From 5faaebe7a0b21876be3038dd504b5d6c510e3eda Mon Sep 17 00:00:00 2001 From: Frank Brehm Date: Fri, 31 May 2024 11:11:01 +0200 Subject: [PATCH] Rewriting scripts/get-rhel-dvd-iso-image to use offline token file. --- scripts/get-rhel-dvd-iso-image | 119 +++++++++++++------------ scripts/refresh-download-offline-token | 8 +- 2 files changed, 68 insertions(+), 59 deletions(-) diff --git a/scripts/get-rhel-dvd-iso-image b/scripts/get-rhel-dvd-iso-image index 95c486e..3bcae20 100755 --- a/scripts/get-rhel-dvd-iso-image +++ b/scripts/get-rhel-dvd-iso-image @@ -20,25 +20,8 @@ else exit 5 fi -OFFLINE_TOKEN=$( cat <<-EOF - eyJhbGciOiJIUzUxMiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICI0NzQzYTkzMC03YmJiLTR - kZGQtOTgzMS00ODcxNGRlZDc0YjUifQ.eyJpYXQiOjE3MTcwNTYxNjksImp0aSI6IjMxZmR - jYTJjLTlmNGEtNGU1Ni1iZTc5LTkzZjYwMDZmMTk2YiIsImlzcyI6Imh0dHBzOi8vc3NvLn - JlZGhhdC5jb20vYXV0aC9yZWFsbXMvcmVkaGF0LWV4dGVybmFsIiwiYXVkIjoiaHR0cHM6L - y9zc28ucmVkaGF0LmNvbS9hdXRoL3JlYWxtcy9yZWRoYXQtZXh0ZXJuYWwiLCJzdWIiOiJm - OjUyOGQ3NmZmLWY3MDgtNDNlZC04Y2Q1LWZlMTZmNGZlMGNlNjpkcHgtZG93bmxvYWRlciI - sInR5cCI6Ik9mZmxpbmUiLCJhenAiOiJyaHNtLWFwaSIsInNlc3Npb25fc3RhdGUiOiIxYj - kyZDE3MC0wZWE2LTQ0MmEtYjdhNS02ZWQ4YTY2YTIzY2IiLCJzY29wZSI6InJvbGVzIHdlY - i1vcmlnaW5zIG9mZmxpbmVfYWNjZXNzIiwic2lkIjoiMWI5MmQxNzAtMGVhNi00NDJhLWI3 - YTUtNmVkOGE2NmEyM2NiIn0.AnN1lt3zjHBmQXrVNZKPWK3Moo90ZOzFL457bOX4znoQWsH - zjeE4k4xT-Y9J-k3ufji7tyZ7qqyoiZe2XVyXYA - EOF -) - -OFFLINE_TOKEN=$( echo "${OFFLINE_TOKEN}" | tr -d '[:space:]' ) - -DATE_LAST_TOKEN='2024-05-30 10:00:00+02:00' -MAX_DAYS_LAST_TOKEN="29" +OFFLINE_TOKEN_FILE='/root/.private/rh-download-offline-token.txt' +OFFLINE_TOKEN= RED_HAT_DOWNLOAD_USER="dpx-downloader" declare -A IMAGE_CHECKSUMS=() @@ -48,6 +31,7 @@ IMAGE_CHECKSUMS['rhel-8.8-dvd']='517abcc67ee3b7212f57e180f5d30be3e8269e7a99e127a IMAGE_CHECKSUMS['rhel-9.2-dvd']='a18bf014e2cb5b6b9cee3ea09ccfd7bc2a84e68e09487bb119a98aa0e3563ac2' IMAGE_CHECKSUMS['rhel-9.3-dvd']='5c802147aa58429b21e223ee60e347e850d6b0d8680930c4ffb27340ffb687a8' IMAGE_CHECKSUMS['rhel-9.4-dvd']='398561d7b66f1a4bf23664f4aa8f2cfbb3641aa2f01a320068e86bd1fc0e9076' +IMAGE_CHECKSUMS['rhel-9.4-boot']='17b013f605e6b85affd37431b533b6904541f8b889179ae3f99e1e480dd4ae38' IMAGE_CHECKSUM= @@ -63,6 +47,7 @@ SSO_REDHAT_URL='https://sso.redhat.com/auth/realms/redhat-external/protocol/open IMAGE_DOWNLOAD_URL="https://api.access.redhat.com/management/v1/images/@CHECKSUM@/download" +DEFAULT_OUTPUT_DIR='/var/lib/cobbler/iso-images' OUTPUT= IMAGE_KEY= OUTPUT_FILE= @@ -92,8 +77,8 @@ usage() { " done - cat <<-EOF - Usage: ${BASE_NAME} [Common Options] [-O|--output OUTPUTDIR_OR_FILE] + local out=$( cat <<-EOF + Usage: ${BASE_NAME} [Common Options] [-F|--offline-token-file