aboutsummaryrefslogtreecommitdiff
path: root/scripts/build-homebrew-formula.py
diff options
context:
space:
mode:
authorRob Austein <sra@hactrn.net>2016-12-14 00:56:24 -0500
committerRob Austein <sra@hactrn.net>2016-12-14 00:56:24 -0500
commitb94f9f9d3816d3cd26a4cc8f3da9f4616bd05a35 (patch)
treefbeb9b09ce998632986b2ad623adc832f795e6bf /scripts/build-homebrew-formula.py
parenteb5aaecab2b988f3ff4d36817fb56aca5a30aebb (diff)
Support multiple packages corresponding to multiple releng branches.
We want to be able to provide packaged builds of development branches. The most straightforward way to do this is a 1:1 correspondence between branches in the releng tree and variant package names. We adopt a simple convention: the base package name corresponds to the master branch, all other branches are named with the base package name followed by the branch name. So the master branch is the cryptech-alpha package, the ksng branch is the cryptech-alpha-ksng branch, and so forth. This isn't a perfect solution, but it's probably good enough. In order to do this, we need to generate the debian/control file at build-time, so that we can generate the list of conflicting packages. This commit also pulls in a few changes that had collected on the master branches of various repositories, chiefly because a few of them were necessary to get it the build to run at all.
Diffstat (limited to 'scripts/build-homebrew-formula.py')
-rwxr-xr-xscripts/build-homebrew-formula.py99
1 files changed, 99 insertions, 0 deletions
diff --git a/scripts/build-homebrew-formula.py b/scripts/build-homebrew-formula.py
new file mode 100755
index 0000000..6d43b45
--- /dev/null
+++ b/scripts/build-homebrew-formula.py
@@ -0,0 +1,99 @@
+#!/usr/bin/env python
+
+# Yes, this is a Python program writing a Ruby program.
+
+import argparse
+import hashlib
+import sys
+import os
+
+parser = argparse.ArgumentParser()
+parser.add_argument("--url-base", default = "https://brew.cryptech.is/tarballs/")
+parser.add_argument("tarball")
+parser.add_argument("version")
+parser.add_argument("formula", type = argparse.FileType("w"), nargs = "?", default = sys.stdout)
+parser.add_argument("conflicts", nargs = "*")
+args = parser.parse_args()
+
+template = '''\
+# This Homebrew forumula was automatically generated by a script.
+# You might not want to edit it manually.
+
+class CryptechAlpha < Formula
+
+ desc "Software for working with Cryptech Alpha board HSM"
+ homepage "https://cryptech.is/"
+ version "{version}"
+ url "{url}"
+ sha256 "{sha256}"
+
+{conflicts}
+
+ # See https://github.com/Homebrew/brew/blob/master/share/doc/homebrew/Formula-Cookbook.md#specifying-other-formulae-as-dependencies
+ # for details on handling dependencies on other homebrew packages (eg, sqlite3).
+
+ # See https://github.com/Homebrew/brew/blob/master/share/doc/homebrew/Python-for-Formula-Authors.md
+ # for details on handling dependencies on Python libraries (eg, pyserial).
+
+ depends_on "sqlite3"
+
+ resource "pyserial" do
+ url "https://pypi.python.org/packages/3c/d8/a9fa247ca60b02b3bebbd61766b4f321393b57b13c53b18f6f62cf172c08/pyserial-3.1.1.tar.gz"
+ sha256 "d657051249ce3cbd0446bcfb2be07a435e1029da4d63f53ed9b4cdde7373364c"
+ end
+
+ resource "PyYAML" do
+ url "http://pyyaml.org/download/pyyaml/PyYAML-3.11.tar.gz"
+ sha256 "c36c938a872e5ff494938b33b14aaa156cb439ec67548fcab3535bb78b0846e8"
+ end
+
+ def install
+
+ # Installation is a bit complex due to the way Homebrew handles
+ # Python library dependencies and due to our stuff being a mix of
+ # Python and C.
+
+ # Set PYTHONPATH to point to our private library location.
+
+ ENV.prepend_create_path "PYTHONPATH", libexec/"vendor/lib/python2.7/site-packages"
+
+ # Add all resources (and assume they are all Python, be careful...).
+
+ resources.each do |r|
+ r.stage do
+ system "python", *Language::Python.setup_install_args(libexec/"vendor")
+ end
+ end
+
+ # Build everything.
+
+ ohai "Building PKCS #11 code (including crypto and bignum libraries) from source, this is slow, please be patient..."
+ ENV.deparallelize
+ system "make", "-C", "sw/pkcs11"
+
+ # Install the Python scripts, then replace them with stubs which
+ # set PYTHONPATH before calling the real scripts.
+
+ bin.install "sw/stm32/projects/hsm/cryptech_upload"
+ bin.install "sw/stm32/projects/hsm/cryptech_probe"
+ bin.install "sw/stm32/projects/hsm/cryptech_miniterm"
+ bin.env_script_all_files(libexec/"bin", :PYTHONPATH => ENV["PYTHONPATH"])
+
+ # Install other (non-Python) stuff, then we are done.
+
+ share.install "cryptech-alpha-firmware.tar.gz"
+ lib.install "sw/pkcs11/libcryptech-pkcs11.dylib"
+ #bin.install "sw/pkcs11/p11util"
+ end
+
+end
+'''
+
+with open(args.tarball, "rb") as f:
+ digest = hashlib.sha256(f.read()).hexdigest()
+
+args.formula.write(template.format(
+ version = args.version,
+ url = os.path.join(args.url_base, os.path.basename(args.tarball)),
+ sha256 = digest,
+ conflicts = "".join("conflicts_with \"{}\", :because => \"firmware and pkcs11 library must match\"\n".format(i) for i in args.conflicts)))