forked from Sysdeploy/ipxe_scripts
483 lines
15 KiB
Bash
483 lines
15 KiB
Bash
|
#!/usr/bin/env bash
|
||
|
|
||
|
|
||
|
function clone_ipxe_upstream() {
|
||
|
local ipxe_src_dir="$1"
|
||
|
|
||
|
if [ -d "$ipxe_src_dir" ]; then
|
||
|
>&2 echo "Clone dir location already exists."
|
||
|
return 1
|
||
|
fi
|
||
|
|
||
|
git clone git://git.ipxe.org/ipxe.git "$ipxe_src_dir" || return 1
|
||
|
cd "$ipxe_src_dir"
|
||
|
|
||
|
# Known good commit
|
||
|
git checkout 56f7d44fde1d6ac196d115cc7dddd58e7ec098fa || return 1
|
||
|
|
||
|
return 0
|
||
|
}
|
||
|
|
||
|
function sed_enabled_ipxe_features() {
|
||
|
local ipxe_src_dir="$1"
|
||
|
|
||
|
if [ ! -d "$ipxe_src_dir" ] || [[ ! -f "${ipxe_src_dir}/src/config/general.h" ]]; then
|
||
|
>&2 echo "Either no IXPE src dir was supplied, or the supplied dir does not exist."
|
||
|
return 1
|
||
|
fi
|
||
|
|
||
|
sed -i 's/^\/\/\#define\ DOWNLOAD_PROTO_HTTPS/\#define\ DOWNLOAD_PROTO_HTTPS/g' "${ipxe_src_dir}/src/config/general.h"
|
||
|
sed -i 's/^\/\/\#define\ NSLOOKUP_CMD/\#define\ NSLOOKUP_CMD/g' "${ipxe_src_dir}/src/config/general.h"
|
||
|
sed -i 's/^\/\/\#define\ TIME_CMD/\#define\ TIME_CMD/g' "${ipxe_src_dir}/src/config/general.h"
|
||
|
sed -i 's/^\/\/\#define\ DIGEST_CMD/\#define\ DIGEST_CMD/g' "${ipxe_src_dir}/src/config/general.h"
|
||
|
sed -i 's/^\/\/\#define\ REBOOT_CMD/\#define\ REBOOT_CMD/g' "${ipxe_src_dir}/src/config/general.h"
|
||
|
sed -i 's/^\/\/\#define\ POWEROFF_CMD/\#define\ POWEROFF_CMD/g' "${ipxe_src_dir}/src/config/general.h"
|
||
|
sed -i 's/^\/\/\#define\ IMAGE_TRUST_CMD/\#define\ IMAGE_TRUST_CMD/g' "${ipxe_src_dir}/src/config/general.h"
|
||
|
sed -i 's/^\/\/\#define\ NTP_CMD/\#define\ NTP_CMD/g' "${ipxe_src_dir}/src/config/general.h"
|
||
|
sed -i 's/^\/\/\#define\ CERT_CMD/\#define\ CERT_CMD/g' "${ipxe_src_dir}/src/config/general.h"
|
||
|
|
||
|
sed -i 's/^\#undef\ DOWNLOAD_PROTO_HTTPS/\#define\ DOWNLOAD_PROTO_HTTPS/g' "${ipxe_src_dir}/src/config/general.h"
|
||
|
sed -i 's/^\#undef\ NSLOOKUP_CMD/\#define\ NSLOOKUP_CMD/g' "${ipxe_src_dir}/src/config/general.h"
|
||
|
sed -i 's/^\#undef\ TIME_CMD/\#define\ TIME_CMD/g' "${ipxe_src_dir}/src/config/general.h"
|
||
|
sed -i 's/^\#undef\ DIGEST_CMD/\#define\ DIGEST_CMD/g' "${ipxe_src_dir}/src/config/general.h"
|
||
|
sed -i 's/^\#undef\ REBOOT_CMD/\#define\ REBOOT_CMD/g' "${ipxe_src_dir}/src/config/general.h"
|
||
|
sed -i 's/^\#undef\ POWEROFF_CMD/\#define\ POWEROFF_CMD/g' "${ipxe_src_dir}/src/config/general.h"
|
||
|
sed -i 's/^\#undef\ IMAGE_TRUST_CMD/\#define\ IMAGE_TRUST_CMD/g' "${ipxe_src_dir}/src/config/general.h"
|
||
|
sed -i 's/^\#undef\ NTP_CMD/\#define\ NTP_CMD/g' "${ipxe_src_dir}/src/config/general.h"
|
||
|
sed -i 's/^\#undef\ CERT_CMD/\#define\ CERT_CMD/g' "${ipxe_src_dir}/src/config/general.h"
|
||
|
|
||
|
return 0
|
||
|
}
|
||
|
|
||
|
function make_ipxe_lkrn() {
|
||
|
local ipxe_src_dir="$1"
|
||
|
local embed_file="$2"
|
||
|
local signing_cert="$3"
|
||
|
local ca_cert="$4"
|
||
|
|
||
|
embed_file="$(realpath "${embed_file}")"
|
||
|
signing_cert="$(realpath "${signing_cert}")"
|
||
|
ca_cert="$(realpath "${ca_cert}")"
|
||
|
|
||
|
if [ ! -d "$ipxe_src_dir" ]; then
|
||
|
>&2 echo "IPXE supplied directory does not exist."
