430 lines
9.9 KiB
Bash
430 lines
9.9 KiB
Bash
#! /usr/bin/env sh
|
|
|
|
# defaults
|
|
CD_DEFAULT_DNS="\
|
|
9.9.9.9 \
|
|
"
|
|
|
|
CD_PYTHON_MODULES="\
|
|
cd \
|
|
rwx \
|
|
"
|
|
|
|
# main
|
|
cd_main () {
|
|
cd_set_environment_variables
|
|
cd_set_dns_resolving
|
|
cd_set_packages_repositories
|
|
cd_set_packages_configuration
|
|
cd_set_https_verification_off
|
|
cd_update_packages_catalog
|
|
cd_install_packages_tools
|
|
cd_install_ca_certificates
|
|
cd_write_ca_certificates
|
|
cd_update_ca_certificates
|
|
cd_set_https_verification_on
|
|
cd_update_packages_catalog
|
|
cd_upgrade_packages
|
|
cd_install_git
|
|
cd_install_python
|
|
cd_clean_packages_cache
|
|
cd_install_python_modules ${CD_PYTHON_MODULES}
|
|
cd_execute_python_module ${CD_PYTHON_MODULES}
|
|
}
|
|
|
|
# steps
|
|
|
|
cd_set_environment_variables () {
|
|
local index
|
|
local text
|
|
cd_step "Set environment variables"
|
|
#
|
|
index=1
|
|
eval "text=\"\${CD_CA_${index}}\""
|
|
while [ "${text}" ] ; do
|
|
CD_CA=${index}
|
|
index=$((index+1))
|
|
eval "text=\"\${CD_CA_${index}}\""
|
|
done
|
|
#
|
|
case "$(cd_grep_os ID)" in
|
|
"debian")
|
|
CD_OS_ID="${CD_OS_DEBIAN}"
|
|
CD_OS_VERSION="$(cd_grep_os VERSION_CODENAME)"
|
|
;;
|
|
"almalinux")
|
|
CD_OS_ID="${CD_OS_ALMA}"
|
|
CD_OS_VERSION="$(cd_grep_os VERSION_ID)"
|
|
;;
|
|
esac
|
|
#
|
|
CD_CA_PACKAGE="ca-certificates"
|
|
CD_DNS_FILE="/etc/resolv.conf"
|
|
CD_GIT_PACKAGE="git"
|
|
CD_PYTHON_COMMAND="python3"
|
|
#
|
|
case "${CD_OS_ID}" in
|
|
"${CD_OS_DEBIAN}")
|
|
case "${CD_OS_VERSION}" in
|
|
"bookworm"|"bullseye") cd_nop ;;
|
|
*) cd_error_os "CD_OS_VERSION" ;;
|
|
esac
|
|
CD_CA_ROOT="/usr/local/share/ca-certificates"
|
|
CD_PYTHON_PACKAGE="python3"
|
|
CD_PYTHON_PACKAGES="/usr/lib/python3/dist-packages"
|
|
;;
|
|
"${CD_OS_ALMA}")
|
|
case "${CD_OS_VERSION}" in
|
|
"8."*|"9."*) cd_nop ;;
|
|
*) cd_error_os "CD_OS_VERSION" ;;
|
|
esac
|
|
CD_CA_ROOT="/etc/pki/ca-trust/source/anchors"
|
|
CD_PYTHON_PACKAGE="python3.11"
|
|
CD_PYTHON_PACKAGES="/usr/lib64/python3.11/site-packages"
|
|
;;
|
|
*) cd_error_os "CD_OS_ID" ;;
|
|
esac
|
|
# continuous integration platform
|
|
if [ "${GITHUB_ACTIONS}" ] ; then
|
|
# forgejo / gitea / github
|
|
CD_SERVER_URL="${GITHUB_SERVER_URL}"
|
|
CD_PROJECTS_GROUP="$(dirname "${GITHUB_REPOSITORY}")"
|
|
CD_PROJECT_NAME="$(basename "${GITHUB_REPOSITORY}")"
|
|
CD_PROJECT_BRANCH="${GITHUB_REF_NAME}"
|
|
elif [ "${GITLAB_CI}" ] ; then
|
|
# gitlab
|
|
CD_SERVER_URL="${CI_SERVER_URL}"
|
|
