summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorTobias Markmann <tm@ayena.de>2016-08-15 13:30:56 (GMT)
committerKevin Smith <kevin.smith@isode.com>2016-08-17 20:07:52 (GMT)
commit55a977f2a4dcda32f01dab3bb673d808e9d3f3c6 (patch)
treece6265f3c4176c305c8386c098e9faadba782edf /Swift/Packaging
parent91ef1f6e92149aafd48b39a5090cda3872dd39e5 (diff)
downloadswift-55a977f2a4dcda32f01dab3bb673d808e9d3f3c6.zip
swift-55a977f2a4dcda32f01dab3bb673d808e9d3f3c6.tar.bz2
Optionally create GPG signature for generated tarball
If the gpg tool is found in the PATH and a key exists for Swift's signing identity, package.sh will generated a GPG signature (.asc) file alongside the tarball. Test-Information: Created a new GPG key with Swift's signing identity, ran package.sh script and correctly verified the generated signature with GPG. Tested both with and without --nosign flag. Tested on Debian 8.5 with GPG 1.4.18. Change-Id: I7e6c8b6a7c900b68e53ece97a59eba33a2de565d
Diffstat (limited to 'Swift/Packaging')
-rwxr-xr-xSwift/Packaging/Source/package.sh21
1 files changed, 21 insertions, 0 deletions
diff --git a/Swift/Packaging/Source/package.sh b/Swift/Packaging/Source/package.sh
index 16a9a1f..3872b35 100755
--- a/Swift/Packaging/Source/package.sh
+++ b/Swift/Packaging/Source/package.sh
@@ -3,9 +3,13 @@
## For a Swiften-only tarball, try
## EXCLUDE_FOLDERS="Swift Sluift Limber Slimber" ./package.sh
+## This script will require GPG and a suitable signing key by default.
+## To disable tarball signature generation, pass the --nosign parameter to package.sh.
+
export PYTHONPATH=../../../BuildTools/SCons
VERSION=`../../../BuildTools/GetBuildVersion.py swift`
DIRNAME=swift-$VERSION
+FIRST_ARGUMENT=$1
if [ -z "$VERSION" ]; then
echo "Unable to determine version"
@@ -40,3 +44,20 @@ done
echo "Creating tarball ..."
$TAR -czf $DIRNAME.tar.gz --owner=swift --group=swift $DIRNAME
+
+if [ "$FIRST_ARGUMENT" != "--nosign" ]; then
+ echo "Creating armored GPG signature ..."
+ which gpg
+ if [ $? -eq 0 ]; then
+ gpg --list-keys packages@swift.im
+ if [ $? -eq 0 ]; then
+ gpg --armor --default-key packages@swift.im --detach-sign $DIRNAME.tar.gz
+ else
+ echo "Key for packages@swift.im missing. Not signing tar archive."
+ exit 1
+ fi
+ else
+ echo "GPG not found. Not signing tar archive."
+ exit 1
+ fi
+fi \ No newline at end of file