NervProj Task list

  • ✅ Add support to parse tool paths in script commands such as:
        notify: false
        cmd: $[TOOL_PATH:openssl]
          LD_LIBRARY_PATH: $[TOOL_DIR:openssl]/lib64
    • So added this processing code in runner.fill_placeholders() method:
          def fill_placeholders(self, content, hlocs):
              """Re-implementation of fill_placeholders to handle processing of tool paths"""
              content = super().fill_placeholders(content, hlocs)
              # Also find if we have any mention of a tool path or tool dir in there:
              pat = re.compile(r"\$\[([^:]+):([a-z]+)\]")
              tools = self.get_component("tools")
              match =
              while match is not None:
                  # Get the source match:
                  match_str =
                  # get the request type:
                  req_type =
                  # Get the tool name:
                  tool_name =
                  # Compute the replacement:
                  match req_type:
                      case "TOOL_PATH":
                          replacement = tools.get_tool_path(tool_name)
                      case "TOOL_DIR":
                          replacement = tools.get_tool_dir(tool_name)
                      case "TOOL_ROOT_DIR":
                          replacement = tools.get_tool_root_dir(tool_name)
                      case _:
                          self.throw("Invalid replacement request type: %s", req_type)
                  # Replace in the string:
        "Replacing '%s' with '%s'", match_str, replacement)
                  content = content.replace(match_str, replacement)
                  match =
              return content
    • But then we also need to find the correct folder for openssl, which is not really a tool but rather an compiled library in our case. So I updated the setup_tools function to also support checking tools from libraries:
                      # First we check if this could maybe match an installable library:
                      bman = self.get_component("builder")
                      ldesc = bman.get_library_desc(tname)
                      if ldesc is not None and ldesc["version"] == desc["version"]:
                          # We want to use this library to provide the tool:
                          install_path = bman.get_library_root_dir(tname)
                          tpath = self.get_path(install_path, desc["sub_path"])
                          full_name = f"{tname}-{desc['version']}"
                          install_path = self.get_path(self.tools_dir, full_name)
                          tpath = self.get_path(install_path, desc["sub_path"])
                          if not self.file_exists(tpath):
                              if "build_mode" in desc:
                                  # This tool should be built from sources:
                                  self.build_tool(full_name, desc)
                                  # retrieve the most appropriate source package for that tool:
                                  pkg_file = self.retrieve_tool_package(desc)
                                  # Extract the package:
                                  self.extract_package(pkg_file, self.tools_dir, target_dir=full_name)
                                  # CHeck if we have a post install command:
                                  fname = f"_post_install_{desc['name']}_{self.platform}"
                                  postinst = self.get_method(fname.lower())
                                  if postinst is not None:
                            "Running post install for %s...", full_name)
                                      postinst(install_path, desc)
                                  # Remove the source package:
                                  # self.remove_file(pkg_file)
  • ✅ Add support to generate openssl certificates:
    • To generate a root certificate:
      nvp gen-cert rootA rootA.cnf
    • To generate a non-root certificate:
      nvp gen-cert clientA clientA.cnf -r rootA
    • Using the admin.generate_certificate() method
          def generate_certificate(self, cname, cfgfile, root_cert):
              """Generate an SSL certificate"""
              tools = self.get_component("tools")
              openssl = tools.get_tool_path("openssl")
              if root_cert is None:
                  # Generate a root certificate:
                  # openssl req -newkey rsa:2048 -sha256 -keyout rootAkey.pem -out rootAreq.pem -nodes -config ./rootA.cnf -days 365 -batch
                  # openssl x509 -req -in rootAreq.pem -sha256 -extfile ./rootA.cnf -extensions v3_ca -signkey rootAkey.pem -out rootA.pem -days 365
                  # openssl x509 -subject -issuer -noout -in rootA.pem
                  cmd1 = f"req -newkey rsa:2048 -sha256 -keyout {cname}_key.pem -out {cname}_req.pem -nodes -config ./{cfgfile} -batch"
                  cmd2 = f"x509 -req -in {cname}_req.pem -sha256 -extfile ./{cfgfile} -extensions v3_ca -signkey {cname}_key.pem -out {cname}.pem -days 365"
                  cmd3 = f"x509 -subject -issuer -noout -in {cname}.pem"
                  # Generate a non-root certificate:
                  # openssl req -newkey rsa:1024 -sha1 -keyout clientAkey.pem -out clientAreq.pem -nodes -config ./clientA.cnf -days 365 -batch
                  # openssl x509 -req -in clientAreq.pem -sha1 -extfile ./clientA.cnf -extensions usr_cert -CA rootA.pem -CAkey rootAkey.pem -CAcreateserial -out clientAcert.pem -days 365
                  # copy clientAcert.pem + rootA.pem clientA.pem
                  # openssl x509 -subject -issuer -noout -in clientA.pem
                  # cmd1 = "req -newkey rsa:1024 -sha1 -keyout {cname}_key.pem -out {cname}_req.pem -nodes -config {cfgfile} -batch"
                  cmd1 = f"req -newkey rsa:2048 -sha256 -keyout {cname}_key.pem -out {cname}_req.pem -nodes -config {cfgfile} -batch"
                  cmd2 = f"x509 -req -in {cname}_req.pem -sha1 -extfile {cfgfile} -extensions usr_cert -CA {root_cert}.pem -CAkey {root_cert}_key.pem -CAcreateserial -out {cname}_cert.pem -days 365"
                  # copy {cname}_cert.pem + {root_cert}.pem {cname}.pem
                  cmd3 = f"x509 -subject -issuer -noout -in {cname}.pem"
              cwd = self.get_cwd()
    "CWD: %s", cwd)
              self.execute([openssl] + cmd1.split(), cwd=cwd)
              self.execute([openssl] + cmd2.split(), cwd=cwd)
              if root_cert is not None:
                  # Combine the certificates:
                  content1 = self.read_text_file(f"{cname}_cert.pem")
                  content2 = self.read_text_file(f"{root_cert}.pem")
                  self.write_text_file(content1 + content2, f"{cname}.pem")
              self.execute([openssl] + cmd3.split(), cwd=cwd)

* Add support to execute multiple commands in a single script (?)

  • public/projects/nervproj/nervproj_task_list.txt
  • Last modified: 2023/03/12 10:36
  • (external edit)