From a30bead1cc45aff918f6c81b99c9b82b1614b66c Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Karel=20Ko=C4=8D=C3=AD?= <karel.koci@nic.cz>
Date: Thu, 28 Mar 2019 17:34:16 +0100
Subject: [PATCH] generate_medkit: use bootstrap and fail on pkgupdate failure

This modifies basic script to use server specific bootstrap script.
---
 generate_medkit               |  5 +---
 helpers/generate_common.sh    | 11 ++-----
 helpers/medkit-updater-ng.lua | 55 +++++------------------------------
 3 files changed, 11 insertions(+), 60 deletions(-)

diff --git a/generate_medkit b/generate_medkit
index f91039427..ad07ab564 100755
--- a/generate_medkit
+++ b/generate_medkit
@@ -145,7 +145,6 @@ OUTPUT="$(readlink -f "$OUTPUT")"
 updater_ng_repodetect "$BRANCH" "$BOARD"
 get_usign
 get_updater_ng
-get_turris_keys
 
 export PATH="$PATH:$(dirname "$USIGN")"
 ## Generate root ##
@@ -160,13 +159,11 @@ mkdir -p root/tmp/lock
 # Create opkg status file and info file
 mkdir -p root/usr/lib/opkg/info
 touch root/usr/lib/opkg/status
-# And updater directory
-mkdir -p root/usr/share/updater
 
 ## Run updater it self
 "\$PKGUPDATE" \
 	-R "$(pwd)"/root --out-of-root --batch \
-	"file://\$TURRIS_BUILD_DIR/helpers/medkit-updater-ng.lua" || true
+	"file://\$TURRIS_BUILD_DIR/helpers/medkit-updater-ng.lua"
 
 ## Generate /etc/config/updater
 m4args=()
diff --git a/helpers/generate_common.sh b/helpers/generate_common.sh
index d500e28d2..dcc00fc94 100644
--- a/helpers/generate_common.sh
+++ b/helpers/generate_common.sh
@@ -14,7 +14,7 @@
 # You should have received a copy of the GNU General Public License
 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
 USIGN_VERSION=ef6419142a3b0fbcddcccf536e3c1880302c6f89
-UPDATER_VERSION=master
+UPDATER_VERSION=uri
 
 SRC_USIGN="https://git.openwrt.org/project/usign.git"
 SRC_UPDATER="https://gitlab.labs.nic.cz/turris/updater/updater.git"
@@ -72,6 +72,7 @@ get_usign() {
 # To be pedantic you should provide target board as second argument but if not
 # provided then mox is used.
 updater_ng_repodetect() {
+	return
 	local REPO="$1"
 	local BOARD="${2:-mox}"
 	local VERSION="$(curl "https://repo.turris.cz/$REPO/packages/$BOARD/turrispackages/Packages" | \
@@ -90,11 +91,3 @@ get_updater_ng() {
 	export PKGUPDATE="$(pwd)/turris-tools/updater-ng/bin/pkgupdate"
 	export OPKG_TRANS="$(pwd)/turris-tools/updater-ng/bin/opkg-trans"
 }
-
-get_turris_keys() {
-	mkdir -p turris-tools/keys
-	for key in release standby test; do
-		wget_get https://gitlab.labs.nic.cz/turris/turris-os-packages/raw/test/cznic/cznic-repo-keys/files/$key.pub turris-tools/keys/$key.pub
-	done
-	export TURRIS_KEYS="$(pwd)/turris-tools/keys/release.pub,$(pwd)/turris-tools/keys/standby.pub,$(pwd)/turris-tools/keys/test.pub"
-}
diff --git a/helpers/medkit-updater-ng.lua b/helpers/medkit-updater-ng.lua
index 6eb3d4c40..4f00cfcf6 100644
--- a/helpers/medkit-updater-ng.lua
+++ b/helpers/medkit-updater-ng.lua
@@ -1,54 +1,15 @@
 --[[
 Root script for updater-ng configuration used for medkit generation.
-
-This script expects following variables to be defined in environment:
-  BRANCH: target branch for which medkit is being generated.
-  L10N: commas separated list of languages to be installed in medkit.
-  LISTS: commas separated list of lists to be included in medkit.
 ]]
 
--- Load requested localizations
-l10n = {}
-for lang in os.getenv('L10N'):gmatch('[^,]+') do
-	table.insert(l10n, lang)
-end
-Export('l10n')
-
--- This is helper function for including localization packages.
--- (This is copy of standard entry function that can be found in pkgupdate conf.lua)
-function for_l10n(fragment)
-	for _, lang in pairs(l10n or {}) do
-		Install(fragment .. lang, {ignore = {'missing'}})
-	end
-end
-Export('for_l10n')
-
-repo_base_uri = "https://repo.turris.cz/" .. os.getenv('BRANCH')
-Export('repo_base_uri')
-
-local script_options = {
-	security = 'Remote',
-	ca = system_cas,
-	crl = no_crl,
-	pubkey = {}
-}
-for key in os.getenv('TURRIS_KEYS'):gmatch('[^,]+') do
-	table.insert(script_options.pubkey, "file://" .. key)
-end
-
--- Aways include base script
-Script(repo_base_uri .. '/lists/base.lua', script_options)
-
--- Now include any additional lists
-for list in os.getenv('LISTS'):gmatch('[^,]+') do
-	Script(repo_base_uri .. '/lists/' .. list .. '.lua', script_options)
-end
-
--- Add test keys if branch is overriden
-local updater_branch = os.getenv('_UPDATER_BRANCH_')
-if updater_branch and updater_branch ~= "" then
-	Install('cznic-repo-keys-test')
-end
+Script("https://repo.turris.cz/" .. os.getenv('BRANCH') .. '/lists/bootstrap.lua', {
+	pubkey = {
+		-- Turris release key
+		"data:base64,dW50cnVzdGVkIGNvbW1lbnQ6IFR1cnJpcyByZWxlYXNlIGtleSBnZW4gMQpSV1Rjc2c1VFhHTGRXOWdObEdITi9vZmRzTTBLQWZRSVJCbzVPVlpJWWxWVGZ5STZGR1ZFT0svZQo=",
+		-- Turris development key
+		"data:base64,dW50cnVzdGVkIGNvbW1lbnQ6IFR1cnJpcyBPUyBkZXZlbCBrZXkKUldTMEZBMU51bjdKRHQwTDhTalJzRFJKR0R2VUNkRGRmczIxZmVpVytxcEdITk1oVlo5MzBoa3kK",
+	}
+})
 
 -- Include any optional user script
 user_script = os.getenv('UPDATER_SCRIPT')
-- 
GitLab