116 lines
4.3 KiB
Bash
Executable file
116 lines
4.3 KiB
Bash
Executable file
#!/bin/bash
|
|
set -eu
|
|
|
|
IMAGE_ID="rafeOS"
|
|
IMAGE_VARIANT="server"
|
|
# rafeOS release signing key <rafeos-release@rafe.li>
|
|
GPG_SIGNING_KEY="497B1B17BEE53D5DF0AE833F60775900DDDFAA67"
|
|
|
|
# Check if script is run as root
|
|
if [ "$(id -u)" -ne 0 ]; then
|
|
echo "Error: This script must be run as root (use sudo)."
|
|
exit 1
|
|
fi
|
|
|
|
# Check if a directory path is provided
|
|
if [ $# -lt 1 ]; then
|
|
echo "Error: Please provide the path to the directory containing raw disk image files as the first parameter."
|
|
exit 1
|
|
fi
|
|
|
|
# Set the output directory and get its absolute path
|
|
output_directory=$(realpath "$1")
|
|
|
|
# Check if the version string is provided as the second argument
|
|
if [ $# -lt 2 ]; then
|
|
# Determine the latest semver version from the files in the directory
|
|
latest_raw_file=$(find "$output_directory" -maxdepth 1 -type f -name "${IMAGE_ID}-${IMAGE_VARIANT}_*.raw" | \
|
|
grep -E "${IMAGE_ID}-${IMAGE_VARIANT}_([0-9]+\.[0-9]+\.[0-9]+)\.raw" | \
|
|
sort -V | tail -n 1)
|
|
|
|
if [ -n "$latest_raw_file" ]; then
|
|
version_string=$(basename "$latest_raw_file" | sed -n "s/${IMAGE_ID}-${IMAGE_VARIANT}_\([0-9]*\.[0-9]*\.[0-9]*\)\.raw/\1/p")
|
|
else
|
|
echo "Error: No raw disk image files found in the directory."
|
|
exit 1
|
|
fi
|
|
else
|
|
version_string="$2"
|
|
fi
|
|
|
|
# Check if the version string is not empty
|
|
if [ -z "$version_string" ]; then
|
|
echo "Error: Unable to determine the version string."
|
|
exit 1
|
|
fi
|
|
|
|
# Run systemd-dissect on the raw disk image file and save the json output
|
|
json_output=$(systemd-dissect "$output_directory/${IMAGE_ID}-${IMAGE_VARIANT}_$version_string.raw" --json=short)
|
|
|
|
# Extract partition UUIDs for each partition type using jq
|
|
declare -A partition_uuids
|
|
|
|
partition_types=("usr" "usr-verity" "usr-verity-sig")
|
|
for partition_type in $(echo "${partition_types[@]}" | tr ' ' '\n' | sort); do
|
|
partition_uuid=$(echo "$json_output" | jq -r '.mounts[] | select(.designator == "'"$partition_type"'") | .partition_uuid')
|
|
partition_uuids["$partition_type"]=$partition_uuid
|
|
done
|
|
|
|
## Output the content of the array as a table
|
|
#echo -e "Partition Type\tUUID"
|
|
#for partition_type in $(echo "${!partition_uuids[@]}" | tr ' ' '\n' | sort); do
|
|
# uuid=${partition_uuids["$partition_type"]}
|
|
# echo -e "$partition_type\t$uuid"
|
|
#done
|
|
|
|
echo "Rename and source the files in the output directory..."
|
|
for file in "$output_directory/${IMAGE_ID}-${IMAGE_VARIANT}_$version_string".*; do
|
|
if [[ -f $file ]]; then
|
|
# Extract the file extension
|
|
extension="${file##*.}"
|
|
|
|
# Check if the file is one of the raw partitions that needs renaming
|
|
if [[ $extension == "raw" && $file =~ $version_string\.([^.]+)\.raw$ ]]; then
|
|
partition_type="${BASH_REMATCH[1]}"
|
|
|
|
# Check if the partition type is in the array
|
|
if [[ -n "${partition_uuids[$partition_type]}" ]]; then
|
|
new_filename="${IMAGE_ID}-${IMAGE_VARIANT}_${version_string}_${partition_uuids[$partition_type]}.$partition_type.raw"
|
|
mv "$file" "$output_directory/$new_filename"
|
|
echo "Renamed: $file -> $new_filename"
|
|
else
|
|
echo "Error: Partition type $partition_type not found in partition_uuids array."
|
|
fi
|
|
fi
|
|
fi
|
|
done
|
|
|
|
# Create a new directory for the release
|
|
release_directory="$output_directory/release-v$version_string"
|
|
mkdir -p "$release_directory"
|
|
|
|
# Move all files of the release to the new directory
|
|
mv "$output_directory/${IMAGE_ID}-${IMAGE_VARIANT}_$version_string."* "$release_directory/"
|
|
|
|
cd "$release_directory/"
|
|
|
|
echo "Compress files via xz..."
|
|
for file in "${IMAGE_ID}-${IMAGE_VARIANT}_$version_string".raw \
|
|
"${IMAGE_ID}-${IMAGE_VARIANT}_$version_string"_{*.usr.raw,*.usr-verity.raw,*.usr-verity-sig.raw} \
|
|
"${IMAGE_ID}-${IMAGE_VARIANT}_$version_string".efi; do
|
|
if [[ -f "$file" ]]; then
|
|
xz --verbose --threads=0 "$file"
|
|
echo "Compressed: $file -> $file.xz"
|
|
fi
|
|
done
|
|
|
|
# Delete unneeded files
|
|
rm -f "${IMAGE_ID}-server_$version_string".{initrd,vmlinuz,changelog}
|
|
|
|
echo "Calculate SHA256 checksums for all files in the release directory..."
|
|
sha256sum * > "SHA256SUMS"
|
|
|
|
echo "Sign the SHA256SUMS file with a detached signature..."
|
|
gpg --default-key "$GPG_SIGNING_KEY" --output "SHA256SUMS.gpg" --detach-sign "SHA256SUMS"
|
|
|
|
echo "Release for image version $version_string is ready in $release_directory!" |