You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@nuttx.apache.org by GitBox <gi...@apache.org> on 2020/07/05 09:28:16 UTC
[GitHub] [incubator-nuttx] xiaoxiang781216 commented on a change in pull request #1349: script to check NuttX release candidates (SHA512, GPG sigs, required files)
xiaoxiang781216 commented on a change in pull request #1349:
URL: https://github.com/apache/incubator-nuttx/pull/1349#discussion_r449852123
##########
File path: tools/check-nuttx-release.sh
##########
@@ -0,0 +1,129 @@
+#!/bin/bash
+#############################################################################
+# tools/check-nuttx-release.sh
+#
+# Licensed to the Apache Software Foundation (ASF) under one or more
+# contributor license agreements. See the NOTICE file distributed with
+# this work for additional information regarding copyright ownership. The
+# ASF licenses this file to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance with the
+# License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+#############################################################################
+
+set -e
+
+BASE_URL="https://dist.apache.org/repos/dist/dev/incubator/nuttx"
+TEMPDIR="dist.apache.org"
+ORIGINAL_DIR="$(pwd)"
+trap "rm -rf $TEMPDIR" EXIT
+
+function download_release() {
+ rm -rf "$TEMPDIR"
+ wget -r -np -R "index.html*" -P . --cut-dirs 7 "$URL"
+ cd "$TEMPDIR"
+}
+
+function check_sha512() {
+ # check release sha512
+ RELEASE_FILE=$1
+ echo "Checking $RELEASE_FILE sha512..."
+ sha512sum -c "$RELEASE_FILE.sha512"
+}
+
+function check_gpg() {
+ # check nuttx sha512 and gpg
+ RELEASE_FILE=$1
+ echo "Checking $RELEASE_FILE GPG signature:"
+ gpg --verify "$RELEASE_FILE.asc" "$RELEASE_FILE"
+ echo
+}
+
+function check_required_files() {
+ # check nuttx for required files
+ RELEASE_FILE=$1
+ RELEASE_DIR=$2
+ rm -rf "$RELEASE_DIR"
+ tar xf "$RELEASE_FILE"
+ ERROR=0
+ if [ ! -f "$RELEASE_DIR/LICENSE" ]; then
+ echo "LICENSE file not present."
+ ERROR=1
+ fi
+ if [ ! -f "$RELEASE_DIR/NOTICE" ]; then
+ echo "NOTICE file not present."
+ ERROR=1
+ fi
+ if [ ! -f "$RELEASE_DIR/README.txt" ]; then
+ echo "README.txt file not present."
+ ERROR=1
+ fi
+ if [ ! -f "$RELEASE_DIR/DISCLAIMER-WIP" ]; then
+ echo "DISCLAIMER-WIP file not present."
+ ERROR=1
+ fi
+ if [ 0 -eq $ERROR ]; then
+ echo "OK: All required files exist."
+ fi
+}
+
+function check_nuttx() {
+ # check nuttx sha512 and gpg
+ RELEASE_FILE="$(ls *.tar.gz|head -1)"
+ check_sha512 "$RELEASE_FILE"
+ check_gpg "$RELEASE_FILE"
+ check_required_files "$RELEASE_FILE" "nuttx"
+ mv "$RELEASE_FILE" ..
+}
+
+function check_nuttx_apps() {
+ # check nuttx-apps sha512 and gpg
+ RELEASE_FILE="$(ls *.tar.gz|head -2| tail -1)"
+ check_sha512 "$RELEASE_FILE"
+ check_gpg "$RELEASE_FILE"
+ check_required_files "$RELEASE_FILE" "apps"
+ mv "$RELEASE_FILE" ..
+}
+
+function usage() {
+ echo "Usage: $0 <URL-of-release-candidate-directory-or-release-name>"
+ echo " Given release name or release full URL, downloads all files in"
+ echo " in that directory (which should include nuttx and nuttx-apps"
+ echo " sha512, asc, and tar.gz files, checks their SHA512 and GPG "
+ echo " signatures, and checks the unpacked directories for required "
+ echo " files. Creates a temporary directory to do its work in."
+ echo
+ echo " nuttx and nuttx-apps tar.gz files are left in the current"
+ echo " directory."
Review comment:
Can we give a real example here? so people know where to find the package.
