From f852d5876b8c0be70e3686efd4f0a005dbb53648 Mon Sep 17 00:00:00 2001 From: bill-auger Date: Mon, 19 Jul 2021 17:06:58 -0400 Subject: wip - multiple concerns --- src/librefetch/librefetch | 143 ++++++++++++++++++++++++++++------------------ 1 file changed, 87 insertions(+), 56 deletions(-) (limited to 'src/librefetch/librefetch') diff --git a/src/librefetch/librefetch b/src/librefetch/librefetch index 19e6559..e9f07eb 100755 --- a/src/librefetch/librefetch +++ b/src/librefetch/librefetch @@ -36,6 +36,8 @@ source "$(librelib conf)" source "$(librelib messages)" +readonly SKIP_CREATE_SIGNATURE=1 # TODO: CLI option + setup_traps trap 'rm -f -- "${tmpfiles[@]}"; rm -rf -- "${tmpdirs[@]}"' EXIT @@ -50,39 +52,36 @@ usage() { print "Downloads or creates a liberated source tarball." echo prose "The default mode is to create OUTPUT_FILE, first by trying - download mode, then create mode." - echo - prose "If OUTPUT_FILE isn't specified, it defaults to the non-directory - part of SOURCE_URL, in the current directory." + 'download' mode, then 'create' mode." echo - prose "Unless '-C' is specified, if SOURCE_URL does not begin with a - configured mirror, create mode is inhibited." + prose "If no OUTPUT_FILE is specified, it defaults to the same filename + as SOURCE_URL, in the current directory. + The OUTPUT_FILE will be generated only if SOURCE_URL points to + a configured mirrorm or if the '-C' option given." echo - prose "In download mode, it simply tries to download SOURCE_URL. At the - beginning of a URL, 'libre://' expands to the first configured - mirror." + prose "In 'download' mode, the SOURCE_URL is fetched. A URL specifying the + 'libre://' protocol, expands to the first configured mirror." echo - prose "In create mode, it either looks at a build script and uses that - to create the source tarball, or it uses GPG to create a - signature (if OUTPUT_FILE ends with \`.sig\` or \`.sig.part\`). - If it is using GPG to create a signature, but the file which it is - trying to sign doesn't exist yet, it recurses on itself to first - create that file. SOURCE_URL is ignored, except that it is used - to set the default value of OUTPUT_FILE, and that it may be used - when recursing." + prose "In 'create' mode, the build recipe is sourced; and the libre + source-ball is generated using the 'mksource' sources, unless + OUTPUT_FILE indicates a signature file (\`*.sig\` or \`*.sig.part\`). + In the case of a signature file, the newly generated libre source-ball + is signed with GPG, unless the corrsponoding libre source-ball does + not yet exist. In that case, the script recurses on itself, to firstly + create the libre source-ball. SOURCE_URL is ignored in that case, + but is passed to the recursive call." echo prose "The default build script is 'PKGBUILD', or 'SRCBUILD' if it exists." echo - prose "Other options, if they are valid \`makepkg\` options, are passed - straight to makepkg." + prose "Valid \`makepkg\` options may be given, and will be passed to makepkg." echo print "Example usage:" print ' $ %s https://repo.parabola.nu/other/mypackage/mypackage-1.0.tar.gz' "$cmd" echo flag 'Options (behavior):' \ - "-C" "Force create mode (don't download)" \ - "-D" "Force download mode (don't create)" \ + "-C" "Force 'create' mode (don't download)" \ + "-D" "Force 'download' mode (don't create)" \ "-p <$(_ FILE)>" "Use an alternate build script (instead of 'PKGBUILD'). If an SRCBUILD exists in the same directory, it is used instead" @@ -108,6 +107,8 @@ main() { } doit() { +DBG "librefetch::doit() mode=$mode" + # Mode: help ########################################################### if [[ $mode =~ help ]]; then @@ -178,7 +179,7 @@ doit() { if [[ $mode =~ download ]]; then load_conf librefetch.conf MIRRORS DOWNLOADER || exit - # Canonicalize $src + # Canonicalize $src (libre:// faux protocol) if [[ "$src" == libre://* ]]; then src="${MIRRORS[0]}/${src#libre://}" fi @@ -202,12 +203,12 @@ doit() { dlcmd="${dlcmd//\%o/\"\$dst\"}" dlcmd="${dlcmd//\%u/\"\$src\"}" -#DBG "librefetch::doit() mode==download dlcmd=$dlcmd" +DBG "librefetch::doit(download) mode==download dlcmd=%s" "$(sed "s|\"\$dst\"|\"$dst\"| ; s|\"\$src\"|\"$src\"|" <<<$dlcmd)" if { eval "$dlcmd"; } >&2; then exit $EXIT_SUCCESS fi -#DBG "librefetch::doit() we did not exit success inmirror=$inmirror" +DBG "librefetch::doit(download) \$dlcmd failed - inmirror=$inmirror mode=$mode" fi # Mode: create ######################################################### @@ -216,34 +217,52 @@ doit() { # The recursive `makepkg` invokation processes a modified PKGBUILD (per PKGBUILD_APPEND). if [[ $mode =~ create ]]; then - local base_dst=${dst%.part} - local suffix=${dst#"$base_dst"} - local src_missing_msg="Libre source not found. Attempting to create it from upstream sources." - local done_msg="Libre