feat: support add apt key via download or from a server

This commit is contained in:
Amin Yahyaabadi 2022-07-27 20:14:37 -07:00
parent 5183c0d6d4
commit d204be83ac
8 changed files with 48 additions and 42 deletions

View File

@ -12,6 +12,9 @@ words:
- aarch - aarch
- aminya - aminya
- applellvm - applellvm
- bazel
- copr
- vbatts
- buildtools - buildtools
- caxa - caxa
- ccache - ccache

2
dist/setup_cpp.js vendored

File diff suppressed because one or more lines are too long

File diff suppressed because one or more lines are too long

2
dist/setup_cpp.mjs vendored

File diff suppressed because one or more lines are too long

File diff suppressed because one or more lines are too long

View File

@ -1,4 +1,4 @@
import { setupAptPack } from "../utils/setup/setupAptPack" import { addAptKeyViaDownload, setupAptPack } from "../utils/setup/setupAptPack"
import { setupBrewPack } from "../utils/setup/setupBrewPack" import { setupBrewPack } from "../utils/setup/setupBrewPack"
import { setupChocoPack } from "../utils/setup/setupChocoPack" import { setupChocoPack } from "../utils/setup/setupChocoPack"
import { isArch } from "../utils/env/isArch" import { isArch } from "../utils/env/isArch"
@ -26,14 +26,13 @@ export async function setupBazel(version: string, _setupDir: string, _arch: stri
return setupDnfPack("bazel4", undefined) return setupDnfPack("bazel4", undefined)
} else if (isUbuntu()) { } else if (isUbuntu()) {
// https://bazel.build/install/ubuntu // https://bazel.build/install/ubuntu
const keyFileName = await addAptKeyViaDownload(
"bazel-archive-keyring.gpg",
"https://bazel.build/bazel-release.pub.gpg"
)
execSudo("bash", [ execSudo("bash", [
"-c", "-c",
"wget -qO - https://bazel.build/bazel-release.pub.gpg | gpg --dearmor >bazel-archive-keyring.gpg > /dev/null", `echo "deb [arch=amd64 signed-by=${keyFileName}] https://storage.googleapis.com/bazel-apt stable jdk1.8" | tee /etc/apt/sources.list.d/bazel.list`,
])
execSudo("bash", ["-c", "mv bazel-archive-keyring.gpg /usr/share/keyrings"])
execSudo("bash", [
"-c",
'echo "deb [arch=amd64 signed-by=/usr/share/keyrings/bazel-archive-keyring.gpg] https://storage.googleapis.com/bazel-apt stable jdk1.8" | sudo tee /etc/apt/sources.list.d/bazel.list',
]) ])
return setupAptPack("bazel", version, [], true) return setupAptPack("bazel", version, [], true)
} }

View File

@ -2,7 +2,7 @@ import { dirname } from "path"
import which from "which" import which from "which"
import { isUbuntu } from "../utils/env/isUbuntu" import { isUbuntu } from "../utils/env/isUbuntu"
import { execSudo } from "../utils/exec/sudo" import { execSudo } from "../utils/exec/sudo"
import { setupAptPack } from "../utils/setup/setupAptPack" import { addAptKeyViaDownload, setupAptPack } from "../utils/setup/setupAptPack"
let binDir: string | undefined let binDir: string | undefined
@ -22,15 +22,11 @@ export async function setupNala(version: string, _setupDir: string, _arch: strin
} }
// https://github.com/volitank/nala#-installation // https://github.com/volitank/nala#-installation
await setupAptPack("wget") const keyFileName = await addAptKeyViaDownload(
execSudo("/bin/bash", [ "volian-archive-scar-unstable.gpg",
"-c", "https://deb.volian.org/volian/scar.key"
`wget -qO - https://deb.volian.org/volian/scar.key | tee /etc/apt/trusted.gpg.d/volian-archive-scar-unstable.gpg > /dev/null`, )
]) execSudo("/bin/bash", ["-c", `echo "deb http://deb.volian.org/volian/ scar main" | tee ${keyFileName}`])
execSudo("/bin/bash", [
"-c",
`echo "deb http://deb.volian.org/volian/ scar main" | tee /etc/apt/sources.list.d/volian-archive-scar-unstable.list`,
])
try { try {
if (version !== "legacy") { if (version !== "legacy") {

