Merge pull request #2520 from freifunk-gluon/check-updater-branch

gluon-autoupdater: check default branch name, check number of pubkeys, revert invalid branch on update/reconfigure
This commit is contained in:
Matthias Schiffer 2022-06-11 10:32:19 +02:00 committed by GitHub
commit ae7b87b0f0
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
5 changed files with 60 additions and 16 deletions

View File

@ -25,6 +25,7 @@ files["package/**/check_site.lua"] = {
"extend", "extend",
"in_domain", "in_domain",
"in_site", "in_site",
"value",
"need", "need",
"need_alphanumeric_key", "need_alphanumeric_key",
"need_array", "need_array",

View File

@ -145,7 +145,7 @@
-- Have multiple maintainers sign your build and only -- Have multiple maintainers sign your build and only
-- accept it when a sufficient number of them have -- accept it when a sufficient number of them have
-- signed it. -- signed it.
good_signatures = 2, good_signatures = 0,
-- List of public keys of maintainers. -- List of public keys of maintainers.
pubkeys = { pubkeys = {

View File

@ -1,11 +1,25 @@
need_string(in_site({'autoupdater', 'branch'}), false) local branches = table_keys(need_table({'autoupdater', 'branches'}, function(branch)
need_table({'autoupdater', 'branches'}, function(branch)
need_alphanumeric_key(branch) need_alphanumeric_key(branch)
need_string(in_site(extend(branch, {'name'}))) need_string(in_site(extend(branch, {'name'})))
need_string_array_match(extend(branch, {'mirrors'}), '^http://') need_string_array_match(extend(branch, {'mirrors'}), '^http://')
local pubkeys = need_string_array_match(in_site(extend(branch, {'pubkeys'})), '^%x+$')
need_number(in_site(extend(branch, {'good_signatures'}))) need_number(in_site(extend(branch, {'good_signatures'})))
need_string_array_match(in_site(extend(branch, {'pubkeys'})), '^%x+$') need(in_site(extend(branch, {'good_signatures'})), function(good_signatures)
return good_signatures <= #pubkeys
end, nil, string.format('be less than or equal to the number of public keys (%d)', #pubkeys))
obsolete(in_site(extend(branch, {'probability'})), 'Use GLUON_PRIORITY in site.mk instead.') obsolete(in_site(extend(branch, {'probability'})), 'Use GLUON_PRIORITY in site.mk instead.')
end) end))
need_one_of(in_site({'autoupdater', 'branch'}), branches, false)
-- Check GLUON_AUTOUPDATER_BRANCH
local default_branch
local f = io.open((os.getenv('IPKG_INSTROOT') or '') .. '/lib/gluon/autoupdater/default_branch')
if f then
default_branch = f:read('*line')
f:close()
end
need_one_of(value('GLUON_AUTOUPDATER_BRANCH', default_branch), branches, false)

View File

@ -21,25 +21,34 @@ for name, config in pairs(site.autoupdater.branches()) do
end end
end end
if not uci:get('autoupdater', 'settings') then local function default_branch()
local enabled = unistd.access('/lib/gluon/autoupdater/default_enabled') ~= nil
local branch = site.autoupdater.branch(min_branch)
local f = io.open('/lib/gluon/autoupdater/default_branch') local f = io.open('/lib/gluon/autoupdater/default_branch')
if f then if f then
branch = f:read('*line') local ret = f:read('*line')
f:close() f:close()
return ret
end end
return site.autoupdater.branch(min_branch)
end
local enabled, branch
if not uci:get('autoupdater', 'settings') then
enabled = unistd.access('/lib/gluon/autoupdater/default_enabled') ~= nil
end
local old_branch = uci:get('autoupdater', 'settings', 'branch')
if not old_branch or not uci:get('autoupdater', old_branch) then
branch = default_branch()
if not branch then if not branch then
enabled = false enabled = false
end end
end
uci:section('autoupdater', 'autoupdater', 'settings', { uci:section('autoupdater', 'autoupdater', 'settings', {
enabled = enabled, enabled = enabled,
branch = branch, branch = branch,
}) })
end
uci:set('autoupdater', 'settings', 'version_file', '/lib/gluon/release') uci:set('autoupdater', 'settings', 'version_file', '/lib/gluon/release')

View File

@ -57,6 +57,10 @@ end
local function path_to_string(path) local function path_to_string(path)
if path.is_value then
return path.label
end
return table.concat(path, '.') return table.concat(path, '.')
end end
@ -96,6 +100,10 @@ local function domain_src()
end end
local function conf_src(path) local function conf_src(path)
if path.is_value then
return 'Configuration'
end
local src local src
if has_domains then if has_domains then
@ -138,6 +146,14 @@ function M.in_domain(path)
return path return path
end end
function M.value(label, value)
return {
is_value = true,
label = label,
value = value,
}
end
function M.this_domain() function M.this_domain()
return domain_code return domain_code
end end
@ -171,6 +187,10 @@ function loadpath(path, base, c, ...)
end end
local function loadvar(path) local function loadvar(path)
if path.is_value then
return path.value
end
return loadpath({}, conf, unpack(path)) return loadpath({}, conf, unpack(path))
end end