Home Explore Help
Sign In
noid
/
noid-mklive
2
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Branch: main
Branches Tags
noid-mklive
/
release.sh

release.sh 2.3 KB
Permalink History Raw

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182838485868788 
  1. #!/bin/bash
    2. 

  2. 

  3. set -e
    4. 

  4. 

  5. usage() {
    6. 

  6. 	echo "release.sh start [-l LIVE_ARCHS] [-f LIVE_VARIANTS] [-a ROOTFS_ARCHS]"
    7. 

  7. 	echo "    [-p PLATFORMS] [-i SBC_IMGS] [-d DATE] [-r REPOSITORY] -- [gh args...]"
    8. 

  8. 	echo "release.sh dl [run id] -- [gh args...]"
    9. 

  9. 	echo "release.sh sign DATE SHASUMFILE"
    10. 

  10. 	exit 1
    11. 

  11. }
    12. 

  12. 

  13. check_programs() {
    14. 

  14. 	for prog; do
    15. 

  15. 		if ! type $prog &>/dev/null; then
    16. 

  16. 			echo "missing program: $prog"
    17. 

  17. 			exit 1
    18. 

  18. 		fi
    19. 

  19. 	done
    20. 

  20. }
    21. 

  21. 

  22. start_build() {
    23. 

  23. 	check_programs gh
    24. 

  24. 	ARGS=()
    25. 

  25. 	while getopts "a:d:f:i:l:p:r:" opt; do
    26. 

  26. 		case $opt in
    27. 

  27. 			a) ARGS+=(-f rootfs="$OPTARG") ;;
    28. 

  28. 			d) ARGS+=(-f datecode="$OPTARG") ;;
    29. 

  29. 			f) ARGS+=(-f live_flavors="$OPTARG") ;;
    30. 

  30. 			i) ARGS+=(-f sbc_imgs="$OPTARG") ;;
    31. 

  31. 			l) ARGS+=(-f live_archs="$OPTARG") ;;
    32. 

  32. 			p) ARGS+=(-f platformfs="$OPTARG") ;;
    33. 

  33. 			r) ARGS+=(-f mirror="$OPTARG") ;;
    34. 

  34. 			?) usage;;
    35. 

  35. 		esac
    36. 

  36. 	done
    37. 

  37. 	shift $((OPTIND - 1))
    38. 

  38. 	gh workflow run gen-images.yml "${ARGS[@]}" "$@"
    39. 

  39. }
    40. 

  40. 

  41. # this assumes that the latest successful build is the one to download
    42. 

  42. # wish it could be better but alas:
    43. 

  43. # https://github.com/cli/cli/issues/4001
    44. 

  44. download_build() {
    45. 

  45. 	local run
    46. 

  46. 	check_programs gh
    47. 

  47. 	if [ -n "$1" ] && [ "$1" != "--" ]; then
    48. 

  48. 		run="$1"
    49. 

  49. 		shift
    50. 

  50. 	else
    51. 

  51. 		run="$(gh run list -s success -w gen-images.yml --json databaseId -q '.[].databaseId' "$@" | sort -r | head -1)"
    52. 

  52. 	fi
    53. 

  53. 	if [ -n "$1" ] && [ "$1" != "--" ]; then
    54. 

  54. 		usage
    55. 

  55. 	elif [ "$1" == "--" ]; then
    56. 

  56. 		shift
    57. 

  57. 	fi
    58. 

  58. 	echo "Downloading artifacts from run ${run} [this may take a while] ..."
    59. 

  59. 	gh run download "$run" -p 'void-live*' "$@"
    60. 

  60. 	echo "Done."
    61. 

  61. }
    62. 

  62. 

  63. sign_build() {
    64. 

  64. 	check_programs pwgen minisign
    65. 

  65. 	DATECODE="$1"
    66. 

  66. 	SUMFILE="$2"
    67. 

  67. 	mkdir -p release
    68. 

  68. 

  69. 	echo "Creating key..."
    70. 

  70. 	pwgen -cny 25 1 > "release/void-release-$DATECODE.key"
    71. 

  71. 	minisign -G -p "release/void-release-$DATECODE.pub" \
    72. 

  72. 		-s "release/void-release-$DATECODE.sec" \
    73. 

  73. 		-c "This key is only valid for images with date $DATECODE." \
    74. 

  74. 		< <(cat "release/void-release-$DATECODE.key" "release/void-release-$DATECODE.key")
    75. 

  75. 

  76. 	echo "Signing $SUMFILE..."
    77. 

  77. 	minisign -S -x "${SUMFILE//txt/sig}" -s "release/void-release-$DATECODE.sec" \
    78. 

  78. 		-c "This key is only valid for images with date $DATECODE." \
    79. 

  79. 		-t "This key is only valid for images with date $DATECODE." \
    80. 

  80. 		-m "$SUMFILE" < "release/void-release-$DATECODE.key"
    81. 

  81. }
    82. 

  82. 

  83. case "$1" in
    84. 

  84. 	st*) shift; start_build "$@" ;;
    85. 

  85. 	d*) shift; download_build "$@" ;;
    86. 

  86. 	si*) shift; sign_build "$@" ;;
    87. 

  87. 	*) usage ;;
    88. 

  88. esac
    89.