Skip to content

Commit 43acc4f

Browse files
TaragolisTaragolis
authoredDec 18, 2023
Use common method of import GPG keys (apache#36244)
1 parent 148233a commit 43acc4f

File tree

6 files changed

+176
-168
lines changed

6 files changed

+176
-168
lines changed
 

‎Dockerfile

+59-56
Original file line numberDiff line numberDiff line change
@@ -214,46 +214,19 @@ EOF
214214
# The content below is automatically copied from scripts/docker/install_mysql.sh
215215
COPY <<"EOF" /install_mysql.sh
216216
#!/usr/bin/env bash
217+
. "$( dirname "${BASH_SOURCE[0]}" )/common.sh"
218+
217219
set -euo pipefail
220+
221+
common::get_colors
218222
declare -a packages
219223

220-
MYSQL_LTS_VERSION="8.0"
221-
MARIADB_LTS_VERSION="10.11"
222-
readonly MYSQL_LTS_VERSION
223-
readonly MARIADB_LTS_VERSION
224-
225-
COLOR_BLUE=$'\e[34m'
226-
readonly COLOR_BLUE
227-
COLOR_YELLOW=$'\e[1;33m'
228-
readonly COLOR_YELLOW
229-
COLOR_RED=$'\e[1;31m'
230-
readonly COLOR_RED
231-
COLOR_RESET=$'\e[0m'
232-
readonly COLOR_RESET
224+
readonly MYSQL_LTS_VERSION="8.0"
225+
readonly MARIADB_LTS_VERSION="10.11"
233226

234227
: "${INSTALL_MYSQL_CLIENT:?Should be true or false}"
235228
: "${INSTALL_MYSQL_CLIENT_TYPE:-mariadb}"
236229

237-
export_key() {
238-
local key="${1}"
239-
local name="${2:-mysql}"
240-
241-
echo "${COLOR_BLUE}Verify and export GPG public key ${key}${COLOR_RESET}"
242-
GNUPGHOME="$(mktemp -d)"
243-
export GNUPGHOME
244-
set +e
245-
for keyserver in $(shuf -e ha.pool.sks-keyservers.net hkp://p80.pool.sks-keyservers.net:80 \
246-
keyserver.ubuntu.com hkp://keyserver.ubuntu.com:80)
247-
do
248-
gpg --keyserver "${keyserver}" --recv-keys "${key}" 2>&1 && break
249-
done
250-
set -e
251-
gpg --export "${key}" > "/etc/apt/trusted.gpg.d/${name}.gpg"
252-
gpgconf --kill all
253-
rm -rf "${GNUPGHOME}"
254-
unset GNUPGHOME
255-
}
256-
257230
install_mysql_client() {
258231
if [[ "${1}" == "dev" ]]; then
259232
packages=("libmysqlclient-dev" "mysql-client")
@@ -271,7 +244,7 @@ install_mysql_client() {
271244
exit 1
272245
fi
273246

274-
export_key "B7B3B788A8D3785C" "mysql"
247+
common::import_trusted_gpg "B7B3B788A8D3785C" "mysql"
275248

276249
echo
277250
echo "${COLOR_BLUE}Installing Oracle MySQL client version ${MYSQL_LTS_VERSION}: ${1}${COLOR_RESET}"
@@ -313,7 +286,7 @@ install_mariadb_client() {
313286
exit 1
314287
fi
315288

316-
export_key "0xF1656F24C74CD1D8" "mariadb"
289+
common::import_trusted_gpg "0xF1656F24C74CD1D8" "mariadb"
317290

318291
echo
319292
echo "${COLOR_BLUE}Installing MariaDB client version ${MARIADB_LTS_VERSION}: ${1}${COLOR_RESET}"
@@ -355,16 +328,16 @@ EOF
355328
# The content below is automatically copied from scripts/docker/install_mssql.sh
356329
COPY <<"EOF" /install_mssql.sh
357330
#!/usr/bin/env bash
331+
. "$( dirname "${BASH_SOURCE[0]}" )/common.sh"
332+
358333
set -euo pipefail
359334

360-
: "${AIRFLOW_PIP_VERSION:?Should be set}"
335+
common::get_colors
336+
declare -a packages
361337

