forked from sig_core/toolkit
additional fixes
This commit is contained in:
parent
0b4cab9adb
commit
7f7e6c5086
4 changed files with 162 additions and 3 deletions
|
@ -41,6 +41,19 @@ ALL_REPOS=(
|
|||
"${MODS_REPOS[@]}"
|
||||
)
|
||||
|
||||
NONSIG_COMPOSE=(
|
||||
Rocky
|
||||
Rocky-devel
|
||||
Extras
|
||||
Plus
|
||||
NFV
|
||||
)
|
||||
|
||||
declare -A SIG_COMPOSE
|
||||
SIG_COMPOSE=(
|
||||
[Gluster9]="storage/gluster9"
|
||||
)
|
||||
|
||||
# These repos have modules
|
||||
MODS=(
|
||||
AppStream
|
||||
|
|
|
@ -1,10 +1,56 @@
|
|||
#!/bin/bash
|
||||
# Performs a full on sync of a minor release, directories and all. It calls the
|
||||
# other scripts in this directory to assist.
|
||||
# other scripts in this directory to assist where necessary.
|
||||
# Source common variables
|
||||
# shellcheck disable=SC2046,1091,1090
|
||||
source $(dirname "$0")/common
|
||||
|
||||
# sync all pieces of a release, including extras, nfv, etc
|
||||
# Major Version (eg, 8)
|
||||
MAJ=${RLVER}
|
||||
|
||||
# move around the ISOs a bit, make things comfortable
|
||||
# sync all pieces of a release, including extras, nfv, etc
|
||||
for COMPOSE in Rocky "${NONMODS_REPOS[@]}"; do
|
||||
cd "/mnt/compose/${MAJ}/latest-${COMPOSE}-${MAJ}/compose" || { echo "${COMPOSE}: Failed to change directory"; break; }
|
||||
|
||||
TARGET="${STAGING_ROOT}/${CATEGORY_STUB}/${REV}"
|
||||
mkdir -p "${TARGET}"
|
||||
# disabling because none of our files should be starting with dashes. If they
|
||||
# are something is *seriously* wrong here.
|
||||
# shellcheck disable=SC2035
|
||||
sudo -l && find **/* -maxdepth 0 -type d | parallel --will-cite -j 18 sudo rsync -av --chown=10004:10005 --progress --relative --human-readable \
|
||||
{} "${TARGET}"
|
||||
done
|
||||
|
||||
# sync all sig stuff
|
||||
for SIG in "${!SIG_COMPOSE[@]}"; do
|
||||
cd "/mnt/compose/${MAJ}/latest-${SIG}-${MAJ}/compose" || { echo "${COMPOSE}: Failed to change directory"; break; }
|
||||
|
||||
TARGET="${STAGING_ROOT}/${CATEGORY_STUB}/${REV}/${SIG_COMPOSE[$SIG]}"
|
||||
mkdir -p "${TARGET}"
|
||||
# disabling because none of our files should be starting with dashes. If they
|
||||
# are something is *seriously* wrong here.
|
||||
# shellcheck disable=SC2035
|
||||
sudo -l && find **/* -maxdepth 0 -type d | parallel --will-cite -j 18 sudo rsync -av --chown=10004:10005 --progress --relative --human-readable \
|
||||
{} "${TARGET}"
|
||||
done
|
||||
|
||||
# copy around the ISOs a bit, make things comfortable
|
||||
for ARCH in "${ARCHES[@]}"; do
|
||||
TARGET="${STAGING_ROOT}/${CATEGORY_STUB}/${REV}/isos/${ARCH}"
|
||||
# who knows if EL9 will change the name of baseos
|
||||
for x in BaseOS Minimal; do
|
||||
SOURCE="${STAGING_ROOT}/${CATEGORY_STUB}/${REV}/${x}/${ARCH}/iso"
|
||||
mkdir -p "${TARGET}"
|
||||
cp "${SOURCE}/*.iso" "${TARGET}"
|
||||
cp "${SOURCE}/*.iso.manifest" "${TARGET}"
|
||||
cat "${SOURCE}/CHECKSUM" >> "${TARGET}/CHECKSUM"
|
||||
done
|
||||
done
|
||||
|
||||
# sign all repos
|
||||
test -f $(dirname "$0")/sign-repos-only.sh
|
||||
ret_val=$?
