From 95168161a47fd3349634df3a02299f6148ef3ba9 Mon Sep 17 00:00:00 2001
From: Mathieu Tortuyaux <mtortuyaux@microsoft.com>
Date: Fri, 15 Dec 2023 11:08:08 +0100
Subject: [PATCH] generate_payload: handle the downloading of releases

Signed-off-by: Mathieu Tortuyaux <mtortuyaux@microsoft.com>
---
 generate_payload | 111 +++++++++++++++++++++++++----------------------
 1 file changed, 58 insertions(+), 53 deletions(-)

diff --git a/generate_payload b/generate_payload
index 789a11fccce..8e96c95763d 100755
--- a/generate_payload
+++ b/generate_payload
@@ -2,8 +2,8 @@
 
 set -e
 
-if [ $# -ne 2 ]; then
-    echo "usage: ${0} DATA_DIR KEYS_DIR"
+if [ $# -ne 1 ]; then
+    echo "usage: $0 alpha:1786.0.0 beta:1781.2.0"
     exit 1
 fi
 
@@ -361,63 +361,68 @@ TkvXzMghTKTbYL9TjbK/CLzOR+5XXCHxXgDGLg==
 -----END PGP PUBLIC KEY BLOCK-----
 "
 
-DATA_DIR="$1"
-PUBLIC_KEYS_DIR="$2"
-
 GNUPGHOME="${PWD}/gnupg"
 mkdir -p "${GNUPGHOME}"
 chmod 700 "${GNUPGHOME}"
 trap 'rm -rf ${GNUPGHOME}' EXIT
 
+echo "Downloading files"
+pushd ./data
+./download_payloads "$@"
+popd
+
 # Setup GnuPG for verifying the image signature
 gpg --batch --quiet --import <<< "${GPG_KEY}"
 
-echo "Verifying files"
-# Check that we have a signature for the files we work on
-test -f "${DATA_DIR}/flatcar_production_update.bin.bz2.sig"
-test -f "${DATA_DIR}/flatcar_production_image.vmlinuz.sig"
-for FILE_PATH in "${DATA_DIR}"/*.sig; do
-  gpg --verify "${FILE_PATH}"
-done
-
-echo "Generating extension payloads"
-shopt -s nullglob
-for EXTENSION_PATH in "${DATA_DIR}/flatcar-"*.raw "${DATA_DIR}/oem-"*.raw; do
-  # Check that we have a signature for the files we work on
-  test -f "${EXTENSION_PATH}".sig
-  OUTPUT_PATH="${EXTENSION_PATH/.raw/.gz}"
-  if [ ! -f "${OUTPUT_PATH}" ]; then
-    echo "Generating ${OUTPUT_PATH}"
-    ./core_sign_update \
-      --image "${EXTENSION_PATH}" \
-      --output "${OUTPUT_PATH}" \
-      --private_keys "${PRIVATE_KEYS}" \
-      --public_keys "${PUBLIC_KEYS_DIR}/flatcar.pub.pem" \
-      --keys_separator "+"
-  else
-    echo "ERROR: Found update payload already: ${OUTPUT_PATH}."
-    exit 1
-  fi
+for d in ./data/*/*; do
+    DATA_DIR="${d}"
+    echo "Verifying files for ${DATA_DIR}"
+    # Check that we have a signature for the files we work on
+    test -f "${DATA_DIR}/flatcar_production_update.bin.bz2.sig"
+    test -f "${DATA_DIR}/flatcar_production_image.vmlinuz.sig"
+    for FILE_PATH in "${DATA_DIR}"/*.sig; do
+      gpg --verify "${FILE_PATH}"
+    done
+    
+    echo "Generating extension payloads for ${DATA_DIR}"
+    shopt -s nullglob
+    for EXTENSION_PATH in "${DATA_DIR}/flatcar-"*.raw "${DATA_DIR}/oem-"*.raw; do
+      # Check that we have a signature for the files we work on
+      test -f "${EXTENSION_PATH}".sig
+      OUTPUT_PATH="${EXTENSION_PATH/.raw/.gz}"
+      if [ ! -f "${OUTPUT_PATH}" ]; then
+        echo "Generating ${OUTPUT_PATH}"
+        ./core_sign_update \
+          --image "${EXTENSION_PATH}" \
+          --output "${OUTPUT_PATH}" \
+          --private_keys "${PRIVATE_KEYS}" \
+          --public_keys "/mnt/host/source/src/scripts/sdk_container/src/third_party/coreos-overlay/coreos-base/coreos-au-key/files/official-v2.pub.pem" \
+          --keys_separator "+"
+      else
+        echo "ERROR: Found update payload already: ${OUTPUT_PATH}."
+        exit 1
+      fi
+    done
+    shopt -u nullglob
+    
+    echo "Extracting flatcar_production_update.bin.bz2 for ${DATA_DIR}"
+    bunzip2 -f -k "${DATA_DIR}/flatcar_production_update.bin.bz2"
+    
+    echo "Generating generic update payload for ${DATA_DIR}"
+    OUTPUT_PATH="${DATA_DIR}/flatcar_production_update.gz"
+    if [ ! -f "${OUTPUT_PATH}" ]; then
+        echo "Update payload not found. Building..."
+        ./core_sign_update \
+            --image "${DATA_DIR}/flatcar_production_update.bin" \
+            --kernel "${DATA_DIR}/flatcar_production_image.vmlinuz" \
+            --output "${OUTPUT_PATH}" \
+            --private_keys "${PRIVATE_KEYS}" \
+            --public_keys "/mnt/host/source/src/scripts/sdk_container/src/third_party/coreos-overlay/coreos-base/coreos-au-key/files/official-v2.pub.pem" \
+            --keys_separator "+"
+    else
+        echo "ERROR: Found update payload already: ${OUTPUT_PATH}."
+        exit 1
+    fi
+    
+    echo "Payload generated: ${OUTPUT_PATH}"
 done
-shopt -u nullglob
-
-echo "Extracting flatcar_production_update.bin.bz2"
-bunzip2 -f -k "${DATA_DIR}/flatcar_production_update.bin.bz2"
-
-echo "Generating generic update payload"
-OUTPUT_PATH="${DATA_DIR}/flatcar_production_update.gz"
-if [ ! -f "${OUTPUT_PATH}" ]; then
-    echo "Update payload not found. Building..."
-    ./core_sign_update \
-        --image "${DATA_DIR}/flatcar_production_update.bin" \
-        --kernel "${DATA_DIR}/flatcar_production_image.vmlinuz" \
-        --output "${OUTPUT_PATH}" \
-        --private_keys "${PRIVATE_KEYS}" \
-        --public_keys "${PUBLIC_KEYS_DIR}/flatcar.pub.pem" \
-        --keys_separator "+"
-else
-    echo "ERROR: Found update payload already: ${OUTPUT_PATH}."
-    exit 1
-fi
-
-echo "Payload generated: ${OUTPUT_PATH}"