try to simplify templates, add gpg check

This commit is contained in:
Louis Abel 2022-06-12 02:08:48 -07:00
parent b376c168bb
commit 08249632af
Signed by untrusted user: label
GPG key ID: B37E62D143879B36
4 changed files with 73 additions and 55 deletions

View file

@ -96,7 +96,11 @@
- HighAvailability - HighAvailability
extra_files: extra_files:
git_repo: 'https://git.rockylinux.org/staging/src/rocky-release.git' git_repo: 'https://git.rockylinux.org/staging/src/rocky-release.git'
git_raw_path: 'https://git.rockylinux.org/staging/src/rocky-release/-/raw/'
branch: 'r9' branch: 'r9'
gpg:
stable: 'SOURCES/RPM-GPG-KEY-Rocky-9'
testing: 'SOURCES/RPM-GPG-KEY-Rocky-9-Testing'
list: list:
- 'SOURCES/COMMUNITY-CHARTER' - 'SOURCES/COMMUNITY-CHARTER'
- 'SOURCES/EULA' - 'SOURCES/EULA'

View file

@ -1,4 +1,13 @@
#!/bin/bash #!/bin/bash
set -o pipefail set -o pipefail
{{ dnf_plugin_cmd }} {{ import_gpg_cmd }} | tee -a {{ sync_log }}
{{ sync_cmd }} {{ dnf_plugin_cmd }} | tee -a {{ sync_log }}
{{ sync_cmd }} | tee -a {{ sync_log }}
{{ check_cmd }} | tee -a {{ sync_log }}
ret_val=$?
if [ "$ret_val" -eq 1 ]; then
exit 0
else
exit 1
fi

View file

@ -1,5 +1,14 @@
#!/bin/bash #!/bin/bash
set -o pipefail set -o pipefail
{{ arch_force_cp }} {{ import_gpg_cmd }} | tee -a {{ sync_log }}
{{ dnf_plugin_cmd }} {{ arch_force_cp }} | tee -a {{ sync_log }}
{{ sync_cmd }} {{ dnf_plugin_cmd }} | tee -a {{ sync_log }}
{{ sync_cmd }} | tee -a {{ sync_log }}
{{ check_cmd }} | tee -a {{ sync_log }}
ket_val=$?
if [ "$ret_val" -eq 1 ]; then
exit 0
else
exit 1
fi

