Create (md5|sha256) checksum files for images
In shade, we use both md5 and sha256 checksums to help validate the integrity of an image. Rather then having nodepool do this each time for every time, have diskimage-builder create these files when we build the image. We've added a flag (disabled by default) to toggle this functionality. Change-Id: I5815ba69b7d477f1e91dc8ec0c69c86168770964 Signed-off-by: Paul Belanger <pabelanger@redhat.com>
This commit is contained in:
parent
b0d72a3161
commit
2ea5feca5c
@ -109,6 +109,7 @@ function show_options () {
|
|||||||
echo " -x -- turn on tracing (use -x -x for very detailed tracing)"
|
echo " -x -- turn on tracing (use -x -x for very detailed tracing)"
|
||||||
echo " -u -- uncompressed; do not compress the image - larger but faster"
|
echo " -u -- uncompressed; do not compress the image - larger but faster"
|
||||||
echo " -c -- clear environment before starting work"
|
echo " -c -- clear environment before starting work"
|
||||||
|
echo " --checksum -- generate MD5 and SHA256 checksum files for the created image"
|
||||||
echo " --image-size size -- image size in GB for the created image"
|
echo " --image-size size -- image size in GB for the created image"
|
||||||
echo " --image-cache directory -- location for cached images(default ~/.cache/image-create)"
|
echo " --image-cache directory -- location for cached images(default ~/.cache/image-create)"
|
||||||
echo " --max-online-resize size -- max number of filesystem blocks to support when resizing."
|
echo " --max-online-resize size -- max number of filesystem blocks to support when resizing."
|
||||||
@ -172,7 +173,7 @@ DIB_DEFAULT_INSTALLTYPE=${DIB_DEFAULT_INSTALLTYPE:-"source"}
|
|||||||
MKFS_OPTS=""
|
MKFS_OPTS=""
|
||||||
ACI_MANIFEST=${ACI_MANIFEST:-}
|
ACI_MANIFEST=${ACI_MANIFEST:-}
|
||||||
DOCKER_TARGET=""
|
DOCKER_TARGET=""
|
||||||
TEMP=`getopt -o a:ho:t:xucnp: -l no-tmpfs,offline,help,version,min-tmpfs:,image-size:,image-cache:,max-online-resize:,mkfs-options:,qemu-img-options:,ramdisk-element:,root-label:,install-type:,docker-target: -n $SCRIPTNAME -- "$@"`
|
TEMP=`getopt -o a:ho:t:xucnp: -l checksum,no-tmpfs,offline,help,version,min-tmpfs:,image-size:,image-cache:,max-online-resize:,mkfs-options:,qemu-img-options:,ramdisk-element:,root-label:,install-type:,docker-target: -n $SCRIPTNAME -- "$@"`
|
||||||
if [ $? -ne 0 ] ; then echo "Terminating..." >&2 ; exit 1 ; fi
|
if [ $? -ne 0 ] ; then echo "Terminating..." >&2 ; exit 1 ; fi
|
||||||
|
|
||||||
# Note the quotes around `$TEMP': they are essential!
|
# Note the quotes around `$TEMP': they are essential!
|
||||||
@ -190,6 +191,7 @@ while true ; do
|
|||||||
-c) shift ; export CLEAR_ENV=1;;
|
-c) shift ; export CLEAR_ENV=1;;
|
||||||
-n) shift; export SKIP_BASE="1";;
|
-n) shift; export SKIP_BASE="1";;
|
||||||
-p) IFS="," read -a INSTALL_PACKAGES <<< "$2"; export INSTALL_PACKAGES ; shift 2 ;;
|
-p) IFS="," read -a INSTALL_PACKAGES <<< "$2"; export INSTALL_PACKAGES ; shift 2 ;;
|
||||||
|
--checksum) shift; export DIB_CHECKSUM=1;;
|
||||||
--image-size) export DIB_IMAGE_SIZE=$2; shift 2;;
|
--image-size) export DIB_IMAGE_SIZE=$2; shift 2;;
|
||||||
--image-cache) export DIB_IMAGE_CACHE=$2; shift 2;;
|
--image-cache) export DIB_IMAGE_CACHE=$2; shift 2;;
|
||||||
--max-online-resize) export MAX_ONLINE_RESIZE=$2; shift 2;;
|
--max-online-resize) export MAX_ONLINE_RESIZE=$2; shift 2;;
|
||||||
|
@ -34,6 +34,7 @@ fi
|
|||||||
ARCH=${ARCH:-$_ARCH}
|
ARCH=${ARCH:-$_ARCH}
|
||||||
export ARCH
|
export ARCH
|
||||||
|
|
||||||
|
export DIB_CHECKSUM=${DIB_CHECKSUM:-0}
|
||||||
export DIB_NO_TMPFS=${DIB_NO_TMPFS:-0}
|
export DIB_NO_TMPFS=${DIB_NO_TMPFS:-0}
|
||||||
export DIB_MIN_TMPFS=${DIB_MIN_TMPFS:-2}
|
export DIB_MIN_TMPFS=${DIB_MIN_TMPFS:-2}
|
||||||
# Set via the CLI normally.
|
# Set via the CLI normally.
|
||||||
|
@ -51,9 +51,19 @@ function finish_image () {
|
|||||||
old_image="${1%.*}"-$(date +%Y.%m.%d-%H.%M.%S).${1##*.}
|
old_image="${1%.*}"-$(date +%Y.%m.%d-%H.%M.%S).${1##*.}
|
||||||
echo "Old image found. Renaming it to $old_image"
|
echo "Old image found. Renaming it to $old_image"
|
||||||
mv "$1" "$old_image"
|
mv "$1" "$old_image"
|
||||||
|
if [ -f "$1.md5" ]; then
|
||||||
|
mv "$1.md5" "$old_image.md5"
|
||||||
|
fi
|
||||||
|
if [ -f "$1.sha256" ]; then
|
||||||
|
mv "$1.sha256" "$old_image.sha256"
|
||||||
|
fi
|
||||||
fi
|
fi
|
||||||
|
|
||||||
mv $OUT_IMAGE_PATH $1
|
mv $OUT_IMAGE_PATH $1
|
||||||
|
if [ "$DIB_CHECKSUM" == "1" ]; then
|
||||||
|
md5sum $1 > $1.md5
|
||||||
|
sha256sum $1 > $1.sha256
|
||||||
|
fi
|
||||||
echo "Image file $1 created..."
|
echo "Image file $1 created..."
|
||||||
}
|
}
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user