Gitiles
Code Review Sign In
gerrit.openfyde.cn / chromium.googlesource.com / chromiumos / chromite / 09fe01248d6b24e1d831413e16c2b97da14ae22a^! / . / scripts / pushimage.py
commit09fe01248d6b24e1d831413e16c2b97da14ae22a[log] [tgz]
authorMike Frysinger <vapier@chromium.org>Sun Feb 09 02:44:05 2014 -0500
committerchrome-internal-fetch <chrome-internal-fetch@google.com>Thu Feb 13 05:57:18 2014 +0000
tree5af018f103afd442bd9aa9cbd1a7a89ef25f62b8
parentcf3457802ba5b6b96bc58411a374262b0fe35633 [diff] [blame]
pushimage: prompt the user when uploading to the release bucket

It's rare that people want to run this and upload to the actual release
bucket.  It's much more common they typod the argument list.  Prompt the
user to verify this is truly what they want to protect the system.

BUG=None
TEST=`pushimage --board=x86-alex gs://chromeos-image-archive/asdfasdfasdf` prompts nicely
TEST=`pushimage --board=x86-alex -n gs://chromeos-image-archive/asdfasdfasdf` does not prompt
TEST=`pushimage --board=x86-alex -M gs://chromeos-image-archive/asdfasdfasdf` does not prompt
TEST=`pushimage --board=x86-alex --test-sign-mp gs://chromeos-image-archive/asdfasdfasdf` does not prompt

Change-Id: If8ce8821acb613a9d0d42b7765c822aac7376864
Reviewed-on: https://chromium-review.googlesource.com/186160
Reviewed-by: Mike Frysinger <vapier@chromium.org>
Tested-by: Mike Frysinger <vapier@chromium.org>
Commit-Queue: Mike Frysinger <vapier@chromium.org>

diff --git a/scripts/pushimage.py b/scripts/pushimage.py
index 048354a..f535bf2 100644
--- a/scripts/pushimage.py
+++ b/scripts/pushimage.py

@@ -17,6 +17,7 @@
 import os
 import re
 import tempfile
+import textwrap
 
 from chromite.buildbot import constants
 from chromite.lib import commandline
@@ -397,6 +398,8 @@
   parser.add_argument('--sign-types', default=None, nargs='+',
                       choices=('recovery', 'factory', 'firmware'),
                       help='only sign specified image types')
+  parser.add_argument('--yes', action='store_true', default=False,
+                      help='answer yes to all prompts')
 
   opts = parser.parse_args(argv)
   opts.Freeze()
@@ -407,6 +410,18 @@
   if opts.test_sign_premp:
     force_keysets.add('test-keys-premp')
 
+  # If we aren't using mock or test or dry run mode, then let's prompt the user
+  # to make sure they actually want to do this.  It's rare that people want to
+  # run this directly and hit the release bucket.
+  if not (opts.mock or force_keysets or opts.dry_run) and not opts.yes:
+    prolog = '\n'.join(textwrap.wrap(textwrap.dedent(
+        'Uploading images for signing to the *release* bucket is not something '
+        'you generally should be doing yourself.'), 80)).strip()
+    if not cros_build_lib.BooleanPrompt(
+        prompt='Are you sure you want to sign these images',
+        default=False, prolog=prolog):
+      cros_build_lib.Die('better safe than sorry')
+
   PushImage(opts.image_dir, opts.board, versionrev=opts.version,
             profile=opts.profile, priority=opts.priority,
             sign_types=opts.sign_types, dry_run=opts.dry_run, mock=opts.mock,