Improved installer

bin/zopen

@@ -1,4 +1,4 @@
-#!/bin/sh
+#!/bin/sh -x
 #
 # zopen wrapper script to allow single point of entry to zopen
 # tooling.
@@ -35,13 +35,15 @@ Command:
   config            change zopen runtime environment settings
   diagnostics       collects system info for zopen troubleshooting
   generate          generates a new zopen project
+  info              displays detailed information about a package
   init              initializes a zopen environment at the specified location
-  refresh           refreshes your zopen environment and zopen-config file
   install           installs one or more zopen community packages
-  info              displays detailed information about a package
   list              lists information about zopen community packages
+  mirror            performs a synchronization of the GitHub repository
+  promote           promote a zopen environment to another location
   publish           publish zopen package release to github
   query             list local or remote info about zopen community packages
+  refresh           refreshes your zopen environment and zopen-config file
   remove            removes installed zopen community packages
   update-cacert     update the cacert.pem file used by zopen community
   upgrade           upgrades existing zopen community packages
@@ -51,6 +53,7 @@ Command:
 Options:
   -h, --help, -?    display this help and exit
   -v, --verbose     run in verbose mode
+  --version         display the zopen version
 
 Examples:
   zopen --help      displays zopen help
@@ -59,7 +62,7 @@ Examples:
   zopen upgrade -y  upgrade all installed packages to the latest release,
                     without prompting
   zopen alt bash    list installed alternative bash packages
-  zopen info vim    displays details information about the installed vim package
+  zopen info vim    displays detailed information about the installed vim package
   zopen usage --pie displays an ASCII-art chart showing biggest space hogs
 
 SEE ALSO:
@@ -69,13 +72,19 @@ SEE ALSO:
   zopen-clean(1)
   zopen-config-helper(1)
   zopen-generate(1)
+  zopen-info(1)
   zopen-init(1)
   zopen-install(1)
-  zopen-info(1)
+  zopen-list(1)
+  zopen-mirror(1)
+  zopen-promote(1)
   zopen-publish(1)
   zopen-query(1)
+  zopen-promote(1)
+  zopen-refresh(1)
   zopen-remove(1)
   zopen-update-cacert(1)
+  zopen-upgrade(1)
   zopen-usage(1)
   zopen-whichproject(1)
   zopen-version(1)
@@ -92,41 +101,48 @@ subopts=""
 subcmd=""
 help=false
 version=false
+verbFound=false
 
-for arg in $*; do
-  case "${arg}" in
-    "alt"|"audit"|"build"|"clean"|"generate"|"init"|"install"|\
-    "query"|"remove"|"update-cacert"|"info"|"usage"|"diagnostics"|\
-    "whichproject"|"publish")
-      subcmd="zopen-${arg}"
-      ;;
-    "list")
-      subcmd='zopen-query'
-      subopts="${subopts} --list"
-      ;;
-    "refresh")
-      subcmd='zopen-init'
-      subopts="${subopts} --refresh"
-      ;;
-    "upgrade")
-      subcmd='zopen-install'
-      subopts="${subopts} -u"
-      ;;
-    "config")
-      subcmd="zopen-${arg}-helper"
-      ;;
-    "--version")
-      subcmd='zopen-version'
-      version=true
-      ;;
-    "help" | "--help" | "-?")
-      help=true
-      ;;
-    *)
-      # let unknown stuff through
-      subopts="${subopts} ${arg}"
-      ;;
-  esac
+while [ "$#" -gt 0 ]; do
+  arg=$1 || shift
+  if $verbFound; then
+   subopts="${subopts} ${arg}" 
+  else
+    case "${arg}" in
+      "alt"|"audit"|"build"|"clean"|"generate"|"init"|"install"|\
+      "query"|"remove"|"update-cacert"|"info"|"usage"|"diagnostics"|\
+      "whichproject"|"publish"|"list"|"upgrade"|"mirror"|"promote")
+        subcmd="zopen-${arg}"
+        verbFound=true
+        ;;
+      "refresh")
+        subcmd='zopen-init'
+        subopts="${subopts} --refresh"
+        verbFound=true
+        ;;
+      "config")
+        subcmd="zopen-${arg}-helper"
+        verbFound=true
+        ;;
+      "--version")
+        if [ -z "${subcmd}" ]; then
+          subcmd='zopen-version'
+          version=true
+        else
+          subopts="${subopts} ${arg}"
+        fi
+        ;;
+      "help" | "--help" | "-?")
+        help=true
+        verbFound=true
+        ;;
+      *)
+        # let unknown stuff through
+        subopts="${subopts} ${arg}"
+        ;;
+    esac
+  fi
+  shift
 done
 
