org=* )
|
||||
ORG=${var#*=} ;;
|
||||
wait )
|
||||
WAIT= ;;
|
||||
* )
|
||||
echo "Huh? Var=$var"
|
||||
echo "You need to pass the filename of a list of pkgs to compile"
|
||||
echo "queue-builds.sh <filename> [ <wait> | <org=smeserver> ]"
|
||||
echo "- <wait> to wait for one build to complete before submitting the next one (default is nowait - queue them all)"
|
||||
echo "- <org=organisation> (default is smecontribs)"
|
||||
exit 1
|
||||
esac
|
||||
done
|
||||
|
||||
while read -r PKG ; do
|
||||
VER=$(curl -s https://src.koozali.org/api/v1/repos/$ORG/$PKG/tags | jq -r '.[0].name')
|
||||
koji build $WAIT $ORG-11.0 git+https://src.koozali.org/$ORG/$PKG#$VER
|
||||
done <$1
|
||||
exit 0
|
||||
|
67
utils/sign_build.sh
Executable file
67
utils/sign_build.sh
Executable file
@ -0,0 +1,67 @@
|
||||
#!/bin/bash
|
||||
|
||||
if [[ -z $1 ]] ; then
|
||||
echo "Must provide a package name"
|
||||
echo "sign_rpm.sh <package name> [<arch=x86_64> | <debuginfo> | <repo=dist-sme11-os> | <latestfrom=*> | <gpg_key=kojiadmin@koozali.org> | <debug>]"
|
||||
exit 1
|
||||
else
|
||||
PACKAGE=$1
|
||||
echo "PACKAGE=$PACKAGE"
|
||||
fi
|
||||
|
||||
ARCH=x86_64
|
||||
REPO="dist-sme11-os"
|
||||
GPG_KEY="kojiadmin@koozali.org"
|
||||
DEBUG=false
|
||||
DEBUGINFO="--debuginfo"
|
||||
for param in $2 $3 $4 $5 $6 $7; do
|
||||
if [ $param ] ; then
|
||||
case $param in
|
||||
-h | --help )
|
||||
echo "sign_rpm.sh <package name> [<arch=x86_64> | <repo=dist-sme11-os> | <latestfrom=*> | <gpg_key=kojiadmin@koozali.org>]" ;;
|
||||
debug )
|
||||
DEBUG=true ;;
|
||||
debuginfo )
|
||||
DEBUGINFO="--debuginfo" ;;
|
||||
arch=* )
|
||||
ARCH=${param#*=} ;;
|
||||
repo=* )
|
||||
REPO=${param#*=} ;;
|
||||
latestfrom=* )
|
||||
PACKAGE=$PACKAGE" --latestfrom="${param#*=} ;;
|
||||
gpg_key=* )
|
||||
GPG_KEY=${param#*=} ;;
|
||||
* )
|
||||
echo "Unkown parameter $param - aborting"
|
||||
exit 1
|
||||
;;
|
||||
esac
|
||||
else
|
||||
break
|
||||
fi
|
||||
done
|
||||
|
||||
# if <package name>=all, sign ALL rpms in defined repo (use pkglist to identify packages)
|
||||
# else just sign the specified rpms (using either a git tag or the latestfrom)
|
||||
tmpdir="$(mktemp -d /tmp/sign.XXXXXX)"
|
||||
pushd $tmpdir > /dev/null
|
||||
|
||||
if [[ $DEBUG ]] ; then
|
||||
echo "PACKAGE=$PACKAGE"
|
||||
echo "ARCH=$ARCH"
|
||||
echo "REPO=$REPO"
|
||||
echo "GPG_KEY=$GPG_KEY"
|
||||
fi
|
||||
if [[ $DEBUG ]] ; then echo "koji download-build $DEBUGINFO $PACKAGE" ; fi
|
||||
koji download-build $DEBUGINFO $PACKAGE
|
||||
rpmsign --define "_gpg_name $GPG_KEY" --addsign *.rpm
|
||||
koji import-sig *.rpm
|
||||
popd > /dev/null
|
||||
|
||||
# if debug, leave the tmp directory in place
|
||||
if [[ -z $DEBUG ]] ; then
|
||||
rm -f $tmpdir/*
|
||||
rmdir $tmpdir
|
||||
fi
|
||||
|
||||
exit 0
|
92