FILE] [-O|--output OUTPUTDIR_OR_FILE] ${BASE_NAME} [-h|--help] ${BASE_NAME} [-V|--version] @@ -103,13 +88,19 @@ usage() { ${keys_out} Special Options: + -F|--offline-token-file FILE + The filename of the file containing the offline token. + Default: '${CYAN}${OFFLINE_TOKEN_FILE}${NORMAL}' -o|--output OUTPUTDIR_OR_FILE The filename of the ISO output image file or the directory, where to store the downloaded ISO image. + Default: '${CYAN}${DEFAULT_OUTPUT_DIR}${NORMAL}' Common Options: ${STD_USAGE_MSG} EOF + ) + echo -e "${out}" } @@ -120,8 +111,8 @@ get_options() { local arg= set +e - tmp=$( getopt -o "${STD_SHORT_OPTIONS}O:" \ - --long "${STD_LONG_OPTIONS},output:" \ + tmp=$( getopt -o "${STD_SHORT_OPTIONS}F:O:" \ + --long "${STD_LONG_OPTIONS},offline-token-file:,output:" \ -n "${BASE_NAME}" -- "$@" ) # shellcheck disable=SC2181 if [[ $? != 0 ]] ; then @@ -147,6 +138,11 @@ get_options() { arg="${REMAINING_OPTS[$i]}" case "${arg}" in + -F|--offline-token-file) + j=$(( i + 1 )) + OFFLINE_TOKEN_FILE="${REMAINING_OPTS[$j]}" + i=$(( i + 2 )) + ;; -O|--output) j=$(( i + 1 )) OUTPUT="${REMAINING_OPTS[$j]}" @@ -193,55 +189,65 @@ get_options() { OUTPUT_FILE="${OUTPUT}" fi else - OUTPUT_FILE="${output_base}" + OUTPUT="${DEFAULT_OUTPUT_DIR}" + OUTPUT_FILE="${DEFAULT_OUTPUT_DIR}" fi + debug "Using outout file: '${CYAN}${OUTPUT_FILE}${NORMAL}'." - if [[ $(id -u -n) != "root" ]] ; then - error "You must ${RED}be root${NORMAL} to execute this script!" >&2 + check_for_root + + if [[ -z "${OFFLINE_TOKEN_FILE}" ]] ; then + error "No filename for the offline token file given." + echo >&2 + usage >&2 exit 1 fi -} - -#------------------------------------------------------------------------------ -check_token_age() { - - empty_line - debug "Checking age of access token ..." + if [[ ! -e "${OFFLINE_TOKEN_FILE}" ]] ; then + error "The offline token file '${CYAN}${OFFLINE_TOKEN_FILE}${NORMAL}' ${RED}does not exists${NORMAL}." + echo >&2 + usage >&2 + exit 1 + fi - local last_token_ts= - local current_ts= - local cur_time_diff= - local max_time_diff= + if [[ ! -f "${OFFLINE_TOKEN_FILE}" ]] ; then + error "The offline token file '${CYAN}${OFFLINE_TOKEN_FILE}${NORMAL}' ${RED}is not a regular file${NORMAL}." + echo >&2 + usage >&2 + exit 1 + fi - last_token_ts=$( date -d "${DATE_LAST_TOKEN}" +'%s' ) - current_ts=$( date +'%s' ) - cur_time_diff=$(( current_ts - last_token_ts )) - max_time_diff=$(( MAX_DAYS_LAST_TOKEN * 24 * 60 * 60 )) + if [[ ! -r "${OFFLINE_TOKEN_FILE}" ]] ; then + error "The offline token file '${CYAN}${OFFLINE_TOKEN_FILE}${NORMAL}' ${RED}is not readable${NORMAL}." + echo >&2 + usage >&2 + exit 1 + fi - debug "The date of getting the access token is ${CYAN}${cur_time_diff} seconds ago${NORMAL}." +} - if [[ "${cur_time_diff}" -gt "${max_time_diff}" ]] ; then - local msg="The current ${RED}access token is too old${NORMAL} - " - msg+="it is from ${CYAN}${DATE_LAST_TOKEN}${NORMAL}. " - msg+="It may be at most ${CYAN}${MAX_DAYS_LAST_TOKEN} days${NORMAL} old." - error "${msg}" +#------------------------------------------------------------------------------ +get_offline_token() { - empty_line - msg="Please log in at Red Hat Customer portal as '${CYAN}${RED_HAT_DOWNLOAD_USER}${NORMAL}', " - msg+="get a new access token and update the token and the date of the last change in this script." - error "${msg}" - empty_line + empty_line + debug "Reading offline token from '${CYAN}${OFFLINE_TOKEN_FILE}${NORMAL}' ..." - exit 6 + OFFLINE_TOKEN=$( cat "${OFFLINE_TOKEN_FILE}" | head -n 1 | tr -d '[:space:]' ) + if [[ -z "${OFFLINE_TOKEN}" ]] ; then + error "${RED}No offline token found${NORMAL} in file '${CYAN}${OFFLINE_TOKEN_FILE}${NORMAL}'." + echo >&2 + exit 5 fi + debug "Got offline token." } - #------------------------------------------------------------------------------ get_access_token() { + empty_line + info "Trying to get an access token from '${CYAN}${SSO_REDHAT_URL}${NORMAL}' ..." + local cmd="curl --silent '${SSO_REDHAT_URL}' --data grant_type=refresh_token " cmd+="--data client_id=rhsm-api --data refresh_token='${OFFLINE_TOKEN}' " cmd+="| jq -r '.access_token'" @@ -255,7 +261,8 @@ get_access_token() { ACCESS_TOKEN=$( eval ${cmd} ) fi - debug "Got access token: '${CYAN}${ACCESS_TOKEN}${NORMAL}'." + info "Got an access token." + debug "Access token: '${CYAN}${ACCESS_TOKEN}${NORMAL}'." } @@ -327,7 +334,7 @@ main() { get_options "$@" set_locale "en_US.utf8" - check_token_age + get_offline_token get_access_token get_image_info download_image diff --git a/scripts/refresh-download-offline-token b/scripts/refresh-download-offline-token index 89271c1..590dbe3 100755 --- a/scripts/refresh-download-offline-token +++ b/scripts/refresh-download-offline-token @@ -55,7 +55,7 @@ usage() { " done - cat <<-EOF + local out=$( cat <<-EOF Usage: ${BASE_NAME} [Common Options] [-F|--offline-token-file FILE] [-L|--logfile FILE] ${BASE_NAME} [-h|--help] ${BASE_NAME} [-V|--version] @@ -63,14 +63,16 @@ usage() { Special Options: -F|--offline-token-file FILE The filename of the file containing the offline token. - Default: '${OFFLINE_TOKEN_FILE}' + Default: '${CYAN}${OFFLINE_TOKEN_FILE}${NORMAL}' -L|--logfile FILE The logfile for this script. Setting it to an empty string '' disables logging. - Default: '${DEFAULT_LOGFILE}' + Default: '${CYAN}${DEFAULT_LOGFILE}${NORMAL}' Common Options: ${STD_USAGE_MSG} EOF + ) + echo -e "${out}" } -- 2.39.5