new: [base-0k] make kalysto's deb repository installation and update stronger

When partially installed, key's were not checked and update could result
in errors due to NO_PUBKEY despite having the code to install a new key.

Signed-off-by: Valentin Lab <valentin.lab@kalysto.org>

precise/base-0k/hooks/install.d/20-kal-scripts.sh

@@ -6,26 +6,87 @@ set -eux
 ## kal-scripts
 ##
 
-
-if ! [ -e /etc/apt/sources.list.d/kalysto.org.list ]; then
+if ! status=$(dpkg-query -W -f='${db:Status-Abbrev}\n' 'apt-transport-https') ||
+        [ "$status" != "ii " ]; then
 
     ## Required to fetch our repository in https
     apt-get install -y apt-transport-https </dev/null
-    cat <<EOF > /etc/apt/sources.list.d/kalysto.org.list
+
+fi
+
+
+update_repos_from_source_file() {
+    local source_file="$1"
+    ## Update only repo's from this source file
+    if ! out=$(apt-get update \
+            -o Dir::Etc::sourcelist="sources.list.d/${source_file}" \
+            -o Dir::Etc::sourceparts="-" \
+            -o APT::Get::List-Cleanup="0" 2>/dev/null); then
+        return 3
+    fi
+    if [[  "$out" = *" NO_PUBKEY "* ]]; then
+        return 2
+    fi
+    if [[ "$out" = *$'\n'"Err:1 "* ]]; then
+        return 1
+    fi
+    return 0
+}
+
+check_working_source_file() {
+    local source_file="$1"
+    if ! [ -e "/etc/apt/sources.list.d/${source_file}" ]; then
+        return 1
+    fi
+
+    update_repos_from_source_file "${source_file}" 2>/dev/null && return 0
+    local errlvl="$?"
+    if [[ "$errlvl" == 2 ]]; then
+        return 2
+    fi
+    return 127  ## Unmanaged error
+}
+
+
+errlvl=0
+## Will check and update package list if running correctly
+check_working_source_file "kalysto.org.list" || errlvl="$?"
+
+if [ "$errlvl" -gt 0 ]; then
+    if [ "$errlvl" -le 1 ]; then  ## no file in source list
+
+        cat <<EOF > /etc/apt/sources.list.d/kalysto.org.list
 
 ## vlab's shell libraries
 deb https://deb.kalysto.org no-dist kal-alpha kal-beta kal-main
 
 EOF
-    if ! type gpg >/dev/null; then
-        apt-get install -y gnupg2 </dev/null
+
+    fi
+
+    if [ "$errlvl" -le 2 ]; then  ## no pub key
+
+        if ! type gpg >/dev/null; then
+            apt-get install -y gnupg2 </dev/null
+        fi
+
+        ## Include the GPG key
+        wget -O - https://deb.kalysto.org/conf/public-key.gpg | apt-key add -
+
+        ## Update only this repo:
+        if ! update_repos_from_source_file "kalysto.org.list"; then
+            echo "Error: Couldn't update repository information of kalysto deb repository" >&2
+            echo "  Despite having just added the GPG key." >&2
+            exit 1
+        fi
+    fi
+    if [ "$errlvl" == 127 ]; then
+        echo "Error: Couldn't update repository information of kalysto deb repository..." >&2
+        echo "  - check /etc/apt/source.list.d/kalysto.org.list content and" >&2
+        echo "  - check \`\`apt-get update\`\` output for errors." >&2
+        exit 1
     fi
-    ## Include the GPG key
-    wget -O - https://deb.kalysto.org/conf/public-key.gpg | apt-key add -
 
-    ## Update only this repo:
-    apt-get update -o Dir::Etc::sourcelist="sources.list.d/kalysto.org.list" \
-        -o Dir::Etc::sourceparts="-" -o APT::Get::List-Cleanup="0"
 fi
 
 apt-get install -y kal-scripts </dev/null