forked from oxidecomputer/omicron
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Bundle xcvradm with switch zone (oxidecomputer#3684)
This has proven useful during customer installation troubleshooting, and so far has been manually copied into the rack. Starting fairly soon, some customers will be less open to arbitrary binaries being injected from technician's laptops so this includes the xcvradm binary in the switch zone image under /opt/oxide - for the illumos asic target only. Other OSs get a non-functional stub.
- Loading branch information
Showing
5 changed files
with
248 additions
and
1 deletion.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,157 @@ | ||
#!/bin/bash | ||
|
||
# | ||
# ci_download_transceiver_control: fetches the appropriate transceiver-control | ||
# binary tarball based on the currently running operating system, unpacks it, | ||
# and creates a copy called "transceiver-control", all in the current directory. | ||
# | ||
|
||
set -o pipefail | ||
set -o xtrace | ||
set -o errexit | ||
|
||
SOURCE_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" &> /dev/null && pwd )" | ||
ARG0="$(basename "${BASH_SOURCE[0]}")" | ||
|
||
source "$SOURCE_DIR/transceiver_control_version" | ||
|
||
TARGET_DIR="out" | ||
# Location where intermediate artifacts are downloaded / unpacked. | ||
DOWNLOAD_DIR="$TARGET_DIR/downloads" | ||
# Location where the final directory should end up. | ||
DEST_DIR="./$TARGET_DIR/transceiver-control" | ||
BIN_DIR="/opt/oxide/bin" | ||
BINARY="xcvradm" | ||
|
||
ARTIFACT_URL="https://buildomat.eng.oxide.computer/public/file" | ||
|
||
REPO='oxidecomputer/transceiver-control' | ||
PACKAGE_BASE_URL="$ARTIFACT_URL/$REPO/bins/$COMMIT" | ||
|
||
function main | ||
{ | ||
# | ||
# Process command-line arguments. We generally don't expect any, but | ||
# we allow callers to specify a value to override OSTYPE, just for | ||
# testing. | ||
# | ||
if [[ $# != 0 ]]; then | ||
CIDL_OS="$1" | ||
shift | ||
else | ||
CIDL_OS="$OSTYPE" | ||
fi | ||
|
||
if [[ $# != 0 ]]; then | ||
echo "unexpected arguments" >&2 | ||
exit 2 | ||
fi | ||
|
||
# Configure this program | ||
configure_os "$CIDL_OS" | ||
|
||
CIDL_SHA256="$CIDL_SHA256_ILLUMOS" | ||
CIDL_SHA256FUNC="do_sha256sum" | ||
ARCHIVE_FILENAME="xcvradm.gz" | ||
PACKAGE_URL="$PACKAGE_BASE_URL/$ARCHIVE_FILENAME" | ||
ARCHIVE_FILE="$DOWNLOAD_DIR/$ARCHIVE_FILENAME" | ||
|
||
# Download the file. | ||
echo "URL: $PACKAGE_URL" | ||
echo "Local file: $ARCHIVE_FILE" | ||
|
||
mkdir -p "$DOWNLOAD_DIR" | ||
mkdir -p "$DEST_DIR" | ||
|
||
fetch_and_verify | ||
|
||
do_unpack "$ARCHIVE_FILE" | ||
|
||
do_assemble | ||
|
||
$SET_BINARIES | ||
} | ||
|
||
function fail | ||
{ | ||
echo "$ARG0: $@" >&2 | ||
exit 1 | ||
} | ||
|
||
function configure_os | ||
{ | ||
echo "current directory: $PWD" | ||
echo "configuring based on OS: \"$1\"" | ||
case "$1" in | ||
solaris*) | ||
SET_BINARIES="" | ||
;; | ||
*) | ||
echo "WARNING: binaries for $1 are not published by transceiver-control" | ||
SET_BINARIES="unsupported_os" | ||
;; | ||
esac | ||
} | ||
|
||
function do_download_curl | ||
{ | ||
curl --silent --show-error --fail --location --output "$2" "$1" | ||
} | ||
|
||
function do_sha256sum | ||
{ | ||