338+
: "${AIRFLOW_PIP_VERSION:?Should be set}"
362339
: "${INSTALL_MSSQL_CLIENT:?Should be true or false}"
363340

364-
COLOR_BLUE=$'\e[34m'
365-
readonly COLOR_BLUE
366-
COLOR_RESET=$'\e[0m'
367-
readonly COLOR_RESET
368341

369342
function install_mssql_client() {
370343
# Install MsSQL client from Microsoft repositories
@@ -374,21 +347,19 @@ function install_mssql_client() {
374347
echo
375348
return
376349
fi
350+
packages=("msodbcsql18")
351+
352+
common::import_trusted_gpg "EB3E94ADBE1229CF" "microsoft"
353+
377354
echo
378355
echo "${COLOR_BLUE}Installing mssql client${COLOR_RESET}"
379356
echo
380-
local distro
381-
local version
382-
distro=$(lsb_release -is | tr '[:upper:]' '[:lower:]')
383-
version=$(lsb_release -rs)
384-
local driver=msodbcsql18
385-
curl -fsSL https://packages.microsoft.com/keys/microsoft.asc | sudo gpg --dearmor -o /usr/share/keyrings/microsoft-prod.gpg
386-
curl --silent https://packages.microsoft.com/keys/microsoft.asc | apt-key add - >/dev/null 2>&1
387-
curl --silent "https://packages.microsoft.com/config/${distro}/${version}/prod.list" > \
357+
358+
echo "deb [arch=amd64,arm64] https://packages.microsoft.com/debian/$(lsb_release -rs)/prod $(lsb_release -cs) main" > \
388359
/etc/apt/sources.list.d/mssql-release.list
389360
apt-get update -yqq
390361
apt-get upgrade -yqq
391-
ACCEPT_EULA=Y apt-get -yqq install -y --no-install-recommends "${driver}"
362+
ACCEPT_EULA=Y apt-get -yqq install --no-install-recommends "${packages[@]}"
392363
rm -rf /var/lib/apt/lists/*
393364
apt-get autoremove -yqq --purge
394365
apt-get clean && rm -rf /var/lib/apt/lists/*
@@ -400,13 +371,11 @@ EOF
400371
# The content below is automatically copied from scripts/docker/install_postgres.sh
401372
COPY <<"EOF" /install_postgres.sh
402373
#!/usr/bin/env bash
374+
. "$( dirname "${BASH_SOURCE[0]}" )/common.sh"
403375
set -euo pipefail
404-
declare -a packages
405376

406-
COLOR_BLUE=$'\e[34m'
407-
readonly COLOR_BLUE
408-
COLOR_RESET=$'\e[0m'
409-
readonly COLOR_RESET
377+
common::get_colors
378+
declare -a packages
410379

411380
: "${INSTALL_POSTGRES_CLIENT:?Should be true or false}"
412381

@@ -426,8 +395,10 @@ install_postgres_client() {
426395
exit 1
427396
fi
428397

429-
curl https://www.postgresql.org/media/keys/ACCC4CF8.asc | apt-key add -
430-
echo "deb https://apt.postgresql.org/pub/repos/apt/ $(lsb_release -cs)-pgdg main" > /etc/apt/sources.list.d/pgdg.list
398+
common::import_trusted_gpg "7FCC7D46ACCC4CF8" "postgres"
399+
400+
echo "deb [arch=amd64,arm64] https://apt.postgresql.org/pub/repos/apt/ $(lsb_release -cs)-pgdg main" > \
401+
/etc/apt/sources.list.d/pgdg.list
431402
apt-get update
432403
apt-get install --no-install-recommends -y "${packages[@]}"
433404
apt-get autoremove -yqq --purge
@@ -571,6 +542,36 @@ function common::install_pip_version() {
571542
fi
572543
mkdir -p "${HOME}/.local/bin"
573544
}
545+
546+
function common::import_trusted_gpg() {
547+
common::get_colors
548+
549+
local key=${1:?${COLOR_RED}First argument expects OpenPGP Key ID${COLOR_RESET}}
550+
local name=${2:?${COLOR_RED}Second argument expected trust storage name${COLOR_RESET}}
551+
# Please note that not all servers could be used for retrieve keys
552+
# sks-keyservers.net: Unmaintained and DNS taken down due to GDPR requests.
553+
# keys.openpgp.org: User ID Mandatory, not suitable for APT repositories
554+
# keyring.debian.org: Only accept keys in Debian keyring.
555+
# pgp.mit.edu: High response time.
556+
local keyservers=(
557+
"hkps://keyserver.ubuntu.com"
558+
"hkps://pgp.surf.nl"
559+
)
560+
561+
GNUPGHOME="$(mktemp -d)"
562+
export GNUPGHOME
563+
set +e
564+
for keyserver in $(shuf -e "${keyservers[@]}"); do
565+
echo "${COLOR_BLUE}Try to receive GPG public key ${key} from ${keyserver}${COLOR_RESET}"
566+
gpg --keyserver "${keyserver}" --recv-keys "${key}" 2>&1 && break
567+
echo "${COLOR_YELLOW}Unable to receive GPG public key ${key} from ${keyserver}${COLOR_RESET}"
568+
done
569+
set -e
570+
gpg --export "${key}" > "/etc/apt/trusted.gpg.d/${name}.gpg"
571+
gpgconf --kill all
572+
rm -rf "${GNUPGHOME}"
573+
unset GNUPGHOME
574+
}
574575
EOF
575576

