summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorRobin H. Johnson <robbat2@gentoo.org>2024-09-21 22:01:29 -0700
committerRobin H. Johnson <robbat2@gentoo.org>2024-09-21 22:01:29 -0700
commit045147322ed1835def568ced9c41d4fdbe977a62 (patch)
tree151f77c661defcb8f893a7aaa76908563a5bae8b
parentcreate-squashfs-snapshot: finish up new signing code; but final output not ye... (diff)
downloadmastermirror-scripts-20240922T050131Z.tar.gz
mastermirror-scripts-20240922T050131Z.tar.bz2
mastermirror-scripts-20240922T050131Z.zip
create-squashfs-snapshot: shellcheck fixes20240922T050131Z
Signed-off-by: Robin H. Johnson <robbat2@gentoo.org>
-rwxr-xr-xcreate-squashfs-snapshot24
1 files changed, 13 insertions, 11 deletions
diff --git a/create-squashfs-snapshot b/create-squashfs-snapshot
index 82500ae..8989d46 100755
--- a/create-squashfs-snapshot
+++ b/create-squashfs-snapshot
@@ -74,7 +74,7 @@ trap 'rm -rf "${tempdir}"' SIGINT SIGTERM EXIT
# Build exclusion list
EXCLUSION_LIST="$(mktemp -p "${tempdir}" squashfs-exclude.XXXXXXXXXX)"
-"$(dirname $0)"/print-exclusion-list.sh "${repodir}" >"${EXCLUSION_LIST}"
+"$(dirname "$0")"/print-exclusion-list.sh "${repodir}" >"${EXCLUSION_LIST}"
mksquashfs_options+=( -ef "${EXCLUSION_LIST}" )
@@ -100,7 +100,7 @@ for algo in "${algo_LIST[@]}" ; do
if [[ ! -f ${todaysnap} ]]; then
# take today's snapshot
- tmp=algo_$algo[@]
+ tmp="algo_${algo}[@]"
file="${tempdir}/${reponame}-${today}${ext}"
mksquashfs "${repodir}" "${file}" "${mksquashfs_options[@]}" "${!tmp}"
mv "${file}" "${mirrordir}/"
@@ -117,7 +117,7 @@ for algo in "${algo_LIST[@]}" ; do
revdeltas=( "${revdeltadir}"/*.${algo}.sqdelta )
lastdelta=$(( ${#revdeltas[@]} - cleanupno ))
for (( i = ${#revdeltas[@]} - 1; i >= 0; i-- )); do
- [[ ${i} != ${lastdelta} ]] || break
+ [[ ${i} != "${lastdelta}" ]] || break
r=${revdeltas[${i}]}
ldate=${r#*/${reponame}-}
@@ -178,7 +178,7 @@ mv sha512sum.txt.tmp sha512sum.txt
# Helper func for signing.
sign_prefix() {
prefix=$1
- d=${_prefix}.sha512sum.txt
+ d=${prefix}.sha512sum.txt
# Might be symlink OR real file.
find . \
@@ -187,28 +187,29 @@ sign_prefix() {
-printf '%f\n' \
| xargs sha512sum \
| gpg --yes -u "${signkeyid}" --clearsign \
- --comment "Daily: ${_prefix}" \
- --output ${d}.tmp \
+ --comment "Daily: ${prefix}" \
+ --output "${d}.tmp" \
/dev/stdin
- mv ${d}.tmp ${d}
+ mv "${d}".tmp "${d}"
}
# 1. Create per-day checksums, with dates in the filenames; only if they do NOT
# exist.
-find . -name 'gentoo-*sqfs' -type f -printf '%f\n' \
+find . -maxdepth 1 -mindepth 1 -name 'gentoo-*sqfs' -type f -printf '%f\n' \
| cut -d. -f1 \
| uniq \
| perl -lne 'print $_ unless -e $_.".sha512sum.txt"' \
-| while read _prefix ; do
+| while read -r _prefix ; do
sign_prefix "$_prefix"
done
# 2. Always re-sign the -current symlink.
sign_prefix "gentoo-current"
# 3. Re-verify each existing file
-for sigfile in $(find . -name 'gentoo-*sha512sum.txt' -type f) ; do
- rm -f "${tempdir}"/${sigfile}.combine*
+find . -maxdepth 1 -mindepth 1 -name 'gentoo-*sha512sum.txt' -printf '%f\n' \
+| while read -r sigfile ; do
+ rm -f "${tempdir}"/"${sigfile}".combine*
# FUTURE: it would be wonderful to have a better interface to GPG here that
# only sent the output if the signature was valid and matched the specified
# key.
@@ -221,6 +222,7 @@ for sigfile in $(find . -name 'gentoo-*sha512sum.txt' -type f) ; do
--status-fd 3 \
2>"${tempdir}/${sigfile}".stderr \
3>"${tempdir}/${sigfile}".status-fd \
+ "$sigfile" \
; then
mv "${tempdir}/${sigfile}".combine-tmp "${tempdir}/${sigfile}".combine-verified
else