Compare commits

...

20 commits

Author SHA1 Message Date
e5d17cd0f0
conf/text
Some checks failed
/ job (push) Failing after 39s
2024-05-03 23:19:30 +02:00
7be21f53dd
pm/conf 2024-05-03 22:52:24 +02:00
2e5e92e128
pm 2024-05-03 22:04:05 +02:00
e2bc6311af
dnf 2024-05-03 22:01:01 +02:00
7d6f23efe9
debian/frontend 2024-05-03 21:56:30 +02:00
98ecacd8c8
readme 2024-05-03 21:53:25 +02:00
a73bdd235f
mkdir,path 2024-05-03 21:52:08 +02:00
585e1d58e2
pkg 2024-05-03 21:43:25 +02:00
8b9ddbec9f
https 2024-05-03 21:36:19 +02:00
a9e885bca8
update 2024-05-03 21:30:28 +02:00
84ccc6f215
ca 2024-05-03 21:28:37 +02:00
288f1a3101
https 2024-05-03 21:24:41 +02:00
faf17ad62f
upgrade 2024-05-03 21:18:20 +02:00
6688313b48
clean 2024-05-03 21:16:03 +02:00
657e4d28a2
agnostic 2024-05-03 21:09:30 +02:00
cf99e6ff2f
2024-05-03 21:03:07 +02:00
18e3f300d3
readme/certs 2024-05-03 20:57:35 +02:00
a99369e8ae
fix 2024-05-03 20:20:26 +02:00
725ad1acd1
https 2024-05-03 20:00:28 +02:00
9e83c7de5f
cd_ca 2024-05-03 19:31:25 +02:00
2 changed files with 81 additions and 88 deletions

