-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathsign.sh
executable file
·90 lines (76 loc) · 2.04 KB
/
sign.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
#!/usr/bin/env bash
# =====================================================================
# Downloads, signs and uploads a gluon manifest file.
#
# This is used by firmware developers to sign a release after it was
# uploaded by the build system.
#
# Source: https://github.com/hackspace-marburg/ffmr-site
# Original: https://github.com/freifunk-fulda
# Contact: [email protected]
# Web: https://marburg.freifunk.net
# =====================================================================
set -e
# Basic configuration
SRV_USER="firmware"
SRV_HOST="firmware.marburg.freifunk.net"
SRV_PORT=7331
SRV_PATH="/home/firmware/firmware"
# Help function used in error messages and -h option
usage() {
echo ""
echo "Downloads, signs and uploads a gluon manifest file."
echo "Usage ./sign.sh KEYPATH BRANCH"
echo " KEYPATH the path to the developers private key"
echo " BRANCH the branch to sign"
}
# Evaluate arguments for build script.
if [[ "${#}" != 2 ]]; then
echo "Insufficient arguments given"
usage
exit 1
fi
KEYPATH="${1}"
BRANCH="${2}"
# Subsitute all slashes in the branch name
BRANCH=${BRANCH//\//-}
# Sanity checks for required arguments
if [[ ! -e "${KEYPATH}" ]]; then
echo "Error: Key file not found or not readable: ${KEY_PATH}"
usage
exit 1
fi
# Check if ecdsa utils are installed
if ! which ecdsasign 2> /dev/null; then
echo "ecdsa utils are not found."
exit 1
fi
# Determine temporary local file
TMP="$(mktemp)"
# Determine upload target prefix
case "${BRANCH}" in
stable| \
snapshot| \
experimental)
TARGET="${BRANCH}"
;;
*)
TARGET="others/${BRANCH}"
;;
esac
# Download manifest
scp \
-o stricthostkeychecking=no \
-P "${SRV_PORT}" \
"${SRV_USER}@${SRV_HOST}:${SRV_PATH}/${TARGET}/current/sysupgrade/${BRANCH}.manifest" \
"${TMP}"
# Sign the local file
./gluon/contrib/sign.sh \
"${KEYPATH}" \
"${TMP}"
# Upload signed file
scp \
-o stricthostkeychecking=no \
-P "${SRV_PORT}" \
"${TMP}" \
"${SRV_USER}@${SRV_HOST}:${SRV_PATH}/${TARGET}/current/sysupgrade/${BRANCH}.manifest"