 if [ -z "${subcmd}" ]; then
@@ -152,4 +168,5 @@ if ${version}; then
   fi
 fi
 
+# shellcheck disable=SC2086  # We want globbing in this case
 ${subcmd} ${subopts}

bin/zopen-alt

@@ -1,4 +1,4 @@
-#!/bin/sh
+#!/bin/sh -x
 #
 # "Alternatives" utility for zopen community - https://github.com/zopencommunity
 #
@@ -55,14 +55,29 @@ mergeNewVersion()
 {
   package="$1"
   newver="$2"
-  oldver="$2"
-  [ -z "${package}" ] && printError "Internal error; no packagename provided to merge."
-  [ -d "${ZOPEN_PKGINSTALL}/${package}/${newver}" ] || printError "Version '${newver}' was not available to set as current"
+
+  [ -z "${package}" ] && printError "Internal error; no package name provided to merge."
+  newVerDir="${ZOPEN_PKGINSTALL}/${package}/${newver}"
+  [ -d "${newVerDir}" ] || printError "Version '${newver}' was not available to set as current"
+
+  # We are effectively re-installing so run some scriptlets, noting that for the
+  # alternative to be  available on the system, it must have passed various the
+  # checks in installPre (GPG/prereq)
+  if ! processActionScripts "transactionPre"; then
+    exit 1
+  fi
   if [ -e "${ZOPEN_PKGINSTALL}/${package}/${package}" ]; then
     printVerbose "Removing main link"
-    rm -rf "${ZOPEN_PKGINSTALL}/${package}/${package}"
+    if ! rm -rf "${ZOPEN_PKGINSTALL}/${package}/${package}:?"; then
+      printSoftError "Unable to remove previously set package link: ${ZOPEN_PKGINSTALL}/${package}/${package}"
+      printError "Check permissions and retry command."
+    fi
+  fi
+  if ! runLogProgress "mergeIntoSystem \"${package}\" \"${ZOPEN_PKGINSTALL}/${package}//${newver}\" \"${ZOPEN_ROOTFS}\"" \
+      "Merging ${package} into symlink mesh" "Merged ${package} into symlink mesh"; then
+    printSoftError "Unexpected errors merging symlinks into mesh tree"
+    printError "Use zopen alt to select previous version to ensure known state"
   fi
-  mergeIntoSystem "${package}" "${ZOPEN_PKGINSTALL}/${package}/${newver}" "${ZOPEN_ROOTFS}"
   printVerbose "New version merged; checking for orphaned files from previous version"
   # This will remove any old symlinks or dirs that might have changed in an up/downgrade
   # as the merge process overwrites existing files to point to different version. If there was
@@ -84,7 +99,12 @@ mergeNewVersion()
   if [ -e "${ZOPEN_PKGINSTALL}/${package}/${package}/.releaseinfo" ]; then
     version=$(cat "${ZOPEN_PKGINSTALL}/${package}/${package}/.releaseinfo")
   fi
+  printVerbose "Updating package DB"
+  updatePackageDB
+
   syslog "${ZOPEN_LOG_PATH}/audit.log" "${LOG_A}" "${CAT_PACKAGE}" "ALT" "setAlt" "Set '${package}' to version:${version};"
+  processActionScripts "installPost" "${package}"
+  processActionScripts "transactionPost"
 }
 
