-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathbuild-stimage
executable file
·62 lines (52 loc) · 1.37 KB
/
build-stimage
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
#! /bin/bash
set -eu
# CONFIG="$1"; shift
# FLAVOUR="$1"; shift
OUT="$1"; shift # Path to where to store produced ST image.
NETBOOT_URL="$1"; shift; # URL from where to download the ST image.
KERNEL="$1"; shift # Path to file with kernel.
KCMDLINE="$1"; shift # Path to file with kernel command line.
INITRAMFS="$1"; shift # Path to file with initramfs.
# Subsequent arguments are paths to signing certs and keys.
ensure_stmgr() {
local newpath
newpath="$("$(dirname $0)"/build-stmgr latest)"
[ $? -eq 0 ] && PATH="$newpath"
}
create_image() {
stmgr ospkg create \
--label="Example ST image" \
--out="$OUT" \
--kernel="$KERNEL" \
--cmdline="$(cat "$KCMDLINE")" \
--initramfs="$INITRAMFS" \
--url="$NETBOOT_URL"
}
sign_image() {
local certs=()
local keys=()
local looking_at_cert=1
while [ $# -gt 0 ]; do
if [[ $looking_at_cert = 1 ]]; then
certs+=("$1")
looking_at_cert=0
else
keys+=("$1")
looking_at_cert=1
fi
shift
done
[[ ${#certs[@]} -eq ${#keys[@]} ]] || { "$0: signing certs and keys mismatch"; exit 1; }
for k in "${!certs[@]}"; do
local key=${keys[$k]}
local cert=${certs[$k]}
stmgr ospkg sign --cert "$cert" --key "$key" --ospkg "$OUT"
done
}
chmod_image() {
chmod 644 "$OUT" "$(dirname "$OUT")"/"$(basename "$OUT" .zip)".json
}
ensure_stmgr
create_image
sign_image $@
chmod_image