diff options
author | Tobias Markmann <tm@ayena.de> | 2016-08-15 13:30:56 (GMT) |
---|---|---|
committer | Kevin Smith <kevin.smith@isode.com> | 2016-08-17 20:07:52 (GMT) |
commit | 55a977f2a4dcda32f01dab3bb673d808e9d3f3c6 (patch) | |
tree | ce6265f3c4176c305c8386c098e9faadba782edf /Swift | |
parent | 91ef1f6e92149aafd48b39a5090cda3872dd39e5 (diff) | |
download | swift-55a977f2a4dcda32f01dab3bb673d808e9d3f3c6.zip swift-55a977f2a4dcda32f01dab3bb673d808e9d3f3c6.tar.bz2 |
Optionally create GPG signature for generated tarball
If the gpg tool is found in the PATH and a key exists for
Swift's signing identity, package.sh will generated a GPG
signature (.asc) file alongside the tarball.
Test-Information:
Created a new GPG key with Swift's signing identity,
ran package.sh script and correctly verified the generated
signature with GPG.
Tested both with and without --nosign flag.
Tested on Debian 8.5 with GPG 1.4.18.
Change-Id: I7e6c8b6a7c900b68e53ece97a59eba33a2de565d
Diffstat (limited to 'Swift')
-rwxr-xr-x | Swift/Packaging/Source/package.sh | 21 |
1 files changed, 21 insertions, 0 deletions
diff --git a/Swift/Packaging/Source/package.sh b/Swift/Packaging/Source/package.sh index 16a9a1f..3872b35 100755 --- a/Swift/Packaging/Source/package.sh +++ b/Swift/Packaging/Source/package.sh @@ -3,9 +3,13 @@ ## For a Swiften-only tarball, try ## EXCLUDE_FOLDERS="Swift Sluift Limber Slimber" ./package.sh +## This script will require GPG and a suitable signing key by default. +## To disable tarball signature generation, pass the --nosign parameter to package.sh. + export PYTHONPATH=../../../BuildTools/SCons VERSION=`../../../BuildTools/GetBuildVersion.py swift` DIRNAME=swift-$VERSION +FIRST_ARGUMENT=$1 if [ -z "$VERSION" ]; then echo "Unable to determine version" @@ -40,3 +44,20 @@ done echo "Creating tarball ..." $TAR -czf $DIRNAME.tar.gz --owner=swift --group=swift $DIRNAME + +if [ "$FIRST_ARGUMENT" != "--nosign" ]; then + echo "Creating armored GPG signature ..." + which gpg + if [ $? -eq 0 ]; then + gpg --list-keys packages@swift.im + if [ $? -eq 0 ]; then + gpg --armor --default-key packages@swift.im --detach-sign $DIRNAME.tar.gz + else + echo "Key for packages@swift.im missing. Not signing tar archive." + exit 1 + fi + else + echo "GPG not found. Not signing tar archive." + exit 1 + fi +fi
\ No newline at end of file |