X-Git-Url: https://git.decadent.org.uk/gitweb/?a=blobdiff_plain;f=config%2Fdebian%2Fcron.daily;h=0b822bc5148d06b0bc90ee1739ef5f399090866b;hb=5fd1e87ecc948980add7e9b41da71f69a3be9844;hp=90c990317a3b09c6bcb90f42024f335ea21cc364;hpb=2842053a93086d03faae7117b9134928a9ce2dac;p=dak.git diff --git a/config/debian/cron.daily b/config/debian/cron.daily index 90c99031..0b822bc5 100755 --- a/config/debian/cron.daily +++ b/config/debian/cron.daily @@ -14,35 +14,37 @@ export SCRIPTVARS=/srv/ftp-master.debian.org/dak/config/debian/vars ################################################################################ TMPFILE=$( mktemp -p ${TMPDIR} ) +TMPCNTB=$( mktemp -p ${TMPDIR} ) function cleanup { ERRVAL=$? - rm -f ${TMPFILE} + rm -f ${TMPFILE} ${TMPCNTB} exit ${ERRVAL} } trap cleanup SIGHUP SIGINT SIGPIPE SIGTERM EXIT ERR # log to dinstall's logfile instead of sending email PROGRAM="cron.daily" -LOGFILE="$logdir/dinstall.log" +# Start logging +NOW=`date "+%Y.%m.%d-%H:%M:%S"` +LOGFILE="$logdir/daily_${NOW}.log" exec >> "$LOGFILE" 2>&1 # get the latest list of wnpp bugs and their source packages -wget -q -O${TMPFILE} http://qa.debian.org/data/bts/wnpp_rm +wget -q -O${TMPFILE} --ca-directory=/etc/ssl/ca-debian https://qa.debian.org/data/bts/wnpp_rm chmod go+r ${TMPFILE} mv ${TMPFILE} /srv/ftp-master.debian.org/scripts/masterfiles/wnpp_rm # Push files over to security # The key over there should have the following set for the ssh key: -# command="/usr/bin/xzcat | /usr/bin/psql -f - -1 obscurity" -pg_dump -a -F p -t files | \ - sed -e "s,^COPY files (,DELETE FROM external_files; COPY external_files (," | \ +# command="/usr/bin/xzcat | /usr/bin/psql -1 -c 'DELETE FROM external_files; COPY external_files (id, filename, size, md5sum, last_used, sha1sum, sha256sum, created, modified) FROM STDIN' obscurity" +psql -c 'COPY files (id, filename, size, md5sum, last_used, sha1sum, sha256sum, created, modified) TO STDOUT' projectb | \ xz -3 | \ ssh -o BatchMode=yes -o ConnectTimeout=30 -o SetupTimeout=30 -2 \ -i ${base}/s3kr1t/push_external_files dak@security-master.debian.org sync # Update wanna-build dump -echo "Update wanna-build database dump" +log "Update wanna-build database dump" $base/dak/scripts/nfu/get-w-b-db reports @@ -59,8 +61,26 @@ dak stats new ${webdir}/NEW-stats.yaml 2> /dev/null # FIXME: In a day or three, when this worked from cron without # failure, redirect its output to dev/null. Alternatively until then # enrico added a --quiet and we use that. -dc-tool --mine="${configdir}/contributor.source" --auth-token @"${base}/s3kr1t/contributor.auth" --source ftp.debian.org --post +log "Submitting data to contributors" +REQUESTS_CA_BUNDLE=/etc/ssl/ca-debian/ca-certificates.crt dc-tool --mine="${configdir}/contributor.source" --auth-token @"${base}/s3kr1t/contributor.auth" --source ftp.debian.org --json > ${TMPCNTB} + +# Post with curl as a workaround for #801506 +# See https://wiki.debian.org/ServicesSSL#curl +dir=/etc/ssl/ca-debian +test -d $dir && capath="--capath $dir" +curl -s $capath https://contributors.debian.org/contributors/post \ + -F source=ftp.debian.org \ + -F auth_token="$(cat ${base}/s3kr1t/contributor.auth)" \ + -F data=@${TMPCNTB} > ${TMPCNTB}.result +cat ${TMPCNTB}.result +rm -f ${TMPCNTB}.result + ${scriptsdir}/link_morgue.sh ################################################################################ + +log "Finally, all is done, compressing logfile" +exec > /dev/null 2>&1 + +bzip2 -9 "$LOGFILE"