--- /dev/null
+---
+- name: Create download directory
+ file:
+ dest: "{{ openwrt_download_dir }}"
+ state: directory
+
+- block:
+ - name: Generate OpenWrt download URLs
+ set_fact:
+ openwrt_url:
+ https://downloads.openwrt.org/releases/{{ openwrt_release }}/targets/{{ openwrt_arch | mandatory }}/{{ openwrt_target }}
+
+ - name: Download sha256sums
+ get_url:
+ url: "{{ openwrt_url }}/sha256sums"
+ dest: "{{ openwrt_download_dir }}/{{ openwrt_tarball_basename }}.sha256"
+
+ - name: Download sha256sums.asc
+ get_url:
+ url: "{{ openwrt_url }}/sha256sums.asc"
+ dest: "{{ openwrt_download_dir }}/{{ openwrt_tarball_basename }}.sha256.asc"
+
+ - name: Check OpenPGP signature
+ command: >-
+ gpg2 --no-options --no-default-keyring --secret-keyring /dev/null
+ --verify --keyring "{{ role_path }}/openwrt-keyring.gpg"
+ --trust-model always
+ "{{ openwrt_download_dir }}/{{ openwrt_tarball_basename }}.sha256.asc"
+ changed_when: False
+
+ - name: Extract SHA256 hash of the imagebuilder archive
+ command: grep '{{ openwrt_tarball_name }}' "{{ openwrt_download_dir }}/{{ openwrt_tarball_basename }}.sha256"
+ register: sha256
+ changed_when: False
+
+ - name: Download imagebuilder
+ get_url:
+ url: "{{ openwrt_url }}/{{ openwrt_tarball_name }}"
+ dest: "{{ openwrt_download_dir }}/{{ openwrt_tarball_name }}"
+ checksum: sha256:{{ sha256.stdout.split(' ') | first }}
+
+ rescue:
+ - name: Delete downloaded artifacts
+ file:
+ path: "{{ item }}"
+ state: absent
+ with_items:
+ - "{{ openwrt_download_dir }}/{{ openwrt_tarball_basename }}.sha256"
+ - "{{ openwrt_download_dir }}/{{ openwrt_tarball_basename }}.sha256.asc"
+ - "{{ openwrt_download_dir }}/{{ openwrt_tarball_name }}"
+ - fail:
+ msg: Something borked
projects / noc.git / blobdiff