Commit a44f8c36 authored by Joanne Hugé's avatar Joanne Hugé

playbook/upgrader: check sha256sum of playbook after uncompressing it

parent e5e51ed7
Pipeline #28634 passed with stage
in 0 seconds
...@@ -24,17 +24,21 @@ ...@@ -24,17 +24,21 @@
args: args:
chdir: /opt/upgrader/tmp chdir: /opt/upgrader/tmp
- name: Check uncompressed archive sha256sum
shell: cd /opt/upgrader/tmp && find . -type f ! -name 'sha256sum' -print0 | sort -z | xargs -0 sha256sum | sha256sum --check sha256sum
register: playbook_sha256sum
- shell: cp -R /opt/upgrader/tmp /opt/upgrader/playbook - shell: cp -R /opt/upgrader/tmp /opt/upgrader/playbook
when: playbook_folder.stat.exists == False when: playbook_folder.stat.exists == False and playbook_sha256sum.rc == 0
- stat: path=/opt/upgrader/tmp/hosts - stat: path=/opt/upgrader/tmp/hosts
register: hosts_file register: hosts_file
- shell: rm -rf /opt/upgrader/playbook-tmp - shell: rm -rf /opt/upgrader/playbook-tmp
when: hosts_file.stat.exists == True when: hosts_file.stat.exists == True and playbook_sha256sum.rc == 0
- shell: cp -R /opt/upgrader/tmp /opt/upgrader/playbook-tmp - shell: cp -R /opt/upgrader/tmp /opt/upgrader/playbook-tmp
when: hosts_file.stat.exists == True when: hosts_file.stat.exists == True and playbook_sha256sum.rc == 0
- name: Save new archive MD5 - name: Save new archive MD5
stat: stat:
......
9b6a2d1ca9912e9e48f2eb3d6d78e30fc27930337a91f6fd83e288c3b1c47752 -
...@@ -3,4 +3,5 @@ conf=${1:-/etc/opt/slapcache.cfg} ...@@ -3,4 +3,5 @@ conf=${1:-/etc/opt/slapcache.cfg}
conf=$(realpath $conf) conf=$(realpath $conf)
cd $playbook_dir cd $playbook_dir
find . -type f ! -name 'sha256sum' -print0 | sort -z | xargs -0 sha256sum | sha256sum > sha256sum
rm -f /tmp/archive.tar.gz && tar -czvf /tmp/archive.tar.gz . && slapcache-upload --file=/tmp/archive.tar.gz --slapos-configuration=$conf rm -f /tmp/archive.tar.gz && tar -czvf /tmp/archive.tar.gz . && slapcache-upload --file=/tmp/archive.tar.gz --slapos-configuration=$conf
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment