diff --git a/build-utils/rpmsign.exp b/build-utils/rpmsign.exp new file mode 100755 index 000000000..81d75d057 --- /dev/null +++ b/build-utils/rpmsign.exp @@ -0,0 +1,56 @@ +#!/usr/bin/expect -f +# +# Sign an RPM. This must be run as root, and root must have already set up the key. + +# I think the key needs to come from /root/.gnupg +set env(HOME) /root + +# +# This Expect script was generated by autoexpect on Fri Jun 27 10:45:23 2008 +# Expect and autoexpect were both written by Don Libes, NIST. +# +# Note that autoexpect does not guarantee a working script. It +# necessarily has to guess about certain things. Two reasons a script +# might fail are: +# +# 1) timing - A surprising number of programs (rn, ksh, zsh, telnet, +# etc.) and devices discard or ignore keystrokes that arrive "too +# quickly" after prompts. If you find your new script hanging up at +# one spot, try adding a short sleep just before the previous send. +# Setting "force_conservative" to 1 (see below) makes Expect do this +# automatically - pausing briefly before sending each character. This +# pacifies every program I know of. The -c flag makes the script do +# this in the first place. The -C flag allows you to define a +# character to toggle this mode off and on. + +set force_conservative 0 ;# set to 1 to force conservative mode even if + ;# script wasn't run conservatively originally +if {$force_conservative} { + set send_slow {1 .1} + proc send {ignore arg} { + sleep .1 + exp_send -s -- $arg + } +} + +# +# 2) differing output - Some programs produce different output each time +# they run. The "date" command is an obvious example. Another is +# ftp, if it produces throughput statistics at the end of a file +# transfer. If this causes a problem, delete these patterns or replace +# them with wildcards. An alternative is to use the -p flag (for +# "prompt") which makes Expect only look for the last line of output +# (i.e., the prompt). The -P flag allows you to define a character to +# toggle this mode off and on. +# +# Read the man page for more info. +# +# -Don + + +set timeout -1 +spawn sh -c "rpm --resign $argv" +match_max 100000 +expect -exact "Enter pass phrase: " +send -- "\r" +expect eof diff --git a/build-utils/unsignedrpms.sh b/build-utils/unsignedrpms.sh new file mode 100755 index 000000000..91d1f83c7 --- /dev/null +++ b/build-utils/unsignedrpms.sh @@ -0,0 +1,8 @@ +# Check if the given rpm is not signed, and display its file name if not signed. +# This would normally be run from find, e.g.: find . -type f -name '*.rpm' -exec ~/unsignedrpms.sh {} \; + +count=`rpm -qip $1 2>/dev/null | grep -c 'DSA/SHA1'` +#echo "count=$count" +if [ $count -eq 0 ]; then + echo $1 +fi diff --git a/builddep.sh b/builddep.sh index 9837b8ff7..93ef42201 100755 --- a/builddep.sh +++ b/builddep.sh @@ -1,28 +1,55 @@ #!/bin/sh -cd `dirname $0` -GREP=grep -export DESTDIR=`pwd`/dep-snap -export SRCDIR=`pwd`/dep-snap-srpms -UPLOAD=0 -if [ "$1" == "UPLOAD" ]; then - UPLOAD=1 -fi -if [ -f /etc/redhat-release ] -then - pkg="redhat" -else - pkg="packages" -fi +# Package up all the xCAT open source dependencies, setting up yum repos and +# also tar it all up. This assumes that individual rpms have already been built for +# all relevant architectures from the src & spec files in svn. + +# When running this script to package xcat-dep: +# - run it from the root dir of where all the built dep rpms are +# - use sudo to execute it with root privilege: sudo builddep.sh +# - the root userid's home dir on the build machine should have: +# - .rpmmacros that contains values for %_signature and %_gpg_name +# - .gnupg dir with appropriate files + +# you can change this if you need to +UPLOADUSER=bp-sawyers + +if [ ! -d rh5 ]; then + echo "builddep: It appears that you are not running this from the top level of the xcat-dep directory structure." + exit 1; +fi +XCATCOREDIR=`dirname $0` +#export DESTDIR=. +UPLOAD=1 +if [ "$1" == "NOUPLOAD" ]; then + UPLOAD=0 +fi +set -x + +# Sign the rpms that are not already signed. The closed pipe warnings are normal. +$XCATCOREDIR/build-utils/rpmsign.exp `find . -type f -name '*.rpm'` + +# Create the repodata dirs +for i in `find -mindepth 2 -maxdepth 2 -type d `; do createrepo $i; done + +# Get the permissions correct. Have to have all dirs/files with a group of xcat +# and have them writeable by group, so any member of the xcat can build. +chgrp -R xcat * +chmod -R g+w * + +# Build the tarball +VER=`cat $XCATCOREDIR/Version` +DFNAME=../xcat-dep-$VER-snap`date +%Y.%m.%d`.tar.bz2 +tar jcvf $DFNAME dep-snap -#rm -rf $DESTDIR -#rm -rf $SRCDIR if [ $UPLOAD == 0 ]; then - echo "Nothing new detected" exit 0; fi -createrepo $DESTDIR -cd $DESTDIR/.. -export DFNAME=dep-rpms-snap.`date +%Y.%m.%d`.tar.bz2 -tar jcvf $DFNAME dep-snap -scp $DFNAME jbjohnso@shell1.sf.net:/home/groups/x/xc/xcat/htdocs/yum/ -ssh jbjohnso@shell1.sf.net "cd /home/groups/x/xc/xcat/htdocs/yum/; rm -rf dep-snap; tar jxvf $DFNAME" + +# Upload the dir structure to SF yum area. Currently we do not have it preserver permissions +# because that gives errors when different users try to do it. +rsync -rlv * $UPLOADUSER,xcat@web.sourceforge.net:htdocs/yum/xcat-dep/ +#ssh jbjohnso@shell1.sf.net "cd /home/groups/x/xc/xcat/htdocs/yum/; rm -rf dep-snap; tar jxvf $DFNAME" + +# Upload the tarball to the SF uploads dir for the FRS +#scp $DFNAME $UPLOADUSER@web.sourceforge.net:uploads/ +#scp $DFNAME $UPLOADUSER@frs.sourceforge.net:uploads/