[lxc-devel] [distrobuilder/master] Various fixes
monstermunchkin on Github
lxc-bot at linuxcontainers.org
Wed Feb 27 09:50:27 UTC 2019
A non-text attachment was scrubbed...
Name: not available
Type: text/x-mailbox
Size: 310 bytes
Desc: not available
URL: <http://lists.linuxcontainers.org/pipermail/lxc-devel/attachments/20190227/1c97f0fc/attachment.bin>
-------------- next part --------------
From 8d21b6b62c884907edac7968ff7ac0d63453dc22 Mon Sep 17 00:00:00 2001
From: Thomas Hipp <thomas.hipp at canonical.com>
Date: Wed, 27 Feb 2019 09:48:20 +0100
Subject: [PATCH 1/2] sources: Import GPG key before installing
Signed-off-by: Thomas Hipp <thomas.hipp at canonical.com>
---
sources/oraclelinux-http.go | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/sources/oraclelinux-http.go b/sources/oraclelinux-http.go
index a4827fd..592c0b4 100644
--- a/sources/oraclelinux-http.go
+++ b/sources/oraclelinux-http.go
@@ -202,8 +202,8 @@ touch /etc/mtab /etc/fstab
_rpm=$(curl -s https://yum.oracle.com/repo/OracleLinux/OL${version}/${update}/base/${arch}/index.html | grep -Eo '>rpm-[[:digit:]][^ ]+\.rpm<' | tail -1 | sed 's|[<>]||g')
_yum=$(curl -s https://yum.oracle.com/repo/OracleLinux/OL${version}/${update}/base/${arch}/index.html | grep -Eo '>yum-[[:digit:]][^ ]+\.rpm<' | tail -1 | sed 's|[<>]||g')
-rpm -ivh --nodeps "${_rpm}" "${_yum}"
rpm --import RPM-GPG-KEY-oracle
+rpm -ivh --nodeps "${_rpm}" "${_yum}"
# Add repo
mkdir -p /etc/yum.repos.d
From f581a1333f30f94cd6ea37aa5f2778bf8a14b58f Mon Sep 17 00:00:00 2001
From: Thomas Hipp <thomas.hipp at canonical.com>
Date: Wed, 27 Feb 2019 10:36:45 +0100
Subject: [PATCH 2/2] *: Download to specific directory
Signed-off-by: Thomas Hipp <thomas.hipp at canonical.com>
---
shared/net.go | 40 ++++++++++++++++++++++---------------
sources/alpine-http.go | 14 +++++++------
sources/archlinux-http.go | 10 +++++-----
sources/centos-http.go | 14 ++++++++-----
sources/fedora-http.go | 4 ++--
sources/gentoo.go | 13 ++++++------
sources/oraclelinux-http.go | 4 ++--
sources/sabayon.go | 9 +++++----
sources/ubuntu-http.go | 18 +++++++++++------
9 files changed, 74 insertions(+), 52 deletions(-)
diff --git a/shared/net.go b/shared/net.go
index dd51139..f167d8d 100644
--- a/shared/net.go
+++ b/shared/net.go
@@ -18,12 +18,20 @@ import (
// DownloadHash downloads a file. If a checksum file is provided, it will try and
// match the hash.
