aboutsummaryrefslogblamecommitdiff
path: root/scripts/build-homebrew-formula.py
blob: d38614266ecb2306a68b1be4f15bf2b2a6122730 (plain) (tree)
1
2
3
4
5
6
7
8
9
10









                                                       





                                                                                                    




                                                                 















                                                                      









                                                                   
 
                                                     
 


                                                         
 
                           






                                                               

           

                     



                                                                                                                                      
 




                                                                             



                                                                                          
 









                                                                                                    
             
 
                                                                                      
 





                                                                               
                                                                                                                         

                                    
 
                                                                 
                                                                             
 
                                                  
                                                      
 







                                                 

                                                                          

                                                                                                                              
 

                                                                 
                                   
                             
                    
                       
                          
                           
#!/usr/bin/env python

# Yes, this is a Python program writing a Ruby program.

import argparse
import hashlib
import sys
import os

parser = argparse.ArgumentParser()
parser.add_argument("--url-base",  default = "https://brew.cryptech.is/tarballs/")
parser.add_argument("--tarball",   required = True)
parser.add_argument("--package",   required = True)
parser.add_argument("--version",   required = True)
parser.add_argument("--formula",   type = argparse.FileType("w"), nargs = "?", default = sys.stdout)
parser.add_argument("--conflicts", default = "")
args = parser.parse_args()

template = '''\
# This Homebrew forumula was automatically generated by a script.
# You might not want to edit it manually.
#
# Installation is a bit complex due to the way Homebrew handles Python
# library dependencies and due to our stuff being a mixture of Python
# and C.  It's also painfully slow, because we're not using bottles,
# due to lack of a MacOS build farm.  Sorry.
#
# Per Homebrew expectations, we install copies of external Python
# libraries ("resources") in our own private library directory, using
# Homebrew's hack to run our executable Python scripts with PYTHONPATH
# pointing to our private library directory.  Our own Python library
# code, however, is what Homebrew considers "bindings", so we install
# those where user scripts as well as our own can find them.
#
# We have to build our own software before installing our Python code,
# because at least one of the Python modules we install
# (cryptech.py11.attribute_map) is generated during the build.

# The declared dependency on "python" (NOT :python) is undocumented
# Homebrew voodoo to force our scripts to use Homebrew's version of
# Python so that they can see the libraries we install.  Not really
# sure why this is necessary given what the documentation does say,
# but without this, at least on Sierra, I end up with scripts using
# /usr/bin/python trying to load libraries which were installed
# under /usr/local/..., which doesn't work.
#
# Reference for all the Python documented voodoo:
#
# http://docs.brew.sh/Python-for-Formula-Authors.html
#
# Reference for the undocuemnted Python voodoo:
#
# /usr/local/Homebrew/Library/Homebrew/language/python.rb

class {classname} < Formula

  desc     "Software for working with Cryptech Alpha board HSM"
  homepage "https://cryptech.is/"
  version  "{version}"
  url      "{url}"
  sha256   "{sha256}"

{conflicts}

  depends_on "python"

  resource "pyserial" do
    url    "https://pypi.python.org/packages/3c/d8/a9fa247ca60b02b3bebbd61766b4f321393b57b13c53b18f6f62cf172c08/pyserial-3.1.1.tar.gz"
    sha256 "d657051249ce3cbd0446bcfb2be07a435e1029da4d63f53ed9b4cdde7373364c"
  end

  resource "PyYAML" do
    url    "http://pyyaml.org/download/pyyaml/PyYAML-3.11.tar.gz"
    sha256 "c36c938a872e5ff494938b33b14aaa156cb439ec67548fcab3535bb78b0846e8"
  end

  resource "tornado" do
    url    "https://files.pythonhosted.org/packages/source/t/tornado/tornado-4.4.3.tar.gz"
    sha256 "f267acc96d5cf3df0fd8a7bfb5a91c2eb4ec81d5962d1a7386ceb34c655634a8"
  end

  resource "singledispatch" do
    url    "https://pypi.python.org/packages/source/s/singledispatch/singledispatch-3.4.0.3.tar.gz"
    sha256 "5b06af87df13818d14f08a028e42f566640aef80805c3b50c5056b086e3c2b9c"
  end

  resource "backports_abc" do
    url    "https://files.pythonhosted.org/packages/source/b/backports_abc/backports_abc-0.5.tar.gz"
    sha256 "033be54514a03e255df75c5aee8f9e672f663f93abb723444caec8fe43437bde"
  end

  def install

    ENV.prepend_create_path "PYTHONPATH", libexec/"vendor/lib/python2.7/site-packages"

    resources.each do |r|
      r.stage do
        system "python", *Language::Python.setup_install_args(libexec/"vendor")
      end
    end

    ohai "Building PKCS #11 code (including crypto and bignum libraries) from source, this is slow, please be patient..."
    ENV.deparallelize
    system "make", "-C", "sw/pkcs11"

    system "python", *Language::Python.setup_install_args(prefix)
    bin.env_script_all_files(libexec/"bin", :PYTHONPATH => ENV["PYTHONPATH"])

    share.install "cryptech-alpha-firmware.tar.gz"
    lib.install   "sw/pkcs11/libcryptech-pkcs11.dylib"

  end

end
'''

with open(args.tarball, "rb") as f:
    digest = hashlib.sha256(f.read()).hexdigest()

classname = "".join(word.capitalize() for word in args.package.split("-"))

conflicts = "".join("  conflicts_with \"{}\", :because => \"HSM firmware and PKCS #11 library must match\"\n".format(conflict)
                    for conflict in args.conflicts.split())

url = os.path.join(args.url_base, os.path.basename(args.tarball))

args.formula.write(template.format(
    version   = args.version,
    url       = url,
    sha256    = digest,
    classname = classname,
    conflicts = conflicts))