Fix contrib/upgrade.sh (#19222)
* fix idempotency of script (eg when aborting the downloads) * improve readability (user facing variables first, definitions next, statements last) * improve dependency checks * fix ignored $giteaversion variable * more logging * print usage string on incorrect usage
This commit is contained in:
Norwin
GitHub
parent
d2ca021df0
commit
42fe076084
1 changed files with 40 additions and 42 deletions
|
|
@ -3,26 +3,32 @@
|
|||
# from dl.gitea.io on linux as systemd service. It performs a backup and updates
|
||||
# Gitea in place.
|
||||
# NOTE: This adds the GPG Signing Key of the Gitea maintainers to the keyring.
|
||||
# Depends on: bash, curl, xz, sha256sum, gpg. optionally jq.
|
||||
# Usage: [environment vars] upgrade.sh [version]
|
||||
# Depends on: bash, curl, xz, sha256sum. optionally jq, gpg
|
||||
# See section below for available environment vars.
|
||||
# When no version is specified, updates to the latest release.
|
||||
# Examples:
|
||||
# upgrade.sh 1.15.10
|
||||
# giteahome=/opt/gitea giteaconf=$giteahome/app.ini upgrade.sh
|
||||
|
||||
while true; do
|
||||
case "$1" in
|
||||
-v | --version ) ver="$2"; shift 2 ;;
|
||||
-y | --yes ) no_confirm="yes"; shift ;;
|
||||
--ignore-gpg) ignore_gpg="yes"; shift ;;
|
||||
-- ) shift; break ;;
|
||||
* ) break ;;
|
||||
esac
|
||||
done
|
||||
|
||||
set -euo pipefail
|
||||
# apply variables from environment
|
||||
: "${giteabin:="/usr/local/bin/gitea"}"
|
||||
: "${giteahome:="/var/lib/gitea"}"
|
||||
: "${giteaconf:="/etc/gitea/app.ini"}"
|
||||
: "${giteauser:="git"}"
|
||||
: "${sudocmd:="sudo"}"
|
||||
: "${arch:="linux-amd64"}"
|
||||
: "${service_start:="$sudocmd systemctl start gitea"}"
|
||||
: "${service_stop:="$sudocmd systemctl stop gitea"}"
|
||||
: "${service_status:="$sudocmd systemctl status gitea"}"
|
||||
: "${backupopts:=""}" # see `gitea dump --help` for available options
|
||||
|
||||
function giteacmd {
|
||||
if [[ $sudocmd = "su" ]]; then
|
||||
"$sudocmd" - "$giteauser" -c "$giteabin" --config "$giteaconf" --work-path "$giteahome" "$@"
|
||||
else
|
||||
"$sudocmd" --user "$giteauser" "$giteabin" --config "$giteaconf" --work-path "$giteahome" "$@"
|
||||
fi
|
||||
}
|
||||
|
||||
function require {
|
||||
for exe in "$@"; do
|
||||
|
|
@ -30,8 +36,19 @@ function require {
|
|||
done
|
||||
}
|
||||
|
||||
# parse command line arguments
|
||||
while true; do
|
||||
case "$1" in
|
||||
-v | --version ) giteaversion="$2"; shift 2 ;;
|
||||
-y | --yes ) no_confirm="yes"; shift ;;
|
||||
--ignore-gpg) ignore_gpg="yes"; shift ;;
|
||||
"" | -- ) shift; break ;;
|
||||
* ) echo "Usage: [<environment vars>] upgrade.sh [-v <version>] [-y] [--ignore-gpg]"; exit 1;;