sha256sum < "$1" | awk '{print $1}' | ||
} | ||
|
||
function do_unpack | ||
{ | ||
mkdir -p "$DOWNLOAD_DIR/root/$BIN_DIR" | ||
gzip -dc "$1" > "$DOWNLOAD_DIR/root/$BIN_DIR/$BINARY" | ||
chmod +x "$DOWNLOAD_DIR/root/$BIN_DIR/$BINARY" | ||
} | ||
|
||
function do_assemble | ||
{ | ||
rm -r "$DEST_DIR" || true | ||
mkdir "$DEST_DIR" | ||
cp -r "$DOWNLOAD_DIR/root" "$DEST_DIR/root" | ||
} | ||
|
||
function fetch_and_verify | ||
{ | ||
local DO_DOWNLOAD="true" | ||
if [[ -f "$ARCHIVE_FILE" ]]; then | ||
# If the file exists with a valid checksum, we can skip downloading. | ||
calculated_sha256="$($CIDL_SHA256FUNC "$ARCHIVE_FILE")" || \ | ||
fail "failed to calculate sha256sum" | ||
if [[ "$calculated_sha256" == "$CIDL_SHA256" ]]; then | ||
DO_DOWNLOAD="false" | ||
fi | ||
fi | ||
|
||
if [ "$DO_DOWNLOAD" == "true" ]; then | ||
echo "Downloading..." | ||
do_download_curl "$PACKAGE_URL" "$ARCHIVE_FILE" || \ | ||
fail "failed to download file" | ||
|
||
# Verify the sha256sum. | ||
calculated_sha256="$($CIDL_SHA256FUNC "$ARCHIVE_FILE")" || \ | ||
fail "failed to calculate sha256sum" | ||
if [[ "$calculated_sha256" != "$CIDL_SHA256" ]]; then | ||
fail "sha256sum mismatch \ | ||
(expected $CIDL_SHA256, found $calculated_sha256)" | ||
fi | ||
fi | ||
|
||
} | ||
|
||
function unsupported_os | ||
{ | ||
typeset dir="$DEST_DIR/$BIN_DIR" | ||
|
||
mkdir -p "$dir" | ||
echo "echo 'unsupported os' && exit 1" >> "$dir/$BINARY" | ||
chmod +x "$dir/$BINARY" | ||
} | ||
|
||
main "$@" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,2 @@ | ||
COMMIT="8813cf996f37a6c43e7b83d6084f88c5f0f0430a" | ||
CIDL_SHA256_ILLUMOS="388f9e03089e8bc6d47fd21f9c83554a6cdc626eb928374fcff945a881e1f7e1" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,65 @@ | ||
#!/bin/bash | ||
|
||
set -o pipefail | ||
set -o errexit | ||
|
||
SOURCE_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" &> /dev/null && pwd )" | ||
ARG0="$(basename "${BASH_SOURCE[0]}")" | ||
|
||
function usage { | ||
echo "usage: $0 [-c COMMIT] [-n]" | ||
echo | ||
echo " -c COMMIT Ask to update Dendrite to a specific commit." | ||
echo " If this is unset, Github is queried." | ||
echo " -n Dry-run" | ||
exit 1 | ||
} | ||
|
||
PACKAGES=( | ||
"xcvradm" | ||
) | ||
|
||
REPO="oxidecomputer/transceiver-control" | ||
|
||
. "$SOURCE_DIR/update_helpers.sh" | ||
|
||
function update_transceiver_control { | ||
TARGET_COMMIT="$1" | ||
DRY_RUN="$2" | ||
SHA=$(get_sha "$REPO" "$TARGET_COMMIT" "xcvradm.gz" "bins") | ||
OUTPUT=$(printf "COMMIT=\"%s\"\nCIDL_SHA256_ILLUMOS=\"%s\"\n" \ | ||
"$TARGET_COMMIT" "$SHA") | ||
|
||
if [ -n "$DRY_RUN" ]; then | ||
OPENAPI_PATH="/dev/null" | ||
else | ||
OPENAPI_PATH="$SOURCE_DIR/transceiver_control_version" | ||
fi | ||
echo "Updating transceiver control from: $TARGET_COMMIT" | ||
set -x | ||
echo "$OUTPUT" > $OPENAPI_PATH | ||
set +x | ||
} | ||
|
||
function main { | ||
TARGET_COMMIT="" | ||
DRY_RUN="" | ||
while getopts "c:n" o; do | ||
case "${o}" in | ||
c) | ||
TARGET_COMMIT="$OPTARG" | ||
;; | ||
n) | ||
DRY_RUN="yes" | ||
;; | ||
*) | ||
usage | ||
;; | ||
esac | ||
done | ||
|
||
TARGET_COMMIT=$(get_latest_commit_from_gh "$REPO" "$TARGET_COMMIT") | ||
update_transceiver_control "$TARGET_COMMIT" "$DRY_RUN" | ||
} | ||
|
||
main "$@" |