feat: support add apt key via download or from a server

This commit is contained in:
Amin Yahyaabadi 2022-07-27 20:14:37 -07:00
parent 5183c0d6d4
commit d204be83ac
8 changed files with 48 additions and 42 deletions

View File

@ -12,6 +12,9 @@ words:
- aarch
- aminya
- applellvm
- bazel
- copr
- vbatts
- buildtools
- caxa
- ccache

2
dist/setup_cpp.js vendored

File diff suppressed because one or more lines are too long

File diff suppressed because one or more lines are too long

2
dist/setup_cpp.mjs vendored

File diff suppressed because one or more lines are too long

File diff suppressed because one or more lines are too long

View File

@ -1,4 +1,4 @@
import { setupAptPack } from "../utils/setup/setupAptPack"
import { addAptKeyViaDownload, setupAptPack } from "../utils/setup/setupAptPack"
import { setupBrewPack } from "../utils/setup/setupBrewPack"
import { setupChocoPack } from "../utils/setup/setupChocoPack"
import { isArch } from "../utils/env/isArch"
@ -26,14 +26,13 @@ export async function setupBazel(version: string, _setupDir: string, _arch: stri
return setupDnfPack("bazel4", undefined)
} else if (isUbuntu()) {
// https://bazel.build/install/ubuntu
const keyFileName = await addAptKeyViaDownload(
"bazel-archive-keyring.gpg",
"https://bazel.build/bazel-release.pub.gpg"
)
execSudo("bash", [
"-c",
"wget -qO - https://bazel.build/bazel-release.pub.gpg | gpg --dearmor >bazel-archive-keyring.gpg > /dev/null",
])
execSudo("bash", ["-c", "mv bazel-archive-keyring.gpg /usr/share/keyrings"])
execSudo("bash", [
"-c",
'echo "deb [arch=amd64 signed-by=/usr/share/keyrings/bazel-archive-keyring.gpg] https://storage.googleapis.com/bazel-apt stable jdk1.8" | sudo tee /etc/apt/sources.list.d/bazel.list',
`echo "deb [arch=amd64 signed-by=${keyFileName}] https://storage.googleapis.com/bazel-apt stable jdk1.8" | tee /etc/apt/sources.list.d/bazel.list`,
])
return setupAptPack("bazel", version, [], true)
}

View File

@ -2,7 +2,7 @@ import { dirname } from "path"
import which from "which"
import { isUbuntu } from "../utils/env/isUbuntu"
import { execSudo } from "../utils/exec/sudo"
import { setupAptPack } from "../utils/setup/setupAptPack"
import { addAptKeyViaDownload, setupAptPack } from "../utils/setup/setupAptPack"
let binDir: string | undefined
@ -22,15 +22,11 @@ export async function setupNala(version: string, _setupDir: string, _arch: strin
}
// https://github.com/volitank/nala#-installation
await setupAptPack("wget")
execSudo("/bin/bash", [
"-c",
`wget -qO - https://deb.volian.org/volian/scar.key | tee /etc/apt/trusted.gpg.d/volian-archive-scar-unstable.gpg > /dev/null`,
])
execSudo("/bin/bash", [
"-c",
`echo "deb http://deb.volian.org/volian/ scar main" | tee /etc/apt/sources.list.d/volian-archive-scar-unstable.list`,
])
const keyFileName = await addAptKeyViaDownload(
"volian-archive-scar-unstable.gpg",
"https://deb.volian.org/volian/scar.key"
)
execSudo("/bin/bash", ["-c", `echo "deb http://deb.volian.org/volian/ scar main" | tee ${keyFileName}`])
try {
if (version !== "legacy") {

View File

@ -2,7 +2,6 @@
import { InstallationInfo } from "./setupBin"
import { execSudo } from "../exec/sudo"
import { info } from "@actions/core"
import { warning } from "../io/io"
import { isGitHubCI } from "../env/isCI"
import { addEnv, cpprc_path, setupCppInProfile } from "../env/addEnv"
import { appendFileSync, existsSync } from "fs"
@ -18,10 +17,10 @@ export async function setupAptPack(
repositories: string[] = [],
update = false
): Promise<InstallationInfo> {
info(`Installing ${name} ${version ?? ""} via apt`)
const apt: string = getApt()
info(`Installing ${name} ${version ?? ""} via ${apt}`)
process.env.DEBIAN_FRONTEND = "noninteractive"
if (!didUpdate || update) {
@ -80,8 +79,8 @@ async function initApt(apt: string) {
"ca-certificates",
"gnupg",
])
addAptKey(["3B4FE6ACC0B21F32", "40976EAF437D05B5"], "setup-cpp-ubuntu-archive.gpg")
addAptKey(["1E9377A2BA9EF27F"], "setup-cpp-launchpad-toolchain.gpg")
addAptKeyViaServer(["3B4FE6ACC0B21F32", "40976EAF437D05B5"], "setup-cpp-ubuntu-archive.gpg")
addAptKeyViaServer(["1E9377A2BA9EF27F"], "launchpad-toolchain.gpg")
if (apt === "nala") {
// enable utf8 otherwise it fails because of the usage of ASCII encoding
await addEnv("LANG", "C.UTF-8")
@ -89,24 +88,33 @@ async function initApt(apt: string) {
}
}
function addAptKey(keys: string[], name: string) {
try {
if (!existsSync(`/root/.gnupg/${name}`)) {
for (const key of keys) {
execSudo("gpg", [
"--no-default-keyring",
"--keyring",
name,
"--keyserver",
"keyserver.ubuntu.com",
"--recv-keys",
key,
])
}
export function addAptKeyViaServer(keys: string[], name: string, server = "keyserver.ubuntu.com") {
const fileName = `/etc/apt/trusted.gpg.d/${name}`
if (!existsSync(fileName)) {
for (const key of keys) {
execSudo("gpg", [
"--no-default-keyring",
"--keyring",
`gnupg-ring:${fileName}`,
"--keyserver",
server,
"--recv-keys",
key,
])
execSudo("chmod", ["644", fileName])
}
} catch (err) {
warning(`Failed to add keys: ${err}`)
}
return fileName
}
export async function addAptKeyViaDownload(name: string, url: string) {
const fileName = `/etc/apt/trusted.gpg.d/${name}`
if (!existsSync(fileName)) {
await setupAptPack("curl", undefined)
execSudo("bash", ["-c", `curl -s ${url} | gpg --no-default-keyring --keyring gnupg-ring:${fileName} --import`])
execSudo("chmod", ["644", fileName])
}
return fileName
}
export function updateAptAlternatives(name: string, path: string) {