-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathcreate-aptly-repos.sh
executable file
·159 lines (136 loc) · 4.71 KB
/
create-aptly-repos.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
#!/bin/bash
set -eu
project="${1?}"
prefix="${2?}"
prefix_print="$prefix"
list_file_target="${project}.list"
# Data we expect from GHA env but give defaults for here that disable the feature to ease development.
# (GHA sets them to an empty value if not given instead of not setting them)
REPO_URL="${REPO_URL:-}"
GENERATE_REPO_LIST="${GENERATE_REPO_LIST:-"true"}"
GPG_KEY_ID="${GPG_KEY_ID:-}"
GPG_EXPORT_NAME="${GPG_EXPORT_NAME:-}"
# Contract a no-prefix prefix for printing purposes
if [[ "$(basename $prefix)" == "." ]]; then
prefix_print=""
else
# Only add the URL to prefix divider slash if we have a prefix
prefix_print="/${prefix}"
fi
function repo_list_line(){
local distribution="${1?}"
local component="${2?}"
local archs="${3?}"
local signed_by=""
if [[ "$GPG_EXPORT_NAME" != "" ]]; then
signed_by="signed-by=/etc/apt/trusted.gpg.d/${GPG_EXPORT_NAME}"
fi
echo "# Example for enabling only the ${component} component on ${distribution}: " >> "$list_file_target"
echo "deb [arch=${archs} ${signed_by}] ${REPO_URL}${prefix_print} ${distribution} ${component}" >> "$list_file_target"
}
## Read the repodef csv from stdin
readarray -t csv
## Canonicalize csv input
shopt -s extglob
# Strip whitespace
csv=( "${csv[@]/#+([[:blank:]])/}" )
csv=( "${csv[@]/%+([[:blank:]])/}" )
# Drop unwanted lines
for i in "${!csv[@]}"; do
if [[ "${csv[i]}" =~ ^#.* ]];then # skip comments
unset 'csv[i]'
continue
fi
if [[ "${csv[i]}" =~ ^[[:space:]]*$ ]]; then # skip empty lines
unset 'csv[i]'
continue
fi
done
>&2 echo "Canonicalized input;"
for repoline in "${csv[@]}"; do
echo "repodef: ${repoline}"
done
# Check column count
columncount="$(printf -- '%s\n' "${csv[@]}" | xsv slice --no-headers -i 0 | xsv flatten --no-headers | wc -l)"
if [[ "$columncount" != 5 ]]; then
>&2 echo "Wrong number of columns in repo definitions, forgot to escape arch list quoting?"
exit 1
fi
## Create repos
>&2 echo "Creating repos:"
if [[ "$REPO_URL" != "" && "$GENERATE_REPO_LIST" == "true" ]]; then
echo "# You probably want to use only one of the examples below!" > "$list_file_target"
fi
for repoline in "${csv[@]}"; do
distribution=$(echo "$repoline" | xsv select 1)
component=$(echo "$repoline" | xsv select 2)
archs=$(echo "$repoline" | xsv select 3 | tr -d \")
import=$(echo "$repoline" | xsv select 4)
debglob=$(echo "$repoline" | xsv select 5)
slug="${project}-${distribution}-${component}"
( set -x; aptly repo create \
-distribution="$distribution" \
-component="$component" \
-architectures="$archs" \
"$slug" )
# Check if component is one to extend before we add new debs
if [[ "$REPO_URL" != "" && "$import" == "true" ]]; then
>&2 echo "Import is on for $slug, creating & importing from mirror $REPO_URL"
set -x
aptly mirror create \
-keyring=~/.gnupg/pubring.kbx \
"mirror-${slug}" \
"$REPO_URL" \
"$distribution" "$component"
aptly mirror update \
-keyring=~/.gnupg/pubring.kbx \
"mirror-${slug}"
aptly repo import \
"mirror-${slug}" \
"$slug" \
Name # Wildcard to accept any package
set +x
fi
repo_size="$(aptly repo show -json -with-packages "$slug" | jq .Packages | jq length)"
>&2 echo "Resolving glob '$debglob' to packages.."
# Add new debs, if we expect to find any
debs=($(compgen -G "$debglob" || echo ""))
if [[ "${#debs[@]}" -lt 1 ]]; then
>&2 echo "The glob '$debglob' did not match any files."
if [[ "$repo_size" -lt 1 ]]; then
>&2 echo "There was no previous import into the '$slug' repo and it's empty, refusing to continue with no packages!"
exit 1
fi
fi
for deb in "${debs[@]}"; do
>&2 echo "Matched deb: $deb"
( set -x; aptly repo add "$slug" "$deb" )
done
if [[ "$REPO_URL" != "" && "$GENERATE_REPO_LIST" == "true" ]]; then
repo_list_line "$distribution" "$component" "$archs"
fi
done
## Publish repos per distribution
distros=($(printf -- '%s\n' "${csv[@]}" | xsv select 1 | sort -u | xargs))
>&2 echo "Publishing distros: ${distros[@]}"
publish_options=(-multi-dist)
if [[ "$GPG_KEY_ID" == "" ]]; then
echo "::warning title=The input gpg_private_key has not been defined or is empty.::\
Omitting gpg_private_key means the repo will NOT be signed and is not useful outside of local testing."
publish_options+=(-skip-signing)
fi
for distribution in ${distros[@]}; do
comps=($(printf -- '%s\n' "${csv[@]}" | xsv search --select 1 "$distribution" | xsv select 2 | sort -u | xargs))
>&2 echo "Publishing for $distribution the following components: ${comps[@]}"
printf -v components '%s,' "${comps[@]}"
repos=()
for comp in "${comps[@]}"; do
repos+=("${project}-${distribution}-${comp}")
done
( set -x; aptly publish repo \
${publish_options[@]} \
-component="${components::-1}" \
-distribution="${distribution}" \
"${repos[@]}" \
"${prefix}" )
done