forked from chainguard-dev/melange
-
Notifications
You must be signed in to change notification settings - Fork 0
/
fetch.yaml
92 lines (75 loc) · 2.41 KB
/
fetch.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
name: Fetch and extract external object into workspace
needs:
packages:
- wget
inputs:
strip-components:
description: |
The number of path components to strip while extracting.
default: 1
extract:
description: |
Whether to extract the downloaded artifact as a source tarball.
default: true
expected-sha256:
description: |
The expected SHA256 of the downloaded artifact.
expected-sha512:
description: |
The expected SHA512 of the downloaded artifact.
uri:
description: |
The URI to fetch as an artifact.
required: true
timeout:
description: |
The timeout (in seconds) to use for connecting and reading.
The fetch will fail if the timeout is hit.
default: 5
dns-timeout:
description: |
The timeout (in seconds) to use for DNS lookups.
The fetch will fail if the timeout is hit.
default: 20
retry-limit:
description: |
The number of times to retry fetching before failing.
default: 5
delete:
description: |
Whether to delete the fetched artifact after unpacking.
default: false
pipeline:
- runs: |
if [ "${{inputs.expected-sha256}}" == "" ] && [ "${{inputs.expected-sha512}}" == "" ]; then
printf "One of expected-sha256 or expected-sha512 is required"
exit 1
fi
bn=$(basename ${{inputs.uri}})
if [ ! "${{inputs.expected-sha256}}" == "" ]; then
fn="/var/cache/melange/sha256:${{inputs.expected-sha256}}"
if [ -f $fn ]; then
printf "fetch: found $fn in cache\n"
cp $fn $bn
fi
else
fn="/var/cache/melange/sha512:${{inputs.expected-sha512}}"
if [ -f $fn ]; then
printf "fetch: found $fn in cache\n"
cp $fn $bn
fi
fi
if [ ! -f $bn ]; then
wget '-T${{inputs.timeout}}' '--dns-timeout=${{inputs.dns-timeout}}' '--tries=${{inputs.retry-limit}}' --random-wait --retry-connrefused --continue '${{inputs.uri}}'
fi
if [ "${{inputs.expected-sha256}}" != "" ]; then
printf "%s %s\n" '${{inputs.expected-sha256}}' $bn | sha256sum -c
else
printf "%s %s\n" '${{inputs.expected-sha512}}' $bn | sha512sum -c
fi
if [ "${{inputs.extract}}" = "true" ]; then
tar -x '--strip-components=${{inputs.strip-components}}' -f $bn
fi
if [ "${{inputs.delete}}" = "true" ]; then
rm $bn
fi