Makefile: Support mirrors for dependency source packages

Try to download dependency source packages from mirrors if the primary source fails or the archive has changed. Move the download and verify logic to bin/fetch_source_archive.sh. The mirror list is here, currently only https://storage.puri.sm/heads-packages/, but others can be added. The mirror list is randomized to load each mirror equally. The verify logic is moved to this script too so it can fail over to a mirror (or another mirror) if a mismatched archive is served, not just for a failure. Makefile no longer needs to verify separately and there are no separate .*-_verify files any more, the archive is only moved to its final place once verified. Add `packages` target to just fetch all needed packages for a board, facilitates seeding a mirror. Signed-off-by: Jonathon Hall <jonathon.hall@puri.sm>
2024-12-18 20:47:55 +00:00 · 2024-01-05 12:49:36 -05:00 · 2024-01-05 12:49:36 -05:00 · 3a93b30d5b
commit 3a93b30d5b
parent c9e067c721
2 changed files with 72 additions and 8 deletions
--- a/13
+++ b/13
@ -384,18 +384,15 @@ define define_module =
    # wget creates it early, so we have to cleanup if it fails
    $(packages)/$($1_tar):
 	$(call do,WGET,$($1_url),\
-		if ! $(WGET) -O "$$@.tmp" $($1_url) ; then \
-			exit 1 ; \
-		fi ; \
-		mv "$$@.tmp" "$$@" \
+		WGET="$(WGET)" bin/fetch_source_archive.sh "$($1_url)" "$$@" "$($1_hash)"
 	)
-    $(packages)/.$1-$($1_version)_verify: $(packages)/$($1_tar)
-	echo "$($1_hash)  $$^" | sha256sum --check -
-	@touch "$$@"
+
+    # Target to fetch all packages, for seeding mirrors
+    packages: $(packages)/$($1_tar)

    # Unpack the tar file and touch the canary so that we know
    # that the files are all present
-    $(build)/$($1_base_dir)/.canary: $(packages)/.$1-$($1_version)_verify
+    $(build)/$($1_base_dir)/.canary: $(packages)/$($1_tar)
 	mkdir -p "$$(dir $$@)"
 	tar -xf "$(packages)/$($1_tar)" $(or $($1_tar_opt),--strip 1) -C "$$(dir $$@)"
 	if [ -r patches/$($1_patch_name).patch ]; then \
--- a/bin/fetch_source_archive.sh
+++ b/bin/fetch_source_archive.sh
@ -0,0 +1,67 @@
+#! /usr/bin/env bash
+set -eo pipefail
+
+# Mirror URLs, make sure these end in slashes.
+BACKUP_MIRRORS=(
+	https://storage.puri.sm/heads-packages/
+)
+
+usage()
+{
+	cat <<USAGE_END
+usage:
+	$0 <url> <file> <sha256sum>
+	$0 --help
+
+	Downloads <url> to <file>, falling back to package mirrors if the
+	primary source is not available or does match the expected sha256sum.
+
+	Uses wget, export WGET to override the path to wget.
+USAGE_END
+}
+
+if [ "$#" -lt 2 ]; then
+	usage
+	exit 1
+fi
+
+URL="$1"
+FILE="$2"
+SHA256SUM="$3"
+
+TMP_FILE="$2.tmp"
+
+WGET="${WGET:-wget}"
+
+rm -f "$FILE" "$TMP_FILE"
+
+download() {
+	local download_url
+	download_url="$1"
+	if ! "$WGET" -O "$TMP_FILE" "$download_url"; then
+		echo "Failed to download $download_url" >&2
+	elif ! echo "$SHA256SUM $TMP_FILE" | sha256sum --check -; then
+		echo "File from $download_url does not match expected digest" >&2
+	else
+		mv "$TMP_FILE" "$FILE"	# Matches, keep this file
+		return 0
+	fi
+	rm -f "$TMP_FILE"	# Wasn't downloaded or failed check
+	return 1
+}
+
+# Try the primary source
+download "$URL" && exit 0
+
+# Shuffle the mirrors so we try each equally
+readarray -t BACKUP_MIRRORS < <(shuf -e "${BACKUP_MIRRORS[@]}")
+
+archive="$(basename "$URL")"
+echo "Try mirrors for $archive" >&2
+
+for mirror in "${BACKUP_MIRRORS[@]}"; do
+	download "$mirror$archive" && exit 0
+done
+
+# All mirrors failed
+exit 1