File: stretch

package info (click to toggle)
debuerreotype 0.10-2
  • links: PTS, VCS
  • area: main
  • in suites: bullseye
  • size: 236 kB
  • sloc: sh: 1,508; makefile: 6
file content (66 lines) | stat: -rwxr-xr-x 2,184 bytes parent folder | download 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
 
#!/usr/bin/env bash
set -Eeuo pipefail

suite='stretch'
timestamp='2017-01-01T00:00:00Z'

expectedEpoch='1483228800'

declare -A expectedSha256s=(
	['amd64']='26490ed3400a5029b8b5939c6cebd38691e28ea5c616bb54f25f758125417c5f'
	['arm64']='45e5e0c6da27db14de19a600663140db1f85f7516a856bf00957436e93e1f684'
)
dpkgArch="$(dpkg --print-architecture)"
expectedSha256="${expectedSha256s["$dpkgArch"]:-}"

tempDir="$(mktemp -d)"
trap "rm -rf '$tempDir'" EXIT
rootfs="$tempDir/rootfs"

set -x

# make a new keyring that contains all archive keys so this still works in the future too
# (see also "debian.sh" in the debuerreotype examples, which this is a hyper-simplified version of)
keyring="$tempDir/keyring.gpg"
gpg --batch --no-default-keyring --keyring "$keyring" --import \
	/usr/share/keyrings/debian-archive-keyring.gpg \
	/usr/share/keyrings/debian-archive-removed-keys.gpg

debuerreotype-init --arch="$dpkgArch" --keyring="$keyring" "$rootfs" "$suite" "$timestamp"
[ "$(< "$rootfs/debuerreotype-epoch")" = "$expectedEpoch" ]

debuerreotype-chroot "$rootfs" true

debuerreotype-debian-sources-list "$rootfs" "$suite"
# remove effect of https://github.com/debuerreotype/debuerreotype/pull/56 (to avoid regenerating expected tarballs to compensate)
sed -i -e '/^#/d' "$rootfs/etc/apt/sources.list"

debuerreotype-tar "$rootfs" "$tempDir/actual.tar"
sha256="$(sha256sum "$tempDir/actual.tar" | cut -d' ' -f1)"

# see https://people.debian.org/~tianon/debuerreotype/

if [ "$sha256" != "$expectedSha256" ]; then
	if [ -z "$expectedSha256" ]; then
		(
			set +x
			echo >&2
			echo >&2 "WARNING: no expected SHA256 for '$dpkgArch' known -- please file a bug with this full build output against src:debuerreotype!"
			echo >&2
		)
		exit 0
	fi

	(
		set +x
		echo >&2
		echo >&2 'ERROR: expected SHA256 does not match actual -- downloading pristine source to compare (via diffoscope)'
		echo >&2
	)

	toCompare="https://people.debian.org/~tianon/debuerreotype/$suite--$timestamp--$dpkgArch--$expectedSha256.txz"
	wget -qO "$tempDir/expected.txz" "$toCompare"
	xz -d < "$tempDir/expected.txz" > "$tempDir/expected.tar"
	diffoscope >&2 "$tempDir/expected.tar" "$tempDir/actual.tar"
	exit 1
fi