##########
File path: tools/check-nuttx-release.sh
##########
@@ -0,0 +1,129 @@
+#!/bin/bash
+#############################################################################
+# tools/check-nuttx-release.sh
+#
+# Licensed to the Apache Software Foundation (ASF) under one or more
+# contributor license agreements. See the NOTICE file distributed with
+# this work for additional information regarding copyright ownership. The
+# ASF licenses this file to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance with the
+# License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+#############################################################################
+
+set -e
+
+BASE_URL="https://dist.apache.org/repos/dist/dev/incubator/nuttx"
+TEMPDIR="dist.apache.org"
+ORIGINAL_DIR="$(pwd)"
+trap "rm -rf $TEMPDIR" EXIT
+
+function download_release() {
+ rm -rf "$TEMPDIR"
+ wget -r -np -R "index.html*" -P . --cut-dirs 7 "$URL"
+ cd "$TEMPDIR"
+}
+
+function check_sha512() {
+ # check release sha512
+ RELEASE_FILE=$1
+ echo "Checking $RELEASE_FILE sha512..."
+ sha512sum -c "$RELEASE_FILE.sha512"
+}
+
+function check_gpg() {
+ # check nuttx sha512 and gpg
+ RELEASE_FILE=$1
+ echo "Checking $RELEASE_FILE GPG signature:"
+ gpg --verify "$RELEASE_FILE.asc" "$RELEASE_FILE"
+ echo
+}
+
+function check_required_files() {
+ # check nuttx for required files
+ RELEASE_FILE=$1
+ RELEASE_DIR=$2
+ rm -rf "$RELEASE_DIR"
+ tar xf "$RELEASE_FILE"
+ ERROR=0
+ if [ ! -f "$RELEASE_DIR/LICENSE" ]; then
+ echo "LICENSE file not present."
+ ERROR=1
+ fi
+ if [ ! -f "$RELEASE_DIR/NOTICE" ]; then
+ echo "NOTICE file not present."
+ ERROR=1
+ fi
+ if [ ! -f "$RELEASE_DIR/README.txt" ]; then
+ echo "README.txt file not present."
+ ERROR=1
+ fi
+ if [ ! -f "$RELEASE_DIR/DISCLAIMER-WIP" ]; then
+ echo "DISCLAIMER-WIP file not present."
+ ERROR=1
+ fi
+ if [ 0 -eq $ERROR ]; then
+ echo "OK: All required files exist."
+ fi
+}
+
+function check_nuttx() {
+ # check nuttx sha512 and gpg
+ RELEASE_FILE="$(ls *.tar.gz|head -1)"
+ check_sha512 "$RELEASE_FILE"
+ check_gpg "$RELEASE_FILE"
+ check_required_files "$RELEASE_FILE" "nuttx"
+ mv "$RELEASE_FILE" ..
+}
+
+function check_nuttx_apps() {
+ # check nuttx-apps sha512 and gpg
+ RELEASE_FILE="$(ls *.tar.gz|head -2| tail -1)"
+ check_sha512 "$RELEASE_FILE"
+ check_gpg "$RELEASE_FILE"
+ check_required_files "$RELEASE_FILE" "apps"
+ mv "$RELEASE_FILE" ..
+}
+
+function usage() {
+ echo "Usage: $0 <URL-of-release-candidate-directory-or-release-name>"
+ echo " Given release name or release full URL, downloads all files in"
+ echo " in that directory (which should include nuttx and nuttx-apps"
+ echo " sha512, asc, and tar.gz files, checks their SHA512 and GPG "
+ echo " signatures, and checks the unpacked directories for required "
+ echo " files. Creates a temporary directory to do its work in."
+ echo
+ echo " nuttx and nuttx-apps tar.gz files are left in the current"
+ echo " directory."
+ echo
+}
+
+if [ "-h" == "$1" ]; then
+ usage
+ exit 0
+fi
+
+if [ -z "$1" ]; then
+ usage
+ exit 0
+fi
+
+ARG=$1
+if [[ "$ARG" =~ ^"http".* ]]; then
+ URL="$1/"
+else
+ URL="$BASE_URL/$1/"
+fi
+
+download_release
+check_nuttx
+check_nuttx_apps
+cd "$ORIGINAL_DIR"
Review comment:
Don't need restore the working directory since the child bash can never change the parent working directory.
