Move scripts under 'scripts' directory.

TODO: remove path dependency of rpm_verify in builder-rpm and infrastructure
4 years ago · bf09161732
parent fd5b7355d0
commit bf09161732
8 changed files with 55 additions and 54 deletions
--- a/.travis.yml
+++ b/.travis.yml
@ -10,9 +10,9 @@ after_script:
 - ls -l ~/qubes-builder/iso
 env:
  - DIST_DOM0=fc29 INSTALLER_KICKSTART=/tmp/qubes-installer/conf/travis-iso-full.ks USE_QUBES_REPO_VERSION=4.1 USE_QUBES_REPO_TESTING=1 RPM_BUILD_DEFINES=--nocheck
-  - DIST_DOM0=fc29 INSTALLER_KICKSTART=/tmp/qubes-installer/conf/travis-iso-unsigned.ks USE_QUBES_REPO_VERSION=4.1 USE_QUBES_REPO_TESTING=1 EXPECT_FAILURE=./expected-failure
-  - DIST_DOM0=fc29 INSTALLER_KICKSTART=/tmp/qubes-installer/conf/travis-iso-unsigned2.ks USE_QUBES_REPO_VERSION=4.1 USE_QUBES_REPO_TESTING=1 EXPECT_FAILURE=./expected-failure
-  - DIST_DOM0=fc29 INSTALLER_KICKSTART=/tmp/qubes-installer/conf/travis-iso-unknown-key.ks USE_QUBES_REPO_VERSION=4.1 USE_QUBES_REPO_TESTING=1 EXPECT_FAILURE=./expected-failure
+  - DIST_DOM0=fc29 INSTALLER_KICKSTART=/tmp/qubes-installer/conf/travis-iso-unsigned.ks USE_QUBES_REPO_VERSION=4.1 USE_QUBES_REPO_TESTING=1 EXPECT_FAILURE=./scripts/expected-failure
+  - DIST_DOM0=fc29 INSTALLER_KICKSTART=/tmp/qubes-installer/conf/travis-iso-unsigned2.ks USE_QUBES_REPO_VERSION=4.1 USE_QUBES_REPO_TESTING=1 EXPECT_FAILURE=./scripts/expected-failure
+  - DIST_DOM0=fc29 INSTALLER_KICKSTART=/tmp/qubes-installer/conf/travis-iso-unknown-key.ks USE_QUBES_REPO_VERSION=4.1 USE_QUBES_REPO_TESTING=1 EXPECT_FAILURE=./scripts/expected-failure

 # don't build tags which are meant for code signing only
 branches:
--- a/4
+++ b/4
@ -88,7 +88,7 @@ iso-installer-gather:
 	pushd $(BASE_DIR)/os/ && $(CREATEREPO) -q -g $(INSTALLER_DIR)/conf/comps-qubes.xml .

 iso-installer-lorax:
-	$(INSTALLER_DIR)/ksparser --ks $(INSTALLER_KICKSTART) --extract-repo-conf-to $(INSTALLER_DIR)/conf/dnf-lorax.repo
+	$(INSTALLER_DIR)/scripts/ksparser --ks $(INSTALLER_KICKSTART) --extract-repo-conf-to $(INSTALLER_DIR)/conf/dnf-lorax.repo
 	$(LORAX) $(LORAX_OPTS) $(BASE_DIR)/os

 iso-installer-mkisofs:
@ -109,7 +109,7 @@ iso-installer: iso-prepare iso-installer-gather iso-installer-lorax iso-installe
 	rm -rf work

