From 879c5d845cb13296cca699187245120d2140ef4b Mon Sep 17 00:00:00 2001 From: Boris Glimcher <36732377+glimchb@users.noreply.github.com> Date: Thu, 6 Jun 2024 16:29:36 -0400 Subject: [PATCH] fix(sztp): simplify template generation Signed-off-by: Boris Glimcher <36732377+glimchb@users.noreply.github.com> --- sztp/generate.sh | 44 +++++++++++++++++++++++++++----------------- 1 file changed, 27 insertions(+), 17 deletions(-) diff --git a/sztp/generate.sh b/sztp/generate.sh index 17b7c13..b1fc005 100755 --- a/sztp/generate.sh +++ b/sztp/generate.sh @@ -2,22 +2,32 @@ set -euxo pipefail -NVIDIA_BOOT_IMG_HASH_VAL=`openssl dgst -sha256 -c nvidia-boot-image.img | awk '{print $2}'` \ -NVIDIA_PRE_SCRIPT_B64=`openssl enc -base64 -A -in nvidia-pre-configuration-script.sh` \ -NVIDIA_POST_SCRIPT_B64=`openssl enc -base64 -A -in nvidia-post-configuration-script.sh` \ -NVIDIA_CONFIG_B64=`openssl enc -base64 -A -in nvidia-configuration.xml` \ -INTEL_BOOT_IMG_HASH_VAL=`openssl dgst -sha256 -c intel-boot-image.img | awk '{print $2}'` \ -INTEL_PRE_SCRIPT_B64=`openssl enc -base64 -A -in intel-pre-configuration-script.sh` \ -INTEL_POST_SCRIPT_B64=`openssl enc -base64 -A -in intel-post-configuration-script.sh` \ -INTEL_CONFIG_B64=`openssl enc -base64 -A -in intel-configuration.xml` \ -MARVELL_BOOT_IMG_HASH_VAL=`openssl dgst -sha256 -c marvell-boot-image.img | awk '{print $2}'` \ -MARVELL_PRE_SCRIPT_B64=`openssl enc -base64 -A -in marvell-pre-configuration-script.sh` \ -MARVELL_POST_SCRIPT_B64=`openssl enc -base64 -A -in marvell-post-configuration-script.sh` \ -MARVELL_CONFIG_B64=`openssl enc -base64 -A -in marvell-configuration.xml` \ -SBI_PRI_KEY_B64=`openssl enc -base64 -A -in private_key.der` \ -SBI_PUB_KEY_B64=`openssl enc -base64 -A -in public_key.der` \ -SBI_EE_CERT_B64=`openssl enc -base64 -A -in cert_chain.cms` \ -CLIENT_CERT_TA_B64=`openssl enc -base64 -A -in ta_cert_chain.cms` \ -envsubst '$NVIDIA_BOOT_IMG_HASH_VAL,$NVIDIA_PRE_SCRIPT_B64,$NVIDIA_POST_SCRIPT_B64,$NVIDIA_CONFIG_B64,$INTEL_BOOT_IMG_HASH_VAL,$INTEL_PRE_SCRIPT_B64,$INTEL_POST_SCRIPT_B64,$INTEL_CONFIG_B64,$MARVELL_BOOT_IMG_HASH_VAL,$MARVELL_PRE_SCRIPT_B64,$MARVELL_POST_SCRIPT_B64,$MARVELL_CONFIG_B64,$CLIENT_CERT_TA_B64,$SBI_PRI_KEY_B64,$SBI_PUB_KEY_B64,$SBI_EE_CERT_B64' < template.json > config.json +declare -a names + +for vendor in nvidia intel marvell +do + names+=("${vendor^^}_BOOT_IMG_HASH_VAL" "${vendor^^}_CONFIG_B64") + export ${vendor^^}_BOOT_IMG_HASH_VAL=$(openssl dgst -sha256 -c ${vendor,,}-boot-image.img | awk '{print $2}') + export ${vendor^^}_CONFIG_B64=$(openssl enc -base64 -A -in ${vendor,,}-configuration.xml) + for item in pre post + do + names+=("${vendor^^}_PRE_SCRIPT_B64" "${vendor^^}_POST_SCRIPT_B64") + export ${vendor^^}_${item^^}_SCRIPT_B64=$(openssl enc -base64 -A -in ${vendor,,}-${item,,}-configuration-script.sh) + done +done + +names+=(SBI_PRI_KEY_B64 SBI_PUB_KEY_B64 SBI_EE_CERT_B64 CLIENT_CERT_TA_B64) +export SBI_PRI_KEY_B64=$(openssl enc -base64 -A -in private_key.der) +export SBI_PUB_KEY_B64=$(openssl enc -base64 -A -in public_key.der) +export SBI_EE_CERT_B64=$(openssl enc -base64 -A -in cert_chain.cms) +export CLIENT_CERT_TA_B64=$(openssl enc -base64 -A -in ta_cert_chain.cms) + +names+=(SZTPD_INIT_ADDR SZTPD_INIT_PORT SZTPD_NBI_PORT SZTPD_SBI_PORT) +export SZTPD_INIT_ADDR=$(awk '/SZTPD_INIT_ADDR/{print $2}' ../docker-compose.yml) +export SZTPD_INIT_PORT=$(awk '/SZTPD_INIT_PORT/{print $2}' ../docker-compose.yml) +export SZTPD_NBI_PORT=$(awk '/SZTPD_NBI_PORT/{print $2}' ../docker-compose.yml) +export SZTPD_SBI_PORT=$(awk '/SZTPD_SBI_PORT/{print $2}' ../docker-compose.yml) + +envsubst "$(printf '${%s} ' ${names[@]})" < template.json > config.json diff template.json config.json