[PATCH] UBUNTU: download-signed: improve to support grub2 downloads

Kleber Souza kleber.souza at canonical.com
Wed May 13 09:05:14 UTC 2020 

Hi Dimitri,

What are the packages and series affected by this issue?


Thanks,
Kleber

On 05.05.20 10:38, Dimitri John Ledkov wrote:
> - drop unused imports
> - drop unused assignments
> - switch to argparse, thus gain -h/--help
> - add optional positional argument 'signed_type', defaults to 'signed'
>   but can be specified to 'uefi' for grub2 downloads
> - add support to simply download the "current" version
> 
> This enables `./download-signed grub2 current grub2 uefi` to fetch
> grub2 signed binaries without breaking any compatibility with any
> other invocations of this script.
> 
> BugLink: https://bugs.launchpad.net/bugs/1876875
> Signed-off-by: Dimitri John Ledkov <xnox at ubuntu.com>
> ---
>  download-signed | 40 +++++++++++++++++++++++++++++-----------
>  1 file changed, 29 insertions(+), 11 deletions(-)
> 
> diff --git a/download-signed b/download-signed
> index bed284e..0793696 100755
> --- a/download-signed
> +++ b/download-signed
> @@ -1,9 +1,9 @@
>  #! /usr/bin/python3
>  
>  import hashlib
> +import argparse
>  import os
>  import re
> -import shutil
>  import sys
>  import tarfile
>  from urllib import request
> @@ -14,12 +14,28 @@ from urllib.parse import (
>      )
>  
>  import apt
> -from aptsources.distro import get_distro
>  
>  # package_name: package containing the objects we signed
>  # package_version: package version containing the objects we signed
>  # src_package: source package name in dists
> -(package_name, package_version, src_package) = sys.argv[1:]
> +# signed_type: 'signed' or 'uefi' schema in the url
> +
> +parser = argparse.ArgumentParser()
> +parser.add_argument(
> +    "package_name",
> +    help="package containining the objects we signed")
> +parser.add_argument(
> +    "package_version",
> +    help="package version containing the objects we signed, or 'current'")
> +parser.add_argument(
> +    "src_package",
> +    help="source package name in dists")
> +parser.add_argument(
> +    "signed_type",
> +    nargs='?',
> +    default='signed',
> +    help="subdirectory type in the url, 'signed' or 'uefi'")
> +args = parser.parse_args()
>  
>  
>  class SignedDownloader:
> @@ -30,7 +46,7 @@ class SignedDownloader:
>      identify the members and to validate them once downloaded.
>      """
>  
> -    def __init__(self, package_name, package_version, src_package):
> +    def __init__(self, package_name, package_version, src_package, signed_type='signed'):
>          self.package_name = package_name
>          self.package_version = package_version
>          self.src_package = src_package
> @@ -41,10 +57,13 @@ class SignedDownloader:
>          cache = apt.Cache()
>  
>          self.package = None
> -        for version in cache[package_name].versions:
> -            if version.version == self.package_version:
> -                self.package = version
> -                break
> +        if self.package_version == "current":
> +            self.package = cache[package_name].candidate
> +        else:
> +            for version in cache[package_name].versions:
> +                if version.version == self.package_version:
> +                    self.package = version
> +                    break
>  
>          if not self.package:
>              raise KeyError("{0}: package version not found".format(self.package_name))
> @@ -52,7 +71,7 @@ class SignedDownloader:
>          origin = self.package.origins[0]
>          pool_parsed = urlparse(self.package.uri)
>          self.package_dir = "%s/%s/%s/%s-%s/%s/" % (
> -            origin.archive, 'main', 'signed',
> +            origin.archive, 'main', signed_type,
>              self.src_package, self.package.architecture, self.package_version)
>  
>          # Prepare the master url stem and pull out any username/password.  If present
> @@ -152,7 +171,6 @@ class SignedDownloader:
>          if os.path.exists(tarball_filename):
>              with tarfile.open(tarball_filename) as tarball:
>                  for tarinfo in tarball:
> -                    fullname = os.path.abspath(os.path.join(base, tarinfo.name))
>                      if not filename.startswith(here):
>                          print('download-signed: {0}: tarball member outside output directory'.format(member))
>                          sys.exit(1)
> @@ -161,5 +179,5 @@ class SignedDownloader:
>                      tarball.extract(tarinfo, base)
>  
>  
> -downloader = SignedDownloader(package_name, package_version, src_package)
> +downloader = SignedDownloader(**vars(args))
>  downloader.download('.')
>

More information about the kernel-team mailing list