Spotter-VM/zz-extra/lxc-pack

87 lines
2.5 KiB
Python
Executable File

#!/usr/bin/python3
import hashlib
import json
import os
import subprocess
import sys
from cryptography.hazmat.backends import default_backend
from cryptography.hazmat.primitives import hashes
from cryptography.hazmat.primitives.asymmetric import ec
from cryptography.hazmat.primitives.serialization import load_pem_private_key
BUILD_ROOT = '/root/buildroot'
LXC_ROOT = '/var/lib/lxc'
def pack(pkg_file):
if os.path.is_dir(pkg_file):
pkg_file = os.path.join(pkg_file, 'pkg')
# Prepare metadata
meta = {}
with open(pkg_file) as fd:
for line in fd:
line = [l.strip() for l in line.split(':', 1)]
meta[line[0]] = line[1]
meta['deps'] = meta['deps'].split()
pkg_name = meta['pkg']
del meta['pkg']
tar_path = os.path.join(BUILD_ROOT, '{}.tar'.format(pkg_name))
xz_path = '{}.xz'.format(tar_path)
# Remove old package
try:
os.unlink(tar_path)
os.unlink(xz_path)
except:
pass
# Create archive
print('Archiving', meta['lxcpath'])
subprocess.run(['tar', 'cpf', tar_path, meta['lxcpath']], cwd=LXC_ROOT)
if '/' not in meta['lxcpath']:
print('Archiving setup files')
cwd = os.path.dirname(os.path.abspath(pkg_file))
subprocess.run(['tar', 'rpf', tar_path, 'setup', 'setup.sh'], cwd=cwd)
print('Compressing', tar_path)
subprocess.run(['xz', '-9', tar_path])
# Register package
print('Registering package')
packages = {}
packages_file = os.path.join(BUILD_ROOT, 'packages')
try:
with open(packages_file, 'r') as fd:
packages = json.load(fd)
except:
pass
packages[pkg_name] = meta
with open(packages_file, 'w') as fd:
json.dump(packages, fd, sort_keys=True, indent=4)
# Sign packages
print('Signing packages')
with open(os.path.join(BUILD_ROOT, 'packages.key'), 'rb') as fd:
priv_key = load_pem_private_key(fd.read(), None, default_backend())
with open(os.path.join(BUILD_ROOT, 'packages'), 'rb') as fd:
data = fd.read()
with open(os.path.join(BUILD_ROOT, 'packages.sha512'), 'wb') as fd:
fd.write(priv_key.sign(data, ec.ECDSA(hashes.SHA512())))
def hash_file(file_path):
sha512 = hashlib.sha512()
with open(file_path, 'rb') as fd:
while True:
data = fd.read(65536)
if not data:
break
sha512.update(data)
return sha512.hexdigest()
if __name__ == '__main__':
if len(sys.argv) != 2:
print('Usage: lxc-pack <pkgfile>')
else:
pack(sys.argv[1])