Created
April 7, 2014 14:21
-
-
Save kennethgillen/10021201 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
# Sign all jars required by OMERO.server webstart | |
set -eu | |
if [ $# -ne 5 ]; then | |
echo "USAGE: `basename $0` keystore.jks keystore-password private-key-password alias server_directory|server.zip" | |
exit 2 | |
fi | |
JAVA_KEYSTORE="$1" | |
JAVA_KEYSTORE_PASSWORD="$2" | |
JAVA_PRIVKEY_PASSWORD="$3" | |
ALIAS="$4" | |
SERVER="$5" | |
# Proxy Servers | |
HTTP_PROXY_HOST="your.proxy.server" | |
HTTP_PROXY_PORT="8080" | |
# GoDaddy timestamp server | |
TIMESTAMP_SERVER=http://tsa.starfieldtech.com | |
# The timestamp server may be throttled, if this happens try adding a delay | |
# and retry | |
TIMESTAMP_SERVER_DELAY=2 | |
FAILURE_RETRIES=3 | |
# Uncomment to disable | |
#TIMESTAMP_SERVER= | |
jarsign() { | |
FAILURES=0 | |
JAR="$1" | |
echo `date` ": Signing $JAR" | |
if [ -n "$TIMESTAMP_SERVER" ]; then | |
while [ $FAILURES -lt $FAILURE_RETRIES ]; do | |
jarsigner -keystore "$JAVA_KEYSTORE" \ | |
-storepass "$JAVA_KEYSTORE_PASSWORD" \ | |
-keypass "$JAVA_PRIVKEY_PASSWORD" \ | |
-tsa "$TIMESTAMP_SERVER" \ | |
-J-Dhttp.proxyHost=${HTTP_PROXY_HOST} \ | |
-J-Dhttp.proxyPort=${HTTP_PROXY_PORT} \ | |
"$JAR" "$ALIAS" \ | |
&& break || let FAILURES+=1 | |
if [ $FAILURES -ge $FAILURE_RETRIES ]; then | |
echo "ERROR: Failed to sign $JAR after $FAILURES attempts" | |
exit 3 | |
fi | |
sleep "$TIMESTAMP_SERVER_DELAY" | |
done | |
else | |
jarsigner -keystore "$JAVA_KEYSTORE" \ | |
-storepass "$JAVA_KEYSTORE_PASSWORD" \ | |
-keypass "$JAVA_PRIVKEY_PASSWORD" \ | |
"$JAR" "$ALIAS" | |
fi | |
} | |
SERVERZIP= | |
if [ -f "$SERVER" ]; then | |
SERVERZIP="$SERVER" | |
SERVER="`basename ${SERVER%.zip}`" | |
if [ -e "$SERVER" ]; then | |
echo "ERROR: $SERVER already exists, delete this file/directory" | |
exit 2 | |
fi | |
SERVERZIPOUT="$SERVER-jarsigned.zip" | |
if [ -e "$SERVERZIPOUT" ]; then | |
echo "ERROR: $SERVERZIPOUT already exists, delete this file/directory" | |
exit 2 | |
fi | |
unzip "$SERVERZIP" | |
fi | |
for jar in "$SERVER"/lib/insight/*.jar; do | |
jarsign "$jar" | |
done | |
if [ -n "$SERVERZIP" ]; then | |
zip -r "$SERVERZIPOUT" "$SERVER" | |
md5sum "$SERVERZIPOUT" > "$SERVERZIPOUT.md5" | |
rm -r "$SERVER" | |
fi |
http_proxy
and https_proxy
. It would be great if the call to jarsigner checked for their existence and include
-J-Dhttp.proxyHost=<hostname>
-J-Dhttp.proxyPort=<portnumber>
or
-J-Dhttps.proxyHost=<hostname>
-J-Dhttps.proxyPort=<portnumber>
as and when required.
But you would probably have to parse out the protocol and port number, so less work to have it declared manually.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Are there standard OS proxy envvars that could be read by the script? Or do you think it's better to explicitly define them?