View file

@ -44,6 +44,7 @@ class RepoSync:
dryrun: bool = False, dryrun: bool = False,
fullrun: bool = False, fullrun: bool = False,
nofail: bool = False, nofail: bool = False,
gpgkey: str = 'stable',
logger=None logger=None
): ):
self.nofail = nofail self.nofail = nofail
@ -73,6 +74,7 @@ class RepoSync:
self.multilib = rlvars['provide_multilib'] self.multilib = rlvars['provide_multilib']
self.repo = repo self.repo = repo
self.extra_files = rlvars['extra_files'] self.extra_files = rlvars['extra_files']
self.gpgkey = gpgkey
# Templates # Templates
file_loader = FileSystemLoader('templates') file_loader = FileSystemLoader('templates')
@ -298,6 +300,12 @@ class RepoSync:
'debug/tree' 'debug/tree'
) )
import_gpg_cmd = ("/usr/bin/rpm --import "
"| /usr/bin/curl {}{}").format(
self.extra_files['git_raw_path'],
self.extra_files['gpg'][self.gpgkey]
)
arch_force_cp = ("/usr/bin/sed 's|$basearch|{}|g' {} > {}.{}".format( arch_force_cp = ("/usr/bin/sed 's|$basearch|{}|g' {} > {}.{}".format(
a, a,
self.dnf_config, self.dnf_config,
@ -312,60 +320,53 @@ class RepoSync:
self.date_stamp self.date_stamp
) )
debug_sync_log = ("{}/{}-{}-debug-{}.log").format(
log_root,
repo_name,
a,
self.date_stamp
)
sync_cmd = ("/usr/bin/dnf reposync -c {}.{} --download-metadata " sync_cmd = ("/usr/bin/dnf reposync -c {}.{} --download-metadata "
"--repoid={} -p {} --forcearch {} --norepopath 2>&1 " "--repoid={} -p {} --forcearch {} --norepopath 2>&1").format(
"| tee -a {}").format(
self.dnf_config, self.dnf_config,
a, a,
r, r,
os_sync_path, os_sync_path,
a, a
sync_log,
) )
debug_sync_cmd = ("/usr/bin/dnf reposync -c {}.{} " debug_sync_cmd = ("/usr/bin/dnf reposync -c {}.{} "
"--download-metadata --repoid={}-debug -p {} --forcearch {} " "--download-metadata --repoid={}-debug -p {} --forcearch {} "
"--norepopath 2>&1 | tee -a {}/{}-{}-debug-{}.log").format( "--norepopath 2>&1").format(
self.dnf_config, self.dnf_config,
a, a,
r, r,
debug_sync_path, debug_sync_path,
a, a
log_root,
repo_name,
a,
self.date_stamp
) )
dnf_plugin_cmd = ("/usr/bin/dnf install dnf-plugins-core " dnf_plugin_cmd = "/usr/bin/dnf install dnf-plugins-core -y"
"-y | tee -a {}/{}-{}-{}.log").format( check_cmd = ("/usr/bin/rpm -K $(find . -name '*.rpm') | grep -v 'signatures OK'")
log_root,
repo_name,
a,
self.date_stamp
)
debug_dnf_plugin_cmd = ("/usr/bin/dnf install dnf-plugins-core "
"-y | tee -a {}/{}-{}-debug-{}.log").format(
log_root,
repo_name,
a,
self.date_stamp
)
sync_template = self.tmplenv.get_template('reposync.tmpl') sync_template = self.tmplenv.get_template('reposync.tmpl')
sync_output = sync_template.render( sync_output = sync_template.render(
import_gpg_cmd=import_gpg_cmd,
arch_force_cp=arch_force_cp, arch_force_cp=arch_force_cp,
dnf_plugin_cmd=dnf_plugin_cmd, dnf_plugin_cmd=dnf_plugin_cmd,
sync_cmd=sync_cmd sync_cmd=sync_cmd,
check_cmd=check_cmd,
sync_log=sync_log
) )
debug_sync_template = self.tmplenv.get_template('reposync.tmpl') debug_sync_template = self.tmplenv.get_template('reposync.tmpl')
debug_sync_output = debug_sync_template.render( debug_sync_output = debug_sync_template.render(
import_gpg_cmd=import_gpg_cmd,
arch_force_cp=arch_force_cp, arch_force_cp=arch_force_cp,
dnf_plugin_cmd=debug_dnf_plugin_cmd, dnf_plugin_cmd=dnf_plugin_cmd,
sync_cmd=debug_sync_cmd sync_cmd=debug_sync_cmd,
check_cmd=check_cmd,
sync_log=debug_sync_log
) )
entry_point_open = open(entry_point_sh, "w+") entry_point_open = open(entry_point_sh, "w+")
@ -396,28 +397,27 @@ class RepoSync:
'source/tree' 'source/tree'
) )
source_sync_cmd = ("/usr/bin/dnf reposync -c {} " source_sync_log = ("{}/{}-source-{}.log").format(
"--download-metadata --repoid={}-source -p {} "
"--norepopath | tee -a {}/{}-source-{}.log").format(
self.dnf_config,
r,
source_sync_path,
log_root, log_root,
repo_name, repo_name,
self.date_stamp self.date_stamp
) )
source_dnf_plugin_cmd = ("/usr/bin/dnf install dnf-plugins-core " source_sync_cmd = ("/usr/bin/dnf reposync -c {} "
"-y | tee -a {}/{}-source-{}.log").format( "--download-metadata --repoid={}-source -p {} "
log_root, "--norepopath 2>&1").format(
repo_name, self.dnf_config,
self.date_stamp r,
source_sync_path
) )
source_sync_template = self.tmplenv.get_template('reposync-src.tmpl') source_sync_template = self.tmplenv.get_template('reposync-src.tmpl')
source_sync_output = source_sync_template.render( source_sync_output = source_sync_template.render(
dnf_plugin_cmd=source_dnf_plugin_cmd, import_gpg_cmd=import_gpg_cmd,
sync_cmd=source_sync_cmd dnf_plugin_cmd=dnf_plugin_cmd,
sync_cmd=source_sync_cmd,
check_cmd=check_cmd,
sync_log=source_sync_log
) )
source_entry_point_open = open(source_entry_point_sh, "w+") source_entry_point_open = open(source_entry_point_sh, "w+")
@ -481,10 +481,8 @@ class RepoSync:
) )
output, errors = podcheck.communicate() output, errors = podcheck.communicate()
if 'Exited (0)' in output.decode(): if 'Exited (0)' not in output.decode():
self.log.info('%s seems ok' % pod) self.log.error('[%s%sFAIL%s] %s' % Color.BOLD, Color.RED, pod, Color.END)
else:
self.log.error('%s had issues syncing' % pod)
bad_exit_list.append(pod) bad_exit_list.append(pod)
rmcmd = '{} rm {}'.format( rmcmd = '{} rm {}'.format(
@ -761,10 +759,8 @@ class RepoSync:
) )
output, errors = podcheck.communicate() output, errors = podcheck.communicate()
if 'Exited (0)' in output.decode(): if 'Exited (0)' not in output.decode():
self.log.info('%s seems ok' % pod) self.log.error('[%s%sFAIL%s] %s' % Color.BOLD, Color.RED, pod, Color.END)
else:
self.log.error('%s had issues closing' % pod)
bad_exit_list.append(pod) bad_exit_list.append(pod)
rmcmd = '{} rm {}'.format( rmcmd = '{} rm {}'.format(