Create bash functions to act as buildbot steps for IPXE bins

This commit is contained in:
Max Weiss 2021-04-27 19:06:56 -07:00
parent 72327c4d67
commit c3a5620b90
Signed by untrusted user: maxweiss
GPG Key ID: C2D8443BA1D372DB
2 changed files with 482 additions and 31 deletions

482
buildbot/buildbot_steps.sh Executable file
View File

@ -0,0 +1,482 @@
#!/usr/bin/env bash
function clone_ipxe_upstream() {
local ipxe_src_dir="$1"
if [ -d "$ipxe_src_dir" ]; then
>&2 echo "Clone dir location already exists."
return 1
fi
git clone git://git.ipxe.org/ipxe.git "$ipxe_src_dir" || return 1
cd "$ipxe_src_dir"
# Known good commit
git checkout 56f7d44fde1d6ac196d115cc7dddd58e7ec098fa || return 1
return 0
}
function sed_enabled_ipxe_features() {
local ipxe_src_dir="$1"
if [ ! -d "$ipxe_src_dir" ] || [[ ! -f "${ipxe_src_dir}/src/config/general.h" ]]; then
>&2 echo "Either no IXPE src dir was supplied, or the supplied dir does not exist."
return 1
fi
sed -i 's/^\/\/\#define\ DOWNLOAD_PROTO_HTTPS/\#define\ DOWNLOAD_PROTO_HTTPS/g' "${ipxe_src_dir}/src/config/general.h"
sed -i 's/^\/\/\#define\ NSLOOKUP_CMD/\#define\ NSLOOKUP_CMD/g' "${ipxe_src_dir}/src/config/general.h"
sed -i 's/^\/\/\#define\ TIME_CMD/\#define\ TIME_CMD/g' "${ipxe_src_dir}/src/config/general.h"
sed -i 's/^\/\/\#define\ DIGEST_CMD/\#define\ DIGEST_CMD/g' "${ipxe_src_dir}/src/config/general.h"
sed -i 's/^\/\/\#define\ REBOOT_CMD/\#define\ REBOOT_CMD/g' "${ipxe_src_dir}/src/config/general.h"
sed -i 's/^\/\/\#define\ POWEROFF_CMD/\#define\ POWEROFF_CMD/g' "${ipxe_src_dir}/src/config/general.h"
sed -i 's/^\/\/\#define\ IMAGE_TRUST_CMD/\#define\ IMAGE_TRUST_CMD/g' "${ipxe_src_dir}/src/config/general.h"
sed -i 's/^\/\/\#define\ NTP_CMD/\#define\ NTP_CMD/g' "${ipxe_src_dir}/src/config/general.h"
sed -i 's/^\/\/\#define\ CERT_CMD/\#define\ CERT_CMD/g' "${ipxe_src_dir}/src/config/general.h"
sed -i 's/^\#undef\ DOWNLOAD_PROTO_HTTPS/\#define\ DOWNLOAD_PROTO_HTTPS/g' "${ipxe_src_dir}/src/config/general.h"
sed -i 's/^\#undef\ NSLOOKUP_CMD/\#define\ NSLOOKUP_CMD/g' "${ipxe_src_dir}/src/config/general.h"
sed -i 's/^\#undef\ TIME_CMD/\#define\ TIME_CMD/g' "${ipxe_src_dir}/src/config/general.h"
sed -i 's/^\#undef\ DIGEST_CMD/\#define\ DIGEST_CMD/g' "${ipxe_src_dir}/src/config/general.h"
sed -i 's/^\#undef\ REBOOT_CMD/\#define\ REBOOT_CMD/g' "${ipxe_src_dir}/src/config/general.h"
sed -i 's/^\#undef\ POWEROFF_CMD/\#define\ POWEROFF_CMD/g' "${ipxe_src_dir}/src/config/general.h"
sed -i 's/^\#undef\ IMAGE_TRUST_CMD/\#define\ IMAGE_TRUST_CMD/g' "${ipxe_src_dir}/src/config/general.h"
sed -i 's/^\#undef\ NTP_CMD/\#define\ NTP_CMD/g' "${ipxe_src_dir}/src/config/general.h"
sed -i 's/^\#undef\ CERT_CMD/\#define\ CERT_CMD/g' "${ipxe_src_dir}/src/config/general.h"
return 0
}
function make_ipxe_lkrn() {
local ipxe_src_dir="$1"
local embed_file="$2"
local signing_cert="$3"
local ca_cert="$4"
embed_file="$(realpath "${embed_file}")"
signing_cert="$(realpath "${signing_cert}")"
ca_cert="$(realpath "${ca_cert}")"
if [ ! -d "$ipxe_src_dir" ]; then
>&2 echo "IPXE supplied directory does not exist."