##########
File path: tools/check-nuttx-release.sh
##########
@@ -0,0 +1,129 @@
+#!/bin/bash
+#############################################################################
+# tools/check-nuttx-release.sh
+#
+# Licensed to the Apache Software Foundation (ASF) under one or more
+# contributor license agreements. See the NOTICE file distributed with
+# this work for additional information regarding copyright ownership. The
+# ASF licenses this file to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance with the
+# License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+#############################################################################
+
+set -e
+
+BASE_URL="https://dist.apache.org/repos/dist/dev/incubator/nuttx"
+TEMPDIR="dist.apache.org"
+ORIGINAL_DIR="$(pwd)"
+trap "rm -rf $TEMPDIR" EXIT
+
+function download_release() {
+ rm -rf "$TEMPDIR"
Review comment:
Don't need?
##########
File path: tools/check-nuttx-release.sh
##########
@@ -0,0 +1,129 @@
+#!/bin/bash
+#############################################################################
+# tools/check-nuttx-release.sh
+#
+# Licensed to the Apache Software Foundation (ASF) under one or more
+# contributor license agreements. See the NOTICE file distributed with
+# this work for additional information regarding copyright ownership. The
+# ASF licenses this file to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance with the
+# License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+#############################################################################
+
+set -e
+
+BASE_URL="https://dist.apache.org/repos/dist/dev/incubator/nuttx"
+TEMPDIR="dist.apache.org"
+ORIGINAL_DIR="$(pwd)"
+trap "rm -rf $TEMPDIR" EXIT
+
+function download_release() {
+ rm -rf "$TEMPDIR"
+ wget -r -np -R "index.html*" -P . --cut-dirs 7 "$URL"
+ cd "$TEMPDIR"
+}
+
+function check_sha512() {
+ # check release sha512
+ RELEASE_FILE=$1
+ echo "Checking $RELEASE_FILE sha512..."
+ sha512sum -c "$RELEASE_FILE.sha512"
+}
+
+function check_gpg() {
+ # check nuttx sha512 and gpg
+ RELEASE_FILE=$1
+ echo "Checking $RELEASE_FILE GPG signature:"
+ gpg --verify "$RELEASE_FILE.asc" "$RELEASE_FILE"
+ echo
+}
+
+function check_required_files() {
+ # check nuttx for required files
+ RELEASE_FILE=$1
+ RELEASE_DIR=$2
+ rm -rf "$RELEASE_DIR"
+ tar xf "$RELEASE_FILE"
+ ERROR=0
+ if [ ! -f "$RELEASE_DIR/LICENSE" ]; then
+ echo "LICENSE file not present."
+ ERROR=1
+ fi
+ if [ ! -f "$RELEASE_DIR/NOTICE" ]; then
+ echo "NOTICE file not present."
+ ERROR=1
+ fi
+ if [ ! -f "$RELEASE_DIR/README.txt" ]; then
+ echo "README.txt file not present."
+ ERROR=1
+ fi
+ if [ ! -f "$RELEASE_DIR/DISCLAIMER-WIP" ]; then
+ echo "DISCLAIMER-WIP file not present."
+ ERROR=1
+ fi
+ if [ 0 -eq $ERROR ]; then
+ echo "OK: All required files exist."
+ fi
+}
+
+function check_nuttx() {
+ # check nuttx sha512 and gpg
+ RELEASE_FILE="$(ls *.tar.gz|head -1)"
+ check_sha512 "$RELEASE_FILE"
+ check_gpg "$RELEASE_FILE"
+ check_required_files "$RELEASE_FILE" "nuttx"
+ mv "$RELEASE_FILE" ..
+}
+
+function check_nuttx_apps() {
+ # check nuttx-apps sha512 and gpg
+ RELEASE_FILE="$(ls *.tar.gz|head -2| tail -1)"
Review comment:
Don't need head -2?
##########
File path: tools/check-nuttx-release.sh
##########
@@ -0,0 +1,129 @@
+#!/bin/bash
+#############################################################################
+# tools/check-nuttx-release.sh
Review comment:
How about change the script name to checkrelease.sh like checkpatch.sh?
