-
Notifications
You must be signed in to change notification settings - Fork 2
/
10_sideload_rocky
59 lines (50 loc) · 2.27 KB
/
10_sideload_rocky
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
#!/usr/bin/env bash
function install_rocky_repo()
{
os_version="${OS_VERSION-$(source /etc/os-release; echo "${VERSION_ID%%.*}")}"
# Alternative: If using the direct url gets slow, use the mirror list:
# https://mirrors.rockylinux.org/mirrorlist?arch=x86_64&repo=rocky-AppStream-${os_version}
# test direct url, otherwise use vault
base_url="https://dl.rockylinux.org/pub/rocky/${os_version}"
if ! curl --output /dev/null --silent --head --fail "${base_url}/BaseOS/"; then
base_url="https://dl.rockylinux.org/vault/rocky/${os_version}"
fi
# Alternative idea: If this code breaks, use ${base_url}/rocky/fullfilelist
r_data="$(curl -fsSL "${base_url}/BaseOS/x86_64/os/Packages/r/" | sed -nE 's|.*href="([^"]*)".*|\1|p')"
gpg_keys=($(echo "${r_data}" | grep ^rocky-gpg-keys-)) # noquotes
repos=($(echo "${r_data}" | grep ^rocky-repos-)) # noquotes
gpg_url="${base_url}/BaseOS/x86_64/os/Packages/r/${gpg_keys[-1]}"
repo_url="${base_url}/BaseOS/x86_64/os/Packages/r/${repos[-1]}"
# ensure rocky-offical GPG key is always available
# otherwise ``dnf install -y "${gpg_url}"`` might fail
rpm --import https://dl.rockylinux.org/pub/rocky/RPM-GPG-KEY-rockyofficial
# Install packages
dnf install -y "${gpg_url}"
# Repo package has a rocky system package as a requirement, which we don't want
rpm -i --nodeps "${repo_url}"
# Disable all rocky packages by default, add rocky- to their name, and make the
# cost 2000 so redhat is preferred by default
sed -Ei 's|enabled=1|enabled=0|;
s|^\[(.*)|[rocky-\1\ncost=2000|' /etc/yum.repos.d/[rR]ocky*
}
if [ -n "${BASH_SOURCE+set}" ]; then
if [ "${BASH_SOURCE[0]}" = "${0}" ] || [ "$(basename "${BASH_SOURCE[0]}")" = "${0}" ]; then
set -eu
install_rocky_repo ${@+"${@}"}
# Self delete this file, so that rocky doesn't try to get installed twice if
# /usr/local/share/just/container_build_patch/* is called twice
exec bash -c "rm '${BASH_SOURCE[0]}'"
fi
else
case "${0}" in
*30_get-pipenv) # Ran
set -eu
install_rocky_repo ${@+"${@}"}
# sh doesn't have BASH_SOURCE or exact equivalent, this is closest, unless
# they are sourcing it, then bad things can happen, hence the guards
exec bash -c "rm '${0}'"
;;
*sh) # Sourced for sh/dash/etc...
;;
esac
fi