|
|
03f8bc |
#!/bin/bash
|
|
|
03f8bc |
|
|
|
03f8bc |
# This script will let you upload sources/blobs to new CentOS lookaside cache
|
|
|
03f8bc |
# requirements:
|
|
|
03f8bc |
# - curl
|
|
|
03f8bc |
# - valid TLS certs from https://accounts.centos.org (or dev instance for testing)
|
|
|
03f8bc |
# - valid group membership to let you upload to specific "branch"
|
|
|
03f8bc |
|
|
|
03f8bc |
# Some variables, switch for new url
|
|
|
bb01e7 |
lookaside_baseurl=$LOOKASIDE_BASEURL
|
|
|
bb01e7 |
|
|
|
bb01e7 |
if [ -z $LOOKASIDE_BASEURL ];then
|
|
|
bb01e7 |
lookaside_baseurl="https://git.centos.org"
|
|
|
bb01e7 |
echo "Base URL set to default: $lookaside_baseurl"
|
|
|
bb01e7 |
fi
|
|
|
03f8bc |
|
|
|
03f8bc |
function usage {
|
|
|
03f8bc |
|
|
|
bb01e7 |
cat << EOF
|
|
|
bb01e7 |
|
|
|
bb01e7 |
You need to call the script like this : $0 -arguments
|
|
|
bb01e7 |
|
|
|
bb01e7 |
-f : filename/source to upload (required, default:none)
|
|
|
bb01e7 |
-a : hash parameter (optional, default: none, example "b6804fa")
|
|
|
bb01e7 |
-n : package name for that source (requred, default:none, example "httpd")
|
|
|
bb01e7 |
-b : "branch" where to upload to (optional, default:none, example "c7-sig-core")
|
|
|
bb01e7 |
-h : display this help
|
|
|
bb01e7 |
As far as branch and hash parameters are optional, one of them need to be specified.
|
|
|
03f8bc |
|
|
|
bb01e7 |
It is also possible to amend the default base url (currently set to https://git.centos.org):
|
|
|
bb01e7 |
LOOKASIDE_BASEURL=<urlOfYourChoice> ./lookaside_upload_sig ...
|
|
|
03f8bc |
EOF
|
|
|
03f8bc |
}
|
|
|
03f8bc |
|
|
|
03f8bc |
function varcheck {
|
|
|
bb01e7 |
if [ -z "$1" ] ; then
|
|
|
bb01e7 |
usage
|
|
|
bb01e7 |
exit 1
|
|
|
bb01e7 |
fi
|
|
|
03f8bc |
|
|
|
03f8bc |
}
|
|
|
03f8bc |
|
|
|
03f8bc |
function f_log {
|
|
|
03f8bc |
echo "[+] CentOS Lookaside upload tool -> $*"
|
|
|
03f8bc |
}
|
|
|
03f8bc |
|
|
|
03f8bc |
|
|
|
03f8bc |
while getopts “hf:a:n:b:” OPTION
|
|
|
03f8bc |
do
|
|
|
03f8bc |
case $OPTION in
|
|
|
03f8bc |
h)
|
|
|
03f8bc |
usage
|
|
|
03f8bc |
exit 1
|
|
|
03f8bc |
;;
|
|
|
03f8bc |
a)
|
|
|
03f8bc |
hash=$OPTARG
|
|
|
03f8bc |
;;
|
|
|
03f8bc |
f)
|
|
|
03f8bc |
file=$OPTARG
|
|
|
03f8bc |
;;
|
|
|
03f8bc |
n)
|
|
|
03f8bc |
pkgname=$OPTARG
|
|
|
03f8bc |
;;
|
|
|
03f8bc |
b)
|
|
|
03f8bc |
branch=$OPTARG
|
|
|
03f8bc |
;;
|
|
|
03f8bc |
?)
|
|
|
03f8bc |
usage
|
|
|
03f8bc |
exit
|
|
|
03f8bc |
;;
|
|
|
03f8bc |
esac
|
|
|
03f8bc |
done
|
|
|
291890 |
|
|
|
bb01e7 |
if [ -z "${hash}" ] && [ -z "${branch}" ] ;then
|
|
|
291890 |
f_log "Neither -a hash or -b branch parameters were provided."
|
|
|
291890 |
usage
|
|
|
291890 |
exit 1
|
|
|
291890 |
fi
|
|
|
291890 |
|
|
|
03f8bc |
varcheck $file
|
|
|
03f8bc |
varcheck $pkgname
|
|
|
03f8bc |
|
|
|
03f8bc |
if [ ! -f ~/.centos.cert ] ;then
|
|
|
03f8bc |
f_log "No mandatory TLS cert found (~/.centos.cert) .."
|
|
|
03f8bc |
f_log "please use centos-cert to retrieve your ACO TLS cert"
|
|
|
03f8bc |
exit 1
|
|
|
03f8bc |
fi
|
|
|
03f8bc |
|
|
|
03f8bc |
if [ ! -f "${file}" ] ;then
|
|
|
03f8bc |
f_log "Source to upload ${file} not found"
|
|
|
03f8bc |
exit 2
|
|
|
03f8bc |
fi
|
|
|
03f8bc |
|
|
|
291890 |
if [ -n "${hash}" ]; then
|
|
|
bb01e7 |
checksum="$(${hash}sum ${file}|awk '{print $1}')"
|
|
|
291890 |
else
|
|
|
291890 |
checksum=$(sha1sum ${file}|awk '{print $1}')
|
|
|
291890 |
fi
|
|
|
291890 |
|
|
|
03f8bc |
f_log "Checking if file already uploaded"
|
|
|
03f8bc |
local_size=$(stat -c %s ${file})
|
|
|
03f8bc |
|
|
|
03f8bc |
# -z parameter optional #
|
|
|
03f8bc |
|
|
|
03f8bc |
if [ -z "${branch}" ] ;then
|
|
|
03f8bc |
f_log "Branch parameter not given"
|
|
|
bb01e7 |
http_code=$(curl -s -o /dev/null -w "%{http_code}" ${lookaside_baseurl}/sources/${pkgname}/${file}/${hash}/${checksum})
|
|
|
bb01e7 |
remote_size=$(curl --silent -i --head ${lookaside_baseurl}/sources/${pkgname}/${file}/${hash}/${checksum}|grep "Content-Length"|cut -f 2 -d ':'|tr -d [:blank:]|tr -d '\r')
|
|
|
03f8bc |
else
|
|
|
bb01e7 |
http_code=$(curl -s -o /dev/null -w "%{http_code}" ${lookaside_baseurl}/sources/${pkgname}/${branch}/${checksum})
|
|
|
bb01e7 |
remote_size=$(curl --silent -i --head ${lookaside_baseurl}/sources/${pkgname}/${branch}/${checksum}|grep "Content-Length"|cut -f 2 -d ':'|tr -d [:blank:]|tr -d '\r')
|
|
|
03f8bc |
fi
|
|
|
03f8bc |
|
|
|
03f8bc |
|
|
|
03f8bc |
if [ "$http_code" -eq 200 ] && [ "$local_size" -eq "$remote_size" ] ; then
|
|
|
03f8bc |
f_log "File already uploaded"
|
|
|
03f8bc |
exit 3
|
|
|
03f8bc |
fi
|
|
|
bb01e7 |
|
|
|
03f8bc |
f_log "Initialing new upload to lookaside"
|
|
|
03f8bc |
f_log "URL : $lookaside_baseurl"
|
|
|
03f8bc |
f_log "Source to upload : ${file} "
|
|
|
291890 |
f_log "Hash parameter : ${hash}"
|
|
|
03f8bc |
f_log "Package name: $pkgname"
|
|
|
03f8bc |
f_log "sha1sum: ${checksum}"
|
|
|
03f8bc |
|
|
|
03f8bc |
# Ugly way of implementing conditional parameter
|
|
|
03f8bc |
|
|
|
bb01e7 |
if [ -z "${branch}" ] && [ !-z"${hash}" ]; then
|
|
|
03f8bc |
f_log "Remote branch not specified"
|
|
|
03f8bc |
f_log " ====== Trying to upload ======="
|
|
|
291890 |
echo ""
|
|
|
291890 |
# Concatenating sha256
|
|
|
bb01e7 |
hash_cmd="$(${hash}sum ${file}|awk '{print $1}')"
|
|
|
291890 |
curl ${lookaside_baseurl}/sources/upload_sig.cgi \
|
|
|
03f8bc |
--fail \
|
|
|
03f8bc |
--cert ~/.centos.cert \
|
|
|
03f8bc |
--form "name=${pkgname}" \
|
|
|
03f8bc |
--form "hash=${hash}" \
|
|
|
bb01e7 |
--form "${hash}sum=${hash_cmd}" \
|
|
|
03f8bc |
--form "file=@${file}" \
|
|
|
03f8bc |
--progress-bar | tee /dev/null \
|
|
|
03f8bc |
|
|
|
03f8bc |
upload_result="${PIPESTATUS[0]}"
|
|
|
03f8bc |
|
|
|
03f8bc |
if [ "$upload_result" -ne "0" ] ;then
|
|
|
03f8bc |
f_log "[ERROR] Something didn't work to push to ${lookaside_baseurl}/sources/${pkgname}/${checksum}"
|
|
|
03f8bc |
f_log "[ERROR] Verify at the server side"
|
|
|
03f8bc |
exit 1
|
|
|
03f8bc |
fi
|
|
|
03f8bc |
|
|
|
03f8bc |
f_log "Validating that source was correctly uploaded ...."