return 1
fi
if [[ ! -f "$embed_file" ]]; then
>&2 echo "IPXE embedded file does not exist."
return 1
fi
if [[ ! -f "$signing_cert" ]]; then
>&2 echo "IPXE signing cert does not exist."
return 1
fi
if [[ ! -f "${ca_cert}" ]]; then
>&2 echo "IPXE CA cert does not exist."
return 1
fi
cd "${ipxe_src_dir}/src/" || return 1
make bin/ipxe.lkrn EMBED="${embed_file}" CERT="${signing_cert},${ca_cert}" TRUST="${ca_cert}" || return 2
return 0
}
function make_ipxe_iso() {
local ipxe_src_dir="$1"
local embed_file="$2"
local signing_cert="$3"
local ca_cert="$4"
embed_file="$(realpath "${embed_file}")"
signing_cert="$(realpath "${signing_cert}")"
ca_cert="$(realpath "${ca_cert}")"
if [ ! -d "$ipxe_src_dir" ]; then
>&2 echo "IPXE supplied directory does not exist."
return 1
fi
if [[ ! -f "$embed_file" ]]; then
>&2 echo "IPXE embedded file does not exist."
return 1
fi
if [[ ! -f "$signing_cert" ]]; then
>&2 echo "IPXE signing cert does not exist."
return 1
fi
if [[ ! -f "${ca_cert}" ]]; then
>&2 echo "IPXE CA cert does not exist."
return 1
fi
cd "${ipxe_src_dir}/src/" || return 1
make bin/ipxe.iso EMBED="${embed_file}" CERT="${signing_cert},${ca_cert}" TRUST="${ca_cert}" || return 2
return 0
}
function make_ipxe_bin_shasums() {
local ipxe_src_dir="$1"
if [ ! -d "$ipxe_src_dir" ]; then
>&2 echo "IPXE supplied directory does not exist."
return 1
fi
if [[ ! -f "${ipxe_src_dir}/src/bin/ipxe.lkrn" ]]; then
>&2 echo "IPXE lkrn build file does not exist."
return 1
fi
if [[ ! -f "${ipxe_src_dir}/src/bin/ipxe.iso" ]]; then
>&2 echo "IPXE iso build file does not exist."
return 1
fi
cd "${ipxe_src_dir}/src/bin/" || return 1
sha256sum ipxe.lkrn ipxe.iso > SHA256SUMS || return 2
return 0
}
# Gitconfig needs to already be setup to allow automatic push.
# This function may not be called, and instead builtbot steps like GitTag will
# be used.
function tag_head_and_push() {
local git_repo_dir="$1"
local remote="$2"
local branch="$3"
if [ ! -d "$git_repo_dir" ]; then
>&2 echo "Supplied directory does not exist."
return 1
fi
if [[ -z "$remote" ]]; then
>&2 echo "No remote specified."
return 1
fi
if [[ -z "$branch" ]]; then
>&2 echo "No branch specified."
return 1
fi
cd "$git_repo_dir"
git tag -n | grep $(git rev-parse HEAD)
if [ $? -eq 0 ]; then
>&2 echo 'HEAD tag already exists, bailing out...'
return 1
fi
git tag -a "g_$(git rev-parse HEAD)" HEAD -m "BuildBot: tag commit for release $(git rev-parse HEAD)" || return 2
git push --tags "$remote" "$branch"
if [ $? -ne 0 ]; then
>&2 echo 'Error during attempted git push of new tag'
return 3
fi
return 0
}
function create_release() {
local git_repo_dir="$1"
local branch="$2"
local repo_user="$3"
local repo_name="$4"
local api_token_file="$5"
if [ ! -d "$git_repo_dir" ]; then
>&2 echo "Supplied directory does not exist."
return 1
fi
if [[ -z "$branch" ]]; then
>&2 echo "No branch specified."
return 1
fi
if [[ -z "$repo_user" ]]; then
>&2 echo "No repo username specified."
return 1
fi
if [[ -z "$repo_name" ]]; then
>&2 echo "No repo name specified."
return 1
fi
if [[ ! -f "$api_token_file" ]]; then
>&2 echo "API token file does not exist."
return 1
fi
cd "$git_repo_dir"
head="$(git rev-parse HEAD)"
# Note that the tag_name below must match the tag name in the tag_head_and_push step
tee "release.json" > /dev/null <<EOF
{
"body": "BuildBot automated release for commit $head",
"draft": false,
"prerelease": false,
"name": "r_$head",
"tag_name": "g_$head"
}
EOF
curl -X POST "https://git.bitmessage.org/api/v1/repos/${repo_user}/${repo_name}/releases" \
-H "accept: application/json" \
-H "Content-Type: application/json" \
-H "Authorization: token $(cat $api_token_file)" \
-i \
-d "@release.json" > release_results.txt
cat release_results.txt | grep ^HTTP/ | grep 201 >/dev/null
if [ $? -ne 0 ]; then
>&2 echo "There was an error creating the release. Manual intervention is needed."
return 2
fi
tail -n 1 release_results.txt | jq .id | grep -P '^(\d)+$' >/dev/null
if [ $? -ne 0 ]; then
>&2 echo "There was an error creating the release. Manual intervention is needed."
return 2
fi
return 0
}
function upload_release_ipxe_lkrn() {
local ipxe_src_dir="$1"
local git_repo_dir="$2"
local branch="$3"
local repo_user="$4"
local repo_name="$5"
local api_token_file="$6"
if [ ! -d "$git_repo_dir" ]; then
>&2 echo "Supplied directory does not exist."
return 1
fi
if [[ -z "$branch" ]]; then
>&2 echo "No branch specified."
return 1
fi
if [[ -z "$repo_user" ]]; then
>&2 echo "No repo username specified."
return 1
fi
if [[ -z "$repo_name" ]]; then
>&2 echo "No repo name specified."
return 1
fi
if [[ ! -f "$api_token_file" ]]; then
>&2 echo "API token file does not exist."
return 1
fi
if [ ! -d "$ipxe_src_dir" ]; then
>&2 echo "IPXE supplied directory does not exist."
return 1
fi
if [[ ! -f "${ipxe_src_dir}/src/bin/ipxe.lkrn" ]]; then
>&2 echo "IPXE lkrn build file does not exist."
return 1
fi
if [[ ! -f "${ipxe_src_dir}/src/bin/ipxe.iso" ]]; then
>&2 echo "IPXE iso build file does not exist."
return 1
fi
if [[ ! -f "${ipxe_src_dir}/src/bin/SHA256SUMS" ]]; then
>&2 echo "IPXE sha256sums file does not exist."
return 1
fi
cd "$git_repo_dir"
cat release_results.txt | grep ^HTTP/ | grep 201 >/dev/null
if [ $? -ne 0 ]; then
>&2 echo "The release info from the curl step cannot be found."
return 2
fi
tail -n 1 release_results.txt | jq .id | grep -P '^(\d)+$' >/dev/null
if [ $? -ne 0 ]; then
>&2 echo "The release info from the curl step cannot be found."
return 2
fi
releaseid="$(tail -n 1 release_results.txt | jq .id)"
curl -X POST "https://git.bitmessage.org/api/v1/repos/${repo_user}/${repo_name}/releases/${releaseid}/assets?name=ipxe.lkrn" \
-H "accept: application/json" \
-H "Authorization: token $(cat $api_token_file)" \
-i \
-F "attachment=@${ipxe_src_dir}/src/bin/ipxe.lkrn" > release_lkrn.txt
cat release_lkrn.txt | grep ^HTTP/ | grep 201 >/dev/null
if [ $? -ne 0 ]; then
>&2 echo "The upload of ipxe.lkrn as a release attachment failed."
return 2
fi
tail -n 1 release_lkrn.txt | jq .id | grep -P '^(\d)+$' >/dev/null
if [ $? -ne 0 ]; then
>&2 echo "The upload of ipxe.lkrn as a release attachment failed."
