Spotter-VM/zz-extra/lxc-pack

#!/usr/bin/python3

# How to create packaging key:
#   openssl ecparam -genkey -name secp384r1 -out /root/buildroot/packages.key
#   openssl ec -in /root/buildroot/packages.key -pubout -out /root/buildroot/packages.pub

import hashlib
import json
import os
import subprocess
import sys

BUILD_ROOT = '/root/buildroot'
LXC_ROOT = '/var/lib/lxc'

def pack(meta_file):
    # Prepare metadata
    meta = {}
    with open(meta_file) as fd:
        for line in fd:
            line = [l.strip() for l in line.split(':', 1)]
            meta[line[0]] = line[1]
    meta['deps'] = meta['deps'].split()
    pkg_name = meta['pkg']
    del meta['pkg']

    tar_path = os.path.join(BUILD_ROOT, '{}.tar'.format(pkg_name))
    xz_path = '{}.xz'.format(tar_path)

    # Remove old package
    os.unlink(tar_path)
    os.unlink(xz_path)

    # Create archive
    print('Archiving', meta['lxcpath'])
    subprocess.run(['tar', 'cpf', tar_path, meta['lxcpath']], cwd=LXC_ROOT)
    if '/' not in meta['lxcpath']:
        print('Archiving setup files')
        cwd = os.path.dirname(os.path.abspath(meta_file))
        subprocess.run(['tar', 'rpf', tar_path, 'setup', 'setup.sh'], cwd=cwd)
    print('Compressing', tar_path)
    subprocess.run(['xz', '-9', tar_path])

    # Register package
    print('Registering package')
    packages = {}
    packages_file = os.path.join(BUILD_ROOT, 'packages')
    if os.path.exists(packages_file):
        with open(packages_file, 'r') as fd:
            packages = json.load(fd)
    packages[pkg_name] = meta
    with open(packages_file, 'w') as fd:
        json.dump(packages, fd, sort_keys=True, indent=4)

    # Sign packages
    print('Signing packages')
    subprocess.run(['openssl', 'dgst', '-sha512', '-sign', 'packages.key', '-out', 'packages.sha512', 'packages'], cwd=BUILD_ROOT)

def hash_file(file_path):
    sha512 = hashlib.sha512()
    with open(file_path, 'rb') as fd:
        while True:
            data = fd.read(65536)
            if not data:
                break
            sha512.update(data)
    return sha512.hexdigest()

if __name__ == '__main__':
    if len(sys.argv) != 2:
        print('Usage: lxc-pack <pkgfile>')
    else:
        pack(sys.argv[1])
Add packaging script 2018-10-02 12:58:12 +02:00			`#!/usr/bin/python3`

			`# How to create packaging key:`
			`# openssl ecparam -genkey -name secp384r1 -out /root/buildroot/packages.key`
			`# openssl ec -in /root/buildroot/packages.key -pubout -out /root/buildroot/packages.pub`

			`import hashlib`
			`import json`
			`import os`
			`import subprocess`
			`import sys`

			`BUILD_ROOT = '/root/buildroot'`
			`LXC_ROOT = '/var/lib/lxc'`

			`def pack(meta_file):`
			`# Prepare metadata`
			`meta = {}`
			`with open(meta_file) as fd:`
			`for line in fd:`
			`line = [l.strip() for l in line.split(':', 1)]`
			`meta[line[0]] = line[1]`
			`meta['deps'] = meta['deps'].split()`
			`pkg_name = meta['pkg']`
			`del meta['pkg']`

			`tar_path = os.path.join(BUILD_ROOT, '{}.tar'.format(pkg_name))`
			`xz_path = '{}.xz'.format(tar_path)`

			`# Remove old package`
			`os.unlink(tar_path)`
			`os.unlink(xz_path)`

			`# Create archive`
			`print('Archiving', meta['lxcpath'])`
			`subprocess.run(['tar', 'cpf', tar_path, meta['lxcpath']], cwd=LXC_ROOT)`
			`if '/' not in meta['lxcpath']:`
			`print('Archiving setup files')`
			`cwd = os.path.dirname(os.path.abspath(meta_file))`
			`subprocess.run(['tar', 'rpf', tar_path, 'setup', 'setup.sh'], cwd=cwd)`
			`print('Compressing', tar_path)`
			`subprocess.run(['xz', '-9', tar_path])`

			`# Register package`
			`print('Registering package')`
			`packages = {}`
			`packages_file = os.path.join(BUILD_ROOT, 'packages')`
			`if os.path.exists(packages_file):`
			`with open(packages_file, 'r') as fd:`
			`packages = json.load(fd)`
			`packages[pkg_name] = meta`
			`with open(packages_file, 'w') as fd:`
			`json.dump(packages, fd, sort_keys=True, indent=4)`

			`# Sign packages`
			`print('Signing packages')`
			`subprocess.run(['openssl', 'dgst', '-sha512', '-sign', 'packages.key', '-out', 'packages.sha512', 'packages'], cwd=BUILD_ROOT)`

			`def hash_file(file_path):`
			`sha512 = hashlib.sha512()`
			`with open(file_path, 'rb') as fd:`
			`while True:`
			`data = fd.read(65536)`
			`if not data:`
			`break`
			`sha512.update(data)`
			`return sha512.hexdigest()`

			`if __name__ == '__main__':`
			`if len(sys.argv) != 2:`
			`print('Usage: lxc-pack <pkgfile>')`
			`else:`
			`pack(sys.argv[1])`