summaryrefslogtreecommitdiffstats
path: root/packaging/release-sign-tarballs
diff options
context:
space:
mode:
Diffstat (limited to '')
-rwxr-xr-xpackaging/release-sign-tarballs259
1 files changed, 259 insertions, 0 deletions
diff --git a/packaging/release-sign-tarballs b/packaging/release-sign-tarballs
new file mode 100755
index 0000000..1731e15
--- /dev/null
+++ b/packaging/release-sign-tarballs
@@ -0,0 +1,259 @@
+#!/bin/bash
+
+SIGNER="bryce@bryceharrington.org"
+VERSION="0.92"
+PKG_NAME="inkscape"
+LIST_TO="inkscape-announce@lists.sf.net"
+LIST_CC="inkscape-devel@lists.sf.net"
+VCS_SYSTEM="git"
+
+# Locate Dependencies
+#------------------------------------------------------------------------------
+
+MD5SUM=`which md5sum || which gmd5sum`
+SHA1SUM=`which sha1sum || which gsha1sum`
+SHA256SUM=`which sha256sum || which gsha256sum`
+
+# Choose which make program to use (could be gmake)
+MAKE=${MAKE:="make"}
+
+# Set the default make tarball creation command
+MAKE_DIST_CMD=distcheck
+
+# Choose which grep program to use (on Solaris, must be gnu grep)
+if [ "x$GREP" = "x" ] ; then
+ if [ -x /usr/gnu/bin/grep ] ; then
+ GREP=/usr/gnu/bin/grep
+ else
+ GREP=grep
+ fi
+fi
+
+# Find path for GnuPG v2
+if [ "x$GPG" = "x" ] ; then
+ if [ -x /usr/bin/gpg2 ] ; then
+ GPG=/usr/bin/gpg2
+ else
+ GPG=gpg
+ fi
+fi
+
+#------------------------------------------------------------------------------
+
+usage() {
+ basename="`expr "//$0" : '.*/\([^/]*\)'`"
+ cat <<HELP
+
+Usage: $basename [options] path...
+
+Where "path" is a relative path to a ${VCS_SYSTEM} module, including '.'.
+
+Options:
+ (none)
+
+Environment variables:
+ MAKE: The name of the make command [make]
+ MAKEFLAGS: Options to pass to all \$(MAKE) invocations []
+
+HELP
+}
+
+#------------------------------------------------------------------------------
+
+check_local_changes() {
+ lines=$(git diff | wc -l)
+ if [ $lines -gt 0 ]; then
+ echo ""
+ echo "Uncommitted changes found. Did you forget to commit? Aborting."
+ echo ""
+ echo "You can clone the module in another directory"
+ echo "and run ./configure. No need to build if testing was finished."
+ echo ""
+ return 1
+ fi
+
+ return 0
+}
+
+#------------------------------------------------------------------------------
+# Function: make_dist
+#
+# Create the package distribution
+# Return 0 on success, 1 on fail
+make_dist() {
+ if [ $VCS_SYSTEM = "git" ] && [ ! -d .git ]; then
+ echo "Error: There is no git repository here: $(pwd)"
+ return 1
+ else
+ echo "Error: Unrecognized version control '$VCS_SYSTEM'."
+ return 1
+ fi
+
+ # Change to an out-of-source build directory
+ config_indicator=CMakeCache.txt
+ status_file=$(find . -name ${config_indicator} -type f)
+ if [ $? -ne 0 ]; then
+ echo "Error: Failed to locate ${config_indicator}."
+ echo "Has the module been configured?"
+ return 1
+ fi
+ configNum=$(echo "$status_file" | wc -l | sed 's:^ *::')
+ if [ x"$configNum" = x0 ]; then
+ echo "Error: Failed to locate ${config_indicator}, has the module been configured?"
+ return 1
+ elif [ x"$configNum" != x1 ]; then
+ echo "Error: More than one ${config_indicator} file was found."
+ echo "Please cleanup previously failed attempts at distcheck."
+ fi
+
+ build_dir=$(dirname ${status_file})
+ cd ${build_dir}
+ if [ $? -ne 0 ]; then
+ echo "Error: Failed to cd to build directory ${build_dir}."
+ return 1
+ fi
+
+ check_local_changes
+ if [ $? -ne 0 ]; then
+ cd ${top_src}
+ return 1
+ fi
+
+ echo "Info: running 'make $MAKE_DIST_CMD' to create tarballs:"
+ ${MAKE} ${MAKEFLAGS} ${MAKE_DIST_CMD} > /dev/null
+ if [ $? -ne 0 ]; then
+ echo "Error: '${MAKE} ${MAKEFLAGS} ${MAKE_DIST_CMD}' failed."
