#!/bin/bash set -eu set -o pipefail [ -n "$ARCH" ] [ -n "$TARGET_ROOT" ] if [ 'amd64' = "$ARCH" ] ; then ARCH="x86_64" fi if ! [ 'x86_64' = "$ARCH" ] ; then echo "Only x86_64 images are currently available but ARCH is set to $ARCH." exit 1 fi DIB_RELEASE=${DIB_RELEASE:-13.1} DIB_CLOUD_IMAGES=${DIB_CLOUD_IMAGES:-http://download.opensuse.org/repositories/Cloud:/Images:/openSUSE_${DIB_RELEASE}/images/} BASE_IMAGE_FILE=${BASE_IMAGE_FILE:-openSUSE-${DIB_RELEASE}-OS-rootfs.${ARCH}-0.1.0-Build2.36.tbz} SHA256SUMS_FILE=${SHA256SUMS_FILE:-${BASE_IMAGE_FILE}.sha256} CACHED_FILE=$DIB_IMAGE_CACHE/$BASE_IMAGE_FILE CACHED_SHA256SUMS_FILE=$DIB_IMAGE_CACHE/SHA256SUMS.$BASE_IMAGE_FILE # FIXME: either check the checksums into git or verify the signature # on the checksums. We should not be trusting checksums we download # over HTTP if [ -n "$DIB_OFFLINE" -a -f "$CACHED_FILE" ] ; then echo "Not checking freshness of cached $CACHED_FILE." else echo "Fetching Base Image" $TMP_HOOKS_PATH/bin/cache-url $DIB_CLOUD_IMAGES/$SHA256SUMS_FILE $CACHED_SHA256SUMS_FILE $TMP_HOOKS_PATH/bin/cache-url $DIB_CLOUD_IMAGES/$BASE_IMAGE_FILE $CACHED_FILE pushd $DIB_IMAGE_CACHE # Calculate sha256sum of downloaded image and check against content from sha256 file SHA256SUM=$(sha256sum ${BASE_IMAGE_FILE} | cut -d " " -f1) grep -q $SHA256SUM SHA256SUMS.$BASE_IMAGE_FILE popd fi # Extract the base image (use --numeric-owner to avoid UID/GID mismatch between # image tarball and host OS) sudo tar -C $TARGET_ROOT --numeric-owner -xjf $CACHED_FILE