View File

@ -2,7 +2,6 @@
import { InstallationInfo } from "./setupBin" import { InstallationInfo } from "./setupBin"
import { execSudo } from "../exec/sudo" import { execSudo } from "../exec/sudo"
import { info } from "@actions/core" import { info } from "@actions/core"
import { warning } from "../io/io"
import { isGitHubCI } from "../env/isCI" import { isGitHubCI } from "../env/isCI"
import { addEnv, cpprc_path, setupCppInProfile } from "../env/addEnv" import { addEnv, cpprc_path, setupCppInProfile } from "../env/addEnv"
import { appendFileSync, existsSync } from "fs" import { appendFileSync, existsSync } from "fs"
@ -18,10 +17,10 @@ export async function setupAptPack(
repositories: string[] = [], repositories: string[] = [],
update = false update = false
): Promise<InstallationInfo> { ): Promise<InstallationInfo> {
info(`Installing ${name} ${version ?? ""} via apt`)
const apt: string = getApt() const apt: string = getApt()
info(`Installing ${name} ${version ?? ""} via ${apt}`)
process.env.DEBIAN_FRONTEND = "noninteractive" process.env.DEBIAN_FRONTEND = "noninteractive"
if (!didUpdate || update) { if (!didUpdate || update) {
@ -80,8 +79,8 @@ async function initApt(apt: string) {
"ca-certificates", "ca-certificates",
"gnupg", "gnupg",
]) ])
addAptKey(["3B4FE6ACC0B21F32", "40976EAF437D05B5"], "setup-cpp-ubuntu-archive.gpg") addAptKeyViaServer(["3B4FE6ACC0B21F32", "40976EAF437D05B5"], "setup-cpp-ubuntu-archive.gpg")
addAptKey(["1E9377A2BA9EF27F"], "setup-cpp-launchpad-toolchain.gpg") addAptKeyViaServer(["1E9377A2BA9EF27F"], "launchpad-toolchain.gpg")
if (apt === "nala") { if (apt === "nala") {
// enable utf8 otherwise it fails because of the usage of ASCII encoding // enable utf8 otherwise it fails because of the usage of ASCII encoding
await addEnv("LANG", "C.UTF-8") await addEnv("LANG", "C.UTF-8")
@ -89,24 +88,33 @@ async function initApt(apt: string) {
} }
} }
function addAptKey(keys: string[], name: string) { export function addAptKeyViaServer(keys: string[], name: string, server = "keyserver.ubuntu.com") {
try { const fileName = `/etc/apt/trusted.gpg.d/${name}`
if (!existsSync(`/root/.gnupg/${name}`)) { if (!existsSync(fileName)) {
for (const key of keys) { for (const key of keys) {
execSudo("gpg", [ execSudo("gpg", [
"--no-default-keyring", "--no-default-keyring",
"--keyring", "--keyring",
name, `gnupg-ring:${fileName}`,
"--keyserver", "--keyserver",
"keyserver.ubuntu.com", server,
"--recv-keys", "--recv-keys",
key, key,
]) ])
} execSudo("chmod", ["644", fileName])
} }
} catch (err) {
warning(`Failed to add keys: ${err}`)
} }
return fileName
}
export async function addAptKeyViaDownload(name: string, url: string) {
const fileName = `/etc/apt/trusted.gpg.d/${name}`
if (!existsSync(fileName)) {
await setupAptPack("curl", undefined)
execSudo("bash", ["-c", `curl -s ${url} | gpg --no-default-keyring --keyring gnupg-ring:${fileName} --import`])
execSudo("chmod", ["644", fileName])
}
return fileName
} }
export function updateAptAlternatives(name: string, path: string) { export function updateAptAlternatives(name: string, path: string) {