-func DownloadHash(file, checksum string, hashFunc hash.Hash) error {
+func DownloadHash(def DefinitionImage, file, checksum string, hashFunc hash.Hash) (string, error) {
var (
client http.Client
hash string
err error
)
+ targetDir := filepath.Join(os.TempDir(), fmt.Sprintf("%s-%s-%s", def.Distribution, def.Release, def.ArchitectureMapped))
+ targetDir = strings.Replace(targetDir, " ", "", -1)
+ targetDir = strings.ToLower(targetDir)
+
+ err = os.MkdirAll(targetDir, 0755)
+ if err != nil {
+ return "", err
+ }
if checksum != "" {
if hashFunc != nil {
@@ -35,19 +43,19 @@ func DownloadHash(file, checksum string, hashFunc hash.Hash) error {
hashLen = hashFunc.Size() * 2
}
- hash, err = downloadChecksum(checksum, file, hashFunc, hashLen)
+ hash, err = downloadChecksum(targetDir, checksum, file, hashFunc, hashLen)
if err != nil {
- return fmt.Errorf("Error while downloading checksum: %s", err)
+ return "", fmt.Errorf("Error while downloading checksum: %s", err)
}
}
- imagePath := filepath.Join(os.TempDir(), filepath.Base(file))
+ imagePath := filepath.Join(targetDir, filepath.Base(file))
stat, err := os.Stat(imagePath)
if err == nil && stat.Size() > 0 {
image, err := os.Open(imagePath)
if err != nil {
- return err
+ return "", err
}
defer image.Close()
@@ -58,21 +66,21 @@ func DownloadHash(file, checksum string, hashFunc hash.Hash) error {
_, err = io.Copy(hashFunc, image)
if err != nil {
- return err
+ return "", err
}
result := fmt.Sprintf("%x", hashFunc.Sum(nil))
if result != hash {
- return fmt.Errorf("Hash mismatch for %s: %s != %s", imagePath, result, hash)
+ return "", fmt.Errorf("Hash mismatch for %s: %s != %s", imagePath, result, hash)
}
}
- return nil
+ return targetDir, nil
}
image, err := os.Create(imagePath)
if err != nil {
- return err
+ return "", err
}
defer image.Close()
@@ -86,19 +94,19 @@ func DownloadHash(file, checksum string, hashFunc hash.Hash) error {
_, err = lxd.DownloadFileHash(&client, "", progress, nil, imagePath, file, hash, hashFunc, image)
if err != nil {
if checksum == "" && strings.HasPrefix(err.Error(), "Hash mismatch") {
- return nil
+ return targetDir, nil
}
- return err
+ return "", err
}
fmt.Println("")
- return nil
+ return targetDir, nil
}
// downloadChecksum downloads or opens URL, and matches fname against the
// checksums inside of the downloaded or opened file.
-func downloadChecksum(URL string, fname string, hashFunc hash.Hash, hashLen int) (string, error) {
+func downloadChecksum(targetDir string, URL string, fname string, hashFunc hash.Hash, hashLen int) (string, error) {
var (
client http.Client
tempFile *os.File
@@ -106,15 +114,15 @@ func downloadChecksum(URL string, fname string, hashFunc hash.Hash, hashLen int)
)
// do not re-download checksum file if it's already present
- fi, err := os.Stat(filepath.Join(os.TempDir(), URL))
+ fi, err := os.Stat(filepath.Join(targetDir, URL))
if err == nil && !fi.IsDir() {
- tempFile, err = os.Open(filepath.Join(os.TempDir(), URL))
+ tempFile, err = os.Open(filepath.Join(targetDir, URL))
if err != nil {
return "", err
}
defer os.Remove(tempFile.Name())
} else {
- tempFile, err = ioutil.TempFile(os.TempDir(), "hash.")
+ tempFile, err = ioutil.TempFile(targetDir, "hash.")
