#!/bin/bash

# This script will let you upload sources/blobs to new CentOS lookaside cache

# requirements:

#  - curl

#  - valid TLS certs from https://accounts.centos.org (or dev instance for testing)

#  - valid group membership to let you upload to specific "branch"

# Some variables, switch for new url

lookaside_baseurl=$LOOKASIDE_BASEURL

if [ -z $LOOKASIDE_BASEURL ];then

  lookaside_baseurl="https://git.centos.org"

  echo "Base URL set to default: $lookaside_baseurl"

fi

function usage {

  cat <<  EOF

  You need to call the script like this : $0 -arguments

          -f : filename/source to upload (required, default:none)

          -a : hash parameter (optional, default: none, example "b6804fa")

          -n : package name for that source (requred, default:none, example "httpd")

          -b : "branch" where to upload to (optional, default:none, example "c7-sig-core")

          -h : display this help

  As far as branch and hash parameters are optional, one of them need to be specified.

  It is also possible to amend the default base url (currently set to https://git.centos.org):

  LOOKASIDE_BASEURL=<urlOfYourChoice> ./lookaside_upload_sig ...

EOF

}

function varcheck {

  if [ -z "$1" ] ; then

    usage

    exit 1

  fi

}

function f_log {

  echo "[+] CentOS Lookaside upload tool -> $*"

}

while getopts “hf:a:n:b:” OPTION

do

     case $OPTION in

         h)

             usage

             exit 1

             ;;

         a)

             hash=$OPTARG

             ;;

         f)

             file=$OPTARG

             ;;

         n)

             pkgname=$OPTARG

             ;;

         b)

             branch=$OPTARG

             ;;

         ?)

             usage

             exit

             ;;

     esac

done

if [ -z "${hash}" ] && [ -z "${branch}" ] ;then

  f_log "Neither -a hash or -b branch parameters were provided."

  usage

  exit 1

fi

varcheck $file

varcheck $pkgname

if [ ! -f ~/.centos.cert ] ;then

  f_log "No mandatory TLS cert found (~/.centos.cert) .."

  f_log "please use centos-cert to retrieve your ACO TLS cert"

  exit 1

fi

if [ ! -f "${file}" ] ;then

  f_log "Source to upload ${file} not found"

  exit 2

fi

if [ -n "${hash}" ]; then

  checksum="$(${hash}sum ${file}|awk '{print $1}')"

else

  checksum=$(sha1sum ${file}|awk '{print $1}')

fi

f_log "Checking if file already uploaded"

local_size=$(stat -c %s ${file})

# -z parameter optional #

if [ -z "${branch}" ] ;then

  f_log "Branch parameter not given"

  http_code=$(curl -s -o /dev/null -w "%{http_code}" ${lookaside_baseurl}/sources/${pkgname}/${file}/${hash}/${checksum})

  remote_size=$(curl --silent -i --head ${lookaside_baseurl}/sources/${pkgname}/${file}/${hash}/${checksum}|grep "Content-Length"|cut -f 2 -d ':'|tr -d [:blank:]|tr -d '\r')

else	

  http_code=$(curl -s -o /dev/null -w "%{http_code}" ${lookaside_baseurl}/sources/${pkgname}/${branch}/${checksum})

  remote_size=$(curl --silent -i --head ${lookaside_baseurl}/sources/${pkgname}/${branch}/${checksum}|grep "Content-Length"|cut -f 2 -d ':'|tr -d [:blank:]|tr -d '\r')

fi

if [ "$http_code" -eq 200 ] && [ "$local_size" -eq "$remote_size" ] ; then

  f_log "File already uploaded"

  exit 3

fi

f_log "Initialing new upload to lookaside"

f_log "URL : $lookaside_baseurl"

f_log "Source to upload : ${file} "

f_log "Hash parameter : ${hash}"

f_log "Package name: $pkgname"

f_log "sha1sum: ${checksum}"

# Ugly way of implementing conditional parameter

if [ -z "${branch}" ] && [ !-z"${hash}" ]; then

  f_log "Remote branch not specified" 

  f_log " ====== Trying to upload ======="

  echo ""

  # Concatenating sha256

  hash_cmd="$(${hash}sum ${file}|awk '{print $1}')"

  curl ${lookaside_baseurl}/sources/upload_sig.cgi \

    --fail \

    --cert ~/.centos.cert \

    --form "name=${pkgname}" \

    --form "hash=${hash}" \

    --form "${hash}sum=${hash_cmd}" \

    --form "file=@${file}" \

    --progress-bar | tee /dev/null \

  upload_result="${PIPESTATUS[0]}"

  if [ "$upload_result" -ne "0" ] ;then

    f_log "[ERROR] Something didn't work to push to ${lookaside_baseurl}/sources/${pkgname}/${checksum}"

    f_log "[ERROR] Verify at the server side"

    exit 1

  fi

  f_log "Validating that source was correctly uploaded ...."

  remote_size=$(curl --silent -i --head ${lookaside_baseurl}/sources/${pkgname}/${file}/${hash}/${checksum}|grep "Content-Length"|cut -f 2 -d ':'|tr -d [:blank:]|tr -d '\r')

  if [ "$local_size" -eq "$remote_size" ] ; then

    f_log "[SUCCESS] Source should be available at ${lookaside_baseurl}/sources/${pkgname}/${file}/${hash}/${checksum}"

  else

    f_log "[ERROR] it seems there is a mismatch with source size and remote file size"

  fi

elif [ -z "${hash}" ] && [ !-z"${branch}" ] ;then

  f_log "Remote branch: ${branch}" 

  f_log " ====== Trying to upload ======="

  echo "" 

  curl ${lookaside_baseurl}/sources/upload.cgi \

    --fail \

    --cert ~/.centos.cert \

    --form "name=${pkgname}" \

    --form "branch=${branch}" \

    --form "sha1sum=${checksum}" \

    --form "file=@${file}" \

    --progress-bar | tee /dev/null

  upload_result="${PIPESTATUS[0]}"

  if [ "$upload_result" -ne "0" ] ;then

    f_log "[ERROR] Something didn't work to push to ${lookaside_baseurl}/sources/${pkgname}/${branch}/${checksum}"

    f_log "[ERROR] Verify at the server side"

    exit 1

  fi

  f_log "Validating that source was correctly uploaded ...."

  remote_size=$(curl --silent -i --head ${lookaside_baseurl}/sources/${pkgname}/${branch}/${checksum}|grep "Content-Length"|cut -f 2 -d ':'|tr -d [:blank:]|tr -d '\r')

  if [ "$local_size" -eq "$remote_size" ] ; then

    f_log "[SUCCESS] Source should be available at ${lookaside_baseurl}/sources/${pkgname}/${branch}/${checksum}"

  else

    f_log "[ERROR] it seems there is a mismatch with source size and remote file size"

  fi

else

  f_log "[ERROR] Neither branch or hash parameters were specified"

  exit 1

fi