 setAlt()
@@ -93,7 +113,7 @@ setAlt()
   newver="$2"
   if [ -e "${ZOPEN_PKGINSTALL}/${package}/" ]; then
     printVerbose "${package} is either installed or has been previously"
-    found=$(zosfind "${ZOPEN_PKGINSTALL}/${package}/" -type l -prune -o -type d -print | sed -e "s#${ZOPEN_PKGINSTALL}/${package}/\([^/]*\).*#\1#" | uniq)
+    found=$(find "${ZOPEN_PKGINSTALL}/${package}/" -type l -prune -o -type d -print | sed -e "s#${ZOPEN_PKGINSTALL}/${package}/\([^/]*\).*#\1#" | uniq)
   else
     printVerbose "${package} has never been installed on the system"
   fi
@@ -145,7 +165,7 @@ listAlts()
   package=$(echo "${package}" | awk '{$1=$1};1')
   if [ -e "${ZOPEN_PKGINSTALL}/${package}/" ]; then
     printVerbose "${package} is either installed or has been previously"
-    found=$(zosfind "${ZOPEN_PKGINSTALL}/${package}/" -type l -prune -o -type d -print | sed -e "s#${ZOPEN_PKGINSTALL}/${package}/\([^/]*\).*#\1#" | uniq)
+    found=$(find "${ZOPEN_PKGINSTALL}/${package}/" -type l -prune -o -type d -print | sed -e "s#${ZOPEN_PKGINSTALL}/${package}/\([^/]*\).*#\1#" | uniq)
   else
     printVerbose "${package} has never been installed on the system"
   fi
@@ -164,19 +184,19 @@ listAlts()
   #  echo "${found}" | xargs | tr ' ' '\n' | while read repo; do
   TMP_FIFO_PIPE="${HOME}/altselect.pipe"
   [ ! -p "${TMP_FIFO_PIPE}" ] || rm -f "${TMP_FIFO_PIPE}"
-  mkfifo ${TMP_FIFO_PIPE}
+  mkfifo "${TMP_FIFO_PIPE}"
   echo "${found}" | xargs | tr ' ' '\n' >> "${TMP_FIFO_PIPE}" &
   while read repo; do
     printVerbose "Parsing repo: '${repo}' as '${repo#"${ZOPEN_PKGINSTALL}"/}'"
-    i=$(expr ${i} + 1)
+    i=$((i + 1))
     if [ "${deref#"${ZOPEN_PKGINSTALL}"/}" = "${repo#"${ZOPEN_PKGINSTALL}"/}" ]; then
       current=${i}
       printInfo "${NC}${GREEN}${i}: ${repo#"${ZOPEN_PKGINSTALL}"/}  <-  current${NC}"
     else
       printInfo "${i}: ${repo#"${ZOPEN_PKGINSTALL}"/}"
     fi
   done < "${TMP_FIFO_PIPE}"
-  [ ! -p ${TMP_FIFO_PIPE} ] || rm -rf "${TMP_FIFO_PIPE}"
+  [ ! -p "${TMP_FIFO_PIPE}" ] || rm -rf "${TMP_FIFO_PIPE}"
 
   if ${select}; then
     mutexReq "zopen" "zopen"
@@ -202,19 +222,14 @@ while [ $# -gt 0 ]; do
   case "$1" in
   "-s" | "--set")
     shift
-    [ $# -lt 2 ] && printError "Missing argument(s) for set option. Check program arguments"
+    [ $# -lt 1 ] && printError "Missing argument for 'set' option. Check program arguments"
     sett=true
     select=false
-    package="$1"
-    newver="$2"
-    shift
+    newver="$1"
     ;;
   "--select")
     select=true
     sett=false
-    shift
-    [ $# -lt 1 ] && printError "Missing argument for select option."
-    package="$1"
     ;;
   "-h" | "--help" | "-?")
     printHelp "${args}"
@@ -228,7 +243,9 @@ while [ $# -gt 0 ]; do
     verbose=true
     ;;
   "--debug")
+    # shellcheck disable=SC2034
     verbose=true
+    # shellcheck disable=SC2034
     debug=true
     ;;
   *)
@@ -238,6 +255,10 @@ while [ $# -gt 0 ]; do
   shift
 done
 