if err != nil {
return "", err
}
diff --git a/sources/alpine-http.go b/sources/alpine-http.go
index d4e4588..3b4055e 100644
--- a/sources/alpine-http.go
+++ b/sources/alpine-http.go
@@ -62,10 +62,12 @@ func (s *AlpineLinuxHTTP) Run(definition shared.Definition, rootfsDir string) er
return errors.New("GPG keys are required if downloading from HTTP")
}
+ var fpath string
+
if definition.Source.SkipVerification {
- err = shared.DownloadHash(tarball, "", nil)
+ fpath, err = shared.DownloadHash(definition.Image, tarball, "", nil)
} else {
- err = shared.DownloadHash(tarball, tarball+".sha256", sha256.New())
+ fpath, err = shared.DownloadHash(definition.Image, tarball, tarball+".sha256", sha256.New())
}
if err != nil {
return err
@@ -73,10 +75,10 @@ func (s *AlpineLinuxHTTP) Run(definition shared.Definition, rootfsDir string) er
// Force gpg checks when using http
if !definition.Source.SkipVerification && url.Scheme != "https" {
- shared.DownloadHash(tarball+".asc", "", nil)
+ shared.DownloadHash(definition.Image, tarball+".asc", "", nil)
valid, err := shared.VerifyFile(
- filepath.Join(os.TempDir(), fname),
- filepath.Join(os.TempDir(), fname+".asc"),
+ filepath.Join(fpath, fname),
+ filepath.Join(fpath, fname+".asc"),
definition.Source.Keys,
definition.Source.Keyserver)
if err != nil {
@@ -88,7 +90,7 @@ func (s *AlpineLinuxHTTP) Run(definition shared.Definition, rootfsDir string) er
}
// Unpack
- err = lxd.Unpack(filepath.Join(os.TempDir(), fname), rootfsDir, false, false, nil)
+ err = lxd.Unpack(filepath.Join(fpath, fname), rootfsDir, false, false, nil)
if err != nil {
return err
}
diff --git a/sources/archlinux-http.go b/sources/archlinux-http.go
index 86b38f2..dd0b51c 100644
--- a/sources/archlinux-http.go
+++ b/sources/archlinux-http.go
@@ -63,18 +63,18 @@ func (s *ArchLinuxHTTP) Run(definition shared.Definition, rootfsDir string) erro
return errors.New("GPG keys are required if downloading from HTTP")
}
- err = shared.DownloadHash(tarball, "", nil)
+ fpath, err := shared.DownloadHash(definition.Image, tarball, "", nil)
if err != nil {
return err
}
// Force gpg checks when using http
if !definition.Source.SkipVerification && url.Scheme != "https" {
- shared.DownloadHash(tarball+".sig", "", nil)
+ shared.DownloadHash(definition.Image, tarball+".sig", "", nil)
valid, err := shared.VerifyFile(
- filepath.Join(os.TempDir(), fname),
- filepath.Join(os.TempDir(), fname+".sig"),
+ filepath.Join(fpath, fname),
+ filepath.Join(fpath, fname+".sig"),
definition.Source.Keys,
definition.Source.Keyserver)
if err != nil {
@@ -86,7 +86,7 @@ func (s *ArchLinuxHTTP) Run(definition shared.Definition, rootfsDir string) erro
}
// Unpack
- err = lxd.Unpack(filepath.Join(os.TempDir(), fname), rootfsDir, false, false, nil)
+ err = lxd.Unpack(filepath.Join(fpath, fname), rootfsDir, false, false, nil)
if err != nil {
return err
}
diff --git a/sources/centos-http.go b/sources/centos-http.go
index de0db10..dc3afd6 100644
--- a/sources/centos-http.go
+++ b/sources/centos-http.go
@@ -73,8 +73,12 @@ func (s *CentOSHTTP) Run(definition shared.Definition, rootfsDir string) error {
checksumFile = "sha256sum.txt.asc"
}
- shared.DownloadHash(baseURL+checksumFile, "", nil)
- valid, err := shared.VerifyFile(filepath.Join(os.TempDir(), checksumFile), "",
+ fpath, err := shared.DownloadHash(definition.Image, baseURL+checksumFile, "", nil)
+ if err != nil {
+ return err
+ }
+
+ valid, err := shared.VerifyFile(filepath.Join(fpath, checksumFile), "",
definition.Source.Keys, definition.Source.Keyserver)
if err != nil {
return err
@@ -85,16 +89,16 @@ func (s *CentOSHTTP) Run(definition shared.Definition, rootfsDir string) error {
}
}
- err = shared.DownloadHash(baseURL+s.fname, checksumFile, sha256.New())
+ fpath, err := shared.DownloadHash(definition.Image, baseURL+s.fname, checksumFile, sha256.New())
if err != nil {
return fmt.Errorf("Error downloading CentOS image: %s", err)
}
if strings.HasSuffix(s.fname, ".raw.xz") || strings.HasSuffix(s.fname, ".raw") {