CD_PROJECTS_GROUP="$(dirname "${CI_PROJECT_PATH}")"
|
|
CD_PROJECT_NAME="$(basename "${CI_PROJECT_PATH}")"
|
|
CD_PROJECT_BRANCH="${CI_COMMIT_BRANCH}"
|
|
else
|
|
# unsupported
|
|
cd_error_ci "ø"
|
|
fi
|
|
#
|
|
[ "${CD_SERVER_URL}" ] || cd_error_ci "CD_SERVER_URL"
|
|
[ "${CD_PROJECTS_GROUP}" ] || cd_error_ci "CD_PROJECTS_GROUP"
|
|
[ "${CD_PROJECT_NAME}" ] || cd_error_ci "CD_PROJECT_NAME"
|
|
[ "${CD_PROJECT_BRANCH}" ] || cd_error_ci "CD_PROJECT_BRANCH"
|
|
#
|
|
CD_PROJECTS_URL="${CD_SERVER_URL}/${CD_PROJECTS_GROUP}"
|
|
CD_PROJECT_URL="${CD_PROJECTS_URL}/${CD_PROJECT_NAME}"
|
|
#
|
|
cd_echo "CD_CA"
|
|
cd_split
|
|
cd_echo "CD_OS_ID" "CD_OS_VERSION"
|
|
cd_split
|
|
cd_echo "CD_DNS_FILE"
|
|
cd_split
|
|
cd_echo "CD_PYTHON_PACKAGE" "CD_PYTHON_PACKAGES" "CD_CA_ROOT"
|
|
cd_split
|
|
cd_echo "CD_SERVER_URL" \
|
|
"CD_PROJECTS_GROUP" "CD_PROJECT_NAME" "CD_PROJECT_BRANCH"
|
|
cd_split
|
|
cd_echo "CD_PROJECTS_URL" "CD_PROJECT_URL"
|
|
}
|
|
|
|
cd_set_dns_resolving () {
|
|
local server
|
|
local servers
|
|
local text=""
|
|
cd_step "Set DNS resolving"
|
|
[ "${CD_DNS}" ] && servers="${CD_DNS}" || servers="${CD_DEFAULT_DNS}"
|
|
for server in ${servers} ; do
|
|
text="${text}nameserver ${server}
|
|
"
|
|
done
|
|
cd_write "${CD_DNS_FILE}" "${text}"
|
|
}
|
|
|
|
cd_set_packages_repositories () {
|
|
local expression
|
|
local file
|
|
cd_step "Set packages repositories"
|
|
case "${CD_OS_ID}" in
|
|
"${CD_OS_DEBIAN}")
|
|
cd_write "/etc/apt/sources.list" "\
|
|
deb https://deb.debian.org/debian ${CD_OS_VERSION} main
|
|
deb https://deb.debian.org/debian ${CD_OS_VERSION}-backports main
|
|
deb https://deb.debian.org/debian ${CD_OS_VERSION}-updates main
|
|
deb https://deb.debian.org/debian-security ${CD_OS_VERSION}-security main
|
|
"
|
|
;;
|
|
"${CD_OS_ALMA}")
|
|
file="/etc/yum.repos.d/almalinux.repo"
|
|
cd_sed "${file}" "|^m|# m|" "|^# b|b|"
|
|
cd_cat "${file}"
|
|
;;
|
|
esac
|
|
}
|
|
|
|
cd_set_packages_configuration () {
|
|
cd_step "Set packages configuration"
|
|
case "${CD_OS_ID}" in
|
|
"${CD_OS_DEBIAN}")
|
|
export DEBIAN_FRONTEND="noninteractive"
|
|
cd_write "/etc/apt/apt.conf.d/apt.conf" "\
|
|
Acquire::Check-Valid-Until True;
|
|
APT::Get::Show-Versions True;
|
|
APT::Install-Recommends False;
|
|
APT::Install-Suggests False;
|
|
Dir::Etc::SourceParts \"\";
|
|
"
|
|
;;
|
|
"${CD_OS_ALMA}") cd_mkdir "/etc/dnf/dnf.conf.d" ;;
|
|
esac
|
|
}
|
|
|
|
cd_set_https_verification_off () {
|
|
if [ "${CD_CA}" ] ; then
|
|
cd_step "Set HTTPS verification off"
|
|
case "${CD_OS_ID}" in