source created successfully" + local final_dst="${dst%.part}" + local suffix=${dst#"$final_dst"} + local src_missing_msg="Libre source-ball not found. Attempting to create it from upstream sources." + local done_msg="Libre source-ball created successfully" + +DBG "librefetch::doit(create) dst=$dst final_dst=$final_dst suffix=$suffix" ; # DBG "PKGBUILD=" ; cat $srcbuild ; -DBG "librefetch::doit(create) dst=$dst base_dst=${base_dst} suffix=$suffix" ; # DBG "PKGBUILD=" ; cat $srcbuild ; + if [[ "$final_dst" == *.sig ]]; then # handle missing libre source-ball signature + local src_file=${src%.sig} + local out_file="${final_dst%.sig}" + +DBG "librefetch::doit(create) IS_SIG src_file=$src_file out_file=$out_file" - if [[ $base_dst == *.sig ]]; then # recurse to create the libre source-ball, if it does not yet exist - # the libre source-ball signature is deferred to librerelease - if ! [[ -e ${base_dst%.sig} ]]; then - extra_opts=("${src%.sig}" "${base_dst%.sig}") + if ! [[ -e "$out_file" ]]; then + extra_opts=("$src_file" "$out_file") msg2 "${src_missing_msg}" doit || exit fi -DBG "librefetch::doit(create) IS_SIG" -# set -x -# FIXME: there is a note about this signature in usage() -# create_signature "${base_dst%.sig}" || exit -# if [[ -n $suffix ]]; then - if [[ -n $suffix && -f "$base_dst" ]]; then -DBG "librefetch::doit(create) RENAME" - mv -f "$base_dst" "$dst" -DBG "librefetch::doit(create) RENAMED" +DBG "librefetch::doit(create) IS_SIG suffix=$suffix exists=$( [[ -f "$final_dst" ]] && echo t || echo f) is_newly_created=$( [[ -f "$LIBRE_SRCBALL_CREATION_MARKER" ]] && echo t || echo f)" # ; set -x +# WIP: 'create_signature' normally entails manual password confirmation. +# in the case that a libre source-ball was just created, +# the build machine will not necessarily be able to sign it; +# and 'create_signature' would fail here, as a fatal error. +# however, librerelease will sign all tarballs, if necessary; +# so the current WIP defers the signature to librerelease +# see file.sh::download_file() +# TODO: adjust the usage() note about this signature if necessary + if rm $LIBRE_SRCBALL_CREATION_MARKER 2> /dev/null; then +DBG "librefetch::doit(create) IS_SIG create_signature" +# create_signature "${final_dst%.sig}" || exit + create_signature "${final_dst%.sig}" || true # WIP: + +# TODO: renaming here is probably not necessary; +# because the caller (file.sh::download_file()) will do it. +# are there other callers which would not? + if [[ -n $suffix && -f "$final_dst" ]]; then + mv -f "$final_dst" "$dst" + fi + else +DBG "librefetch::doit(create) IS_SIG FAIL" + return 1 fi - else + else # create libre source-ball export PKGDEST=${dst%/*} export pkg_file=$dst @@ -251,7 +270,13 @@ DBG "librefetch::doit(create) PKGEXT=$PKGEXT cmd=\"$makepkg\" \"${makepkg_opts[@ cd "$BUILDFILEDIR" msg2 "${src_missing_msg}" - "$makepkg" "${makepkg_opts[@]}" -p "$srcbuild" >&2 && msg2 "${done_msg}" || exit + rm -f $LIBRE_SRCBALL_CREATION_MARKER + if "$makepkg" "${makepkg_opts[@]}" -p "$srcbuild" >&2; then + msg2 "${done_msg}" + cd - > /dev/null ; touch $LIBRE_SRCBALL_CREATION_MARKER ; + else + exit + fi fi fi @@ -419,24 +444,30 @@ modified_srcbuild() { create_signature() { local filename="$1" local gpg_cmd=( gpg --detach-sign --use-agent --no-armor ) + local gpg_disabled_msg="Defering libre source-ball signature." local gpg_signing_msg="Signing libre source-ball..." local gpg_created_msg="Created signature file:" - local gpg_remind_msg="Ensure that your GPG key is referenced in the PKGBUILD 'validpgpkeys' array." local gpg_failed_msg="Failed to sign the libre source-ball!" - local gpg_sign_msg="If you can not sign it now on this machine, you can take it home, and run librerelease on it." - local ret + local gpg_sign_msg="The libre source-ball will be signed by librerelease later." + local gpg_remind_msg="Ensure that your GPG key is referenced in the PKGBUILD, before running librerelease." + local ret=0 - if [[ -n "${GPGKEY}" ]]; then - gpg_cmd=( --local-user "${GPGKEY}" ) - fi + if (( SKIP_CREATE_SIGNATURE )); then + msg2 "${gpg_disabled_msg}" ; prose "${gpg_sign_msg} ${gpg_remind_msg}" ; + else - msg "${gpg_signing_msg}" - ${gpg_cmd[@]} "${filename}" &> /dev/null ; ret=$? ; + if [[ -n "${GPGKEY}" ]]; then + gpg_cmd=( --local-user "${GPGKEY}" ) + fi - if (( ! ret )); then - msg2 "%s %s." "${gpg_created_msg}" "${filename}.sig" ; plain "${gpg_remind_msg}" ; - else - error "${gpg_failed_msg}" ; plain "${gpg_sign_msg}" ; plain "${gpg_remind_msg}" ; + msg "${gpg_signing_msg}" + ${gpg_cmd[@]} "${filename}" &> /dev/null ; ret=$? ; + + if (( ! ret )); then + msg2 "%s %s." "${gpg_created_msg}" "${filename}.sig" ; prose "${gpg_remind_msg}" ; + else + warning "${gpg_failed_msg}" ; prose "${gpg_sign_msg} ${gpg_remind_msg}" ; + fi fi return ${ret} -- cgit v1.2.2