#!/bin/bash # This script will let you upload sources/blobs to new CentOS lookaside cache # requirements: # - curl # - valid TLS certs from https://accounts.centos.org (or dev instance for testing) # - valid group membership to let you upload to specific "branch" # Some variables, switch for new url lookaside_baseurl=$LOOKASIDE_BASEURL if [ -z $LOOKASIDE_BASEURL ];then lookaside_baseurl="https://git.centos.org" echo "Base URL set to default: $lookaside_baseurl" fi function usage { cat << EOF You need to call the script like this : $0 -arguments -f : filename/source to upload (required, default:none) -a : hash parameter (optional, default: none, example "b6804fa") -n : package name for that source (requred, default:none, example "httpd") -b : "branch" where to upload to (optional, default:none, example "c7-sig-core") -h : display this help As far as branch and hash parameters are optional, one of them need to be specified. It is also possible to amend the default base url (currently set to https://git.centos.org): LOOKASIDE_BASEURL= ./lookaside_upload_sig ... EOF } function varcheck { if [ -z "$1" ] ; then usage exit 1 fi } function f_log { echo "[+] CentOS Lookaside upload tool -> $*" } while getopts “hf:a:n:b:” OPTION do case $OPTION in h) usage exit 1 ;; a) hash=$OPTARG ;; f) file=$OPTARG ;; n) pkgname=$OPTARG ;; b) branch=$OPTARG ;; ?) usage exit ;; esac done if [ -z "${hash}" ] && [ -z "${branch}" ] ;then f_log "Neither -a hash or -b branch parameters were provided." usage exit 1 fi varcheck $file varcheck $pkgname if [ ! -f ~/.centos.cert ] ;then f_log "No mandatory TLS cert found (~/.centos.cert) .." f_log "please use centos-cert to retrieve your ACO TLS cert" exit 1 fi if [ ! -f "${file}" ] ;then f_log "Source to upload ${file} not found" exit 2 fi if [ -n "${hash}" ]; then checksum="$(${hash}sum ${file}|awk '{print $1}')" else checksum=$(sha1sum ${file}|awk '{print $1}') fi f_log "Checking if file already uploaded" local_size=$(stat -c %s ${file}) # -z parameter optional # if [ -z "${branch}" ] ;then f_log "Branch parameter not given" http_code=$(curl -s -o /dev/null -w "%{http_code}" ${lookaside_baseurl}/sources/${pkgname}/${file}/${hash}/${checksum}) remote_size=$(curl --silent -i --head ${lookaside_baseurl}/sources/${pkgname}/${file}/${hash}/${checksum}|grep "Content-Length"|cut -f 2 -d ':'|tr -d [:blank:]|tr -d '\r') else http_code=$(curl -s -o /dev/null -w "%{http_code}" ${lookaside_baseurl}/sources/${pkgname}/${branch}/${checksum}) remote_size=$(curl --silent -i --head ${lookaside_baseurl}/sources/${pkgname}/${branch}/${checksum}|grep "Content-Length"|cut -f 2 -d ':'|tr -d [:blank:]|tr -d '\r') fi if [ "$http_code" -eq 200 ] && [ "$local_size" -eq "$remote_size" ] ; then f_log "File already uploaded" exit 3 fi f_log "Initialing new upload to lookaside" f_log "URL : $lookaside_baseurl" f_log "Source to upload : ${file} " f_log "Hash parameter : ${hash}" f_log "Package name: $pkgname" f_log "sha1sum: ${checksum}" # Ugly way of implementing conditional parameter if [ -z "${branch}" ] && [ !-z"${hash}" ]; then f_log "Remote branch not specified" f_log " ====== Trying to upload =======" echo "" # Concatenating sha256 hash_cmd="$(${hash}sum ${file}|awk '{print $1}')" curl ${lookaside_baseurl}/sources/upload_sig.cgi \ --fail \ --cert ~/.centos.cert \ --form "name=${pkgname}" \ --form "hash=${hash}" \ --form "${hash}sum=${hash_cmd}" \ --form "file=@${file}" \ --progress-bar | tee /dev/null \ upload_result="${PIPESTATUS[0]}" if [ "$upload_result" -ne "0" ] ;then f_log "[ERROR] Something didn't work to push to ${lookaside_baseurl}/sources/${pkgname}/${checksum}" f_log "[ERROR] Verify at the server side" exit 1 fi f_log "Validating that source was correctly uploaded ...." remote_size=$(curl --silent -i --head ${lookaside_baseurl}/sources/${pkgname}/${file}/${hash}/${checksum}|grep "Content-Length"|cut -f 2 -d ':'|tr -d [:blank:]|tr -d '\r') if [ "$local_size" -eq "$remote_size" ] ; then f_log "[SUCCESS] Source should be available at ${lookaside_baseurl}/sources/${pkgname}/${file}/${hash}/${checksum}" else f_log "[ERROR] it seems there is a mismatch with source size and remote file size" fi elif [ -z "${hash}" ] && [ !-z"${branch}" ] ;then f_log "Remote branch: ${branch}" f_log " ====== Trying to upload =======" echo "" curl ${lookaside_baseurl}/sources/upload.cgi \ --fail \ --cert ~/.centos.cert \ --form "name=${pkgname}" \ --form "branch=${branch}" \ --form "sha1sum=${checksum}" \ --form "file=@${file}" \ --progress-bar | tee /dev/null upload_result="${PIPESTATUS[0]}" if [ "$upload_result" -ne "0" ] ;then f_log "[ERROR] Something didn't work to push to ${lookaside_baseurl}/sources/${pkgname}/${branch}/${checksum}" f_log "[ERROR] Verify at the server side" exit 1 fi f_log "Validating that source was correctly uploaded ...." remote_size=$(curl --silent -i --head ${lookaside_baseurl}/sources/${pkgname}/${branch}/${checksum}|grep "Content-Length"|cut -f 2 -d ':'|tr -d [:blank:]|tr -d '\r') if [ "$local_size" -eq "$remote_size" ] ; then f_log "[SUCCESS] Source should be available at ${lookaside_baseurl}/sources/${pkgname}/${branch}/${checksum}" else f_log "[ERROR] it seems there is a mismatch with source size and remote file size" fi else f_log "[ERROR] Neither branch or hash parameters were specified" exit 1 fi