|
||
|
return 1
|
||
|
fi
|
||
|
if [[ ! -f "$embed_file" ]]; then
|
||
|
>&2 echo "IPXE embedded file does not exist."
|
||
|
return 1
|
||
|
fi
|
||
|
if [[ ! -f "$signing_cert" ]]; then
|
||
|
>&2 echo "IPXE signing cert does not exist."
|
||
|
return 1
|
||
|
fi
|
||
|
if [[ ! -f "${ca_cert}" ]]; then
|
||
|
>&2 echo "IPXE CA cert does not exist."
|
||
|
return 1
|
||
|
fi
|
||
|
|
||
|
|
||
|
cd "${ipxe_src_dir}/src/" || return 1
|
||
|
|
||
|
make bin/ipxe.lkrn EMBED="${embed_file}" CERT="${signing_cert},${ca_cert}" TRUST="${ca_cert}" || return 2
|
||
|
|
||
|
return 0
|
||
|
}
|
||
|
|
||
|
function make_ipxe_iso() {
|
||
|
local ipxe_src_dir="$1"
|
||
|
local embed_file="$2"
|
||
|
local signing_cert="$3"
|
||
|
local ca_cert="$4"
|
||
|
|
||
|
embed_file="$(realpath "${embed_file}")"
|
||
|
signing_cert="$(realpath "${signing_cert}")"
|
||
|
ca_cert="$(realpath "${ca_cert}")"
|
||
|
|
||
|
if [ ! -d "$ipxe_src_dir" ]; then
|
||
|
>&2 echo "IPXE supplied directory does not exist."
|
||
|
return 1
|
||
|
fi
|
||
|
if [[ ! -f "$embed_file" ]]; then
|
||
|
>&2 echo "IPXE embedded file does not exist."
|
||
|
return 1
|
||
|
fi
|
||
|
if [[ ! -f "$signing_cert" ]]; then
|
||
|
>&2 echo "IPXE signing cert does not exist."
|
||
|
return 1
|
||
|
fi
|
||
|
if [[ ! -f "${ca_cert}" ]]; then
|
||
|
>&2 echo "IPXE CA cert does not exist."
|
||
|
return 1
|
||
|
fi
|
||
|
|
||
|
cd "${ipxe_src_dir}/src/" || return 1
|
||
|
|
||
|
make bin/ipxe.iso EMBED="${embed_file}" CERT="${signing_cert},${ca_cert}" TRUST="${ca_cert}" || return 2
|
||
|
|
||
|
return 0
|
||
|
}
|
||
|
|
||
|
function make_ipxe_bin_shasums() {
|
||
|
local ipxe_src_dir="$1"
|
||
|
|
||
|
if [ ! -d "$ipxe_src_dir" ]; then
|
||
|
>&2 echo "IPXE supplied directory does not exist."
|
||
|
return 1
|
||
|
fi
|
||
|
if [[ ! -f "${ipxe_src_dir}/src/bin/ipxe.lkrn" ]]; then
|
||
|
>&2 echo "IPXE lkrn build file does not exist."
