Skip to content

Commit a012bd9

Browse files
pothospothos
committed
initrd-setup-root-after-ignition: Make use of ue-rs download_sysext
The ue-rs download_sysext binary can now do what was done with curl plus decode_payload before. Switch to make use of the download_sysext binary.
1 parent 5295e87 commit a012bd9

File tree

1 file changed

+10
-10
lines changed

1 file changed

+10
-10
lines changed

dracut/99setup-root/initrd-setup-root-after-ignition

Lines changed: 10 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -7,22 +7,19 @@ function usrbin() {
77
LD_LIBRARY_PATH=/sysusr/usr/lib64 /sysusr/usr/bin/"${cmd}" "$@"
88
}
99

10-
function usrcurl() {
11-
usrbin curl -fsSL --retry-delay 1 --retry 60 --retry-connrefused --retry-max-time 60 --connect-timeout 20 "$@"
12-
}
13-
10+
# Note: don't use as "if download_and_verify" or "download_and_verify || " because that disables set -e error handling
1411
function download_and_verify() {
1512
# Extracts release artifact to /sysroot/$final_name
1613
# Expects the env vars: FLATCAR_BOARD, VERSION
1714
local final_name="$1"
15+
local extracted_name="${final_name}"
1816
local name="${final_name/.raw/.gz}"
19-
URL="https://update.release.flatcar-linux.net/${FLATCAR_BOARD}/${VERSION}/${name}"
17+
local URL="https://update.release.flatcar-linux.net/${FLATCAR_BOARD}/${VERSION}/${name}"
2018
# Check for scripts:sdk_container/src/third_party/coreos-overlay/coreos-base/coreos-au-key/files/developer-v1.pub.pem
2119
if [ "$(usrbin md5sum /sysroot/usr/share/update_engine/update-payload-key.pub.pem | cut -d " " -f 1)" = "7192addf4a7f890c0057d21653eff2ea" ]; then
2220
URL="https://bincache.flatcar-linux.net/images/${FLATCAR_BOARD/-usr}/${VERSION}/flatcar_test_update-${name}"
21+
extracted_name="flatcar_test_update-${final_name}"
2322
fi
24-
# TODO: Replace the below with invoking an ue-rs helper binary for downloading the payload
25-
# from the URL and write the unpacked, verified file to the final name.
2623
local COUNT=""
2724
# Workaround: Once curl starts and fails to resolve a DNS name (due to a race or temporary failure),
2825
# it sticks to it for each retry, making the retry pointless. Therefore, we first have to
@@ -33,9 +30,12 @@ function download_and_verify() {
3330
fi
3431
sleep 1
3532
done
36-
rm -f "/sysroot/${name}"
37-
usrcurl -o "/sysroot/${name}" "${URL}" || { rm -f "/sysroot/${name}" ; return 1 ; }
38-
usrbin unshare -m sh -c "mount --rbind /dev /sysroot/dev/ && mount -t proc /proc /sysroot/proc/ && PROTOPATH=/usr/share/update_engine/ chroot /sysroot /usr/share/update_engine/decode_payload /usr/share/update_engine/update-payload-key.pub.pem \"/${name}\" \"/${final_name}\"" || { rm -f "/sysroot/${final_name}" ; echo "Failing boot" >&2 ; exit 1; }
33+
local tempdir="/sysroot/ue-rs/"
34+
rm -rf "${tempdir}"
35+
mkdir -p "${tempdir}"
36+
usrbin download_sysext -p /sysroot/usr/share/update_engine/update-payload-key.pub.pem -o "${tempdir}" -u "${URL}" || { rm -f "${tempdir}" ; echo "Failing boot" >&2 ; exit 1; }
37+
mv "${tempdir}/${extracted_name}" "/sysroot/${final_name}"
38+
rm -rf "${tempdir}"
3939
true # Don't leak previous exit code as return code
4040
}
4141

0 commit comments

Comments
 (0)