576577
# The content below is automatically copied from scripts/docker/pip
@@ -1249,6 +1250,8 @@ ENV INSTALL_MYSQL_CLIENT=${INSTALL_MYSQL_CLIENT} \
12491250
INSTALL_MSSQL_CLIENT=${INSTALL_MSSQL_CLIENT} \
12501251
INSTALL_POSTGRES_CLIENT=${INSTALL_POSTGRES_CLIENT}
12511252

1253+
COPY --from=scripts common.sh /scripts/docker/
1254+
12521255
# Only copy mysql/mssql installation scripts for now - so that changing the other
12531256
# scripts which are needed much later will not invalidate the docker layer here
12541257
COPY --from=scripts install_mysql.sh install_mssql.sh install_postgres.sh /scripts/docker/

‎Dockerfile.ci

+57-56
Original file line numberDiff line numberDiff line change
@@ -174,46 +174,19 @@ EOF
174174
# The content below is automatically copied from scripts/docker/install_mysql.sh
175175
COPY <<"EOF" /install_mysql.sh
176176
#!/usr/bin/env bash
177+
. "$( dirname "${BASH_SOURCE[0]}" )/common.sh"
178+
177179
set -euo pipefail
178-
declare -a packages
179180

180-
MYSQL_LTS_VERSION="8.0"
181-
MARIADB_LTS_VERSION="10.11"
182-
readonly MYSQL_LTS_VERSION
183-
readonly MARIADB_LTS_VERSION
181+
common::get_colors
182+
declare -a packages
184183

185-
COLOR_BLUE=$'\e[34m'
186-
readonly COLOR_BLUE
187-
COLOR_YELLOW=$'\e[1;33m'
188-
readonly COLOR_YELLOW
189-
COLOR_RED=$'\e[1;31m'
190-
readonly COLOR_RED
191-
COLOR_RESET=$'\e[0m'
192-
readonly COLOR_RESET
184+
readonly MYSQL_LTS_VERSION="8.0"
185+
readonly MARIADB_LTS_VERSION="10.11"
193186

194187
: "${INSTALL_MYSQL_CLIENT:?Should be true or false}"
195188
: "${INSTALL_MYSQL_CLIENT_TYPE:-mariadb}"
196189

197-
export_key() {
198-
local key="${1}"
199-
local name="${2:-mysql}"
200-
201-
echo "${COLOR_BLUE}Verify and export GPG public key ${key}${COLOR_RESET}"
202-
GNUPGHOME="$(mktemp -d)"
203-
export GNUPGHOME
204-
set +e
205-
for keyserver in $(shuf -e ha.pool.sks-keyservers.net hkp://p80.pool.sks-keyservers.net:80 \
206-
keyserver.ubuntu.com hkp://keyserver.ubuntu.com:80)
207-
do
208-
gpg --keyserver "${keyserver}" --recv-keys "${key}" 2>&1 && break
209-
done
210-
set -e
211-
gpg --export "${key}" > "/etc/apt/trusted.gpg.d/${name}.gpg"
212-
gpgconf --kill all
213-
rm -rf "${GNUPGHOME}"
214-
unset GNUPGHOME
215-
}
216-
217190
install_mysql_client() {
218191
if [[ "${1}" == "dev" ]]; then
219192
packages=("libmysqlclient-dev" "mysql-client")
@@ -231,7 +204,7 @@ install_mysql_client() {
231204
exit 1
232205
fi
233206