|
||||
esac
|
||||
done
|
||||
|
||||
require curl xz sha256sum gpg
|
||||
# exit once any command fails. this means that each step should be idempotent!
|
||||
set -euo pipefail
|
||||
|
||||
if [[ -f /etc/os-release ]]; then
|
||||
os_release=$(cat /etc/os-release)
|
||||
|
|
@ -46,38 +63,17 @@ if [[ -f /etc/os-release ]]; then
|
|||
fi
|
||||
fi
|
||||
|
||||
|
||||
# apply variables from environment
|
||||
: "${giteabin:="/usr/local/bin/gitea"}"
|
||||
: "${giteahome:="/var/lib/gitea"}"
|
||||
: "${giteaconf:="/etc/gitea/app.ini"}"
|
||||
: "${giteauser:="git"}"
|
||||
: "${sudocmd:="sudo"}"
|
||||
: "${arch:="linux-amd64"}"
|
||||
: "${service_start:="$sudocmd systemctl start gitea"}"
|
||||
: "${service_stop:="$sudocmd systemctl stop gitea"}"
|
||||
: "${service_status:="$sudocmd systemctl status gitea"}"
|
||||
: "${backupopts:=""}" # see `gitea dump --help` for available options
|
||||
|
||||
|
||||
function giteacmd {
|
||||
if [[ $sudocmd = "su" ]]; then
|
||||
"$sudocmd" - "$giteauser" -c "$giteabin" --config "$giteaconf" --work-path "$giteahome" "$@"
|
||||
else
|
||||
"$sudocmd" --user "$giteauser" "$giteabin" --config "$giteaconf" --work-path "$giteahome" "$@"
|
||||
fi
|
||||
}
|
||||
require curl xz sha256sum "$sudocmd"
|
||||
|
||||
# select version to install
|
||||
if [[ -z "${ver:-}" ]]; then
|
||||
if [[ -z "${giteaversion:-}" ]]; then
|
||||
require jq
|
||||
giteaversion=$(curl --connect-timeout 10 -sL https://dl.gitea.io/gitea/version.json | jq -r .latest.version)
|
||||
else
|
||||
giteaversion="$ver"
|
||||
echo "Latest available version is $giteaversion"
|
||||
fi
|
||||
|
||||
|
||||
# confirm update
|
||||
echo "Checking currently installed version..."
|
||||
current=$(giteacmd --version | cut -d ' ' -f 3)
|
||||
[[ "$current" == "$giteaversion" ]] && echo "$current is already installed, stopping." && exit 1
|
||||
if [[ -z "${no_confirm:-}" ]]; then
|
||||
|
|
@ -98,22 +94,24 @@ binurl="https://dl.gitea.io/gitea/${giteaversion}/${binname}.xz"
|
|||
echo "Downloading $binurl..."
|
||||
curl --connect-timeout 10 --silent --show-error --fail --location -O "$binurl{,.sha256,.asc}"
|
||||
|
||||
# validate checksum & gpg signature (exit script if error)
|
||||
# validate checksum & gpg signature
|
||||
sha256sum -c "${binname}.xz.sha256"
|
||||
if [[ -z "${ignore_gpg:-}" ]]; then
|
||||
require gpg
|
||||
gpg --keyserver keys.openpgp.org --recv 7C9E68152594688862D62AF62D9AE806EC1592E2
|
||||
gpg --verify "${binname}.xz.asc" "${binname}.xz" || { echo 'Signature does not match'; exit 1; }
|
||||
fi
|
||||
rm "${binname}".xz.{sha256,asc}
|
||||
|
||||
# unpack binary + make executable
|
||||
xz --decompress "${binname}.xz"
|
||||
xz --decompress --force "${binname}.xz"
|
||||
chown "$giteauser" "$binname"
|
||||
chmod +x "$binname"
|
||||
|
||||
# stop gitea, create backup, replace binary, restart gitea
|
||||
echo "Stopping gitea at $(date)"
|
||||
echo "Flushing gitea queues at $(date)"
|
||||
giteacmd manager flush-queues
|
||||
echo "Stopping gitea at $(date)"
|
||||
$service_stop
|
||||
echo "Creating backup in $giteahome"
|
||||
giteacmd dump $backupopts
|
||||
|
|
|
|||
Reference in a new issue