return 2
fi
return 0
}
function upload_release_ipxe_iso() {
local ipxe_src_dir="$1"
local git_repo_dir="$2"
local branch="$3"
local repo_user="$4"
local repo_name="$5"
local api_token_file="$6"
if [ ! -d "$git_repo_dir" ]; then
>&2 echo "Supplied directory does not exist."
return 1
fi
if [[ -z "$branch" ]]; then
>&2 echo "No branch specified."
return 1
fi
if [[ -z "$repo_user" ]]; then
>&2 echo "No repo username specified."
return 1
fi
if [[ -z "$repo_name" ]]; then
>&2 echo "No repo name specified."
return 1
fi
if [[ ! -f "$api_token_file" ]]; then
>&2 echo "API token file does not exist."
return 1
fi
if [ ! -d "$ipxe_src_dir" ]; then
>&2 echo "IPXE supplied directory does not exist."
return 1
fi
if [[ ! -f "${ipxe_src_dir}/src/bin/ipxe.lkrn" ]]; then
>&2 echo "IPXE lkrn build file does not exist."
return 1
fi
if [[ ! -f "${ipxe_src_dir}/src/bin/ipxe.iso" ]]; then
>&2 echo "IPXE iso build file does not exist."
return 1
fi
if [[ ! -f "${ipxe_src_dir}/src/bin/SHA256SUMS" ]]; then
>&2 echo "IPXE sha256sums file does not exist."
return 1
fi
cd "$git_repo_dir"
cat release_results.txt | grep ^HTTP/ | grep 201 >/dev/null
if [ $? -ne 0 ]; then
>&2 echo "The release info from the curl step cannot be found."
return 2
fi
tail -n 1 release_results.txt | jq .id | grep -P '^(\d)+$' >/dev/null
if [ $? -ne 0 ]; then
>&2 echo "The release info from the curl step cannot be found."
return 2
fi
releaseid="$(tail -n 1 release_results.txt | jq .id)"
curl -X POST "https://git.bitmessage.org/api/v1/repos/${repo_user}/${repo_name}/releases/${releaseid}/assets?name=ipxe.iso" \
-H "accept: application/json" \
-H "Authorization: token $(cat $api_token_file)" \
-i \
-F "attachment=@${ipxe_src_dir}/src/bin/ipxe.iso" > release_iso.txt
cat release_iso.txt | grep ^HTTP/ | grep 201 >/dev/null
if [ $? -ne 0 ]; then
>&2 echo "The upload of ipxe.iso as a release attachment failed."
return 2
fi
tail -n 1 release_iso.txt | jq .id | grep -P '^(\d)+$' >/dev/null
if [ $? -ne 0 ]; then
>&2 echo "The upload of ipxe.iso as a release attachment failed."
return 2
fi
return 0
}
function upload_release_ipxe_shasums() {
local ipxe_src_dir="$1"
local git_repo_dir="$2"
local branch="$3"
local repo_user="$4"
local repo_name="$5"
local api_token_file="$6"
if [ ! -d "$git_repo_dir" ]; then
>&2 echo "Supplied directory does not exist."
return 1
fi
if [[ -z "$branch" ]]; then
>&2 echo "No branch specified."
return 1
fi
if [[ -z "$repo_user" ]]; then
>&2 echo "No repo username specified."
return 1
fi
if [[ -z "$repo_name" ]]; then
>&2 echo "No repo name specified."
return 1
fi
if [[ ! -f "$api_token_file" ]]; then
>&2 echo "API token file does not exist."
return 1
fi
if [ ! -d "$ipxe_src_dir" ]; then
>&2 echo "IPXE supplied directory does not exist."
return 1
fi
if [[ ! -f "${ipxe_src_dir}/src/bin/ipxe.lkrn" ]]; then
>&2 echo "IPXE lkrn build file does not exist."
return 1
fi
if [[ ! -f "${ipxe_src_dir}/src/bin/ipxe.iso" ]]; then
>&2 echo "IPXE iso build file does not exist."
return 1
fi
if [[ ! -f "${ipxe_src_dir}/src/bin/SHA256SUMS" ]]; then
>&2 echo "IPXE sha256sums file does not exist."
