diff --git a/cd.sh b/cd.sh index 622af39..a9b5700 100644 --- a/cd.sh +++ b/cd.sh @@ -37,27 +37,19 @@ cd_main () { # steps cd_set_environment_variables () { -local index -local text cd_step "Set environment variables" # - index=1 - eval "text=\"\${CD_CA_${index}}\"" - while [ "${text}" ] ; do - CD_CA=${index} - index=$((index+1)) - eval "text=\"\${CD_CA_${index}}\"" - done + [ "${CD_CA_1}" ] && CD_CA=true # case "$(cd_grep_os ID)" in - "debian") - CD_OS_ID="${CD_OS_DEBIAN}" - CD_OS_VERSION="$(cd_grep_os VERSION_CODENAME)" - ;; "almalinux") CD_OS_ID="${CD_OS_ALMA}" CD_OS_VERSION="$(cd_grep_os VERSION_ID)" ;; + "debian") + CD_OS_ID="${CD_OS_DEBIAN}" + CD_OS_VERSION="$(cd_grep_os VERSION_CODENAME)" + ;; esac # CD_CA_PACKAGE="ca-certificates" @@ -65,18 +57,6 @@ local text CD_GIT_PACKAGE="git" # case "${CD_OS_ID}" in - "${CD_OS_DEBIAN}") - CD_OS_REPO="${CD_DEFAULT_REPO_DEBIAN}" - [ "${CD_REPO_DEBIAN}" ] && CD_OS_REPO="${CD_REPO_DEBIAN}" - case "${CD_OS_VERSION}" in - "bookworm"|"bullseye") cd_nop ;; - *) cd_error_os "CD_OS_VERSION" ;; - esac - CD_CA_ROOT="/usr/local/share/ca-certificates" - CD_PYTHON_COMMAND="python3" - CD_PYTHON_PACKAGE="python3" - CD_PYTHON_PACKAGES="/usr/lib/python3/dist-packages" - ;; "${CD_OS_ALMA}") CD_OS_REPO="${CD_DEFAULT_REPO_ALMA}" [ "${CD_REPO_ALMA}" ] && CD_OS_REPO="${CD_REPO_ALMA}" @@ -85,10 +65,55 @@ local text *) cd_error_os "CD_OS_VERSION" ;; esac CD_CA_ROOT="/etc/pki/ca-trust/source/anchors" + CD_CMD_CA="update-ca-trust" + CD_CMD_CLEAN="dnf clean all" + CD_CMD_UPDATE="dnf makecache" + CD_CMD_UPGRADE="dnf upgrade --assumeyes" + CD_PKG_PKG="" + CD_PM_CONF_PATH="/etc/dnf/dnf.conf" + CD_PM_CONF_TEXT="\ +[main] +best=True +clean_requirements_on_remove=True +gpgcheck=1 +installonly_limit=3 +skip_if_unavailable=False +" + CD_PM_HTTPS_PATH="/etc/dnf/dnf.conf.d/https.conf" + CD_PM_HTTPS_TEXT="sslverify=False" CD_PYTHON_COMMAND="python3.11" CD_PYTHON_PACKAGE="python3.11" CD_PYTHON_PACKAGES="/usr/lib64/python3.11/site-packages" ;; + "${CD_OS_DEBIAN}") + export DEBIAN_FRONTEND="noninteractive" + # + CD_OS_REPO="${CD_DEFAULT_REPO_DEBIAN}" + [ "${CD_REPO_DEBIAN}" ] && CD_OS_REPO="${CD_REPO_DEBIAN}" + case "${CD_OS_VERSION}" in + "bookworm"|"bullseye") cd_nop ;; + *) cd_error_os "CD_OS_VERSION" ;; + esac + CD_CA_ROOT="/usr/local/share/ca-certificates" + CD_CMD_CA="update-ca-certificates" + CD_CMD_CLEAN="apt-get clean" + CD_CMD_UPDATE="apt-get update" + CD_CMD_UPGRADE="apt-get upgrade --assume-yes" + CD_PKG_PKG="apt-utils" + CD_PM_CONF_PATH="/etc/apt/apt.conf.d/apt.conf" + CD_PM_CONF_TEXT="\ +Acquire::Check-Valid-Until True; +APT::Get::Show-Versions True; +APT::Install-Recommends False; +APT::Install-Suggests False; +Dir::Etc::SourceParts \"\"; +" + CD_PM_HTTPS_PATH="/etc/apt/apt.conf.d/https" + CD_PM_HTTPS_TEXT="Acquire::https::Verify-Peer False;" + CD_PYTHON_COMMAND="python3" + CD_PYTHON_PACKAGE="python3" + CD_PYTHON_PACKAGES="/usr/lib/python3/dist-packages" + ;; *) cd_error_os "CD_OS_ID" ;; esac # continuous integration platform @@ -149,14 +174,6 @@ local expression local file cd_step "Set packages repositories" case "${CD_OS_ID}" in - "${CD_OS_DEBIAN}") - cd_write "/etc/apt/sources.list" "\ -deb ${CD_OS_REPO} ${CD_OS_VERSION} main -deb ${CD_OS_REPO} ${CD_OS_VERSION}-backports main -deb ${CD_OS_REPO} ${CD_OS_VERSION}-updates main -deb ${CD_OS_REPO}-security ${CD_OS_VERSION}-security main -" - ;; "${CD_OS_ALMA}") file="/etc/yum.repos.d/almalinux.repo" cd_sed "${file}" \ @@ -165,58 +182,40 @@ deb ${CD_OS_REPO}-security ${CD_OS_VERSION}-security main "|^# baseurl|baseurl|" cd_cat "${file}" ;; + "${CD_OS_DEBIAN}") + cd_write "/etc/apt/sources.list" "\ +deb ${CD_OS_REPO} ${CD_OS_VERSION} main +deb ${CD_OS_REPO} ${CD_OS_VERSION}-backports main +deb ${CD_OS_REPO} ${CD_OS_VERSION}-updates main +deb ${CD_OS_REPO}-security ${CD_OS_VERSION}-security main +" + ;; esac } +# agnostic steps + cd_set_packages_configuration () { cd_step "Set packages configuration" - case "${CD_OS_ID}" in - "${CD_OS_DEBIAN}") - export DEBIAN_FRONTEND="noninteractive" - cd_write "/etc/apt/apt.conf.d/apt.conf" "\ -Acquire::Check-Valid-Until True; -APT::Get::Show-Versions True; -APT::Install-Recommends False; -APT::Install-Suggests False; -Dir::Etc::SourceParts \"\"; -" - ;; - "${CD_OS_ALMA}") cd_mkdir "/etc/dnf/dnf.conf.d" ;; - esac + cd_write "${CD_PM_CONF_PATH}" "${CD_PM_CONF_TEXT}" } cd_set_https_verification_off () { - if [ "${CD_CA}" ] ; then + if [ "${CD_CA}" -o "${CD_OS_ID}" = "${CD_OS_DEBIAN}" ] ; then cd_step "Set HTTPS verification off" - case "${CD_OS_ID}" in - "${CD_OS_DEBIAN}") - cd_write "/etc/apt/apt.conf.d/https" "\ -Acquire::https::Verify-Peer False; -" - ;; - "${CD_OS_ALMA}") - cd_write "/etc/dnf/dnf.conf.d/https.conf" "\ -sslverify=False -" - ;; - esac + cd_mkdir "$(dirname "${CD_PM_HTTPS_PATH}")" + cd_write "${CD_PM_HTTPS_PATH}" "${CD_PM_HTTPS_TEXT}" fi } cd_update_packages_catalog () { cd_step "Update packages catalog" - case "${CD_OS_ID}" in - "${CD_OS_DEBIAN}") apt-get update || exit ;; - "${CD_OS_ALMA}") dnf makecache || exit ;; - esac + ${CD_CMD_UPDATE} || exit } cd_install_packages_tools () { cd_step "Install packages tools" - case "${CD_OS_ID}" in - "${CD_OS_DEBIAN}") cd_install_package "apt-utils" ;; - "${CD_OS_ALMA}") cd_nop ;; - esac + cd_install_package "${CD_PKG_PKG}" } cd_install_ca_certificates () { @@ -227,7 +226,7 @@ cd_install_ca_certificates () { cd_write_ca_certificates () { local index local text - cd_step "Copy CA" + cd_step "Write CA certificates" cd_mkdir "${CD_CA_ROOT}" index=1 eval "text=\"\${CD_CA_${index}}\"" @@ -239,29 +238,20 @@ local text } cd_update_ca_certificates () { - cd_step "Update CA" - case "${CD_OS_ID}" in - "${CD_OS_DEBIAN}") update-ca-certificates || exit ;; - "${CD_OS_ALMA}") update-ca-trust || exit ;; - esac + cd_step "Update CA certificates" + ${CD_CMD_CA} || exit } cd_set_https_verification_on () { - if [ "${CD_CA}" ] ; then + if [ "${CD_CA}" -o "${CD_OS_ID}" = "${CD_OS_DEBIAN}" ] ; then cd_step "Set HTTPS verification on" - case "${CD_OS_ID}" in - "${CD_OS_DEBIAN}") cd_rm "/etc/apt/apt.conf.d/https" ;; - "${CD_OS_ALMA}") cd_rm "/etc/dnf/dnf.conf.d/https.conf" ;; - esac + cd_rm "${CD_PM_HTTPS_PATH}" fi } cd_upgrade_packages () { cd_step "Upgrade packages" - case "${CD_OS_ID}" in - "${CD_OS_DEBIAN}") apt-get upgrade --assume-yes || exit ;; - "${CD_OS_ALMA}") dnf upgrade --assumeyes || exit ;; - esac + ${CD_CMD_UPGRADE} || exit } cd_install_git () { @@ -276,10 +266,7 @@ cd_install_python () { cd_clean_packages_cache () { cd_step "Clean packages cache" - case "${CD_OS_ID}" in - "${CD_OS_DEBIAN}") apt-get clean || exit ;; - "${CD_OS_ALMA}") dnf clean all || exit ;; - esac + ${CD_CMD_CLEAN} || exit } cd_install_python_modules () { diff --git a/readme.md b/readme.md index 5800715..51e54e5 100644 --- a/readme.md +++ b/readme.md @@ -29,8 +29,14 @@ from various CA, CI, OCI / OS. ## Tasks -* first list working directory +* write bats + * handle cloning credentials +* make steps more agnostic +* show CA certificates as text +* write Python bootstrap + +* first list working directory * integrate project repository cloning * override repository and framework locations -* write Python bootstrap +* reduce operating system version to major