- return s.unpackRaw(filepath.Join(os.TempDir(), s.fname), rootfsDir)
+ return s.unpackRaw(filepath.Join(fpath, s.fname), rootfsDir)
}
- return s.unpackISO(filepath.Join(os.TempDir(), s.fname), rootfsDir)
+ return s.unpackISO(filepath.Join(fpath, s.fname), rootfsDir)
}
func (s CentOSHTTP) unpackRaw(filePath, rootfsDir string) error {
diff --git a/sources/fedora-http.go b/sources/fedora-http.go
index b800e8f..e9ed6a2 100644
--- a/sources/fedora-http.go
+++ b/sources/fedora-http.go
@@ -41,14 +41,14 @@ func (s *FedoraHTTP) Run(definition shared.Definition, rootfsDir string) error {
definition.Image.Release, build, definition.Image.ArchitectureMapped)
// Download image
- err = shared.DownloadHash(fmt.Sprintf("%s/%s/%s/images/%s",
+ fpath, err := shared.DownloadHash(definition.Image, fmt.Sprintf("%s/%s/%s/images/%s",
baseURL, definition.Image.Release, build, fname), "", nil)
if err != nil {
return err
}
// Unpack the base image
- err = lxd.Unpack(filepath.Join(os.TempDir(), fname), rootfsDir, false, false, nil)
+ err = lxd.Unpack(filepath.Join(fpath, fname), rootfsDir, false, false, nil)
if err != nil {
return err
}
diff --git a/sources/gentoo.go b/sources/gentoo.go
index 41d86b7..45617e4 100644
--- a/sources/gentoo.go
+++ b/sources/gentoo.go
@@ -7,7 +7,6 @@ import (
"io/ioutil"
"net/http"
"net/url"
- "os"
"path/filepath"
"regexp"
"strings"
@@ -62,10 +61,12 @@ func (s *GentooHTTP) Run(definition shared.Definition, rootfsDir string) error {
return errors.New("GPG keys are required if downloading from HTTP")
}
+ var fpath string
+
if definition.Source.SkipVerification {
- err = shared.DownloadHash(tarball, "", nil)
+ fpath, err = shared.DownloadHash(definition.Image, tarball, "", nil)
} else {
- err = shared.DownloadHash(tarball, tarball+".DIGESTS", sha512.New())
+ fpath, err = shared.DownloadHash(definition.Image, tarball, tarball+".DIGESTS", sha512.New())
}
if err != nil {
return err
@@ -73,9 +74,9 @@ func (s *GentooHTTP) Run(definition shared.Definition, rootfsDir string) error {
// Force gpg checks when using http
if !definition.Source.SkipVerification && url.Scheme != "https" {
- shared.DownloadHash(tarball+".DIGESTS.asc", "", nil)
+ shared.DownloadHash(definition.Image, tarball+".DIGESTS.asc", "", nil)
valid, err := shared.VerifyFile(
- filepath.Join(os.TempDir(), fname+".DIGESTS.asc"),
+ filepath.Join(fpath, fname+".DIGESTS.asc"),
"",
definition.Source.Keys,
definition.Source.Keyserver)
@@ -88,7 +89,7 @@ func (s *GentooHTTP) Run(definition shared.Definition, rootfsDir string) error {
}
// Unpack
- err = lxd.Unpack(filepath.Join(os.TempDir(), fname), rootfsDir, false, false, nil)
+ err = lxd.Unpack(filepath.Join(fpath, fname), rootfsDir, false, false, nil)
if err != nil {
return err
}
diff --git a/sources/oraclelinux-http.go b/sources/oraclelinux-http.go
index 592c0b4..b00a163 100644
--- a/sources/oraclelinux-http.go
+++ b/sources/oraclelinux-http.go
@@ -38,13 +38,13 @@ func (s *OracleLinuxHTTP) Run(definition shared.Definition, rootfsDir string) er
return err
}
- err = shared.DownloadHash(fmt.Sprintf("%s/%s/%s/%s", baseURL, latestUpdate, s.architecture, fname),
+ fpath, err := shared.DownloadHash(definition.Image, fmt.Sprintf("%s/%s/%s/%s", baseURL, latestUpdate, s.architecture, fname),
"", nil)
if err != nil {
return fmt.Errorf("Error downloading Oracle Linux image: %s", err)
}
- return s.unpackISO(latestUpdate[1:], filepath.Join(os.TempDir(), fname), rootfsDir)
+ return s.unpackISO(latestUpdate[1:], filepath.Join(fpath, fname), rootfsDir)
}
func (s *OracleLinuxHTTP) unpackISO(latestUpdate, filePath, rootfsDir string) error {
diff --git a/sources/sabayon.go b/sources/sabayon.go
index 6120806..3e280eb 100644
--- a/sources/sabayon.go
+++ b/sources/sabayon.go
@@ -4,7 +4,6 @@ import (
"crypto/md5"
"fmt"
"net/url"
- "os"
"path/filepath"
lxd "github.com/lxc/lxd/shared"
@@ -30,18 +29,20 @@ func (s *SabayonHTTP) Run(definition shared.Definition, rootfsDir string) error
return err
}
+ var fpath string
+
// From sabayon currently we have only MD5 checksum for now.