|
||
|
return 1
|
||
|
fi
|
||
|
if [[ ! -f "${ipxe_src_dir}/src/bin/ipxe.iso" ]]; then
|
||
|
>&2 echo "IPXE iso build file does not exist."
|
||
|
return 1
|
||
|
fi
|
||
|
|
||
|
cd "${ipxe_src_dir}/src/bin/" || return 1
|
||
|
|
||
|
sha256sum ipxe.lkrn ipxe.iso > SHA256SUMS || return 2
|
||
|
|
||
|
return 0
|
||
|
}
|
||
|
|
||
|
# Gitconfig needs to already be setup to allow automatic push.
|
||
|
# This function may not be called, and instead builtbot steps like GitTag will
|
||
|
# be used.
|
||
|
function tag_head_and_push() {
|
||
|
local git_repo_dir="$1"
|
||
|
local remote="$2"
|
||
|
local branch="$3"
|
||
|
|
||
|
if [ ! -d "$git_repo_dir" ]; then
|
||
|
>&2 echo "Supplied directory does not exist."
|
||
|
return 1
|
||
|
fi
|
||
|
if [[ -z "$remote" ]]; then
|
||
|
>&2 echo "No remote specified."
|
||
|
return 1
|
||
|
fi
|
||
|
if [[ -z "$branch" ]]; then
|
||
|
>&2 echo "No branch specified."
|
||
|
return 1
|
||
|
fi
|
||
|
|
||
|
cd "$git_repo_dir"
|
||
|
|
||
|
git tag -n | grep $(git rev-parse HEAD)
|
||
|
if [ $? -eq 0 ]; then
|
||
|
>&2 echo 'HEAD tag already exists, bailing out...'
|
||
|
return 1
|
||
|
fi
|
||
|
|
||
|
git tag -a "g_$(git rev-parse HEAD)" HEAD -m "BuildBot: tag commit for release $(git rev-parse HEAD)" || return 2
|
||
|
git push --tags "$remote" "$branch"
|
||
|
if [ $? -ne 0 ]; then
|
||
|
>&2 echo 'Error during attempted git push of new tag'
|
||
|
return 3
|
||
|
fi
|
||
|
|
||
|
return 0
|
||
|
}
|
||
|
|
||
|
function create_release() {
|
||
|
local git_repo_dir="$1"
|
||
|
local branch="$2"
|
||
|
local repo_user="$3"
|
||
|
local repo_name="$4"
|
||
|
local api_token_file="$5"
|
||
|
|
||
|
if [ ! -d "$git_repo_dir" ]; then
|
||
|
>&2 echo "Supplied directory does not exist."
|
||
|
return 1
|
||
|
fi
|
||
|
if [[ -z "$branch" ]]; then
|
||
|
>&2 echo "No branch specified."
|
||
|
return 1
|
||
|
fi
|
||
|
if [[ -z "$repo_user" ]]; then
|
||
|
>&2 echo "No repo username specified."
|
||
|
return 1
|
||
|
fi
|
||
|
if [[ -z "$repo_name" ]]; then
|
||
|
>&2 echo "No repo name specified."
|
||
|
return 1
|
||
|
fi
|
||
|
if [[ ! -f "$api_token_file" ]]; then
|
||
|
>&2 echo "API token file does not exist."
|
||
|
return 1
|
||
|
fi
|
||
|
|
||
|
cd "$git_repo_dir"
|
||
|
head="$(git rev-parse HEAD)"
|
||
|
|
||
|
# Note that the tag_name below must match the tag name in the tag_head_and_push step
|
||
|
tee "release.json" > /dev/null <<EOF
|
||
|
{
|
||
|
"body": "BuildBot automated release for commit $head",
|
||
|
"draft": false,
|
||
|
"prerelease": false,
|
||
|
"name": "r_$head",
|
||
|
"tag_name": "g_$head"
|
||
|
}
|
||
|
EOF
|
||
|
|
||
|
curl -X POST "https://git.bitmessage.org/api/v1/repos/${repo_user}/${repo_name}/releases" \
|
||
|
-H "accept: application/json" \
|
||
|
-H "Content-Type: application/json" \
|
||
|
-H "Authorization: token $(cat $api_token_file)" \
|
||
|
-i \
|
||
|
-d "@release.json" > release_results.txt
|
||
|
|
||
|
cat release_results.txt | grep ^HTTP/ | grep 201 >/dev/null
|
||
|
if [ $? -ne 0 ]; then
|
||
|
>&2 echo "There was an error creating the release. Manual intervention is needed."
