-
Notifications
You must be signed in to change notification settings - Fork 0
/
gh-update
executable file
·131 lines (124 loc) · 4.72 KB
/
gh-update
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
#!/bin/bash
if [[ $EUID -ne 0 ]];
then
exec pkexec --disable-internal-agent "$0" "$@"
fi
argdata=/tmp/gh-update-temparg
ready_watcher=/tmp/gh-update-ready-to-deploy
releasepath=$(cat /etc/gh-update-branch)
endpoint=https://api.github.com/repos/taleUI/releases_${releasepath}/releases
downloadpath=/home/.gh_offload/updatecontainer
source /etc/os-release
get_img_details(){
stdout=$(jq)
stdout=$(echo "${stdout}" | jq 'del(.[] | select(.assets[].state != "uploaded"))')
os_tag_name=$(echo "${stdout}" | jq -er '[ .[] | select(.prerelease==false) ] | first | .tag_name')
download_img_id=$(echo "${stdout}" | jq -er '[ .[] | select(.prerelease==false) ] | first | .assets[] | .url' | head -n1)
download_sha_id=$(echo "${stdout}" | jq -er '[ .[] | select(.prerelease==false) ] | first | .assets[] | .url' | tail -n1)
if [[ "${os_tag_name}" == "${VARIANT_ID}" ]]; then
echo "System up to date."
else
echo -e "OS_TAG_NAME=$os_tag_name\nDL_IMG=$download_img_url\nDL_SHA=$download_sha256_url\nGH_IMG_DL=$download_img_id\nGH_SHA_DL=$download_sha_id" > ${argdata}
echo "Update available. OS Update: ${os_tag_name}"
fi
}
updatecheck(){
if [[ "${releasepath}" =~ "int" ]]; then
if [[ -f "/etc/gh-update-token" ]]; then
curl --http1.1 -L -H "Authorization: Bearer $(cat /etc/gh-update-token)" -s "${endpoint}" | get_img_details
else
echo -e "You are on an internal build without an authorization to\nthe update endpoint.\nPlease pipe your valid Github token to /etc/gh-update-token via echo."
exit 0
fi
else
curl --http1.1 -L -s "${endpoint}" | get_img_details
if [[ -f "${argdata}" ]]; then
exit 7
else
exit 1
fi
fi
}
verintg(){
echo "Verifying update file integrity..."
CURR_SHA=$(echo $(sha256sum ${downloadpath}/${OS_TAG_NAME}/${OS_TAG_NAME}.img.zst) | awk '{print $1}')
if [[ "${CURR_SHA}" == "$(cat ${downloadpath}/${OS_TAG_NAME}/${OS_TAG_NAME}.img.zst.sha256)" ]]; then
touch ${ready_watcher}
echo "Update file download complete. The system is ready to update."
else
rm -rf ${downloadpath}/${OS_TAG_NAME}
echo "Verification failed. Download contents erased."
exit 1
fi
}
dlupd(){
source ${argdata}
if [[ -f "${downloadpath}/${OS_TAG_NAME}/${OS_TAG_NAME}.img.zst" ]] && [[ -f "${downloadpath}/${OS_TAG_NAME}/${OS_TAG_NAME}.img.zst.sha256" ]]; then
verintg
else
mkdir -p ${downloadpath}/${OS_TAG_NAME}
echo "Downloading update files..."
if [[ "${releasepath}" =~ "int" ]]; then
if [[ -f "/etc/gh-update-token" ]]; then
curl --http1.1 -L -H "Accept: application/octet-stream" -H "Authorization: Bearer $(cat /etc/gh-update-token)" -o ${downloadpath}/${OS_TAG_NAME}/${OS_TAG_NAME}.img.zst "${GH_IMG_DL}"
curl --http1.1 -L -H "Accept: application/octet-stream" -H "Authorization: Bearer $(cat /etc/gh-update-token)" -o ${downloadpath}/${OS_TAG_NAME}/${OS_TAG_NAME}.img.zst.sha256 "${GH_SHA_DL}"
else
echo -e "You are on an internal build without an authorization to\nthe update endpoint.\nPlease pipe your valid Github token to /etc/gh-update-token via echo."
exit 0
fi
else
curl --http1.1 -L -H "Accept: application/octet-stream" -o ${downloadpath}/${OS_TAG_NAME}/${OS_TAG_NAME}.img.zst "${GH_IMG_DL}"
curl --http1.1 -L -H "Accept: application/octet-stream" -o ${downloadpath}/${OS_TAG_NAME}/${OS_TAG_NAME}.img.zst.sha256 "${GH_SHA_DL}"
fi
verintg
fi
}
if [ -n "$1" ]; then
case "$1" in
"check")
rm -f ${argdata} ${ready_watcher}
updatecheck
;;
"download-update")
if [[ -f "${argdata}" ]]; then
dlupd
else
echo "Update arguments are not yet available. Please try checking for updates first."
exit 1
fi
;;
"apply-now")
if [[ -f "${ready_watcher}" ]]; then
gh-update-os ${argdata}
exit 7
fi
if [[ -f "${argdata}" ]]; then
dlupd
if [[ -f "${ready_watcher}" ]]; then
gh-update-os ${argdata}
exit 7
fi
else
echo -e "No update arguments set. Checking for updates...\n"
updatecheck
dlupd
if [[ -f "${ready_watcher}" ]]; then
gh-update-os ${argdata}
exit 7
fi
fi
;;
"-d")
echo "No debug support check"
updatecheck
;;
"*")
echo "Invalid option $1"
exit 1
;;
esac
shift
else
echo "No option passed."
exit 255
fi