159
cd.sh
View file

@ -37,27 +37,19 @@ cd_main () {
# steps
cd_set_environment_variables () {
local index
local text
cd_step "Set environment variables"
#
index=1
eval "text=\"\${CD_CA_${index}}\""
while [ "${text}" ] ; do
CD_CA=${index}
index=$((index+1))
eval "text=\"\${CD_CA_${index}}\""
done
[ "${CD_CA_1}" ] && CD_CA=true
#
case "$(cd_grep_os ID)" in
"debian")
CD_OS_ID="${CD_OS_DEBIAN}"
CD_OS_VERSION="$(cd_grep_os VERSION_CODENAME)"
;;
"almalinux")
CD_OS_ID="${CD_OS_ALMA}"
CD_OS_VERSION="$(cd_grep_os VERSION_ID)"
;;
"debian")
CD_OS_ID="${CD_OS_DEBIAN}"
CD_OS_VERSION="$(cd_grep_os VERSION_CODENAME)"
;;
esac
#
CD_CA_PACKAGE="ca-certificates"
@ -65,18 +57,6 @@ local text
CD_GIT_PACKAGE="git"
#
case "${CD_OS_ID}" in
"${CD_OS_DEBIAN}")
CD_OS_REPO="${CD_DEFAULT_REPO_DEBIAN}"
[ "${CD_REPO_DEBIAN}" ] && CD_OS_REPO="${CD_REPO_DEBIAN}"
case "${CD_OS_VERSION}" in
"bookworm"|"bullseye") cd_nop ;;
*) cd_error_os "CD_OS_VERSION" ;;
esac
CD_CA_ROOT="/usr/local/share/ca-certificates"
CD_PYTHON_COMMAND="python3"
CD_PYTHON_PACKAGE="python3"
CD_PYTHON_PACKAGES="/usr/lib/python3/dist-packages"
;;
"${CD_OS_ALMA}")
CD_OS_REPO="${CD_DEFAULT_REPO_ALMA}"
[ "${CD_REPO_ALMA}" ] && CD_OS_REPO="${CD_REPO_ALMA}"
@ -85,10 +65,55 @@ local text
*) cd_error_os "CD_OS_VERSION" ;;
esac
CD_CA_ROOT="/etc/pki/ca-trust/source/anchors"
CD_CMD_CA="update-ca-trust"
CD_CMD_CLEAN="dnf clean all"
CD_CMD_UPDATE="dnf makecache"
CD_CMD_UPGRADE="dnf upgrade --assumeyes"
CD_PKG_PKG=""
CD_PM_CONF_PATH="/etc/dnf/dnf.conf"
CD_PM_CONF_TEXT="\
[main]
best=True
clean_requirements_on_remove=True
gpgcheck=1
installonly_limit=3
skip_if_unavailable=False
"
CD_PM_HTTPS_PATH="/etc/dnf/dnf.conf.d/https.conf"
CD_PM_HTTPS_TEXT="sslverify=False"
CD_PYTHON_COMMAND="python3.11"
CD_PYTHON_PACKAGE="python3.11"
CD_PYTHON_PACKAGES="/usr/lib64/python3.11/site-packages"
;;
"${CD_OS_DEBIAN}")
export DEBIAN_FRONTEND="noninteractive"
#
CD_OS_REPO="${CD_DEFAULT_REPO_DEBIAN}"
[ "${CD_REPO_DEBIAN}" ] && CD_OS_REPO="${CD_REPO_DEBIAN}"
case "${CD_OS_VERSION}" in
"bookworm"|"bullseye") cd_nop ;;
*) cd_error_os "CD_OS_VERSION" ;;
esac
CD_CA_ROOT="/usr/local/share/ca-certificates"
CD_CMD_CA="update-ca-certificates"
CD_CMD_CLEAN="apt-get clean"
CD_CMD_UPDATE="apt-get update"
CD_CMD_UPGRADE="apt-get upgrade --assume-yes"
CD_PKG_PKG="apt-utils"
CD_PM_CONF_PATH="/etc/apt/apt.conf.d/apt.conf"
CD_PM_CONF_TEXT="\
Acquire::Check-Valid-Until True;
APT::Get::Show-Versions True;
APT::Install-Recommends False;
APT::Install-Suggests False;
Dir::Etc::SourceParts \"\";
"
CD_PM_HTTPS_PATH="/etc/apt/apt.conf.d/https"
CD_PM_HTTPS_TEXT="Acquire::https::Verify-Peer False;"
CD_PYTHON_COMMAND="python3"
CD_PYTHON_PACKAGE="python3"
CD_PYTHON_PACKAGES="/usr/lib/python3/dist-packages"
;;
*) cd_error_os "CD_OS_ID" ;;
esac
# continuous integration platform
@ -149,14 +174,6 @@ local expression
local file
cd_step "Set packages repositories"
case "${CD_OS_ID}" in
"${CD_OS_DEBIAN}")
cd_write "/etc/apt/sources.list" "\
deb ${CD_OS_REPO} ${CD_OS_VERSION} main
deb ${CD_OS_REPO} ${CD_OS_VERSION}-backports main
deb ${CD_OS_REPO} ${CD_OS_VERSION}-updates main
deb ${CD_OS_REPO}-security ${CD_OS_VERSION}-security main
"
;;
"${CD_OS_ALMA}")
file="/etc/yum.repos.d/almalinux.repo"
cd_sed "${file}" \
@ -165,58 +182,40 @@ deb ${CD_OS_REPO}-security ${CD_OS_VERSION}-security main
"|^# baseurl|baseurl|"
cd_cat "${file}"
;;
"${CD_OS_DEBIAN}")