if definition.Source.SkipVerification {
- err = shared.DownloadHash(tarball, "", nil)
+ fpath, err = shared.DownloadHash(definition.Image, tarball, "", nil)
} else {
- err = shared.DownloadHash(tarball, tarball+".md5", md5.New())
+ fpath, err = shared.DownloadHash(definition.Image, tarball, tarball+".md5", md5.New())
}
if err != nil {
return err
}
// Unpack
- err = lxd.Unpack(filepath.Join(os.TempDir(), fname), rootfsDir, false, false, nil)
+ err = lxd.Unpack(filepath.Join(fpath, fname), rootfsDir, false, false, nil)
if err != nil {
return err
}
diff --git a/sources/ubuntu-http.go b/sources/ubuntu-http.go
index f18bdcc..9d81316 100644
--- a/sources/ubuntu-http.go
+++ b/sources/ubuntu-http.go
@@ -50,6 +50,8 @@ func (s *UbuntuHTTP) Run(definition shared.Definition, rootfsDir string) error {
return err
}
+ var fpath string
+
checksumFile := ""
// Force gpg checks when using http
if !definition.Source.SkipVerification && url.Scheme != "https" {
@@ -58,12 +60,16 @@ func (s *UbuntuHTTP) Run(definition shared.Definition, rootfsDir string) error {
}
checksumFile = baseURL + "SHA256SUMS"
- shared.DownloadHash(baseURL+"SHA256SUMS.gpg", "", nil)
- shared.DownloadHash(checksumFile, "", nil)
+ fpath, err = shared.DownloadHash(definition.Image, baseURL+"SHA256SUMS.gpg", "", nil)
+ if err != nil {
+ return err
+ }
+
+ shared.DownloadHash(definition.Image, checksumFile, "", nil)
valid, err := shared.VerifyFile(
- filepath.Join(os.TempDir(), "SHA256SUMS"),
- filepath.Join(os.TempDir(), "SHA256SUMS.gpg"),
+ filepath.Join(fpath, "SHA256SUMS"),
+ filepath.Join(fpath, "SHA256SUMS.gpg"),
definition.Source.Keys,
definition.Source.Keyserver)
if err != nil {
@@ -74,12 +80,12 @@ func (s *UbuntuHTTP) Run(definition shared.Definition, rootfsDir string) error {
}
}
- err = shared.DownloadHash(baseURL+s.fname, checksumFile, sha256.New())
+ fpath, err = shared.DownloadHash(definition.Image, baseURL+s.fname, checksumFile, sha256.New())
if err != nil {
return fmt.Errorf("Error downloading Ubuntu image: %s", err)
}
- err = s.unpack(filepath.Join(os.TempDir(), s.fname), rootfsDir)
+ err = s.unpack(filepath.Join(fpath, s.fname), rootfsDir)
if err != nil {
return err
}
More information about the lxc-devel
mailing list