[PATCH util/modular] Add gpg signing to release.sh

Peter Hutterer peter.hutterer at who-t.net
Wed Jun 4 17:05:15 PDT 2014


On Sun, Jun 01, 2014 at 03:13:13PM +0200, Stephen Kitt wrote:
> From 7d967b5ec2122a3f85730587be6d8a424fac9cdc Mon Sep 17 00:00:00 2001
> From: Stephen Kitt <skitt at debian.org>
> Date: Sun, 1 Jun 2014 14:46:01 +0200
> Subject: [PATCH util/modular] Add gpg signing to release.sh
> 
> gpg-sign the git tag and the generated tarballs, and upload the signatures
> along with the tarballs. Any existing tarball signatures are removed
> beforehand.
> 
> Signed-off-by: Stephen Kitt <skitt at debian.org>
> 
> Modified by Alan Coopersmith to handle gpg vs. gpg2 paths for Solaris.
> 
> Signed-off-by: Alan Coopersmith <alan.coopersmith at oracle.com>

> ---
>  release.sh | 16 ++++++++++++++--
>  1 file changed, 14 insertions(+), 2 deletions(-)
> 
> diff --git a/release.sh b/release.sh
> index a4a725d..a2879ad 100755
> --- a/release.sh
> +++ b/release.sh
> @@ -299,6 +299,10 @@ process_module() {
>  	return 1
>      fi
>  
> +    [ -n "$targz" ] && rm -f ${targz}.sig && $GPG -b $targz && siggz=${targz}.sig || true
> +    [ -n "$tarbz2" ] && rm -f ${tarbz2}.sig && $GPG -b $tarbz2 && sigbz2=${tarbz2}.sig || true
> +    [ -n "$tarxz" ] && rm -f ${tarxz}.sig && $GPG -b $tarxz && sigxz=${tarxz}.sig || true

shouldn't we fail here if creating the detached sig fails?

Cheers,
   Peter

> +
>      # Obtain the top commit SHA which should be the version bump
>      # It should not have been tagged yet (the script will do it later)
>      local_top_commit_sha=`git  rev-list --max-count=1 HEAD`
> @@ -354,7 +358,7 @@ process_module() {
>      else
>  	# Tag the top commit with the tar name
>  	if [ x"$DRY_RUN" = x ]; then
> -	    git tag -m $tar_name $tar_name
> +	    git tag -s -m $tar_name $tar_name
>  	    if [ $? -ne 0 ]; then
>  		echo "Error:  unable to tag module with \"$tar_name\"."
>  		cd $top_src
> @@ -501,7 +505,7 @@ process_module() {
>      # Upload to host using the 'scp' remote file copy program
>      if [ x"$DRY_RUN" = x ]; then
>  	echo "Info: uploading tarballs to web server:"
> -	scp $targz $tarbz2 $tarxz $USER_NAME$hostname:$srv_path
> +	scp $targz $tarbz2 $tarxz $siggz $sigbz2 $sigxz $USER_NAME$hostname:$srv_path
>  	if [ $? -ne 0 ]; then
>  	    echo "Error: the tarballs uploading failed."
>  	    cd $top_src
> @@ -627,6 +631,14 @@ if [ "x$GREP" = "x" ] ; then
>      fi
>  fi
>  
> +# Find path for GnuPG v2
> +if [ "x$GPG" = "x" ] ; then
> +    if [ -x /usr/bin/gpg2 ] ; then
> +	GPG=/usr/bin/gpg2
> +    else
> +	GPG=gpg
> +    fi
> +fi
>  
>  # Set the default make tarball creation command
>  MAKE_DIST_CMD=distcheck
> -- 
> 2.0.0.rc2


More information about the xorg-devel mailing list