cd_write "/etc/apt/sources.list" "\
deb ${CD_OS_REPO} ${CD_OS_VERSION} main
deb ${CD_OS_REPO} ${CD_OS_VERSION}-backports main
deb ${CD_OS_REPO} ${CD_OS_VERSION}-updates main
deb ${CD_OS_REPO}-security ${CD_OS_VERSION}-security main
"
;;
esac
}
# agnostic steps
cd_set_packages_configuration () {
cd_step "Set packages configuration"
case "${CD_OS_ID}" in
"${CD_OS_DEBIAN}")
export DEBIAN_FRONTEND="noninteractive"
cd_write "/etc/apt/apt.conf.d/apt.conf" "\
Acquire::Check-Valid-Until True;
APT::Get::Show-Versions True;
APT::Install-Recommends False;
APT::Install-Suggests False;
Dir::Etc::SourceParts \"\";
"
;;
"${CD_OS_ALMA}") cd_mkdir "/etc/dnf/dnf.conf.d" ;;
esac
cd_write "${CD_PM_CONF_PATH}" "${CD_PM_CONF_TEXT}"
}
cd_set_https_verification_off () {
if [ "${CD_CA}" ] ; then
if [ "${CD_CA}" -o "${CD_OS_ID}" = "${CD_OS_DEBIAN}" ] ; then
cd_step "Set HTTPS verification off"
case "${CD_OS_ID}" in
"${CD_OS_DEBIAN}")
cd_write "/etc/apt/apt.conf.d/https" "\
Acquire::https::Verify-Peer False;
"
;;
"${CD_OS_ALMA}")
cd_write "/etc/dnf/dnf.conf.d/https.conf" "\
sslverify=False
"
;;
esac
cd_mkdir "$(dirname "${CD_PM_HTTPS_PATH}")"
cd_write "${CD_PM_HTTPS_PATH}" "${CD_PM_HTTPS_TEXT}"
fi
}
cd_update_packages_catalog () {
cd_step "Update packages catalog"
case "${CD_OS_ID}" in
"${CD_OS_DEBIAN}") apt-get update || exit ;;
"${CD_OS_ALMA}") dnf makecache || exit ;;
esac
${CD_CMD_UPDATE} || exit
}
cd_install_packages_tools () {
cd_step "Install packages tools"
case "${CD_OS_ID}" in
"${CD_OS_DEBIAN}") cd_install_package "apt-utils" ;;
"${CD_OS_ALMA}") cd_nop ;;
esac
cd_install_package "${CD_PKG_PKG}"
}
cd_install_ca_certificates () {
@ -227,7 +226,7 @@ cd_install_ca_certificates () {
cd_write_ca_certificates () {
local index
local text
cd_step "Copy CA"
cd_step "Write CA certificates"
cd_mkdir "${CD_CA_ROOT}"
index=1
eval "text=\"\${CD_CA_${index}}\""
@ -239,29 +238,20 @@ local text
}
cd_update_ca_certificates () {
cd_step "Update CA"
case "${CD_OS_ID}" in
"${CD_OS_DEBIAN}") update-ca-certificates || exit ;;
"${CD_OS_ALMA}") update-ca-trust || exit ;;
esac
cd_step "Update CA certificates"
${CD_CMD_CA} || exit
}
cd_set_https_verification_on () {
if [ "${CD_CA}" ] ; then
if [ "${CD_CA}" -o "${CD_OS_ID}" = "${CD_OS_DEBIAN}" ] ; then
cd_step "Set HTTPS verification on"
case "${CD_OS_ID}" in
"${CD_OS_DEBIAN}") cd_rm "/etc/apt/apt.conf.d/https" ;;
"${CD_OS_ALMA}") cd_rm "/etc/dnf/dnf.conf.d/https.conf" ;;
esac
cd_rm "${CD_PM_HTTPS_PATH}"
fi
}
cd_upgrade_packages () {
cd_step "Upgrade packages"
case "${CD_OS_ID}" in
"${CD_OS_DEBIAN}") apt-get upgrade --assume-yes || exit ;;
"${CD_OS_ALMA}") dnf upgrade --assumeyes || exit ;;
esac
${CD_CMD_UPGRADE} || exit
}
cd_install_git () {
@ -276,10 +266,7 @@ cd_install_python () {
cd_clean_packages_cache () {
cd_step "Clean packages cache"
case "${CD_OS_ID}" in
"${CD_OS_DEBIAN}") apt-get clean || exit ;;
"${CD_OS_ALMA}") dnf clean all || exit ;;
esac
${CD_CMD_CLEAN} || exit
}
cd_install_python_modules () {

View file

@ -29,8 +29,14 @@ from various CA, CI, OCI / OS.
## Tasks
* first list working directory
* write bats
* handle cloning credentials
* make steps more agnostic
* show CA certificates as text
* write Python bootstrap
* first list working directory
* integrate project repository cloning
* override repository and framework locations
* write Python bootstrap
* reduce operating system version to major