234-
export_key "B7B3B788A8D3785C" "mysql"
207+
common::import_trusted_gpg "B7B3B788A8D3785C" "mysql"
235208

236209
echo
237210
echo "${COLOR_BLUE}Installing Oracle MySQL client version ${MYSQL_LTS_VERSION}: ${1}${COLOR_RESET}"
@@ -273,7 +246,7 @@ install_mariadb_client() {
273246
exit 1
274247
fi
275248

276-
export_key "0xF1656F24C74CD1D8" "mariadb"
249+
common::import_trusted_gpg "0xF1656F24C74CD1D8" "mariadb"
277250

278251
echo
279252
echo "${COLOR_BLUE}Installing MariaDB client version ${MARIADB_LTS_VERSION}: ${1}${COLOR_RESET}"
@@ -315,16 +288,16 @@ EOF
315288
# The content below is automatically copied from scripts/docker/install_mssql.sh
316289
COPY <<"EOF" /install_mssql.sh
317290
#!/usr/bin/env bash
291+
. "$( dirname "${BASH_SOURCE[0]}" )/common.sh"
292+
318293
set -euo pipefail
319294

320-
: "${AIRFLOW_PIP_VERSION:?Should be set}"
295+
common::get_colors
296+
declare -a packages
321297

298+
: "${AIRFLOW_PIP_VERSION:?Should be set}"
322299
: "${INSTALL_MSSQL_CLIENT:?Should be true or false}"
323300

324-
COLOR_BLUE=$'\e[34m'
325-
readonly COLOR_BLUE
326-
COLOR_RESET=$'\e[0m'
327-
readonly COLOR_RESET
328301

329302
function install_mssql_client() {
330303
# Install MsSQL client from Microsoft repositories
@@ -334,21 +307,19 @@ function install_mssql_client() {
334307
echo
335308
return
336309
fi
310+
packages=("msodbcsql18")
311+
312+
common::import_trusted_gpg "EB3E94ADBE1229CF" "microsoft"
313+
337314
echo
338315
echo "${COLOR_BLUE}Installing mssql client${COLOR_RESET}"
339316
echo
340-
local distro
341-
local version
342-
distro=$(lsb_release -is | tr '[:upper:]' '[:lower:]')
343-
version=$(lsb_release -rs)
344-
local driver=msodbcsql18
345-
curl -fsSL https://packages.microsoft.com/keys/microsoft.asc | sudo gpg --dearmor -o /usr/share/keyrings/microsoft-prod.gpg
346-
curl --silent https://packages.microsoft.com/keys/microsoft.asc | apt-key add - >/dev/null 2>&1
347-
curl --silent "https://packages.microsoft.com/config/${distro}/${version}/prod.list" > \
317+
318+
echo "deb [arch=amd64,arm64] https://packages.microsoft.com/debian/$(lsb_release -rs)/prod $(lsb_release -cs) main" > \
348319
/etc/apt/sources.list.d/mssql-release.list
349320
apt-get update -yqq
350321
apt-get upgrade -yqq
351-
ACCEPT_EULA=Y apt-get -yqq install -y --no-install-recommends "${driver}"
322+
ACCEPT_EULA=Y apt-get -yqq install --no-install-recommends "${packages[@]}"
352323
rm -rf /var/lib/apt/lists/*
353324
apt-get autoremove -yqq --purge
354325
apt-get clean && rm -rf /var/lib/apt/lists/*
@@ -360,13 +331,11 @@ EOF
360331
# The content below is automatically copied from scripts/docker/install_postgres.sh
361332
COPY <<"EOF" /install_postgres.sh
362333
#!/usr/bin/env bash
334+
. "$( dirname "${BASH_SOURCE[0]}" )/common.sh"
363335
set -euo pipefail
364-
declare -a packages
365336

366-
COLOR_BLUE=$'\e[34m'
367-
readonly COLOR_BLUE
368-
COLOR_RESET=$'\e[0m'
369-
readonly COLOR_RESET
337+
common::get_colors
338+
declare -a packages
370339

