#!/bin/bash # local checkout of SpamAssassin SVN # sasvndir=/home/jm/ftp/spamassassin # download stage, where update tarballs are deposited for downloaders # stagedir=/home/jm/zone.example.org/rules/sought_foo/stage.vm-misc remotestagersynclocation=vm-web:/home/jm/zone.example.org/rules/sought_foo/stage # directory where "0.2.3" and other version-specific files live. # it's assumed that the *real* zone $INCLUDEs files from this dir. # it must be writable by the user this script runs as. # dnsdir=/home/jm/zones/foo.rules.zone.example.org.d # directory where "counter", "soa_line.tmpl", "soa_line" live. # it's assumed that the *real* zone $INCLUDEs files from this dir. # it must be writable by the user this script runs as. # soadir=/home/jm/zones/zone.example.org.d # GPG key home directory # gpgkeydir=/home/jm/ftp/sought_var/key # state directory, where intra-run state is stored locally. # statedir=/home/jm/ftp/sought_var/state_foo # SpamAssassin versions to generate updates for versions="3.2.x 3.3.0" svnuri="https://svn.example.com/path/to/some/sought_foo.cf" rulesfilename="sought_foo.cf" # command to SVN export the current ruleset # do_svn_export () { svn export $svnuri \ --username unprivuser --password unprivrandompassword } # --------------------------------------------------------------------------- make_tarball_for_version () { version="$1" tmpdir=$statedir/tmp/$version rm -rf $tmpdir; mkdir -p $tmpdir || exit $? case "$version" in 3.1.x ) tarballprefix="310" ;; 3.2.x ) tarballprefix="320" ;; 3.3.0 ) tarballprefix="330" ;; * ) echo "no prefix for $version! FAILING" 1>&2 ; exit 1 ;; esac cd $sasvndir # dl the rules files. rulesdir=$tmpdir/share/spamassassin mkdir -p $rulesdir ( cd $rulesdir do_svn_export ) # and lint them ./spamassassin -C $rulesdir/$rulesfilename --lint ( cd $rulesdir tar cvf - $rulesfilename || exit $? ) | gzip -9 > $tmpdir/update.tgz || exit $? # ensure non-empty [ -s $tmpdir/update.tgz ] || exit 3 # sign and get sums gpg --batch --homedir $gpgkeydir -bas $tmpdir/update.tgz || exit $? $PERL build/sha1sum.pl $tmpdir/update.tgz > $tmpdir/update.tgz.sha1 || exit $? # get SVN revision number. # note: use 'Last Changed Rev' instead of 'Revision'. Because we may share # an SVN repository with other projects, this means that the same # rev of *our* codebase may appear under multiple rev#s, as other projects # check their changes in. svn info $svnuri \ < /dev/null > $tmpdir/svn 2>&1 || exit $? svnrev=`(grep 'Last Changed Rev: ' $tmpdir/svn || exit 1) | \ sed -e 's/^.*: //'` if [ "$svnrev" == "" ] ; then echo "missing SVN revision" cat $tmpdir/svn exit 5 fi if [ "$svnrev" -lt 1 ] ; then echo "bad SVN revision: $svnrev" cat $tmpdir/svn exit 5 fi svnrev="$tarballprefix$svnrev" # TODO: if we were maintaining multiple versions, these would be # copied into a path specific to the version chmod 644 $tmpdir/update.tgz $tmpdir/update.tgz* mv $tmpdir/update.tgz $stagedir/$svnrev.tar.gz || exit $? mv $tmpdir/update.tgz.sha1 $stagedir/$svnrev.tar.gz.sha1 || exit $? mv $tmpdir/update.tgz.asc $stagedir/$svnrev.tar.gz.asc || exit $? # next, create the new DNS record.... # turn "3.2.0" into "0.2.3" # and "foo.bar.3.2.0" into "0.2.3.bar.foo" rvers=`echo "$version" | perl -ne \ 's/x/*/g;chop; @x = split(/\./); print join ".", reverse @x'` dnsfile="$dnsdir/$version" if echo " $rvers TXT \"$svnrev\" " > $dnsfile.new then mv $dnsfile.new $dnsfile || exit $? else echo "failed to create $dnsfile.new" 1>&2 ; exit 1 fi # increment the zone serial. bash $sasvndir/masses/rule-dev/sought/mkzone/tick_zone_serial $soadir || exit $? # clean up 4-day-old (and older) update tarballs. This seems as # good a place as any to do this! # note: for manual updates, the file permissions should be 0444 so let's clean # out only 0644 (automatic) updates. a bit of a kluge, but ... find $stagedir -mtime +4 -perm 0644 -type f -name '*.tar.*' | xargs rm true } # --------------------------------------------------------------------------- . /etc/profile [ -d $stagedir ] || echo "no stagedir" 1>&2 [ -d $stagedir ] || exit 6 cd $statedir mv LOG.2 LOG.3 mv LOG.1 LOG.2 mv LOG LOG.1 ( set -xe for version in $versions ; do make_tarball_for_version $version || exit 1 done ls -l $stagedir rsync -vre ssh --delete $stagedir/. $remotestagersynclocation/. ) > LOG 2>&1 exit