return 1
fi
cd "$git_repo_dir"
cat release_results.txt | grep ^HTTP/ | grep 201 >/dev/null
if [ $? -ne 0 ]; then
>&2 echo "The release info from the curl step cannot be found."
return 2
fi
tail -n 1 release_results.txt | jq .id | grep -P '^(\d)+$' >/dev/null
if [ $? -ne 0 ]; then
>&2 echo "The release info from the curl step cannot be found."
return 2
fi
releaseid="$(tail -n 1 release_results.txt | jq .id)"
curl -X POST "https://git.bitmessage.org/api/v1/repos/${repo_user}/${repo_name}/releases/${releaseid}/assets?name=SHA256SUMS" \
-H "accept: application/json" \
-H "Authorization: token $(cat $api_token_file)" \
-i \
-F "attachment=@${ipxe_src_dir}/src/bin/SHA256SUMS" > release_shasums.txt
cat release_shasums.txt | grep ^HTTP/ | grep 201 >/dev/null
if [ $? -ne 0 ]; then
>&2 echo "The upload of ipxe SHA256SUMS as a release attachment failed."
return 2
fi
tail -n 1 release_shasums.txt | jq .id | grep -P '^(\d)+$' >/dev/null
if [ $? -ne 0 ]; then
>&2 echo "The upload of ipxe SHA256SUMS as a release attachment failed."
return 2
fi
return 0
}

View File

@ -1,31 +0,0 @@
#!/usr/bin/env bash
if [[ ! $1 ]]; then
>&2 echo "No IPXE repo directory was supplied as an argument."
exit 1
fi
# Enable required IPXE features
sed -i 's/^\/\/\#define\ DOWNLOAD_PROTO_HTTPS/\#define\ DOWNLOAD_PROTO_HTTPS/g' "${1}/src/config/general.h"
sed -i 's/^\/\/\#define\ NSLOOKUP_CMD/\#define\ NSLOOKUP_CMD/g' "${1}/src/config/general.h"
sed -i 's/^\/\/\#define\ TIME_CMD/\#define\ TIME_CMD/g' "${1}/src/config/general.h"
sed -i 's/^\/\/\#define\ DIGEST_CMD/\#define\ DIGEST_CMD/g' "${1}/src/config/general.h"
sed -i 's/^\/\/\#define\ REBOOT_CMD/\#define\ REBOOT_CMD/g' "${1}/src/config/general.h"
sed -i 's/^\/\/\#define\ POWEROFF_CMD/\#define\ POWEROFF_CMD/g' "${1}/src/config/general.h"
sed -i 's/^\/\/\#define\ IMAGE_TRUST_CMD/\#define\ IMAGE_TRUST_CMD/g' "${1}/src/config/general.h"
sed -i 's/^\/\/\#define\ NTP_CMD/\#define\ NTP_CMD/g' "${1}/src/config/general.h"
sed -i 's/^\/\/\#define\ CERT_CMD/\#define\ CERT_CMD/g' "${1}/src/config/general.h"
sed -i 's/^\#undef\ DOWNLOAD_PROTO_HTTPS/\#define\ DOWNLOAD_PROTO_HTTPS/g' "${1}/src/config/general.h"
sed -i 's/^\#undef\ NSLOOKUP_CMD/\#define\ NSLOOKUP_CMD/g' "${1}/src/config/general.h"
sed -i 's/^\#undef\ TIME_CMD/\#define\ TIME_CMD/g' "${1}/src/config/general.h"
sed -i 's/^\#undef\ DIGEST_CMD/\#define\ DIGEST_CMD/g' "${1}/src/config/general.h"
sed -i 's/^\#undef\ REBOOT_CMD/\#define\ REBOOT_CMD/g' "${1}/src/config/general.h"
sed -i 's/^\#undef\ POWEROFF_CMD/\#define\ POWEROFF_CMD/g' "${1}/src/config/general.h"
sed -i 's/^\#undef\ IMAGE_TRUST_CMD/\#define\ IMAGE_TRUST_CMD/g' "${1}/src/config/general.h"
sed -i 's/^\#undef\ NTP_CMD/\#define\ NTP_CMD/g' "${1}/src/config/general.h"
sed -i 's/^\#undef\ CERT_CMD/\#define\ CERT_CMD/g' "${1}/src/config/general.h"