+ cd $top_src
+ return 1
+ fi
+
+ return 0
+}
+
+# Function: sign_or_fail
+#------------------------------------------------------------------------------
+#
+# Sign the given file, if any
+# Output the name of the signature generated to stdout (all other output to
+# stderr)
+# Return 0 on success, 1 on fail
+#
+sign_or_fail() {
+ if [ -n "$1" ]; then
+ sig=$1.sig
+ rm -f $sig
+
+ [ -n ${SIGNER} ] && signer="-u $SIGNER"
+
+ echo "$GPG $signer --detach-sign $1" 1>&2
+ $GPG $signer --detach-sign $1 1>&2
+ if [ $? -ne 0 ]; then
+ echo "Error: failed to sign $1." >&2
+ return 1
+ fi
+ echo $sig
+ fi
+ return 0
+}
+
+
+sign_packages() {
+ tar_name="$1"
+ targz="${tar_name}.tar.gz"
+ tarbz2="${tar_name}.tar.bz2"
+ tarxz="${tar_name}.tar.xz"
+ zip="${tar_name}.zip"
+
+ for tarball in $targz $tarxz $tarbz2 $zip; do
+ if [ -e "${tarball}" ]; then
+ sig="$(sign_or_fail ${tarball})"
+ gpgsignerr=$((${gpgsignerr} + $?))
+ sig_url="http://inkscape.org/.../$sig"
+ cat <<EOF
+https://inkscape.org/en/download/source/
+MD5: `$MD5SUM $tarball`
+SHA1: `$SHA1SUM $tarball`
+SHA256: `$SHA256SUM $tarball`
+$sig_url
+
+EOF
+ fi
+ done
+
+ if [ ${gpgsignerr} -ne 0 ]; then
+ echo "Error: unable to sign at least one of the tarballs."
+ return 1
+ elif [ -z "$siggz" ]; then
+ # The tar.gz is always required
+ echo "Error: Unable to sign the tar.gz file."
+ return 2
+ fi
+
+ return 0;
+}
+
+generate_announce() {
+ cat <<RELEASE
+Subject: [ANNOUNCE] $PKG_NAME $VERSION
+To: $LIST_TO
+Cc: $LIST_CC
+
+The Inkscape community proudly announces the release of Inkscape $VERSION.
+
+ https://inkscape.org/en/download/
+
+Inkscape is a drawing and painting tool similar to Illustrator,
+CorelDraw, and Xara X, but with features, new tools, and interface style
+of its own. It emphasizes the W3C standard Scalable Vector Graphics
+(SVG) file format, but reads and writes a wealth of other formats
+including PDF, so it is an easy complement to your other graphics and
+desktop tools. Best of all, Inkscape is created *by* the community *for*
+the community: Inkscape is 100% Open Source and freely available to
+everyone in the world.
+
+<INSERT DETAILS ABOUT THE RELEASE HERE>
+
+The above barely scratches the surface of what's included in this
+release. For the full scoop, please see our detailed Release Notes:
+
+ http://wiki.inkscape.org/wiki/index.php/Release_notes/$VERSION
+
+RELEASE
+}
+
+process() {
+ top_src=$(pwd)
+
+ tar_name=$(make_dist)
+ generate_announce > "${tar_name}.announce"
+
+ # TODO: Once converted to git, enable display of shortlog
+ #tag_previous=`git describe --abbrev=0 HEAD^ 2>/dev/null`
+ #tag_range="FIXME..FIXME"
+ #`git log --no-merges "$tag_range" | git shortlog`
+ echo "${VCS_SYSTEM} tag: $tar_name" >> ${tar_name}.announce
+
+ sign_packages ${tar_name} >> "${tar_name}.announce"
+ if [ $? -ne 0 ]; then
+ rm "${tar_name}.announce"
+ echo "Error: Failed signatures"
+ return 1
+ fi
+
+ # TODO: Verify the top commit SHA has a version bump
+ # local_top_commit_sha=`git rev-list --max-count=1 HEAD`
+ # git diff --unified=0 HEAD^ | $GREP -F $pkg_version >/dev/null 2>&1
+ # TODO: Check that the top commit is pushed to remote
+ # git rev-list --max-count=1 $remote_name/$remote_branch
+
+ echo "TODO: Tag the top commit as $tar_name"
+ echo "TODO: Upload the tarballs to the remote"
+ echo "TODO: Push all local changes and tags to remote"
+
+ echo "Info: [ANNOUNCE] template generated in \"$tar_name.announce\" file."
+ echo " Please pgp sign and send it."
+
+ return 0
+}
+
+process