+if ${select} && [ -z "${package}" ]; then
+  printError "Missing argument for select option."
+fi
+
 if ${sett}; then
   setAlt "${package}" "${newver}"
 elif [ -n "${package}" ]; then

bin/zopen-audit

@@ -84,39 +84,15 @@ if [ $upgrade = true ] && [ $remove = true ]; then
   exit 1
 fi
 
-JSON_VULNERABILITIES_URL="https://raw.githubusercontent.com/zopencommunity/meta/main/docs/api/zopen_vulnerability.json"
-LATEST_RELEASES_URL="https://raw.githubusercontent.com/zopencommunity/meta/main/docs/api/zopen_releases_latest.json"
-
-downloadJsonCaches()
-{
-  cachedir="${ZOPEN_ROOTFS}/var/cache/zopen"
-  [ ! -e "${cachedir}" ] && mkdir -p "${cachedir}"
-  JSON_CVE_CACHE="${cachedir}/zopen_vulnerability.json"
-
-  if ! curlout=$(curlCmd -L --fail --no-progress-meter -o "${JSON_CVE_CACHE}" "${JSON_VULNERABILITIES_URL}"); then
-    printError "Failed to obtain vulnerability json from ${JSON_VULNERABILITIES_URL}; ${curlout}"
-  fi
-  chtag -tc 819 "${JSON_CVE_CACHE}"
-
-  if $upgrade; then
-    LATEST_RELEASES_CACHE="${cachedir}/zopen_releases_latest.json"
-
-    if ! curlout=$(curlCmd -L --fail --no-progress-meter -o "${LATEST_RELEASES_CACHE}" "${LATEST_RELEASES_URL}"); then
-      printError "Failed to obtain latest releases json from ${LATEST_RELEASES_URL}; ${curlout}"
-    fi
-    chtag -tc 819 "${LATEST_RELEASES_CACHE}"
-  fi
-}
-
-downloadJsonCaches
+updateCaches
 
 if [ ! -f "${JSON_CVE_CACHE}" ]; then
   printError "Vulnerability json cache file not found."
   exit 1
 fi
 printVerbose "Obtained vulnerability json cache."
 
-if [ $upgrade = true ] && [ ! -f "${LATEST_RELEASES_CACHE}" ]; then
+if [ $upgrade = true ] && [ ! -f "${JSON_LATEST_CACHE}" ]; then
   printError "Latest releases json cache file not found."
 fi
 printVerbose "Obtained latest releases json cache."
@@ -129,7 +105,7 @@ high_vulns=0
 critical_vulns=0
 
 # Check for CVEs in all installed projects
-installed_packages=$(cd "${ZOPEN_PKGINSTALL}" && zosfind ./*/. ! -name . -prune -type l)
+installed_packages=$(cd "${ZOPEN_PKGINSTALL}" && find ./*/. ! -name . -prune -type l)
 printVerbose "Found all installed packages."
 
 # Variables for --upgrade flag
@@ -190,7 +166,7 @@ while IFS= read -r repo; do
   latest_release_vulns=""
   is_latest_release=true
   if $upgrade; then
-    latest_release=$(jq -cr '.release_data | .["'$repo'"] | .[0] | .assets | .[0] | .release' $LATEST_RELEASES_CACHE)
+    latest_release=$(jqw -cr '.release_data | .["'$repo'"] | .[0] | .assets | .[0] | .release' $JSON_LATEST_CACHE)
 
     if [ "$release" != "$latest_release" ]; then
       is_latest_release=false