371340
: "${INSTALL_POSTGRES_CLIENT:?Should be true or false}"
372341

@@ -386,8 +355,10 @@ install_postgres_client() {
386355
exit 1
387356
fi
388357

389-
curl https://www.postgresql.org/media/keys/ACCC4CF8.asc | apt-key add -
390-
echo "deb https://apt.postgresql.org/pub/repos/apt/ $(lsb_release -cs)-pgdg main" > /etc/apt/sources.list.d/pgdg.list
358+
common::import_trusted_gpg "7FCC7D46ACCC4CF8" "postgres"
359+
360+
echo "deb [arch=amd64,arm64] https://apt.postgresql.org/pub/repos/apt/ $(lsb_release -cs)-pgdg main" > \
361+
/etc/apt/sources.list.d/pgdg.list
391362
apt-get update
392363
apt-get install --no-install-recommends -y "${packages[@]}"
393364
apt-get autoremove -yqq --purge
@@ -531,6 +502,36 @@ function common::install_pip_version() {
531502
fi
532503
mkdir -p "${HOME}/.local/bin"
533504
}
505+
506+
function common::import_trusted_gpg() {
507+
common::get_colors
508+
509+
local key=${1:?${COLOR_RED}First argument expects OpenPGP Key ID${COLOR_RESET}}
510+
local name=${2:?${COLOR_RED}Second argument expected trust storage name${COLOR_RESET}}
511+
# Please note that not all servers could be used for retrieve keys
512+
# sks-keyservers.net: Unmaintained and DNS taken down due to GDPR requests.
513+
# keys.openpgp.org: User ID Mandatory, not suitable for APT repositories
514+
# keyring.debian.org: Only accept keys in Debian keyring.
515+
# pgp.mit.edu: High response time.
516+
local keyservers=(
517+
"hkps://keyserver.ubuntu.com"
518+
"hkps://pgp.surf.nl"
519+
)
520+
521+
GNUPGHOME="$(mktemp -d)"
522+
export GNUPGHOME
523+
set +e
524+
for keyserver in $(shuf -e "${keyservers[@]}"); do
525+
echo "${COLOR_BLUE}Try to receive GPG public key ${key} from ${keyserver}${COLOR_RESET}"
526+
gpg --keyserver "${keyserver}" --recv-keys "${key}" 2>&1 && break
527+
echo "${COLOR_YELLOW}Unable to receive GPG public key ${key} from ${keyserver}${COLOR_RESET}"
528+
done
529+
set -e
530+
gpg --export "${key}" > "/etc/apt/trusted.gpg.d/${name}.gpg"
531+
gpgconf --kill all
532+
rm -rf "${GNUPGHOME}"
533+
unset GNUPGHOME
534+
}
534535
EOF
535536

536537
# The content below is automatically copied from scripts/docker/install_pipx_tools.sh

‎scripts/docker/common.sh

+30
Original file line numberDiff line numberDiff line change
@@ -83,3 +83,33 @@ function common::install_pip_version() {
8383
fi
8484
mkdir -p "${HOME}/.local/bin"
8585
}
86+
87+
function common::import_trusted_gpg() {
88+
common::get_colors
89+
90+
local key=${1:?${COLOR_RED}First argument expects OpenPGP Key ID${COLOR_RESET}}
91+
local name=${2:?${COLOR_RED}Second argument expected trust storage name${COLOR_RESET}}
92+
# Please note that not all servers could be used for retrieve keys
93+
# sks-keyservers.net: Unmaintained and DNS taken down due to GDPR requests.
94+
# keys.openpgp.org: User ID Mandatory, not suitable for APT repositories
95+
# keyring.debian.org: Only accept keys in Debian keyring.
96+
# pgp.mit.edu: High response time.
97+
local keyservers=(
98+
"hkps://keyserver.ubuntu.com"
99+
"hkps://pgp.surf.nl"
100+
)
101+
102+
GNUPGHOME="$(mktemp -d)"
103+
export GNUPGHOME
104+
set +e
105+
for keyserver in $(shuf -e "${keyservers[@]}"); do
106+
echo "${COLOR_BLUE}Try to receive GPG public key ${key} from ${keyserver}${COLOR_RESET}"
107+
gpg --keyserver "${keyserver}" --recv-keys "${key}" 2>&1 && break
108+
echo "${COLOR_YELLOW}Unable to receive GPG public key ${key} from ${keyserver}${COLOR_RESET}"
109+
done
110+
set -e
111+
gpg --export "${key}" > "/etc/apt/trusted.gpg.d/${name}.gpg"
112+
gpgconf --kill all
113+
rm -rf "${GNUPGHOME}"
114+
unset GNUPGHOME
115+
}