|
||
|
return 2
|
||
|
fi
|
||
|
|
||
|
tail -n 1 release_results.txt | jq .id | grep -P '^(\d)+$' >/dev/null
|
||
|
if [ $? -ne 0 ]; then
|
||
|
>&2 echo "There was an error creating the release. Manual intervention is needed."
|
||
|
return 2
|
||
|
fi
|
||
|
|
||
|
return 0
|
||
|
}
|
||
|
|
||
|
function upload_release_ipxe_lkrn() {
|
||
|
local ipxe_src_dir="$1"
|
||
|
local git_repo_dir="$2"
|
||
|
local branch="$3"
|
||
|
local repo_user="$4"
|
||
|
local repo_name="$5"
|
||
|
local api_token_file="$6"
|
||
|
|
||
|
if [ ! -d "$git_repo_dir" ]; then
|
||
|
>&2 echo "Supplied directory does not exist."
|
||
|
return 1
|
||
|
fi
|
||
|
if [[ -z "$branch" ]]; then
|
||
|
>&2 echo "No branch specified."
|
||
|
return 1
|
||
|
fi
|
||
|
if [[ -z "$repo_user" ]]; then
|
||
|
>&2 echo "No repo username specified."
|
||
|
return 1
|
||
|
fi
|
||
|
if [[ -z "$repo_name" ]]; then
|
||
|
>&2 echo "No repo name specified."
|
||
|
return 1
|
||
|
fi
|
||
|
if [[ ! -f "$api_token_file" ]]; then
|
||
|
>&2 echo "API token file does not exist."
|
||
|
return 1
|
||
|
fi
|
||
|
if [ ! -d "$ipxe_src_dir" ]; then
|
||
|
>&2 echo "IPXE supplied directory does not exist."
|
||
|
return 1
|
||
|
fi
|
||
|
if [[ ! -f "${ipxe_src_dir}/src/bin/ipxe.lkrn" ]]; then
|
||
|
>&2 echo "IPXE lkrn build file does not exist."
|
||
|
return 1
|
||
|
fi
|
||
|
if [[ ! -f "${ipxe_src_dir}/src/bin/ipxe.iso" ]]; then
|
||
|
>&2 echo "IPXE iso build file does not exist."
|
||
|
return 1
|
||
|
fi
|
||
|
if [[ ! -f "${ipxe_src_dir}/src/bin/SHA256SUMS" ]]; then
|
||
|
>&2 echo "IPXE sha256sums file does not exist."
|
||
|
return 1
|
||
|
fi
|
||
|
|
||
|
cd "$git_repo_dir"
|
||
|
|
||
|
cat release_results.txt | grep ^HTTP/ | grep 201 >/dev/null
|
||
|
if [ $? -ne 0 ]; then
|
||
|
>&2 echo "The release info from the curl step cannot be found."
|
||
|
return 2
|
||
|
fi
|
||
|
tail -n 1 release_results.txt | jq .id | grep -P '^(\d)+$' >/dev/null
|
||
|
if [ $? -ne 0 ]; then
|
||
|
>&2 echo "The release info from the curl step cannot be found."
|
||
|
return 2
|
||
|
fi
|
||
|
|
||
|
releaseid="$(tail -n 1 release_results.txt | jq .id)"
|
||
|
curl -X POST "https://git.bitmessage.org/api/v1/repos/${repo_user}/${repo_name}/releases/${releaseid}/assets?name=ipxe.lkrn" \
|
||
|
-H "accept: application/json" \
|
||
|
-H "Authorization: token $(cat $api_token_file)" \
|
||
|
-i \
|
||
|
-F "attachment=@${ipxe_src_dir}/src/bin/ipxe.lkrn" > release_lkrn.txt
|
||
|
|
||
|
cat release_lkrn.txt | grep ^HTTP/ | grep 201 >/dev/null
|
||
|
if [ $? -ne 0 ]; then
|
||
|
>&2 echo "The upload of ipxe.lkrn as a release attachment failed."
