#!/bin/bash # Pack firmware tree into an RFS flist and patch manifest stores for Garage web endpoint. # - Computes FULL_KERNEL_VERSION from configs (not strictly needed for firmware, but kept uniform) # - Selects firmware directory with priority: # 1) $PROJECT_ROOT/firmware # 2) $PROJECT_ROOT/initramfs/lib/firmware # 3) /lib/firmware # - Manifest name: firmware-.fl # - Uploads blobs to S3 (Garage) via rfs store URI # - Patches .fl sqlite stores table to use WEB_ENDPOINT for read-only fetches # - Optionally uploads the .fl manifest to S3 manifests/ using aws CLI set -euo pipefail HERE="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" # shellcheck source=/dev/null source "${HERE}/common.sh" section() { echo -e "\n==== $* ====\n"; } section "Loading configuration (kernel + RFS S3) and locating rfs" # Kernel version is computed for consistency/logging (not required to pack firmware) rfs_common_load_build_kernel_version rfs_common_load_rfs_s3_config rfs_common_build_s3_store_uri rfs_common_locate_rfs section "Locating firmware directory" rfs_common_locate_firmware_dir TAG="$(rfs_common_firmware_tag)" MANIFEST_NAME="firmware-${TAG}.fl" MANIFEST_PATH="$(rfs_common_prepare_output "${MANIFEST_NAME}")" section "Packing firmware to flist" log_info "Firmware dir: ${FIRMWARE_DIR}" log_info "rfs pack -m ${MANIFEST_PATH} -s ${RFS_S3_STORE_URI} ${FIRMWARE_DIR}" safe_execute "${RFS_BIN}" pack -m "${MANIFEST_PATH}" -s "${RFS_S3_STORE_URI}" "${FIRMWARE_DIR}" # Patch manifest route URL to include read-only S3 credentials (Garage) section "Updating route URL in manifest to include read-only S3 credentials" rfs_common_build_route_url rfs_common_patch_flist_route_url "${MANIFEST_PATH}" # Patch manifest stores to HTTPS web endpoint if provided if [[ -n "${WEB_ENDPOINT:-}" ]]; then section "Patching manifest stores to HTTPS web endpoint" log_info "Patching ${MANIFEST_PATH} stores to: ${WEB_ENDPOINT} (keep_s3_fallback=${KEEP_S3_FALLBACK:-false})" rfs_common_patch_flist_stores "${MANIFEST_PATH}" "${WEB_ENDPOINT}" "${KEEP_S3_FALLBACK:-false}" else log_warn "WEB_ENDPOINT not set in config; manifest will reference only s3:// store" fi # Optional: upload .fl manifest to Garage via MinIO Client (separate from blobs) if [[ "${UPLOAD_MANIFESTS:-false}" == "true" ]]; then section "Uploading manifest .fl via MinIO Client to S3 manifests/" # Support both mcli (new) and mc (legacy) binaries if command -v mcli >/dev/null 2>&1; then MCLI_BIN="mcli" elif command -v mc >/dev/null 2>&1; then MCLI_BIN="mc" else log_warn "MinIO Client not found (expected mcli or mc); skipping manifest upload" MCLI_BIN="" fi if [[ -n "${MCLI_BIN}" ]]; then local_subpath="${MANIFESTS_SUBPATH:-manifests}" # Configure alias and upload using MinIO client safe_execute "${MCLI_BIN}" alias set rfs "${S3_ENDPOINT}" "${S3_ACCESS_KEY}" "${S3_SECRET_KEY}" mcli_dst="rfs/${S3_BUCKET}/${S3_PREFIX%/}/${local_subpath%/}/${MANIFEST_NAME}" log_info "${MCLI_BIN} cp ${MANIFEST_PATH} ${mcli_dst}" safe_execute "${MCLI_BIN}" cp "${MANIFEST_PATH}" "${mcli_dst}" fi else log_info "UPLOAD_MANIFESTS=false; skipping manifest upload" fi section "Done" log_info "Manifest: ${MANIFEST_PATH}"