diff options
| author | Rob Austein <sra@hactrn.net> | 2016-12-14 00:56:24 -0500 |
|---|---|---|
| committer | Rob Austein <sra@hactrn.net> | 2016-12-14 00:56:24 -0500 |
| commit | b94f9f9d3816d3cd26a4cc8f3da9f4616bd05a35 (patch) | |
| tree | fbeb9b09ce998632986b2ad623adc832f795e6bf /scripts/build-homebrew-formula.py | |
| parent | eb5aaecab2b988f3ff4d36817fb56aca5a30aebb (diff) | |
Support multiple packages corresponding to multiple releng branches.
We want to be able to provide packaged builds of development branches.
The most straightforward way to do this is a 1:1 correspondence
between branches in the releng tree and variant package names.
We adopt a simple convention: the base package name corresponds to the
master branch, all other branches are named with the base package name
followed by the branch name. So the master branch is the
cryptech-alpha package, the ksng branch is the cryptech-alpha-ksng
branch, and so forth. This isn't a perfect solution, but it's
probably good enough.
In order to do this, we need to generate the debian/control file at
build-time, so that we can generate the list of conflicting packages.
This commit also pulls in a few changes that had collected on the
master branches of various repositories, chiefly because a few of them
were necessary to get it the build to run at all.
Diffstat (limited to 'scripts/build-homebrew-formula.py')
| -rwxr-xr-x | scripts/build-homebrew-formula.py | 99 |
1 files changed, 99 insertions, 0 deletions
diff --git a/scripts/build-homebrew-formula.py b/scripts/build-homebrew-formula.py new file mode 100755 index 0000000..6d43b45 --- /dev/null +++ b/scripts/build-homebrew-formula.py @@ -0,0 +1,99 @@ +#!/usr/bin/env python + +# Yes, this is a Python program writing a Ruby program. + +import argparse +import hashlib +import sys +import os + +parser = argparse.ArgumentParser() +parser.add_argument("--url-base", default = "https://brew.cryptech.is/tarballs/") +parser.add_argument("tarball") +parser.add_argument("version") +parser.add_argument("formula", type = argparse.FileType("w"), nargs = "?", default = sys.stdout) +parser.add_argument("conflicts", nargs = "*") +args = parser.parse_args() + +template = '''\ +# This Homebrew forumula was automatically generated by a script. +# You might not want to edit it manually. + +class CryptechAlpha < Formula + + desc "Software for working with Cryptech Alpha board HSM" + homepage "https://cryptech.is/" + version "{version}" + url "{url}" + sha256 "{sha256}" + +{conflicts} + + # See https://github.com/Homebrew/brew/blob/master/share/doc/homebrew/Formula-Cookbook.md#specifying-other-formulae-as-dependencies + # for details on handling dependencies on other homebrew packages (eg, sqlite3). + + # See https://github.com/Homebrew/brew/blob/master/share/doc/homebrew/Python-for-Formula-Authors.md + # for details on handling dependencies on Python libraries (eg, pyserial). + + depends_on "sqlite3" + + resource "pyserial" do + url "https://pypi.python.org/packages/3c/d8/a9fa247ca60b02b3bebbd61766b4f321393b57b13c53b18f6f62cf172c08/pyserial-3.1.1.tar.gz" + sha256 "d657051249ce3cbd0446bcfb2be07a435e1029da4d63f53ed9b4cdde7373364c" + end + + resource "PyYAML" do + url "http://pyyaml.org/download/pyyaml/PyYAML-3.11.tar.gz" + sha256 "c36c938a872e5ff494938b33b14aaa156cb439ec67548fcab3535bb78b0846e8" + end + + def install + + # Installation is a bit complex due to the way Homebrew handles + # Python library dependencies and due to our stuff being a mix of + # Python and C. + + # Set PYTHONPATH to point to our private library location. + + ENV.prepend_create_path "PYTHONPATH", libexec/"vendor/lib/python2.7/site-packages" + + # Add all resources (and assume they are all Python, be careful...). + + resources.each do |r| + r.stage do + system "python", *Language::Python.setup_install_args(libexec/"vendor") + end + end + + # Build everything. + + ohai "Building PKCS #11 code (including crypto and bignum libraries) from source, this is slow, please be patient..." + ENV.deparallelize + system "make", "-C", "sw/pkcs11" + + # Install the Python scripts, then replace them with stubs which + # set PYTHONPATH before calling the real scripts. + + bin.install "sw/stm32/projects/hsm/cryptech_upload" + bin.install "sw/stm32/projects/hsm/cryptech_probe" + bin.install "sw/stm32/projects/hsm/cryptech_miniterm" + bin.env_script_all_files(libexec/"bin", :PYTHONPATH => ENV["PYTHONPATH"]) + + # Install other (non-Python) stuff, then we are done. + + share.install "cryptech-alpha-firmware.tar.gz" + lib.install "sw/pkcs11/libcryptech-pkcs11.dylib" + #bin.install "sw/pkcs11/p11util" + end + +end +''' + +with open(args.tarball, "rb") as f: + digest = hashlib.sha256(f.read()).hexdigest() + +args.formula.write(template.format( + version = args.version, + url = os.path.join(args.url_base, os.path.basename(args.tarball)), + sha256 = digest, + conflicts = "".join("conflicts_with \"{}\", :because => \"firmware and pkcs11 library must match\"\n".format(i) for i in args.conflicts))) |