eca284cab7
The last patch to do this only handled the case of SHA256SUM being stale, but the image is more likely to be stale in the default configuration as the hash file is downloaded over HTTPS. Change-Id: I6531fa684e560cad48c3696394d48a600680c875 Closes-Bug: #1336067
46 lines
2 KiB
Bash
Executable file
46 lines
2 KiB
Bash
Executable file
#!/bin/bash
|
|
# These are useful, or at worst not harmful, for all images we build.
|
|
|
|
set -eux
|
|
set -o pipefail
|
|
|
|
[ -n "$ARCH" ]
|
|
[ -n "$TARGET_ROOT" ]
|
|
|
|
shopt -s extglob
|
|
|
|
DIB_CLOUD_IMAGES=${DIB_CLOUD_IMAGES:-http://cloud-images.ubuntu.com}
|
|
DIB_RELEASE=${DIB_RELEASE:-trusty}
|
|
BASE_IMAGE_FILE=${BASE_IMAGE_FILE:-$DIB_RELEASE-server-cloudimg-$ARCH-root.tar.gz}
|
|
SHA256SUMS=${SHA256SUMS:-https://${DIB_CLOUD_IMAGES##http?(s)://}/$DIB_RELEASE/current/SHA256SUMS}
|
|
CACHED_FILE=$DIB_IMAGE_CACHE/$BASE_IMAGE_FILE
|
|
CACHED_SUMS=$DIB_IMAGE_CACHE/SHA256SUMS.ubuntu.$DIB_RELEASE.$ARCH
|
|
|
|
if [ -n "$DIB_OFFLINE" -a -f "$CACHED_FILE" ] ; then
|
|
echo "Not checking freshness of cached $CACHED_FILE."
|
|
else
|
|
echo "Fetching Base Image"
|
|
$TMP_HOOKS_PATH/bin/cache-url $SHA256SUMS $CACHED_SUMS
|
|
$TMP_HOOKS_PATH/bin/cache-url $DIB_CLOUD_IMAGES/$DIB_RELEASE/current/$BASE_IMAGE_FILE $CACHED_FILE
|
|
pushd $DIB_IMAGE_CACHE
|
|
if ! grep "$BASE_IMAGE_FILE" $CACHED_SUMS | sha256sum --check - ; then
|
|
# It is likely that an upstream http(s) proxy has given us a skewed
|
|
# result - either a cached SHA file or a cached image. Use cache-busting
|
|
# to get (as long as caches are compliant...) fresh files.
|
|
# Try the sha256sum first, just in case that is the stale one (avoiding
|
|
# downloading the larger image), and then if the sums still fail retry
|
|
# the image.
|
|
$TMP_HOOKS_PATH/bin/cache-url -f $SHA256SUMS $CACHED_SUMS
|
|
if ! grep "$BASE_IMAGE_FILE" $CACHED_SUMS | sha256sum --check - ; then
|
|
$TMP_HOOKS_PATH/bin/cache-url -f $DIB_CLOUD_IMAGES/$DIB_RELEASE/current/$BASE_IMAGE_FILE $CACHED_FILE
|
|
grep "$BASE_IMAGE_FILE" $CACHED_SUMS | sha256sum --check -
|
|
fi
|
|
fi
|
|
popd
|
|
fi
|
|
# Extract the base image (use --numeric-owner to avoid UID/GID mismatch between
|
|
# image tarball and host OS e.g. when building Ubuntu image on an openSUSE host)
|
|
sudo tar -C $TARGET_ROOT --numeric-owner -xzf $DIB_IMAGE_CACHE/$BASE_IMAGE_FILE
|
|
if [ -e "$TARGET_ROOT/lost+found" ]; then
|
|
sudo rmdir $TARGET_ROOT/lost+found
|
|
fi
|