##########
File path: tools/check-nuttx-release.sh
##########
@@ -0,0 +1,129 @@
+#!/bin/bash
+#############################################################################
+# tools/check-nuttx-release.sh
+#
+# Licensed to the Apache Software Foundation (ASF) under one or more
+# contributor license agreements. See the NOTICE file distributed with
+# this work for additional information regarding copyright ownership. The
+# ASF licenses this file to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance with the
+# License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+#############################################################################
+
+set -e
+
+BASE_URL="https://dist.apache.org/repos/dist/dev/incubator/nuttx"
+TEMPDIR="dist.apache.org"
+ORIGINAL_DIR="$(pwd)"
+trap "rm -rf $TEMPDIR" EXIT
+
+function download_release() {
+ rm -rf "$TEMPDIR"
+ wget -r -np -R "index.html*" -P . --cut-dirs 7 "$URL"
+ cd "$TEMPDIR"
+}
+
+function check_sha512() {
+ # check release sha512
+ RELEASE_FILE=$1
+ echo "Checking $RELEASE_FILE sha512..."
+ sha512sum -c "$RELEASE_FILE.sha512"
+}
+
+function check_gpg() {
+ # check nuttx sha512 and gpg
+ RELEASE_FILE=$1
+ echo "Checking $RELEASE_FILE GPG signature:"
+ gpg --verify "$RELEASE_FILE.asc" "$RELEASE_FILE"
+ echo
+}
+
+function check_required_files() {
+ # check nuttx for required files
+ RELEASE_FILE=$1
+ RELEASE_DIR=$2
+ rm -rf "$RELEASE_DIR"
+ tar xf "$RELEASE_FILE"
+ ERROR=0
+ if [ ! -f "$RELEASE_DIR/LICENSE" ]; then
+ echo "LICENSE file not present."
+ ERROR=1
+ fi
+ if [ ! -f "$RELEASE_DIR/NOTICE" ]; then
+ echo "NOTICE file not present."
+ ERROR=1
+ fi
+ if [ ! -f "$RELEASE_DIR/README.txt" ]; then
+ echo "README.txt file not present."
+ ERROR=1
+ fi
+ if [ ! -f "$RELEASE_DIR/DISCLAIMER-WIP" ]; then
+ echo "DISCLAIMER-WIP file not present."
+ ERROR=1
+ fi
+ if [ 0 -eq $ERROR ]; then
+ echo "OK: All required files exist."
+ fi
+}
+
+function check_nuttx() {
+ # check nuttx sha512 and gpg
+ RELEASE_FILE="$(ls *.tar.gz|head -1)"
+ check_sha512 "$RELEASE_FILE"
+ check_gpg "$RELEASE_FILE"
+ check_required_files "$RELEASE_FILE" "nuttx"
+ mv "$RELEASE_FILE" ..
+}
+
+function check_nuttx_apps() {
+ # check nuttx-apps sha512 and gpg
+ RELEASE_FILE="$(ls *.tar.gz|head -2| tail -1)"
+ check_sha512 "$RELEASE_FILE"
+ check_gpg "$RELEASE_FILE"
+ check_required_files "$RELEASE_FILE" "apps"
+ mv "$RELEASE_FILE" ..
+}
+
+function usage() {
+ echo "Usage: $0 <URL-of-release-candidate-directory-or-release-name>"
+ echo " Given release name or release full URL, downloads all files in"
+ echo " in that directory (which should include nuttx and nuttx-apps"
+ echo " sha512, asc, and tar.gz files, checks their SHA512 and GPG "
+ echo " signatures, and checks the unpacked directories for required "
+ echo " files. Creates a temporary directory to do its work in."
+ echo
+ echo " nuttx and nuttx-apps tar.gz files are left in the current"
+ echo " directory."
+ echo
+}
+
+if [ "-h" == "$1" ]; then
+ usage
+ exit 0
+fi
+
+if [ -z "$1" ]; then
+ usage
+ exit 0
+fi
+
+ARG=$1
+if [[ "$ARG" =~ ^"http".* ]]; then
+ URL="$1/"
+else
+ URL="$BASE_URL/$1/"
+fi
+
+download_release
+check_nuttx
+check_nuttx_apps
Review comment:
How about we try to build sim:nsh here to verify it really work?
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org