|
||
|
return 2
|
||
|
fi
|
||
|
tail -n 1 release_lkrn.txt | jq .id | grep -P '^(\d)+$' >/dev/null
|
||
|
if [ $? -ne 0 ]; then
|
||
|
>&2 echo "The upload of ipxe.lkrn as a release attachment failed."
|
||
|
return 2
|
||
|
fi
|
||
|
|
||
|
return 0
|
||
|
}
|
||
|
|
||
|
function upload_release_ipxe_iso() {
|
||
|
local ipxe_src_dir="$1"
|
||
|
local git_repo_dir="$2"
|
||
|
local branch="$3"
|
||
|
local repo_user="$4"
|
||
|
local repo_name="$5"
|
||
|
local api_token_file="$6"
|
||
|
|
||
|
if [ ! -d "$git_repo_dir" ]; then
|
||
|
>&2 echo "Supplied directory does not exist."
|
||
|
return 1
|
||
|
fi
|
||
|
if [[ -z "$branch" ]]; then
|
||
|
>&2 echo "No branch specified."
|
||
|
return 1
|
||
|
fi
|
||
|
if [[ -z "$repo_user" ]]; then
|
||
|
>&2 echo "No repo username specified."
|
||
|
return 1
|
||
|
fi
|
||
|
if [[ -z "$repo_name" ]]; then
|
||
|
>&2 echo "No repo name specified."
|
||
|
return 1
|
||
|
fi
|
||
|
if [[ ! -f "$api_token_file" ]]; then
|
||
|
>&2 echo "API token file does not exist."
|
||
|
return 1
|
||
|
fi
|
||
|
if [ ! -d "$ipxe_src_dir" ]; then
|
||
|
>&2 echo "IPXE supplied directory does not exist."
|
||
|
return 1
|
||
|
fi
|
||
|
if [[ ! -f "${ipxe_src_dir}/src/bin/ipxe.lkrn" ]]; then
|
||
|
>&2 echo "IPXE lkrn build file does not exist."
|
||
|
return 1
|
||
|
fi
|
||
|
if [[ ! -f "${ipxe_src_dir}/src/bin/ipxe.iso" ]]; then
|
||
|
>&2 echo "IPXE iso build file does not exist."
|
||
|
return 1
|
||
|
fi
|
||
|
if [[ ! -f "${ipxe_src_dir}/src/bin/SHA256SUMS" ]]; then
|
||
|
>&2 echo "IPXE sha256sums file does not exist."
|
||
|
return 1
|
||
|
fi
|
||
|
|
||
|
cd "$git_repo_dir"
|
||
|
|
||
|
cat release_results.txt | grep ^HTTP/ | grep 201 >/dev/null
|
||
|
if [ $? -ne 0 ]; then
|
||
|
>&2 echo "The release info from the curl step cannot be found."
|
||
|
return 2
|
||
|
fi
|
||
|
tail -n 1 release_results.txt | jq .id | grep -P '^(\d)+$' >/dev/null
|
||
|
if [ $? -ne 0 ]; then
|
||
|
>&2 echo "The release info from the curl step cannot be found."
|
||
|
return 2
|
||
|
fi
|
||
|
|
||
|
releaseid="$(tail -n 1 release_results.txt | jq .id)"
|
||
|
curl -X POST "https://git.bitmessage.org/api/v1/repos/${repo_user}/${repo_name}/releases/${releaseid}/assets?name=ipxe.iso" \
|
||
|
-H "accept: application/json" \
|
||
|
-H "Authorization: token $(cat $api_token_file)" \
|
||
|
-i \
|
||
|
-F "attachment=@${ipxe_src_dir}/src/bin/ipxe.iso" > release_iso.txt
|
||
|
|
||
|
cat release_iso.txt | grep ^HTTP/ | grep 201 >/dev/null
|
||
|
if [ $? -ne 0 ]; then
|
||
|
>&2 echo "The upload of ipxe.iso as a release attachment failed."
|
||
|
return 2
|
||
|
fi
|
||
|
tail -n 1 release_iso.txt | jq .id | grep -P '^(\d)+$' >/dev/null
|
||
|
if [ $? -ne 0 ]; then
|
||
|
>&2 echo "The upload of ipxe.iso as a release attachment failed."
