[gettor/master] Added preliminary script to upload Tor Browser to github - tor-commits

22 Sep 2015

commit 6ade9c4e1a6a1df61dc9a85b854cdb26c046ca45
Author: ilv ilv@users.noreply.github.com
Date:   Tue Feb 10 16:17:40 2015 -0300
Added preliminary script to upload Tor Browser to github
---
 providers/github.links   |   25 +++++++
 upload/bundles2github.py |  169 ++++++++++++++++++++++++++++++++++++++++++++++
 2 files changed, 194 insertions(+)

diff --git a/providers/github.links b/providers/github.links
new file mode 100644
index 0000000..9647d9c
--- /dev/null
+++ b/providers/github.links
@@ -0,0 +1,25 @@
+[provider]
+name = GitHub
+
+[key]
+fingerprint = 8738 A680 B84B 3031 A630 F2DB 416F 0610 63FE E659
+
+[linux]
+en = Package (32-bit): https://raw.githubusercontent.com/ilv/gettor/master/upload/4.0.3/tor-browser...
+	ASC signature (32-bit): https://raw.githubusercontent.com/ilv/gettor/master/upload/4.0.3/tor-browser...
+	Package SHA256 checksum (32-bit): 7df98c47a629c78f648537b975c827ac83181ed1f82ac03759e8e3337aae00f3,
+	Package (64-bit): https://raw.githubusercontent.com/ilv/gettor/master/upload/4.0.3/tor-browser...
+	ASC signature (64-bit): https://raw.githubusercontent.com/ilv/gettor/master/upload/4.0.3/tor-browser...
+	Package SHA256 checksum (64-bit): 7df98c47a629c78f648537b975c827ac83181ed1f82ac03759e8e3337aae00f3
+
+[windows]
+ar = Package (32/64-bit): https://raw.githubusercontent.com/ilv/gettor/master/upload/4.0.3/torbrowser-...
+	ASC signature (32/64-bit): https://raw.githubusercontent.com/ilv/gettor/master/upload/4.0.3/torbrowser-...
+	Package SHA256 checksum (32/64-bit): f4be40da212f5d0dc53dbcc254ec44a0a3a91c521c7df211b8d6d936ebdf42a6
+	
+
+[osx]
+en = Package (32-bit): https://raw.githubusercontent.com/ilv/gettor/master/upload/4.0.3/TorBrowser-...
+	ASC signature (32-bit): https://raw.githubusercontent.com/ilv/gettor/master/upload/4.0.3/TorBrowser-...
+	Package SHA256 checksum (32-bit): 55f5e4102c240d74e2dd2a48c55660426f17a226053aaaff172aaa13b7ae2b1d
+
diff --git a/upload/bundles2github.py b/upload/bundles2github.py
new file mode 100644
index 0000000..35c7324
--- /dev/null
+++ b/upload/bundles2github.py
@@ -0,0 +1,169 @@
+# -*- coding: utf-8 -*-
+#
+# This file is part of GetTor, a Tor Browser distribution system.
+#
+# :authors: Israel Leiva ilv@torproject.org
+#           see also AUTHORS file
+#
+# :copyright:   (c) 2015, The Tor Project, Inc.
+#               (c) 2015, Israel Leiva
+#
+# :license: This is Free Software. See LICENSE for license information.
+#
+
+import os
+import sys
+import re
+import hashlib
+
+from libsaas.services import github
+import gnupg
+import gettor.core
+
+
+def get_file_sha256(file):
+    """Get the sha256 of a file.
+
+    :param: file (string) the path of the file.
+
+    :return: (string) the sha256 hash.
+
+    """
+    # as seen on the internetz
+    BLOCKSIZE = 65536
+    hasher = hashlib.sha256()
+    with open(file, 'rb') as afile:
+        buf = afile.read(BLOCKSIZE)
+        while len(buf) > 0:
+            hasher.update(buf)
+            buf = afile.read(BLOCKSIZE)
+    return hasher.hexdigest()
+
+
+def get_bundle_info(file, osys):
+    """Get the os, arch and lc from a bundle string.
+
+    :param: file (string) the name of the file.
+    :param: osys (string) the OS.
+
+    :raise: ValueError if the bundle doesn't have a valid bundle format.
+
+    :return: (list) the os, arch and lc.
+
+    """
+    if(osys == 'windows'):
+        m = re.search(
+            'torbrowser-install-\d.\d.\d_(\w\w)(-\w\w)?.exe',
+            file)
+        if m:
+            lc = m.group(1)
+            return 'windows', '32/64', lc
+    elif(osys == 'linux'):
+        m = re.search(
+            'tor-browser-linux(\d\d)-\d.\d.\d_(\w\w)(-\w\w)?.tar.xz',
+            file)
+        if m:
+            arch = m.group(1)
+            lc = m.group(2)
+            return 'linux', arch, lc
