paulmataruso/zulip
1
0
Fork 0
mirror of https://github.com/zulip/zulip.git synced 2025-10-31 03:53:50 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
3b60b2544685eb6b99edefdd7bed38c9a7758d73
zulip/scripts/lib/setup-apt-repo
Alex Vandiver f3eea72c2a setup: Merge multiple setup-apt-repo scripts into one. 
This moves the `.asc` files into subdirectories, and writes out the
according `.list` files into them.  It moves from templates to
written-out `.list` files for clarity and ease of
implementation (Debian and Ubuntu need different templates for
`zulip`), and as a way of making explicit which releases are supported
for each list.  For the special-case of the PGroonga signing key, we
source an additional file within the directory.

This simplifies the process for adding another class of `.list` file.
2021-05-26 14:42:29 -07:00

112 lines
3.2 KiB
Bash
Executable File
Raw Blame History

#!/usr/bin/env bash
#
# This script handles adding custom apt repositories into
# /etc/apt/sources.list.d/ files. It bundles the GPG keys which are
# used to verify the repositories (via `apt-key`), to explicitly pin
# the trusted signing keys, as opposed to blindly trusting HTTPS.
#
# Each /etc/apt/soruces.list.d/foo.list file is created via `--list
# foo`, where `foo` defaults to `zulip`. The default `zulip.list` is
# installed in `scripts/lib/install` / `tools/lib/provision.py`, and
# other `.list` files may be installed by Puppet.
set -x
set -e
set -u
set -o pipefail
verify=false
args="$(getopt -o '' --long verify,list: -- "$@")"
eval "set -- $args"
LIST=zulip
while true; do
case "$1" in
--verify)
verify=true
shift
;;
--list)
LIST="$2"
shift
shift
;;
--)
shift
break
;;
esac
done
# Ensure the directory for LAST_DEPENDENCIES_HASH exists
mkdir -p /var/lib/zulip
SOURCES_FILE=/etc/apt/sources.list.d/$LIST.list
STAMP_FILE=/etc/apt/sources.list.d/$LIST.list.apt-update-in-progress
ZULIP_SCRIPTS="$(cd "$(dirname "$(dirname "$0")")" && pwd)"
LIST_PATH="$ZULIP_SCRIPTS/setup/apt-repos/$LIST"
if ! [ -d "$LIST_PATH" ]; then
echo "Not a valid value for --list: '$LIST'"
echo ""
echo "Valid values are:"
ls -1 "$ZULIP_SCRIPTS/setup/apt-repos/"
exit 1
fi
DEPENDENCIES_HASH=$(sha1sum "$LIST_PATH/"*.asc "$0")
DEPENDENCIES_HASH_FILE="/var/lib/zulip/setup-repositories-state-$LIST"
# Ensure that DEPENDENCIES_HASH_FILE exists before hashing it.
touch "$DEPENDENCIES_HASH_FILE"
LAST_DEPENDENCIES_HASH="$(cat "$DEPENDENCIES_HASH_FILE")"
# First, we only do anything in setup-apt-repo if any of its inputs
# (apt keys, code, etc.) changed.
if [ "$DEPENDENCIES_HASH" = "$LAST_DEPENDENCIES_HASH" ]; then
exit 0
elif [ "$verify" == true ]; then
exit 1
fi
# Ensure that the sources file exists
touch "$SOURCES_FILE"
# Hash it to check if the sources file is changed by the script later.
zulip_source_hash=$(sha1sum "$SOURCES_FILE")
pre_setup_deps=(lsb-release apt-transport-https ca-certificates gnupg wget)
if ! apt-get -dy install "${pre_setup_deps[@]}"; then
apt-get update
fi
apt-get -y install "${pre_setup_deps[@]}"
release=$(lsb_release -sc)
if [ -f "$LIST_PATH/$release.list" ]; then
apt-key add "$LIST_PATH/"*.asc
cp "$LIST_PATH/$release.list" "$SOURCES_FILE"
else
cat <<EOF
Unsupported release $release for sources.list file $LIST. To add a
new release, make a $LIST_PATH/$release.list file based on existing
.list files in that directory.
EOF
exit 1
fi
if [ -e "$LIST_PATH/custom.sh" ]; then
export LIST_PATH
export STAMP_FILE
bash "$LIST_PATH/custom.sh"
fi
if [ "$zulip_source_hash" = "$(sha1sum "$SOURCES_FILE")" ] && ! [ -e "$STAMP_FILE" ]; then
echo "zulip.list file did not change; skipping apt-get update"
else
# We create this stamp file to ensure `apt-get update` will be run
# the next time this script is invoked, and each time after, until
# `apt-get update` finishes successfully.
touch "$STAMP_FILE"
apt-get update && rm -f "$STAMP_FILE"
fi
echo "$DEPENDENCIES_HASH" >"$DEPENDENCIES_HASH_FILE"
Reference in New Issue View Git Blame Copy Permalink