|
||
|
return 2
|
||
|
fi
|
||
|
|
||
|
return 0
|
||
|
}
|
||
|
|
||
|
function upload_release_ipxe_shasums() {
|
||
|
local ipxe_src_dir="$1"
|
||
|
local git_repo_dir="$2"
|
||
|
local branch="$3"
|
||
|
local repo_user="$4"
|
||
|
local repo_name="$5"
|
||
|
local api_token_file="$6"
|
||
|
|
||
|
if [ ! -d "$git_repo_dir" ]; then
|
||
|
>&2 echo "Supplied directory does not exist."
|
||
|
return 1
|
||
|
fi
|
||
|
if [[ -z "$branch" ]]; then
|
||
|
>&2 echo "No branch specified."
|
||
|
return 1
|
||
|
fi
|
||
|
if [[ -z "$repo_user" ]]; then
|
||
|
>&2 echo "No repo username specified."
|
||
|
return 1
|
||
|
fi
|
||
|
if [[ -z "$repo_name" ]]; then
|
||
|
>&2 echo "No repo name specified."
|
||
|
return 1
|
||
|
fi
|
||
|
if [[ ! -f "$api_token_file" ]]; then
|
||
|
>&2 echo "API token file does not exist."
|
||
|
return 1
|
||
|
fi
|
||
|
if [ ! -d "$ipxe_src_dir" ]; then
|
||
|
>&2 echo "IPXE supplied directory does not exist."
|
||
|
return 1
|
||
|
fi
|
||
|
if [[ ! -f "${ipxe_src_dir}/src/bin/ipxe.lkrn" ]]; then
|
||
|
>&2 echo "IPXE lkrn build file does not exist."
|
||
|
return 1
|
||
|
fi
|
||
|
if [[ ! -f "${ipxe_src_dir}/src/bin/ipxe.iso" ]]; then
|
||
|
>&2 echo "IPXE iso build file does not exist."
|
||
|
return 1
|
||
|
fi
|
||
|
if [[ ! -f "${ipxe_src_dir}/src/bin/SHA256SUMS" ]]; then
|
||
|
>&2 echo "IPXE sha256sums file does not exist."
|
||
|
return 1
|
||
|
fi
|
||
|
|
||
|
cd "$git_repo_dir"
|
||
|
|
||
|
cat release_results.txt | grep ^HTTP/ | grep 201 >/dev/null
|
||
|
if [ $? -ne 0 ]; then
|
||
|
>&2 echo "The release info from the curl step cannot be found."
|
||
|
return 2
|
||
|
fi
|
||
|
tail -n 1 release_results.txt | jq .id | grep -P '^(\d)+$' >/dev/null
|
||
|
if [ $? -ne 0 ]; then
|
||
|
>&2 echo "The release info from the curl step cannot be found."
|
||
|
return 2
|
||
|
fi
|
||
|
|
||
|
releaseid="$(tail -n 1 release_results.txt | jq .id)"
|
||
|
curl -X POST "https://git.bitmessage.org/api/v1/repos/${repo_user}/${repo_name}/releases/${releaseid}/assets?name=SHA256SUMS" \
|
||
|
-H "accept: application/json" \
|
||
|
-H "Authorization: token $(cat $api_token_file)" \
|
||
|
-i \
|
||
|
-F "attachment=@${ipxe_src_dir}/src/bin/SHA256SUMS" > release_shasums.txt
|
||
|
|
||
|
cat release_shasums.txt | grep ^HTTP/ | grep 201 >/dev/null
|
||
|
if [ $? -ne 0 ]; then
|
||
|
>&2 echo "The upload of ipxe SHA256SUMS as a release attachment failed."
|
||
|
return 2
|
||
|
fi
|
||
|
tail -n 1 release_shasums.txt | jq .id | grep -P '^(\d)+$' >/dev/null
|
||
|
if [ $? -ne 0 ]; then
|
||
|
>&2 echo "The upload of ipxe SHA256SUMS as a release attachment failed."
|
||
|
return 2
|
||
|
fi
|
||
|
|
||
|
return 0
|
||
|
}
|