|
|
"${CD_OS_DEBIAN}")
|
|
cd_write "/etc/apt/apt.conf.d/https" "\
|
|
Acquire::https::Verify-Peer False;
|
|
"
|
|
;;
|
|
"${CD_OS_ALMA}")
|
|
cd_write "/etc/dnf/dnf.conf.d/https.conf" "\
|
|
sslverify=False
|
|
"
|
|
;;
|
|
esac
|
|
fi
|
|
}
|
|
|
|
cd_update_packages_catalog () {
|
|
cd_step "Update packages catalog"
|
|
case "${CD_OS_ID}" in
|
|
"${CD_OS_DEBIAN}") apt-get update || exit ;;
|
|
"${CD_OS_ALMA}") dnf makecache || exit ;;
|
|
esac
|
|
}
|
|
|
|
cd_install_packages_tools () {
|
|
cd_step "Install packages tools"
|
|
case "${CD_OS_ID}" in
|
|
"${CD_OS_DEBIAN}") cd_install_package "apt-utils" ;;
|
|
"${CD_OS_ALMA}") cd_nop ;;
|
|
esac
|
|
}
|
|
|
|
cd_install_ca_certificates () {
|
|
cd_step "Install CA"
|
|
cd_install_package "${CD_CA_PACKAGE}"
|
|
}
|
|
|
|
cd_write_ca_certificates () {
|
|
local index
|
|
local text
|
|
cd_step "Copy CA"
|
|
cd_mkdir "${CD_CA_ROOT}"
|
|
index=1
|
|
eval "text=\"\${CD_CA_${index}}\""
|
|
while [ "${text}" ] ; do
|
|
cd_write "${CD_CA_ROOT}/${index}.crt" "${text}"
|
|
index=$((index+1))
|
|
eval "text=\"\${CD_CA_${index}}\""
|
|
done
|
|
}
|
|
|
|
cd_update_ca_certificates () {
|
|
cd_step "Update CA"
|
|
case "${CD_OS_ID}" in
|
|
"${CD_OS_DEBIAN}") update-ca-certificates || exit ;;
|
|
"${CD_OS_ALMA}") update-ca-trust || exit ;;
|
|
esac
|
|
}
|
|
|
|
cd_set_https_verification_on () {
|
|
if [ "${CD_CA}" ] ; then
|
|
cd_step "Set HTTPS verification on"
|
|
case "${CD_OS_ID}" in
|
|
"${CD_OS_DEBIAN}") cd_rm "/etc/apt/apt.conf.d/https" ;;
|
|
"${CD_OS_ALMA}") cd_rm "/etc/dnf/dnf.conf.d/https.conf" ;;
|
|
esac
|
|
fi
|
|
}
|
|
|
|
cd_upgrade_packages () {
|
|
cd_step "Upgrade packages"
|
|
case "${CD_OS_ID}" in
|
|
"${CD_OS_DEBIAN}") apt-get upgrade --assume-yes || exit ;;
|
|
"${CD_OS_ALMA}") dnf upgrade --assumeyes || exit ;;
|
|
esac
|
|
}
|
|
|
|
cd_install_git () {
|
|
cd_step "Install Git"
|
|
cd_install_package "${CD_GIT_PACKAGE}"
|
|
}
|
|
|
|
cd_install_python () {
|
|
cd_step "Install Python"
|
|
cd_install_package "${CD_PYTHON_PACKAGE}"
|
|
}
|
|
|
|
cd_clean_packages_cache () {
|
|
cd_step "Clean packages cache"
|
|
case "${CD_OS_ID}" in
|
|
"${CD_OS_DEBIAN}") apt-get clean || exit ;;
|
|
"${CD_OS_ALMA}") dnf clean all || exit ;;
|
|
esac
|
|
}
|
|
|
|
cd_install_python_modules () {
|
|
local path
|
|
local repository
|
|
local root
|
|
local url
|
|
cd_step "Install Python modules"
|
|
root="$(mktemp --directory)" || exit
|
|
echo "${root}"
|
|
for repository in "${@}" ; do
|
|
cd_split
|
|
url="${CD_PROJECTS_URL}/${repository}"