|
||||
|
||||
if [ "$ret_val" -eq 0 ]; then
|
||||
$(dirname "$0")/sign-repos-only.sh
|
||||
fi
|
||||
|
|
|
@ -105,6 +105,7 @@ for x in "${ARCHES[@]}"; do
|
|||
|
||||
echo "** Fix variants"
|
||||
TREEINFO_VAR="${STAGING_ROOT}/${RELEASE_DIR}/BaseOS/${x}/os/.treeinfo"
|
||||
IMAGES_VAR="${STAGING_ROOT}/${RELEASE_DIR}/BaseOS/${x}/os/images"
|
||||
test -f "${TREEINFO_VAR}"
|
||||
treeinfo_retval=$?
|
||||
test -x /usr/bin/python3
|
||||
|
@ -116,6 +117,16 @@ for x in "${ARCHES[@]}"; do
|
|||
# the take away is I learned something kind of on the fly and well, it worked.
|
||||
# Emails should have stamps.
|
||||
if [ "$treeinfo_retval" -eq 0 ] && [ "$python_retval" -eq 0 ]; then
|
||||
# shellcheck disable=SC2086
|
||||
BOOTISO_CHECKSUM="$(sha256sum ${IMAGES_VAR}/boot.iso | cut -d' ' -f1)"
|
||||
# shellcheck disable=SC2086
|
||||
EFIBOOT_CHECKSUM="$(sha256sum ${IMAGES_VAR}/efiboot.img | cut -d' ' -f1)"
|
||||
# shellcheck disable=SC2086
|
||||
INSTALLIMG_CHECKSUM="$(sha256sum ${IMAGES_VAR}/install.img | cut -d' ' -f1)"
|
||||
# shellcheck disable=SC2086
|
||||
INITRD_CHECKSUM="$(sha256sum ${IMAGES_VAR}/pxeboot/initrd.img | cut -d' ' -f1)"
|
||||
# shellcheck disable=SC2086
|
||||
VMLINUZ_CHECKSUM="$(sha256sum ${IMAGES_VAR}/pxeboot/vmlinuz | cut -d' ' -f1)"
|
||||
cat <<EOF | /usr/bin/python3
|
||||
from configparser import ConfigParser
|
||||
config = ConfigParser()
|
||||
|
@ -128,6 +139,20 @@ config.set('variants-AppStream', 'type', 'variant')
|
|||
config.set('variants-AppStream', 'uid', 'AppStream')
|
||||
config.set('variants-AppStream', 'packages', '../../../AppStream/${x}/os/Packages')
|
||||
config.set('variants-AppStream', 'repository', '../../../AppStream/${x}/os/')
|
||||
config.add_section('images-x86_64')
|
||||
config.set('images-x86_64', 'boot.iso', 'images/boot.iso')
|
||||
config.set('images-x86_64', 'efiboot.img', 'images/efiboot.img')
|
||||
config.set('images-x86_64', 'initrd', 'images/pxeboot/initrd.img')
|
||||
config.set('images-x86_64', 'kernel', 'images/pxeboot/vmlinuz')
|
||||
config.add_section('stage2')
|
||||
config.set('stage2', 'mainimage', 'images/install.img')
|
||||
config.add_section('checksums')
|
||||
config.set('checksums', 'images/boot.iso', 'sha256:${BOOTISO_CHECKSUM}')
|
||||
config.set('checksums', 'images/efiboot.img', 'sha256:${EFIBOOT_CHECKSUM}')
|
||||
config.set('checksums', 'images/install.img', 'sha256:${INSTALLIMG_CHECKSUM}')
|
||||
config.set('checksums', 'images/pxeboot/initrd.img', 'sha256:${INITRD_CHECKSUM}')
|
||||
config.set('checksums', 'images/pxeboot/vmlinuz', 'sha256:${VMLINUZ_CHECKSUM}')
|
||||
|
||||
with open('${TREEINFO_VAR}', 'w') as configfile:
|
||||
config.write(configfile)
|
||||
EOF
|
||||
|
|
75
sync/sign-repos-only.sh
Normal file
75
sync/sign-repos-only.sh
Normal file
|
@ -0,0 +1,75 @@
|
|||
#!/bin/bash
|
||||
# Signs repo metadata only
|
||||
|
||||
# Source common variables
|
||||
export RLVER=8
|
||||
# shellcheck disable=SC2046,1091,1090
|
||||
source "$(dirname "$0")/common"
|
||||
|
||||
echo "** Signing source repos"
|
||||
for y in "${ALL_REPOS[@]}"; do
|
||||
test -d "${STAGING_ROOT}/${RELEASE_DIR}/${y}/source/tree"
|
||||
ret_val=$?