+    elif(osys == 'osx'):
+        m = re.search(
+            'TorBrowser-\d.\d.\d-osx(\d\d)_(\w\w)(-\w\w)?.dmg',
+            file)
+        if m:
+            os = 'osx'
+            arch = m.group(1)
+            lc = m.group(2)
+            return 'osx', arch, lc
+
+if __name__ == '__main__':
+
+    # this script should be called after fetching the latest Tor Browser,
+    # and specifying the latest version
+    version = sys.argv[1]
+
+    # the token allow us to run this script without GitHub user/pass
+    gh_token = 'secret-token'
+
+    # path to the fingerprint that signed the packages
+    tb_key = 'upload/torbrowser-key.asc'
+
+    # import key fingerprint
+    gpg = gnupg.GPG()
+    key_data = open(tb_key).read()
+    import_result = gpg.import_keys(key_data)
+    fp = import_result.results[0]['fingerprint']
+
+    # make groups of four characters to make fingerprint more readable
+    # e.g. 123A 456B 789C 012D 345E 678F 901G 234H 567I 890J
+    readable_fp = ' '.join(fp[i:i+4] for i in xrange(0, len(fp), 4))
+
+    # we should have previously created a repository on GitHub where we
+    # want to push the files using a SSH key (to avoid using user/pass)
+    remote = 'origin'
+    branch = 'master'
+    user = 'ilv'
+    repo = 'gettor'
+    path = 'upload'
+    raw_content = 'https://raw.githubusercontent.com/%s/%s/%s/%s/' %\
+                  (user, repo, branch, path)
+
+    # steps: 1) create dir for the new version, copy the latest Tor Browser
+    # files there, add the files via git, make a commit for the new version
+    # and push the changes (easier with system calls)
+    # os.system('mkdir %s' % version)
+    # os.system('cp latest/* %s' % version)
+    # os.system('git add %s;git commit -m "%s"' % (version, version))
+    # os.system('cd %s;git push %s %s' % (version, remote, branch))
+
+    gh = github.GitHub(gh_token, None)
+    repocontent = gh.repo(
+        user,
+        repo
+    ).contents().get('%s/%s' % (path, version))
+
+    core = gettor.core.Core(
+        '/path/to/gettor/core.cfg'
+    )
+
+    # erase old links, if any
+    core.create_links_file('GitHub', readable_fp)
+
+    for file in repocontent:
+        # e.g. https://raw.githubusercontent.com/ilv/gettor/master/upload/4.0.3/TorBrowser-...
+        m = re.search('%s.*/(.*)' % raw_content, file[u'download_url'])
+        if m:
+            filename = m.group(1)
+            # get bundle info according to its OS
+            if re.match('.*.exe$', filename):
+                osys, arch, lc = get_bundle_info(filename, 'windows')
+                filename_asc = filename.replace('exe', 'exe.asc')
+
+            elif re.match('.*.dmg$', filename):
+                osys, arch, lc = get_bundle_info(filename, 'osx')
+                filename_asc = filename.replace('dmg', 'dmg.asc')
+
+            elif re.match('.*.tar.xz$', filename):
+                osys, arch, lc = get_bundle_info(filename, 'linux')
+                filename_asc = filename.replace('tar.xz', 'tar.xz.asc')
+
+            else:
+                # don't care about other files (asc or txt)
+                continue
+
+            sha256 = get_file_sha256('%s/%s/%s' % (path, version, filename))
+
+            # since the url is easy to construct and it doesn't involve any
+            # kind of unique hash or identifier, we get the link for the
+            # asc signature just by adding '.asc'
+            link_asc = file[u'download_url'].replace(filename, filename_asc)
+
+            link = "Package (%s-bit): %s\nASC signature (%s-bit): %s\n"\
+                   "Package SHA256 checksum (%s-bit): %s\n" %\
+                   (arch, file[u'download_url'], arch, link_asc,
+                    arch, sha256)
+
+            print "Adding %s" % file[u'download_url']
+            core.add_link('GitHub', osys, lc, link)
+
+    print "Github links updated!"

    