Fixes following shellcheck's recommendations:
In scripts/download-check-artifact.sh line 24:
exit $1
^-- SC2086 (info): Double quote to prevent globbing and word splitting.
In scripts/download-check-artifact.sh line 53:
local sum="$(shasum -a 256 "$image_file")";
^-^ SC2155 (warning): Declare and assign separately to avoid masking return values.
In scripts/download-check-artifact.sh line 72:
cd "/tmp/verify.$$"
^-----------------^ SC2164 (warning): Use 'cd ... || exit' or 'cd ... || return' in case cd fails.
In scripts/download-check-artifact.sh line 114:
printf "Keyserver to use? [$keyserver_url] > "
^-- SC2059 (info): Don't use variables in the printf format string. Use printf '..%s..' "$foo".
In scripts/download-check-artifact.sh line 115:
read url; case "${url:-$keyserver_url}" in
^--^ SC2162 (info): read without -r will mangle backslashes.
While at it make it clear, that it is possible to download/check any
build artifacts like even SDK or ImageBuilder.
Link: https://github.com/openwrt/openwrt/pull/16871
Signed-off-by: Petr Štetiar <ynezz@true.cz>
While checking wiki documentation about GPG signatures checking I found
this nice script and I've thought, that it would be nice to provide it
officially instead of some random internet site.
Usage example:
$ ./scripts/download-check-artifact.sh https://downloads.openwrt.org/snapshots/targets/mediatek/filogic/openwrt-mediatek-filogic-openwrt_one-squashfs-sysupgrade.itb
1) Downloading image file
=========================
########################################### 100.0%
2) Downloading checksum file
============================
########################################### 100.0%
3) Downloading the GPG signature
================================
########################################### 100.0%
4) Verifying GPG signature
==========================
gpg: Signature made Tue 05 Nov 2024 05:21:50 PM UTC
gpg: using EDDSA key 92C561DE55AE6552F3C736B82B0151090606D1D9
gpg: Good signature from "OpenWrt Build System (Nitrokey3) <contact@openwrt.org>" [ultimate]
Primary key fingerprint: 8A8B C12F 46B8 36C0 F9CD B36F 1D53 D187 7742 E911
Subkey fingerprint: 92C5 61DE 55AE 6552 F3C7 36B8 2B01 5109 0606 D1D9
5) Verifying SHA256 checksum
============================
openwrt-mediatek-filogic-openwrt_one-squashfs-sysupgrade.itb: OK
Verification done!
==================
Downloaded artifact placed in '/var/home/ynezz/dev/openwrt/openwrt.git/openwrt-mediatek-filogic-openwrt_one-squashfs-sysupgrade.itb'
Cleaning up.
Adding file in a state as downloaded from https://www.abitare.org/bin/download.sh
References: https://openwrt.org/docs/guide-quick-start/verify_firmware_checksum?s[]=gpg#linux
Signed-off-by: David S. H. Rosenthal <dshr@abitare.org>
Link: https://github.com/openwrt/openwrt/pull/16871
Signed-off-by: Petr Štetiar <ynezz@true.cz>