|
||||
if [ "$ret_val" -eq 0 ]; then
|
||||
test -f /root/bin/sign-repo.sh && /root/bin/sign-repo.sh \
|
||||
"${STAGING_ROOT}/${RELEASE_DIR}/${y}/source/tree/repodata/repomd.xml"
|
||||
else
|
||||
echo "${STAGING_ROOT}/${RELEASE_DIR}/${y}/source/tree does not exist"
|
||||
fi
|
||||
done
|
||||
|
||||
# Sync up some stuff
|
||||
echo "** Signing arch repos as necessary **"
|
||||
for x in "${ARCHES[@]}"; do
|
||||
# regular repos, no comps
|
||||
for y in "${NONMODS_REPOS[@]}"; do
|
||||
# os and debug/tree directories
|
||||
for z in os debug/tree; do
|
||||
test -d "${STAGING_ROOT}/${RELEASE_DIR}/${y}/${x}/${z}"
|
||||
ret_val=$?
|
||||
if [ "$ret_val" -eq 0 ]; then
|
||||
test -f /root/bin/sign-repo.sh && /root/bin/sign-repo.sh \
|
||||
"${STAGING_ROOT}/${RELEASE_DIR}/${y}/${x}/${z}/repodata/repomd.xml"
|
||||
else
|
||||
echo "${STAGING_ROOT}/${RELEASE_DIR}/${y}/${x}/${z} does not exist"
|
||||
fi
|
||||
done
|
||||
done
|
||||
# repos with comps/groups involved, but only debug
|
||||
for y in "${MODS_REPOS[@]}"; do
|
||||
test -d "${STAGING_ROOT}/${RELEASE_DIR}/${y}/${x}/debug/tree"
|
||||
ret_val=$?
|
||||
if [ "$ret_val" -eq 0 ]; then
|
||||
test -f /root/bin/sign-repo.sh && /root/bin/sign-repo.sh \
|
||||
"${STAGING_ROOT}/${RELEASE_DIR}/${y}/${x}/debug/tree/repodata/repomd.xml"
|
||||
else
|
||||
echo "${STAGING_ROOT}/${RELEASE_DIR}/${y}/${x}/debug/tree does not exist"
|
||||
fi
|
||||
done
|
||||
|
||||
echo "** Sign all repos with comps/groups"
|
||||
for y in "${MODS_REPOS[@]}"; do
|
||||
echo "${y}: ${x}"
|
||||
test -d "${STAGING_ROOT}/${RELEASE_DIR}/${y}/${x}/os"
|
||||
ret_val=$?
|
||||
if [ "$ret_val" -eq 0 ]; then
|
||||
test -f /root/bin/sign-repo.sh && /root/bin/sign-repo.sh \
|
||||
"${STAGING_ROOT}/${RELEASE_DIR}/${y}/${x}/os/repodata/repomd.xml"
|
||||
else
|
||||
echo "${STAGING_ROOT}/${RELEASE_DIR}/${y}/${x}/os does not exist"
|
||||
fi
|
||||
done
|
||||
|
||||
echo "** Sign module repos"
|
||||
for y in "${MODS[@]}"; do
|
||||
test -d "${STAGING_ROOT}/${RELEASE_DIR}/${y}/${x}/os"
|
||||
ret_val=$?
|
||||
if [ "$ret_val" -eq 0 ]; then
|
||||
# This might not be necessary, but it does not hurt incase repomd is modified
|
||||
test -f /root/bin/sign-repo.sh && /root/bin/sign-repo.sh \
|
||||
"${STAGING_ROOT}/${RELEASE_DIR}/${y}/${x}/os/repodata/repomd.xml"
|
||||
else
|
||||
echo "${STAGING_ROOT}/${RELEASE_DIR}/${y}/${x}/os does not exist"
|
||||
fi
|
||||
done
|
||||
done
|
Loading…
Reference in a new issue