‎scripts/docker/install_mssql.sh

+13-14
Original file line numberDiff line numberDiff line change
@@ -16,16 +16,17 @@
1616
# specific language governing permissions and limitations
1717
# under the License.
1818
# shellcheck shell=bash
19+
# shellcheck source=scripts/docker/common.sh
20+
. "$( dirname "${BASH_SOURCE[0]}" )/common.sh"
21+
1922
set -euo pipefail
2023

21-
: "${AIRFLOW_PIP_VERSION:?Should be set}"
24+
common::get_colors
25+
declare -a packages
2226

27+
: "${AIRFLOW_PIP_VERSION:?Should be set}"
2328
: "${INSTALL_MSSQL_CLIENT:?Should be true or false}"
2429

25-
COLOR_BLUE=$'\e[34m'
26-
readonly COLOR_BLUE
27-
COLOR_RESET=$'\e[0m'
28-
readonly COLOR_RESET
2930

3031
function install_mssql_client() {
3132
# Install MsSQL client from Microsoft repositories
@@ -35,21 +36,19 @@ function install_mssql_client() {
3536
echo
3637
return
3738
fi
39+
packages=("msodbcsql18")
40+
41+
common::import_trusted_gpg "EB3E94ADBE1229CF" "microsoft"
42+
3843
echo
3944
echo "${COLOR_BLUE}Installing mssql client${COLOR_RESET}"
4045
echo
41-
local distro
42-
local version
43-
distro=$(lsb_release -is | tr '[:upper:]' '[:lower:]')
44-
version=$(lsb_release -rs)
45-
local driver=msodbcsql18
46-
curl -fsSL https://packages.microsoft.com/keys/microsoft.asc | sudo gpg --dearmor -o /usr/share/keyrings/microsoft-prod.gpg
47-
curl --silent https://packages.microsoft.com/keys/microsoft.asc | apt-key add - >/dev/null 2>&1
48-
curl --silent "https://packages.microsoft.com/config/${distro}/${version}/prod.list" > \
46+
47+
echo "deb [arch=amd64,arm64] https://packages.microsoft.com/debian/$(lsb_release -rs)/prod $(lsb_release -cs) main" > \
4948
/etc/apt/sources.list.d/mssql-release.list
5049
apt-get update -yqq
5150
apt-get upgrade -yqq
52-
ACCEPT_EULA=Y apt-get -yqq install -y --no-install-recommends "${driver}"
51+
ACCEPT_EULA=Y apt-get -yqq install --no-install-recommends "${packages[@]}"
5352
rm -rf /var/lib/apt/lists/*
5453
apt-get autoremove -yqq --purge
5554
apt-get clean && rm -rf /var/lib/apt/lists/*

‎scripts/docker/install_mysql.sh

+9-35
Original file line numberDiff line numberDiff line change
@@ -16,48 +16,22 @@
1616
# specific language governing permissions and limitations
1717
# under the License.
1818
# shellcheck shell=bash
19+
# shellcheck source=scripts/docker/common.sh
20+
. "$( dirname "${BASH_SOURCE[0]}" )/common.sh"
21+
1922
set -euo pipefail
23+
24+
common::get_colors
2025
declare -a packages
2126

2227
# https://dev.mysql.com/blog-archive/introducing-mysql-innovation-and-long-term-support-lts-versions/
23-
MYSQL_LTS_VERSION="8.0"
28+
readonly MYSQL_LTS_VERSION="8.0"
2429
# https://mariadb.org/about/#maintenance-policy
25-
MARIADB_LTS_VERSION="10.11"
26-
readonly MYSQL_LTS_VERSION
27-
readonly MARIADB_LTS_VERSION
28-
29-
COLOR_BLUE=$'\e[34m'
30-
readonly COLOR_BLUE
31-
COLOR_YELLOW=$'\e[1;33m'
32-
readonly COLOR_YELLOW
33-
COLOR_RED=$'\e[1;31m'
34-
readonly COLOR_RED
35-
COLOR_RESET=$'\e[0m'
36-
readonly COLOR_RESET
30+
readonly MARIADB_LTS_VERSION="10.11"
3731

