diff options
| author | Ivan Alejandro <ivanalejandro0@gmail.com> | 2015-02-26 12:17:49 -0300 |
|---|---|---|
| committer | Ivan Alejandro <ivanalejandro0@gmail.com> | 2015-02-27 14:42:18 -0300 |
| commit | 2db203ff98b947db0db9adcaa47b637a18b05a0d (patch) | |
| tree | c3e68970f9fd8fe11f7bd059bc8e5ed90bbaef41 | |
| parent | 5d3b5b51b1a892586b86a3f333f9beba08f49b33 (diff) | |
Run the TUF repo updater in a Docker container.
| -rw-r--r-- | tuf/Dockerfile | 15 | ||||
| -rw-r--r-- | tuf/README.md | 29 | ||||
| -rwxr-xr-x | tuf/tuf-stuff.sh (renamed from tuf-stuff.sh) | 41 |
3 files changed, 50 insertions, 35 deletions
diff --git a/tuf/Dockerfile b/tuf/Dockerfile new file mode 100644 index 0000000..c556495 --- /dev/null +++ b/tuf/Dockerfile @@ -0,0 +1,15 @@ +FROM debian:8 + +MAINTAINER Ivan Alejandro <ivanalejandro0@gmail.com> + +RUN DEBIAN_FRONTEND=noninteractive apt-get update && apt-get install -y \ + wget python-dev python-pip libssl-dev libffi-dev + +RUN pip install tuf[tools] pycrypto + +ADD tuf-stuff.sh / +ADD release.py / + +WORKDIR /code + +ENTRYPOINT ["/tuf-stuff.sh"] diff --git a/tuf/README.md b/tuf/README.md new file mode 100644 index 0000000..52b45c5 --- /dev/null +++ b/tuf/README.md @@ -0,0 +1,29 @@ +Using the TUF repository updater +================================ + +Usage example (for stable): + +``` +$ docker build -t test/tuf . # build the image, run this inside the Dockerfile directory +$ mkdir bundle.stuff/ +$ cd bundle.stuff/ +$ cp /some/path/Bitmask-linux{32,64}-0.8.1.tar.bz2 . +$ cp /some/path/tuf_private_key.pem . +$ docker run -t -i --rm -v `pwd`:/code/ test/tuf-stuff -v 0.8.1 -a 32 -k tuf_private_key.pem -R S +$ docker run -t -i --rm -v `pwd`:/code/ test/tuf-stuff -v 0.8.1 -a 64 -k tuf_private_key.pem -R S +``` + +Usage example (for unstable): + +``` +$ docker build -t test/tuf . # build the image, run this inside the Dockerfile directory +$ mkdir bundle.stuff/ +$ cd bundle.stuff/ +$ cp /some/path/Bitmask-linux{32,64}-0.9.0rc1.tar.bz2 . +$ cp /some/path/tuf_private_key_unstable.pem . +$ docker run -t -i --rm -v `pwd`:/code/ test/tuf-stuff -v 0.9.0rc1 -a 32 -k tuf_private_key_unstable.pem -R U +$ docker run -t -i --rm -v `pwd`:/code/ test/tuf-stuff -v 0.9.0rc1 -a 64 -k tuf_private_key_unstable.pem -R U +``` + + +You'll find the output tuf repo on `./workdir/output/`. diff --git a/tuf-stuff.sh b/tuf/tuf-stuff.sh index b8de3f3..e7e4f5a 100755 --- a/tuf-stuff.sh +++ b/tuf/tuf-stuff.sh @@ -7,8 +7,8 @@ # tuf-stuff.sh # this script # Output: -# workdir/ <-- temporary folder: virtualenv, bundle, repo.tar.gz, key -# output/ <-- here you'll find the resulting compressed repo/bundle +# workdir/ <-- temporary folder: virtualenv, bundle, repo.tar.gz, key +# └── output/ <-- here you'll find the resulting compressed repo/bundle # Expected directory structure for the repo after the script finishes: @@ -35,14 +35,13 @@ cc_normal="${esc}[39m" show_help() { cat << EOF -Usage: ${0##*/} [-h] [-r FILE] [-s] [-a (32|64)] -v VERSION -k KEY_FILE -R (S|U) +Usage: ${0##*/} [-h] [-r FILE] [-a (32|64)] -v VERSION -k KEY_FILE -R (S|U) Do stuff for version VERSION and arch ARCH. -h display this help and exit. -a ARCH do the tuf stuff for that ARCH, 32 or 64 bits. The default is '64'. -k KEY_FILE use this key file to sign the release -r FILE use particular repo/ file to do the tuf stuff. FILE must be a .tar.gz file. - -s run the setup process, create virtualenv and install dependencies. -v VERSION version to work with. This is a mandatory argument. -R REPO use the (S)table or (U)nstable TUF web repo. EOF @@ -53,9 +52,8 @@ get_args() { local OPTIND ARCH="64" - SETUP="NO" - while getopts "hr:sv:a:k:R:" opt; do + while getopts "hr:v:a:k:R:" opt; do case "$opt" in h) show_help @@ -65,8 +63,6 @@ get_args() { ;; r) REPO=`realpath $OPTARG` ;; - s) SETUP='YES' - ;; k) KEY_FILE=`realpath $OPTARG` ;; a) ARCH=$OPTARG @@ -107,7 +103,6 @@ get_args() { echo "Arch: $ARCH" echo "Key: $KEY_FILE" echo "Repo: $REPO" - echo "Setup: $SETUP" echo "Version: $VERSION" echo "Web repo: $WEB_REPO" echo "--------------------" @@ -121,10 +116,9 @@ do_init(){ BASE=`pwd` WORKDIR=$BASE/workdir - VENVDIR=$WORKDIR/tuf.venv BITMASK="Bitmask-linux$ARCH-$VERSION" - RELEASE=$BASE/release.py + RELEASE=/release.py if [[ ! -f $RELEASE ]]; then echo "ERROR: you need to copy the release.py file into this directory." @@ -138,19 +132,6 @@ do_init(){ mkdir -p $WORKDIR } -do_setup() { - # Create a clean virtualenv and install the needed dependencies. - echo "${cc_yellow}-> Setting up virtualenv and installing dependencies...${cc_normal}" - cd $WORKDIR - - # remove existing virtualenv - [[ -d $VENVDIR ]] && rm -fr $VENVDIR - - virtualenv $VENVDIR - source $VENVDIR/bin/activate - pip install tuf[tools] pycrypto -} - do_tuf_stuff() { cd $WORKDIR cp $BASE/$BITMASK.tar.bz2 . @@ -197,23 +178,13 @@ do_tuf_stuff() { tar cjf output/$BITMASK-tuf.tar.bz2 repo/ } - get_args $@ do_init -if [[ $SETUP == 'YES' ]]; then - do_setup -else - if [[ ! -f $VENVDIR/bin/activate ]]; then - echo "${cc_red}Error:${cc_normal} missing virtualenv, you need to use the -s switch." - exit 1 - fi - source $VENVDIR/bin/activate -fi - do_tuf_stuff echo "${cc_green}TUF release complete.${cc_normal}" echo "You can find the resulting file in:" echo "$WORKDIR/output/$BITMASK-tuf.tar.bz2" +sha256sum $WORKDIR/output/$BITMASK-tuf.tar.bz2 |