 iso-liveusb: $(LIVE_KICKSTART) iso-prepare
-	pushd work && ../livecd-creator-qubes --debug --product='Qubes OS' --title="Qubes OS $(ISO_VERSION)" --fslabel="Qubes-$(ISO_VERSION)-x86_64-LIVE" --config $(LIVE_KICKSTART) && popd
+	pushd work && $(INSTALLER_DIR)/scripts/livecd-creator-qubes --debug --product='Qubes OS' --title="Qubes OS $(ISO_VERSION)" --fslabel="Qubes-$(ISO_VERSION)-x86_64-LIVE" --config $(LIVE_KICKSTART) && popd
 	# Move result files to known-named directories
 	mkdir -p build/ISO/qubes-x86_64/iso build/work
 	mv work/*.iso build/ISO/qubes-x86_64/iso/
--- a/48
+++ b/48
@ -1,48 +0,0 @@
-#!/bin/sh
-
-verify_rpm() {
-RPM=$1
-
-if ! [ -f $RPM ]; then
-    echo -n "No such file... "
-    return
-fi
-
-if ! rpm --checksig $RPM > /dev/null; then
-    echo "Wrong PGP signature on $RPM!"
-    exit 1
-fi
-
-# Even if rpm returns success (ret = 0) that doesn't
-# mean that the rpm has been signed! It might simply
-# have no PGP signature at all. Yes, stupidity...
-
-if ! rpm --checksig $RPM | grep ' pgp ' > /dev/null ; then
-    if [ "$NO_SIGN" == "1" ] ; then
-        # When signing is disabed in qubes-builder
-        # This is used to build unsigned ISO
-        # This should only be used for testing builds
-        return 0
-    fi
-
-    echo "No PGP signature found!"
-
-    exit 2
-fi
-}
-
-
-if [ $# -lt 1 ]; then
-    echo "Usage: $0 <rpm file>"
-    exit 1
-fi
-
-if [ -w /var/lib/rpm ]; then
-    # Make sure that the right Qubes release key is imported (in chroot)
-    rpm --import `dirname $0`/qubes-release/RPM-GPG-KEY-qubes-*-primary
-fi
-
-for FILE in "$@"; do
-        verify_rpm $FILE || exit 1
-done
-
--- a/1
+++ b/1
@ -0,0 +1 @@
+scripts/rpm_verify
--- a/scripts/expected-failure
+++ b/scripts/expected-failure
--- a/scripts/ksparser
+++ b/scripts/ksparser
--- a/scripts/livecd-creator-qubes
+++ b/scripts/livecd-creator-qubes
--- a/scripts/rpm_verify
+++ b/scripts/rpm_verify
@ -0,0 +1,48 @@
+#!/bin/sh
+
+verify_rpm() {
+RPM=$1
+
+if ! [ -f $RPM ]; then
+    echo -n "No such file... "
+    return
+fi
+
+if ! rpm --checksig $RPM > /dev/null; then
+    echo "Wrong PGP signature on $RPM!"
+    exit 1
+fi
+
+# Even if rpm returns success (ret = 0) that doesn't
+# mean that the rpm has been signed! It might simply
+# have no PGP signature at all. Yes, stupidity...
+
+if ! rpm --checksig $RPM | grep ' pgp ' > /dev/null ; then
+    if [ "$NO_SIGN" == "1" ] ; then
+        # When signing is disabed in qubes-builder
+        # This is used to build unsigned ISO
+        # This should only be used for testing builds
+        return 0
+    fi
+
+    echo "No PGP signature found!"
+
+    exit 2
+fi
+}
+
+
+if [ $# -lt 1 ]; then
+    echo "Usage: $0 <rpm file>"
+    exit 1
+fi
+
+if [ -w /var/lib/rpm ]; then
+    # Make sure that the right Qubes release key is imported (in chroot)
+    rpm --import `dirname $0`/qubes-release/RPM-GPG-KEY-qubes-*-primary
+fi
+
+for FILE in "$@"; do
+        verify_rpm $FILE || exit 1
+done
+
--- a/yum/update_repo.sh
+++ b/yum/update_repo.sh
@ -4,7 +4,7 @@
 # $1 -- path to rpm dir
 check_repo()
 {
-    if ! ../rpm_verify $1/*.rpm ; then
+    if ! ../scripts/rpm_verify $1/*.rpm ; then
        echo "ERROR: There are unsigned RPM packages in $1 repo:"
        echo "---------------------------------------"
        rpm --checksig $1/*.rpm | grep -v pgp