-
Notifications
You must be signed in to change notification settings - Fork 0
/
run.sh
executable file
·81 lines (66 loc) · 2.1 KB
/
run.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
#!/bin/sh
set -ex
if [[ ! -f "$DIT4C_IMAGE" ]]; then
echo "Unable to find DIT4C_IMAGE: $DIT4C_IMAGE"
exit 1
fi
if [[ "$DIT4C_IMAGE_ID" == "" ]]; then
echo "Must specify DIT4C_IMAGE_ID for image"
exit 1
fi
if [[ "$DIT4C_IMAGE_SERVER" == "" ]]; then
echo "Must specify DIT4C_IMAGE_SERVER to upload image"
exit 1
fi
if [[ "$DIT4C_IMAGE_UPLOAD_NOTIFICATION_URL" == "" ]]; then
echo "Must specify DIT4C_IMAGE_UPLOAD_NOTIFICATION_URL"
exit 1
fi
if [[ ! -f "$DIT4C_INSTANCE_PRIVATE_KEY_PKCS1" ]]; then
echo "Unable to find DIT4C_INSTANCE_PRIVATE_KEY_PKCS1: $DIT4C_INSTANCE_PRIVATE_KEY_PKCS1"
exit 1
fi
if [[ ! -f "$DIT4C_INSTANCE_PRIVATE_KEY_OPENPGP" ]]; then
echo "Unable to find DIT4C_INSTANCE_PRIVATE_KEY_OPENPGP: $DIT4C_INSTANCE_PRIVATE_KEY_OPENPGP"
exit 1
fi
gpg2 --batch --yes --import $DIT4C_INSTANCE_PRIVATE_KEY_OPENPGP
if [[ "$DIT4C_INSTANCE_PRIVATE_KEY_OPENPGP_PASSPHRASE" == "" ]]; then
echo "Must specify DIT4C_INSTANCE_PRIVATE_KEY_OPENPGP_PASSPHRASE to decrypt key"
exit 1
fi
if [[ "$DIT4C_INSTANCE_JWT_ISS" == "" ]]; then
echo "Must specify DIT4C_INSTANCE_JWT_ISS for JWT auth token"
exit 1
fi
if [[ "$DIT4C_INSTANCE_JWT_KID" == "" ]]; then
echo "Must specify DIT4C_INSTANCE_JWT_KID for JWT auth token"
exit 1
fi
TOKEN=$(jwt -k $DIT4C_INSTANCE_PRIVATE_KEY_PKCS1 \
-alg RS512 \
-enc \
iss=$DIT4C_INSTANCE_JWT_ISS \
kid=$DIT4C_INSTANCE_JWT_KID)
WORKDIR=$(mktemp -d)
cd $WORKDIR
WORKING_IMAGE=$(basename "$DIT4C_IMAGE")
ln -s "$DIT4C_IMAGE" "$WORKING_IMAGE"
echo "$DIT4C_INSTANCE_PRIVATE_KEY_OPENPGP_PASSPHRASE" | \
gpg2 --batch --yes --passphrase-fd 0 --pinentry-mode loopback \
--armor --detach-sign "$WORKING_IMAGE"
for f in "$WORKING_IMAGE" "$WORKING_IMAGE.asc"
do
curl -v --retry 1000 \
-H "Authorization: Bearer $TOKEN" \
--fail \
--retry-connrefused \
-T "$f" \
"$DIT4C_IMAGE_SERVER/$DIT4C_IMAGE_ID/$f"
done
IMAGE_URL="$DIT4C_IMAGE_SERVER/$DIT4C_IMAGE_ID/$WORKING_IMAGE"
curl -v -X PUT --retry 1000 \
-H "Authorization: Bearer $TOKEN" \
-H "Content-Type: text/plain; charset=UTF-8" \
-d "$IMAGE_URL" \
"$DIT4C_IMAGE_UPLOAD_NOTIFICATION_URL"