|
|
echo -n "\
|
|
${url}
|
|
↓
|
|
"
|
|
git clone \
|
|
"${url}" "${root}/${repository}" \
|
|
|| exit
|
|
path="${root}/${repository}/${repository}"
|
|
echo -n "\
|
|
${path}
|
|
↓
|
|
${CD_PYTHON_PACKAGES}
|
|
"
|
|
cp --recursive \
|
|
"${path}" "${CD_PYTHON_PACKAGES}" \
|
|
|| exit
|
|
done
|
|
cd_split
|
|
cd_rm "${root}"
|
|
}
|
|
|
|
cd_execute_python_module () {
|
|
local self
|
|
cd_step "Execute Python module"
|
|
self="$(realpath "${0}")"
|
|
echo -n "\
|
|
${self}
|
|
↓
|
|
${1}
|
|
"
|
|
"${CD_PYTHON_COMMAND}" -m "${1}" "${CD_STEP}" "${self}"
|
|
}
|
|
|
|
# functions
|
|
|
|
cd_cat () {
|
|
if [ -f "${1}" ] ; then
|
|
echo "╭╴$(realpath "${1}")"
|
|
cat "${1}" || exit
|
|
fi
|
|
}
|
|
|
|
cd_echo () {
|
|
local name
|
|
if [ "${1}" ] ; then
|
|
for name in "${@}" ; do
|
|
eval "echo ${name}=\${${name}}"
|
|
done
|
|
fi
|
|
}
|
|
|
|
cd_error_ci () {
|
|
echo "× CI: ${1}"
|
|
exit ${CD_ERROR_CI}
|
|
}
|
|
|
|
cd_error_os () {
|
|
local variable="${1}"
|
|
echo -n "× OS: "
|
|
cd_echo "${variable}"
|
|
exit ${CD_ERROR_OS}
|
|
}
|
|
|
|
cd_grep_os () {
|
|
local variable="${1}"
|
|
if [ "${variable}" ] ; then
|
|
grep "^${variable}=" "/etc/os-release" \
|
|
| sed "s|^${variable}=||" \
|
|
| sed "s|^\"\(.*\)\"$|\1|"
|
|
fi
|
|
}
|
|
|
|
cd_install_package () {
|
|
if [ "${1}" ] ; then
|
|
case "${CD_OS_ID}" in
|
|
"${CD_OS_DEBIAN}") apt-get install --assume-yes "${1}" || exit ;;
|
|
"${CD_OS_ALMA}") dnf install --assumeyes "${1}" || exit ;;
|
|
esac
|
|
fi
|
|
}
|
|
|
|
cd_mkdir () {
|
|
if [ "${1}" ] ; then
|
|
echo "→ ${1}"
|
|
mkdir --parents "${1}" || exit
|
|
fi
|
|
}
|
|
|
|
cd_nop () { true ; }
|
|
|
|
cd_rm () {
|
|
if [ -e "${1}" ] ; then
|
|
echo "← $(realpath "${1}")"
|
|
rm --recursive "${1}" || exit
|
|
fi
|
|
}
|
|
|
|
cd_sed () {
|
|
local expression
|
|
local file
|
|
if [ -f "${1}" ] ; then
|
|
file="${1}"
|
|
shift
|
|
for expression in "${@}" ; do
|
|
sed --in-place "s${expression}g" "${file}" || exit
|
|
done
|
|
fi
|
|
}
|
|
|
|
cd_split () {
|
|
echo -n "\
|
|
╶─╌╌┄┄┈┈
|
|
"
|
|
}
|
|
|
|
cd_step () {
|
|
if [ "${1}" ] ; then
|
|
CD_STEP=$((CD_STEP+1))
|
|
echo -n "\
|
|
╭─╌╌┄┄┈┈
|
|
│ ${CD_STEP} ${1}
|
|
╰─╌╌┄┄┈┈
|
|
"
|
|
fi
|
|
}
|
|
|
|
cd_write () {
|
|
local file="${1}"
|
|
local text="${2}"
|
|
if [ "${file}" ] ; then
|
|
echo -n "${text}" > "${file}" || exit
|
|
cd_cat "${file}"
|
|
fi
|
|
}
|
|
|
|
# constants
|
|
|
|
CD_ERROR_CI=2
|
|
CD_ERROR_OS=1
|
|
|
|
CD_OS_ALMA="alma"
|
|
CD_OS_DEBIAN="debian"
|
|
|
|
# run
|
|
cd_main
|