From 0cd62360042c1b248cab62c6bb7906d28d875c3b Mon Sep 17 00:00:00 2001 From: Fun Date: Tue, 9 Jan 2018 00:07:38 +0200 Subject: [PATCH 3/3] pkgmk: add support for binary packages While there is pkg-get to help users install binary packages, this simple and less intrusive patch gives much more flexibility. It is simple because it shortcuts the "download_source; build_package" if it can 'download' a binary package (and the user didn't request a rebuild "-f"). It is much more flexible because: - it works with the current high-level tools (prt-get, yapo) - by overriding get_package_mirrors() from /etc/pkgmk.conf, the user has complete control of what binary packages are downloaded and from where --- pkgmk.in | 62 ++++++++++++++++++++++++++++++++++++++++++++++++++++++-- 1 file changed, 60 insertions(+), 2 deletions(-) diff --git a/pkgmk.in b/pkgmk.in index 5c0bb3c..604a7a5 100755 --- a/pkgmk.in +++ b/pkgmk.in @@ -100,6 +100,62 @@ check_file() { fi } +# Check the package signature, created with something like: +# cd $PKGMK_PACKAHE_DIR +# sha256sum --tag x.pkg.tar.gz | signify -S -e -x - -q -s xxx.sec -m - > x.pkg.tar.gz.sig +# This function runs in a sub-shell (being defined with (...) instead of {...}) +# in order to avoid symlinks. +check_pkg_sig() ( + cd "${1%/*}" + opts=( -q -C ) + [[ $PKGMK_PUBLICKEY != "" ]] \ + && opts+=( -p "$PKGMK_PUBLICKEY" ) + signify "${opts[@]}" -x "$1" +) + +download_pkg_and_sig() { + local NAMES=( "$BASENAME" "$BASENAME.sig" ) + local FILES=( "${NAMES[@]/#/$PKGMK_PACKAGE_DIR/}" ) # prepend + local TMPFILES=( "${FILES[@]/%/.partial}" ) # append + + local F + for F in "${FILES[@]}" "${TMPFILES[@]}" + do + [[ -e $F ]] && { rm -f -- "$F" || return 1; } + done + + download_url "$MIRROR/${NAMES[0]//\#/%23}" "${TMPFILES[0]}" \ + && download_url "$MIRROR/${NAMES[1]//\#/%23}" "${TMPFILES[1]}" \ + && sync \ + && mv -- "${TMPFILES[0]}" "${FILES[0]}" \ + && mv -- "${TMPFILES[1]}" "${FILES[1]}" \ + && check_pkg_sig "${FILES[1]}" \ + && return 0 + + rm -f -- "${FILES[@]}" "${TMPFILES[@]}" + return 1 +} + +get_package_mirrors() { + printf '%s\n' "${PKGMK_PACKAGE_MIRRORS[@]}" +} + +download_package() { + [[ $PKGMK_FORCE == yes ]] && return 1 + + local BASENAME=${TARGET##*/} + local MIRROR + while read -r MIRROR + do + download_pkg_and_sig && { + info "Building '$TARGET' succeeded." + return 0 + } + done < <( get_package_mirrors ) + + return 1 +} + # curl -L --fail --ftp-pasv --retry 3 --retry-delay 3 ${3/1/-C -} -o "$2" "$1" download_url() { local URL=$1 @@ -867,8 +923,10 @@ main() { if [ "`build_needed`" = "no" ] && [ "$PKGMK_FORCE" = "no" ] && [ "$PKGMK_CHECK_MD5SUM" = "no" ] && [ "$PKGMK_CHECK_SIGNATURE" = "no" ]; then info "Package '$TARGET' is up to date." else - download_source - build_package + download_package || { + download_source + build_package + } fi if [ "$PKGMK_INSTALL" != "no" ]; then -- 2.17.0