diff options
Diffstat (limited to 'src/fluent-bit/packaging/update-apt-repo.sh')
| -rwxr-xr-x | src/fluent-bit/packaging/update-apt-repo.sh | 76 |
1 files changed, 76 insertions, 0 deletions
diff --git a/src/fluent-bit/packaging/update-apt-repo.sh b/src/fluent-bit/packaging/update-apt-repo.sh new file mode 100755 index 000000000..73bd4a0c2 --- /dev/null +++ b/src/fluent-bit/packaging/update-apt-repo.sh @@ -0,0 +1,76 @@ +#!/bin/bash +set -eux + +# Used to update a Debian Apt repo, e.g. during a staging build or release process + +# Where the base of all the repos is +BASE_PATH=${BASE_PATH:?} +if [[ ! -d "$BASE_PATH" ]]; then + echo "ERROR: invalid base path: $BASE_PATH" + exit 1 +fi + +# "debian/bookworm" "debian/bullseye" "debian/buster" "ubuntu/xenial" "ubuntu/bionic" "ubuntu/focal" "ubuntu/jammy" "raspbian/buster" "raspbian/bullseye" +DEB_REPO=${DEB_REPO:?} + +# Set true to prevent signing +DISABLE_SIGNING=${DISABLE_SIGNING:-false} + +REPO_DIR=$(realpath -sm "$BASE_PATH/$DEB_REPO" ) +if [[ ! -d "$REPO_DIR" ]] ; then + echo "ERROR: missing $REPO_DIR" + exit 1 +fi + +CODENAME=${DEB_REPO##*/} +echo "Updating $DEB_REPO for $CODENAME" + +# We use Aptly to create repos with a local temporary directory as the root. +# Once complete, we then move these to the output directory for upload. +# Based on https://github.com/spotify/debify/blob/master/debify.sh +APTLY_REPO_NAME="debify-$CODENAME" +APTLY_ROOTDIR=$(mktemp -d) +APTLY_CONFIG=$(mktemp) + +# The origin and label fields seem to cover the base directory for the repo and codename. +# The docs seems to suggest these fields are optional and free-form: https://wiki.debian.org/DebianRepository/Format#Origin +# They are security checks to verify if they have changed so we match the legacy server. +APTLY_ORIGIN=". $CODENAME" +APTLY_LABEL=". $CODENAME" +if [[ "$DEB_REPO" == "debian/bullseye" ]]; then + # For Bullseye, the legacy server had a slightly different setup we try to reproduce here + APTLY_ORIGIN="bullseye bullseye" + APTLY_LABEL="bullseye bullseye" +fi + +cat << EOF > "$APTLY_CONFIG" +{ + "rootDir": "$APTLY_ROOTDIR/" +} +EOF +cat "$APTLY_CONFIG" + +aptly -config="$APTLY_CONFIG" repo create \ + -component="main" \ + -distribution="$CODENAME" \ + "$APTLY_REPO_NAME" + +# Check if any files to add +count=$(find "$REPO_DIR" -maxdepth 1 -type f -name "*.deb" | wc -l) +if [[ $count != 0 ]] ; then + # Do not remove files as we need them from moving to staging-release + aptly -config="$APTLY_CONFIG" repo add -force-replace "$APTLY_REPO_NAME" "$REPO_DIR/" +else + echo "WARNING: no files to add in $DEB_REPO for $CODENAME" +fi +aptly -config="$APTLY_CONFIG" repo show "$APTLY_REPO_NAME" + +if [[ "$DISABLE_SIGNING" != "true" ]]; then + aptly -config="$APTLY_CONFIG" publish repo -gpg-key="$GPG_KEY" -origin="$APTLY_ORIGIN" -label="$APTLY_LABEL" "$APTLY_REPO_NAME" +else + aptly -config="$APTLY_CONFIG" publish repo --skip-signing -origin="$APTLY_ORIGIN" -label="$APTLY_LABEL" "$APTLY_REPO_NAME" +fi + +rsync -av "$APTLY_ROOTDIR"/public/* "$REPO_DIR" +# Remove unnecessary files +rm -rf "$REPO_DIR/conf/" "$REPO_DIR/db/" "$APTLY_ROOTDIR" "$APTLY_CONFIG" |