utils/sign_build_list.sh
Executable file
92
utils/sign_build_list.sh
Executable file
@ -0,0 +1,92 @@
|
||||
#!/bin/bash
|
||||
# sign all rpms in the specified pkg list
|
||||
if [[ -z $1 ]] ; then
|
||||
echo "Must provide a pkg list"
|
||||
echo "sign_build_list.sh <pkg list> [<arches=x86_64> | <gpg_key=kojiadmin@koozali.org> | <debuginfo> | <debug> | <dryrun> ]"
|
||||
exit 1
|
||||
else
|
||||
PKGLIST=$1
|
||||
fi
|
||||
|
||||
ARCH=x86_64
|
||||
GPG_KEY="kojiadmin@koozali.org"
|
||||
GPG_ID='44922a28'
|
||||
DEBUG=false
|
||||
DRY_RUN=false
|
||||
DEBUGINFO=
|
||||
|
||||
for param in $2 $3 $4 $5 $6 $7 ; do
|
||||
if [ $param ] ; then
|
||||
case $param in
|
||||
-h | --help )
|
||||
echo "sign_rpm_list.sh <pkg list> [<arches=x86_64> | <gpg_key=kojiadmin@koozali.org> | <debuginfo> | <debug> | <dryrun> ]"
|
||||
exit
|
||||
;;
|
||||
debug )
|
||||
DEBUG=true ;;
|
||||
dryrun )
|
||||
DRY_RUN=true ;;
|
||||
debuginfo )
|
||||
DEBUGINFO="--debuginfo" ;;
|
||||
arches=* )
|
||||
ARCH=${param#*=} ;;
|
||||
gpg_key=* )
|
||||
GPG_KEY=${param#*=} ;;
|
||||
* )
|
||||
echo "Unkown parameter $param - aborting"
|
||||
exit 1
|
||||
;;
|
||||
esac
|
||||
else
|
||||
break
|
||||
fi
|
||||
done
|
||||
if [[ $DEBUG ]] ; then
|
||||
echo "PKGLIST=$PKGLIST"
|
||||
echo "ARCH=$ARCH"
|
||||
echo "GPG_KEY=$GPG_KEY"
|
||||
fi
|
||||
|
||||
# use a temporary directory to export the rpms for signing
|
||||
#if [[ $DRY_RUN ]] ; then
|
||||
# echo "mktemp -d /tmp/sign.XXXXXX"
|
||||
#else
|
||||
tmpdir="$(mktemp -d /tmp/sign.XXXXXX)"
|
||||
pushd $tmpdir > /dev/null
|
||||
#fi
|
||||
|
||||
if [[ -e "$PKGLIST" ]] ; then
|
||||
# extract list of rpms to download
|
||||
while read -r pkgline; do
|
||||
if [[ $DEBUG ]] ; then
|
||||
echo "$pkgline"
|
||||
echo "koji download-build ${pkgline##*/}"
|
||||
fi
|
||||
BUILD=${pkgline##*/}
|
||||
if [[ $DEBUG ]] ; then echo "BUILD=$BUILD" ; fi
|
||||
DIR=/mnt/koji/packages/${BUILD%-*-*}/$(echo $BUILD | awk -F '-' '{print $(NF-1)}')/$(echo ${BUILD##*-})/data/signed/$GPG_ID
|
||||
if [[ $DEBUG ]] ; then echo "DIR=$DIR" ; fi
|
||||
if [[ -d $DIR ]] ; then
|
||||
echo "$BUILD already signed with this key - ignoring"
|
||||
else
|
||||
# if [[ $DRY_RUN ]] ; then
|
||||
# echo "koji download-build $DEBUGINFO ${pkgline##*/}"
|
||||
# else
|
||||
koji download-build $DEBUGINFO $BUILD
|
||||
# fi
|
||||
fi
|
||||
done <$PKGLIST
|
||||
else
|
||||
echo "Cannot find pkglist $PKGLIST - aborting"
|
||||
exit 1
|
||||
fi
|
||||
#if [[ $DRY_RUN ]] ; then
|
||||
# echo "rpmsign --define \"_gpg_name $GPG_KEY\" --addsign *.rpm"
|
||||
# echo "koji import-sig *.rpm"
|
||||
#else
|
||||
rpmsign --define "_gpg_name $GPG_KEY" --addsign *.rpm
|
||||
koji import-sig *.rpm
|
||||
popd > /dev/null
|
||||
#fi
|
||||
|
||||
exit 0
|
Loading…
Reference in New Issue
Block a user