From 03f8bc4c7e32351e3dcf0a48242f2200259b6977 Mon Sep 17 00:00:00 2001 From: Adam Piasecki Date: Apr 04 2022 10:39:26 +0000 Subject: Created simple lookaside_upload_sig --- diff --git a/lookaside_upload_sig b/lookaside_upload_sig new file mode 100755 index 0000000..abc99c8 --- /dev/null +++ b/lookaside_upload_sig @@ -0,0 +1,187 @@ +#!/bin/bash + +# This script will let you upload sources/blobs to new CentOS lookaside cache +# requirements: +# - curl +# - valid TLS certs from https://accounts.centos.org (or dev instance for testing) +# - valid group membership to let you upload to specific "branch" + +# Some variables, switch for new url +lookaside_baseurl="https://git.centos.org" + +function usage { + +cat << EOF + +You need to call the script like this : $0 -arguments + + -f : filename/source to upload (required, default:none) + -a : hash parameter (optional, default: none, example "b6804fa") + -n : package name for that source (requred, default:none, example "httpd") + -b : "branch" where to upload to (optional, default:none, example "c7-sig-core") + -h : display this help +As far as branch and hash parameters are optional, one of these needs to be specified. + +EOF + +} + +function varcheck { +if [ -z "$1" ] ; then + usage + exit 1 +fi + +} + +function f_log { + echo "[+] CentOS Lookaside upload tool -> $*" +} + + +while getopts “hf:a:n:b:” OPTION +do + case $OPTION in + h) + usage + exit 1 + ;; + a) + hash=$OPTARG + ;; + f) + file=$OPTARG + ;; + n) + pkgname=$OPTARG + ;; + b) + branch=$OPTARG + ;; + ?) + usage + exit + ;; + esac +done + +varcheck $file +varcheck $hash +varcheck $pkgname +varcheck $branch + +if [ ! -f ~/.centos.cert ] ;then + f_log "No mandatory TLS cert found (~/.centos.cert) .." + f_log "please use centos-cert to retrieve your ACO TLS cert" + exit 1 +fi + +if [ ! -f "${file}" ] ;then + f_log "Source to upload ${file} not found" + exit 2 +fi + +checksum=$(sha1sum ${file}|awk '{print $1}') + +f_log "Checking if file already uploaded" +local_size=$(stat -c %s ${file}) + +# -z parameter optional # + +if [ -z "${branch}" ] ;then + f_log "Branch parameter not given" + http_code=$(curl -s -o /dev/null -w "%{http_code}" ${lookaside_baseurl}/sources/${pkgname}/${checksum}) + remote_size=$(curl --silent -i --head ${lookaside_baseurl}/sources/${pkgname}/${checksum}|grep "Content-Length"|cut -f 2 -d ':'|tr -d [:blank:]|tr -d '\r') + exit 0 +else + http_code=$(curl -s -o /dev/null -w "%{http_code}" ${lookaside_baseurl}/sources/${pkgname}/${branch}/${checksum}) + remote_size=$(curl --silent -i --head ${lookaside_baseurl}/sources/${pkgname}/${branch}/${checksum}|grep "Content-Length"|cut -f 2 -d ':'|tr -d [:blank:]|tr -d '\r') +fi + + +if [ "$http_code" -eq 200 ] && [ "$local_size" -eq "$remote_size" ] ; then + f_log "File already uploaded" + exit 3 +fi + +f_log "Initialing new upload to lookaside" +f_log "URL : $lookaside_baseurl" +f_log "Source to upload : ${file} " + +if [ -z "${hash}" ]; then + f_log "No hash parameter was specified" +else + f_log "Hash parameter : ${hash}" +fi + +f_log "Package name: $pkgname" +f_log "sha1sum: ${checksum}" + +# Ugly way of implementing conditional parameter + +if [ -z "${branch}" && "${hash}" -gt 0 ] ;then + f_log "Remote branch not specified" + f_log " ====== Trying to upload =======" + echo "" + curl ${lookaside_baseurl}/sources/upload.cgi \ + --fail \ + --cert ~/.centos.cert \ + --form "name=${pkgname}" \ + --form "hash=${hash}" \ + --form "sha1sum=${checksum}" \ + --form "file=@${file}" \ + --progress-bar | tee /dev/null \ +# Saving a copy + > lookaside_upload_sig + + upload_result="${PIPESTATUS[0]}" + + if [ "$upload_result" -ne "0" ] ;then + f_log "[ERROR] Something didn't work to push to ${lookaside_baseurl}/sources/${pkgname}/${checksum}" + f_log "[ERROR] Verify at the server side" + exit 1 + fi + + f_log "Validating that source was correctly uploaded ...." + remote_size=$(curl --silent -i --head ${lookaside_baseurl}/sources/${pkgname}/${checksum}|grep "Content-Length"|cut -f 2 -d ':'|tr -d [:blank:]|tr -d '\r') + if [ "$local_size" -eq "$remote_size" ] ; then + f_log "[SUCCESS] Source should be available at ${lookaside_baseurl}/sources/${pkgname}/${checksum}" + else + f_log "[ERROR] it seems there is a mismatch with source size and remote file size" + fi +elif [ -z "${hash}" && "${branch}" -gt 0 ] ;then + f_log "Remote branch: ${branch}" + f_log " ====== Trying to upload =======" + echo "" + + curl ${lookaside_baseurl}/sources/upload.cgi \ + --fail \ + --cert ~/.centos.cert \ + --form "name=${pkgname}" \ + --form "branch=${branch}" \ + --form "sha1sum=${checksum}" \ + --form "file=@${file}" \ + --progress-bar | tee /dev/null + + # Saving a copy + > lookaside_upload_sig + + upload_result="${PIPESTATUS[0]}" + + if [ "$upload_result" -ne "0" ] ;then + f_log "[ERROR] Something didn't work to push to ${lookaside_baseurl}/sources/${pkgname}/${branch}/${checksum}" + f_log "[ERROR] Verify at the server side" + exit 1 + fi + + f_log "Validating that source was correctly uploaded ...." + remote_size=$(curl --silent -i --head ${lookaside_baseurl}/sources/${pkgname}/${branch}/${checksum}|grep "Content-Length"|cut -f 2 -d ':'|tr -d [:blank:]|tr -d '\r') + if [ "$local_size" -eq "$remote_size" ] ; then + f_log "[SUCCESS] Source should be available at ${lookaside_baseurl}/sources/${pkgname}/${branch}/${checksum}" + else + f_log "[ERROR] it seems there is a mismatch with source size and remote file size" + fi +else + f_log "[ERROR] Neither branch or hash parameters were specified" + exit 1 +fi