|
|
|
bb01e7 |
remote_size=$(curl --silent -i --head ${lookaside_baseurl}/sources/${pkgname}/${file}/${hash}/${checksum}|grep "Content-Length"|cut -f 2 -d ':'|tr -d [:blank:]|tr -d '\r')
|
|
|
03f8bc |
if [ "$local_size" -eq "$remote_size" ] ; then
|
|
|
bb01e7 |
f_log "[SUCCESS] Source should be available at ${lookaside_baseurl}/sources/${pkgname}/${file}/${hash}/${checksum}"
|
|
|
03f8bc |
else
|
|
|
03f8bc |
f_log "[ERROR] it seems there is a mismatch with source size and remote file size"
|
|
|
03f8bc |
fi
|
|
|
bb01e7 |
elif [ -z "${hash}" ] && [ !-z"${branch}" ] ;then
|
|
|
03f8bc |
f_log "Remote branch: ${branch}"
|
|
|
03f8bc |
f_log " ====== Trying to upload ======="
|
|
|
03f8bc |
echo ""
|
|
|
03f8bc |
|
|
|
03f8bc |
curl ${lookaside_baseurl}/sources/upload.cgi \
|
|
|
03f8bc |
--fail \
|
|
|
03f8bc |
--cert ~/.centos.cert \
|
|
|
03f8bc |
--form "name=${pkgname}" \
|
|
|
03f8bc |
--form "branch=${branch}" \
|
|
|
03f8bc |
--form "sha1sum=${checksum}" \
|
|
|
03f8bc |
--form "file=@${file}" \
|
|
|
03f8bc |
--progress-bar | tee /dev/null
|
|
|
03f8bc |
|
|
|
03f8bc |
upload_result="${PIPESTATUS[0]}"
|
|
|
03f8bc |
|
|
|
03f8bc |
if [ "$upload_result" -ne "0" ] ;then
|
|
|
03f8bc |
f_log "[ERROR] Something didn't work to push to ${lookaside_baseurl}/sources/${pkgname}/${branch}/${checksum}"
|
|
|
03f8bc |
f_log "[ERROR] Verify at the server side"
|
|
|
03f8bc |
exit 1
|
|
|
03f8bc |
fi
|
|
|
03f8bc |
|
|
|
03f8bc |
f_log "Validating that source was correctly uploaded ...."
|
|
|
03f8bc |
remote_size=$(curl --silent -i --head ${lookaside_baseurl}/sources/${pkgname}/${branch}/${checksum}|grep "Content-Length"|cut -f 2 -d ':'|tr -d [:blank:]|tr -d '\r')
|
|
|
03f8bc |
if [ "$local_size" -eq "$remote_size" ] ; then
|
|
|
03f8bc |
f_log "[SUCCESS] Source should be available at ${lookaside_baseurl}/sources/${pkgname}/${branch}/${checksum}"
|
|
|
03f8bc |
else
|
|
|
03f8bc |
f_log "[ERROR] it seems there is a mismatch with source size and remote file size"
|
|
|
03f8bc |
fi
|
|
|
03f8bc |
else
|
|
|
03f8bc |
f_log "[ERROR] Neither branch or hash parameters were specified"
|
|
|
03f8bc |
exit 1
|
|
|
03f8bc |
fi
|