#!/usr/bin/env python
import subprocess
import tempfile
import argparse
import hashlib
import tarfile
import json
import os
parser = argparse.ArgumentParser()
parser.add_argument("tarfile", type = argparse.FileType("wb"), help = "tarball to create")
parser.add_argument("firmware", nargs = "+", help = "firmware files to stuff into tarball")
args = parser.parse_args()
tar = tarfile.TarFile.open(fileobj = args.tarfile, mode = "w|gz")
head = subprocess.check_output(("git", "rev-parse", "HEAD")).strip()
time = subprocess.check_output(("git", "show", "-s", "--format=%ct", "HEAD")).strip()
commits = dict((path, hash) for hash, path, branch in
(line.split() for line in subprocess.check_output(("git", "submodule", "status")).splitlines()))
sha256 = {}
for fn in args.firmware:
with open(fn, "rb") as f:
sha256[os.path.basename(fn)] = hashlib.sha256(f.read()).hexdigest()
tar.add(fn, os.path.basename(fn))
with tempfile.NamedTemporaryFile() as f:
os.fchmod(f.fileno(), 0644)
use_gpg = os.path.isdir(os.getenv("GNUPGHOME", ""))
if use_gpg:
gpg = subprocess.Popen(("gpg", "--clearsign", "--personal-digest-preferences", "SHA256", "--no-permission-warning"),
stdin = subprocess.PIPE, stdout = f)
jf = gnupg.stdin
else:
jf = f
json.dump(dict(head = head, time = time, commits = commits, sha256 = sha256), jf, indent = 2)
if use_gpg:
gpg.stdin.close()
if gpg.wait():
raise subprocess.CalledProcessError(gpg.returncode, "gpg")
f.seek(0)
tar.add(f.name, "MANIFEST")
tar.close()
args.tarfile.close()