#!/bin/bash
# This script will let you upload sources/blobs to new CentOS lookaside cache
# requirements:
# - curl
# - valid TLS certs from https://accounts.centos.org (or dev instance for testing)
# - valid group membership to let you upload to specific "branch"
# Some variables, switch for new url
lookaside_baseurl=$LOOKASIDE_BASEURL
if [ -z $LOOKASIDE_BASEURL ];then
lookaside_baseurl="https://git.centos.org"
echo "Base URL set to default: $lookaside_baseurl"
fi
function usage {
cat << EOF
You need to call the script like this : $0 -arguments
-f : filename/source to upload (required, default:none)
-a : hash parameter (optional, default: none, example "b6804fa")
-n : package name for that source (requred, default:none, example "httpd")
-b : "branch" where to upload to (optional, default:none, example "c7-sig-core")
-h : display this help
As far as branch and hash parameters are optional, one of them need to be specified.
It is also possible to amend the default base url (currently set to https://git.centos.org):
LOOKASIDE_BASEURL=<urlOfYourChoice> ./lookaside_upload_sig ...
EOF
}
function varcheck {
if [ -z "$1" ] ; then
usage
exit 1
fi
}
function f_log {
echo "[+] CentOS Lookaside upload tool -> $*"
}
while getopts “hf:a:n:b:” OPTION
do
case $OPTION in
h)
usage
exit 1
;;
a)
hash=$OPTARG
;;
f)
file=$OPTARG
;;
n)
pkgname=$OPTARG
;;
b)
branch=$OPTARG
;;
?)
usage
exit
;;
esac
done
if [ -z "${hash}" ] && [ -z "${branch}" ] ;then
f_log "Neither -a hash or -b branch parameters were provided."
usage
exit 1
fi
varcheck $file
varcheck $pkgname
if [ ! -f ~/.centos.cert ] ;then
f_log "No mandatory TLS cert found (~/.centos.cert) .."
f_log "please use centos-cert to retrieve your ACO TLS cert"
exit 1
fi
if [ ! -f "${file}" ] ;then
f_log "Source to upload ${file} not found"
exit 2
fi
if [ -n "${hash}" ]; then
checksum="$(${hash}sum ${file}|awk '{print $1}')"
else
checksum=$(sha1sum ${file}|awk '{print $1}')
fi
f_log "Checking if file already uploaded"
local_size=$(stat -c %s ${file})
# -z parameter optional #
if [ -z "${branch}" ] ;then
f_log "Branch parameter not given"
http_code=$(curl -s -o /dev/null -w "%{http_code}" ${lookaside_baseurl}/sources/${pkgname}/${file}/${hash}/${checksum})
remote_size=$(curl --silent -i --head ${lookaside_baseurl}/sources/${pkgname}/${file}/${hash}/${checksum}|grep "Content-Length"|cut -f 2 -d ':'|tr -d [:blank:]|tr -d '\r')
else
http_code=$(curl -s -o /dev/null -w "%{http_code}" ${lookaside_baseurl}/sources/${pkgname}/${branch}/${checksum})
remote_size=$(curl --silent -i --head ${lookaside_baseurl}/sources/${pkgname}/${branch}/${checksum}|grep "Content-Length"|cut -f 2 -d ':'|tr -d [:blank:]|tr -d '\r')
fi
if [ "$http_code" -eq 200 ] && [ "$local_size" -eq "$remote_size" ] ; then
f_log "File already uploaded"
exit 3
fi
f_log "Initialing new upload to lookaside"
f_log "URL : $lookaside_baseurl"
f_log "Source to upload : ${file} "
f_log "Hash parameter : ${hash}"
f_log "Package name: $pkgname"
f_log "sha1sum: ${checksum}"
# Ugly way of implementing conditional parameter
if [ -z "${branch}" ] && [ !-z"${hash}" ]; then
f_log "Remote branch not specified"
f_log " ====== Trying to upload ======="
echo ""
# Concatenating sha256
hash_cmd="$(${hash}sum ${file}|awk '{print $1}')"
curl ${lookaside_baseurl}/sources/upload_sig.cgi \
--fail \
--cert ~/.centos.cert \
--form "name=${pkgname}" \
--form "hash=${hash}" \
--form "${hash}sum=${hash_cmd}" \
--form "file=@${file}" \
--progress-bar | tee /dev/null \
upload_result="${PIPESTATUS[0]}"
if [ "$upload_result" -ne "0" ] ;then
f_log "[ERROR] Something didn't work to push to ${lookaside_baseurl}/sources/${pkgname}/${checksum}"
f_log "[ERROR] Verify at the server side"
exit 1
fi
f_log "Validating that source was correctly uploaded ...."
remote_size=$(curl --silent -i --head ${lookaside_baseurl}/sources/${pkgname}/${file}/${hash}/${checksum}|grep "Content-Length"|cut -f 2 -d ':'|tr -d [:blank:]|tr -d '\r')
if [ "$local_size" -eq "$remote_size" ] ; then
f_log "[SUCCESS] Source should be available at ${lookaside_baseurl}/sources/${pkgname}/${file}/${hash}/${checksum}"
else
f_log "[ERROR] it seems there is a mismatch with source size and remote file size"
fi
elif [ -z "${hash}" ] && [ !-z"${branch}" ] ;then
f_log "Remote branch: ${branch}"
f_log " ====== Trying to upload ======="
echo ""
curl ${lookaside_baseurl}/sources/upload.cgi \
--fail \
--cert ~/.centos.cert \
--form "name=${pkgname}" \
--form "branch=${branch}" \
--form "sha1sum=${checksum}" \
--form "file=@${file}" \
--progress-bar | tee /dev/null
upload_result="${PIPESTATUS[0]}"
if [ "$upload_result" -ne "0" ] ;then
f_log "[ERROR] Something didn't work to push to ${lookaside_baseurl}/sources/${pkgname}/${branch}/${checksum}"
f_log "[ERROR] Verify at the server side"
exit 1
fi
f_log "Validating that source was correctly uploaded ...."
remote_size=$(curl --silent -i --head ${lookaside_baseurl}/sources/${pkgname}/${branch}/${checksum}|grep "Content-Length"|cut -f 2 -d ':'|tr -d [:blank:]|tr -d '\r')
if [ "$local_size" -eq "$remote_size" ] ; then
f_log "[SUCCESS] Source should be available at ${lookaside_baseurl}/sources/${pkgname}/${branch}/${checksum}"
else
f_log "[ERROR] it seems there is a mismatch with source size and remote file size"
fi
else
f_log "[ERROR] Neither branch or hash parameters were specified"
exit 1
fi