Permalink
Cannot retrieve contributors at this time
Name already in use
A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?
mdq-appliance/container_files/genMD.sh
Go to fileThis commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
80 lines (60 sloc)
2.39 KB
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # | |
| #generate environment file for later use when running under crond (with no env) | |
| if [ ! -f /usr/local/bin/bash.env ]; then | |
| printenv | sed 's/^\([a-zA-Z0-9_]*\)=\(.*\)$/export \1="\2"/g' > /usr/local/bin/bash.env | |
| fi | |
| source /usr/local/bin/bash.env | |
| echo "Starting metadata generation process at $(date)" | |
| # fetch/validate InCommon MD | |
| # curl -R to preserve file timestamp | |
| curl -R -o /tmp/inc-metadata.xml ${INC_MD_URL} | |
| #grab timestamp from MD file | |
| export MDTIME=$(stat -c %y /tmp/inc-metadata.xml | cut -d ' ' -f1,2) | |
| ${XMLSECTOOL_PATH} --verifySignature --inFile /tmp/inc-metadata.xml --certificate /keys/inc-md-cert.pem --outFile ${INC_MD_VERIFIED_PATH} | |
| if [ $? -eq 0 ]; then | |
| echo "InCommon Metadata document retreived and validated." | |
| else | |
| echo "InCommon Metadata document FAILED to validate!" | |
| exit 1 | |
| fi | |
| rm -f /tmp/inc-metadata.xml | |
| # generate per-entity MD | |
| cd ${MDQ_HOME} | |
| /usr/bin/ant inc.mdq.generate.localkey | |
| if [ $? -eq 0 ]; then | |
| echo "Per-Entity Metadata generation successful." | |
| else | |
| echo "Per-Entity Metadata generation failed." | |
| exit 1 | |
| fi | |
| #copy aggregate to www root | |
| cp ${INC_MD_VERIFIED_PATH} ${WWW_HOME}/entities/all.xml | |
| # create needed gz files and symlinks | |
| echo "Creating auxillary files and links..." | |
| cd ${WWW_HOME}/entities | |
| for f in ${WWW_HOME}/entities/*.xml | |
| do | |
| # Convert the /full/path/and/filename.xml to just filename.xml | |
| filename=${f##*/} | |
| # And then filename.xml to just filename (i.e. the % encoded entityId) | |
| entityidpercentencoded=${filename%.*} | |
| # Un-%encode the entityId | |
| entityid=$(echo $entityidpercentencoded | sed "s@+@ @g;s@%@\\\\x@g" | xargs -0 printf "%b") | |
| # Calculate the sha1 hash of the entityId | |
| entityidsha1=$(echo -n $entityid | openssl sha1 | awk '{print $2}') | |
| # Create the gzipped version of the file | |
| gzip -9 < $filename > x_gz-$filename.gz | |
| # Remove .xml from the filenames | |
| mv -f $filename $entityidpercentencoded | |
| mv -f x_gz-$filename.gz x_gz-$entityidpercentencoded.gz | |
| # Create the symlinks to the XML file and the gzipped version | |
| ln -s $entityidpercentencoded {sha1}$entityidsha1 | |
| ln -s x_gz-$entityidpercentencoded.gz x_gz-{sha1}$entityidsha1.gz | |
| done | |
| #copy signing cert to wwwroot area | |
| cp /keys/mda-signing.crt /mdqwww/ | |
| #set a consistent timestamp on entity files (sync with aggregate) | |
| echo "Syncing timestamps on per-entity metadata files to '$MDTIME'..." | |
| find /mdqwww/entities -exec touch -d "$MDTIME" {} \; | |
| echo "Metadata generation complete at $(date)" | |