diskimage-builder/elements/ubuntu/root.d/10-cache-ubuntu-tarball
Robert Collins eca284cab7 Really handle Ubuntu mirror cache skew,
The last patch to do this only handled the case of SHA256SUM being
stale, but the image is more likely to be stale in the default
configuration as the hash file is downloaded over HTTPS.

Change-Id: I6531fa684e560cad48c3696394d48a600680c875
Closes-Bug: #1336067
2014-07-09 08:07:58 +12:00

46 lines
2 KiB
Bash
Executable file

#!/bin/bash
# These are useful, or at worst not harmful, for all images we build.
set -eux
set -o pipefail
[ -n "$ARCH" ]
[ -n "$TARGET_ROOT" ]
shopt -s extglob
DIB_CLOUD_IMAGES=${DIB_CLOUD_IMAGES:-http://cloud-images.ubuntu.com}
DIB_RELEASE=${DIB_RELEASE:-trusty}
BASE_IMAGE_FILE=${BASE_IMAGE_FILE:-$DIB_RELEASE-server-cloudimg-$ARCH-root.tar.gz}
SHA256SUMS=${SHA256SUMS:-https://${DIB_CLOUD_IMAGES##http?(s)://}/$DIB_RELEASE/current/SHA256SUMS}
CACHED_FILE=$DIB_IMAGE_CACHE/$BASE_IMAGE_FILE
CACHED_SUMS=$DIB_IMAGE_CACHE/SHA256SUMS.ubuntu.$DIB_RELEASE.$ARCH
if [ -n "$DIB_OFFLINE" -a -f "$CACHED_FILE" ] ; then
echo "Not checking freshness of cached $CACHED_FILE."
else
echo "Fetching Base Image"
$TMP_HOOKS_PATH/bin/cache-url $SHA256SUMS $CACHED_SUMS
$TMP_HOOKS_PATH/bin/cache-url $DIB_CLOUD_IMAGES/$DIB_RELEASE/current/$BASE_IMAGE_FILE $CACHED_FILE
pushd $DIB_IMAGE_CACHE
if ! grep "$BASE_IMAGE_FILE" $CACHED_SUMS | sha256sum --check - ; then
# It is likely that an upstream http(s) proxy has given us a skewed
# result - either a cached SHA file or a cached image. Use cache-busting
# to get (as long as caches are compliant...) fresh files.
# Try the sha256sum first, just in case that is the stale one (avoiding
# downloading the larger image), and then if the sums still fail retry
# the image.
$TMP_HOOKS_PATH/bin/cache-url -f $SHA256SUMS $CACHED_SUMS
if ! grep "$BASE_IMAGE_FILE" $CACHED_SUMS | sha256sum --check - ; then
$TMP_HOOKS_PATH/bin/cache-url -f $DIB_CLOUD_IMAGES/$DIB_RELEASE/current/$BASE_IMAGE_FILE $CACHED_FILE
grep "$BASE_IMAGE_FILE" $CACHED_SUMS | sha256sum --check -
fi
fi
popd
fi
# Extract the base image (use --numeric-owner to avoid UID/GID mismatch between
# image tarball and host OS e.g. when building Ubuntu image on an openSUSE host)
sudo tar -C $TARGET_ROOT --numeric-owner -xzf $DIB_IMAGE_CACHE/$BASE_IMAGE_FILE
if [ -e "$TARGET_ROOT/lost+found" ]; then
sudo rmdir $TARGET_ROOT/lost+found
fi