3832
: "${INSTALL_MYSQL_CLIENT:?Should be true or false}"
3933
: "${INSTALL_MYSQL_CLIENT_TYPE:-mariadb}"
4034

41-
export_key() {
42-
local key="${1}"
43-
local name="${2:-mysql}"
44-
45-
echo "${COLOR_BLUE}Verify and export GPG public key ${key}${COLOR_RESET}"
46-
GNUPGHOME="$(mktemp -d)"
47-
export GNUPGHOME
48-
set +e
49-
for keyserver in $(shuf -e ha.pool.sks-keyservers.net hkp://p80.pool.sks-keyservers.net:80 \
50-
keyserver.ubuntu.com hkp://keyserver.ubuntu.com:80)
51-
do
52-
gpg --keyserver "${keyserver}" --recv-keys "${key}" 2>&1 && break
53-
done
54-
set -e
55-
gpg --export "${key}" > "/etc/apt/trusted.gpg.d/${name}.gpg"
56-
gpgconf --kill all
57-
rm -rf "${GNUPGHOME}"
58-
unset GNUPGHOME
59-
}
60-
6135
install_mysql_client() {
6236
if [[ "${1}" == "dev" ]]; then
6337
packages=("libmysqlclient-dev" "mysql-client")
@@ -75,7 +49,7 @@ install_mysql_client() {
7549
exit 1
7650
fi
7751

78-
export_key "B7B3B788A8D3785C" "mysql"
52+
common::import_trusted_gpg "B7B3B788A8D3785C" "mysql"
7953

8054
echo
8155
echo "${COLOR_BLUE}Installing Oracle MySQL client version ${MYSQL_LTS_VERSION}: ${1}${COLOR_RESET}"
@@ -117,7 +91,7 @@ install_mariadb_client() {
11791
exit 1
11892
fi
11993

120-
export_key "0xF1656F24C74CD1D8" "mariadb"
94+
common::import_trusted_gpg "0xF1656F24C74CD1D8" "mariadb"
12195

12296
echo
12397
echo "${COLOR_BLUE}Installing MariaDB client version ${MARIADB_LTS_VERSION}: ${1}${COLOR_RESET}"

‎scripts/docker/install_postgres.sh

+8-7
Original file line numberDiff line numberDiff line change
@@ -16,13 +16,12 @@
1616
# specific language governing permissions and limitations
1717
# under the License.
1818
# shellcheck shell=bash
19+
# shellcheck source=scripts/docker/common.sh
20+
. "$( dirname "${BASH_SOURCE[0]}" )/common.sh"
1921
set -euo pipefail
20-
declare -a packages
2122

22-
COLOR_BLUE=$'\e[34m'
23-
readonly COLOR_BLUE
24-
COLOR_RESET=$'\e[0m'
25-
readonly COLOR_RESET
23+
common::get_colors
24+
declare -a packages
2625

2726
: "${INSTALL_POSTGRES_CLIENT:?Should be true or false}"
2827

@@ -42,8 +41,10 @@ install_postgres_client() {
4241
exit 1
4342
fi
4443

45-
curl https://www.postgresql.org/media/keys/ACCC4CF8.asc | apt-key add -
46-
echo "deb https://apt.postgresql.org/pub/repos/apt/ $(lsb_release -cs)-pgdg main" > /etc/apt/sources.list.d/pgdg.list
44+
common::import_trusted_gpg "7FCC7D46ACCC4CF8" "postgres"
45+
46+
echo "deb [arch=amd64,arm64] https://apt.postgresql.org/pub/repos/apt/ $(lsb_release -cs)-pgdg main" > \
47+
/etc/apt/sources.list.d/pgdg.list
4748
apt-get update
4849
apt-get install --no-install-recommends -y "${packages[@]}"
4950
apt-get autoremove -yqq --purge

0 commit comments

Comments
 (0)
Please sign in to comment.