diff options
Diffstat (limited to 'packaging/release-sign-tarballs')
-rwxr-xr-x | packaging/release-sign-tarballs | 259 |
1 files changed, 259 insertions, 0 deletions
diff --git a/packaging/release-sign-tarballs b/packaging/release-sign-tarballs new file mode 100755 index 0000000..1731e15 --- /dev/null +++ b/packaging/release-sign-tarballs @@ -0,0 +1,259 @@ +#!/bin/bash + +SIGNER="bryce@bryceharrington.org" +VERSION="0.92" +PKG_NAME="inkscape" +LIST_TO="inkscape-announce@lists.sf.net" +LIST_CC="inkscape-devel@lists.sf.net" +VCS_SYSTEM="git" + +# Locate Dependencies +#------------------------------------------------------------------------------ + +MD5SUM=`which md5sum || which gmd5sum` +SHA1SUM=`which sha1sum || which gsha1sum` +SHA256SUM=`which sha256sum || which gsha256sum` + +# Choose which make program to use (could be gmake) +MAKE=${MAKE:="make"} + +# Set the default make tarball creation command +MAKE_DIST_CMD=distcheck + +# Choose which grep program to use (on Solaris, must be gnu grep) +if [ "x$GREP" = "x" ] ; then + if [ -x /usr/gnu/bin/grep ] ; then + GREP=/usr/gnu/bin/grep + else + GREP=grep + fi +fi + +# Find path for GnuPG v2 +if [ "x$GPG" = "x" ] ; then + if [ -x /usr/bin/gpg2 ] ; then + GPG=/usr/bin/gpg2 + else + GPG=gpg + fi +fi + +#------------------------------------------------------------------------------ + +usage() { + basename="`expr "//$0" : '.*/\([^/]*\)'`" + cat <<HELP + +Usage: $basename [options] path... + +Where "path" is a relative path to a ${VCS_SYSTEM} module, including '.'. + +Options: + (none) + +Environment variables: + MAKE: The name of the make command [make] + MAKEFLAGS: Options to pass to all \$(MAKE) invocations [] + +HELP +} + +#------------------------------------------------------------------------------ + +check_local_changes() { + lines=$(git diff | wc -l) + if [ $lines -gt 0 ]; then + echo "" + echo "Uncommitted changes found. Did you forget to commit? Aborting." + echo "" + echo "You can clone the module in another directory" + echo "and run ./configure. No need to build if testing was finished." + echo "" + return 1 + fi + + return 0 +} + +#------------------------------------------------------------------------------ +# Function: make_dist +# +# Create the package distribution +# Return 0 on success, 1 on fail +make_dist() { + if [ $VCS_SYSTEM = "git" ] && [ ! -d .git ]; then + echo "Error: There is no git repository here: $(pwd)" + return 1 + else + echo "Error: Unrecognized version control '$VCS_SYSTEM'." + return 1 + fi + + # Change to an out-of-source build directory + config_indicator=CMakeCache.txt + status_file=$(find . -name ${config_indicator} -type f) + if [ $? -ne 0 ]; then + echo "Error: Failed to locate ${config_indicator}." + echo "Has the module been configured?" + return 1 + fi + configNum=$(echo "$status_file" | wc -l | sed 's:^ *::') + if [ x"$configNum" = x0 ]; then + echo "Error: Failed to locate ${config_indicator}, has the module been configured?" + return 1 + elif [ x"$configNum" != x1 ]; then + echo "Error: More than one ${config_indicator} file was found." + echo "Please cleanup previously failed attempts at distcheck." + fi + + build_dir=$(dirname ${status_file}) + cd ${build_dir} + if [ $? -ne 0 ]; then + echo "Error: Failed to cd to build directory ${build_dir}." + return 1 + fi + + check_local_changes + if [ $? -ne 0 ]; then + cd ${top_src} + return 1 + fi + + echo "Info: running 'make $MAKE_DIST_CMD' to create tarballs:" + ${MAKE} ${MAKEFLAGS} ${MAKE_DIST_CMD} > /dev/null + if [ $? -ne 0 ]; then + echo "Error: '${MAKE} ${MAKEFLAGS} ${MAKE_DIST_CMD}' failed." + cd $top_src + return 1 + fi + + return 0 +} + +# Function: sign_or_fail +#------------------------------------------------------------------------------ +# +# Sign the given file, if any +# Output the name of the signature generated to stdout (all other output to +# stderr) +# Return 0 on success, 1 on fail +# +sign_or_fail() { + if [ -n "$1" ]; then + sig=$1.sig + rm -f $sig + + [ -n ${SIGNER} ] && signer="-u $SIGNER" + + echo "$GPG $signer --detach-sign $1" 1>&2 + $GPG $signer --detach-sign $1 1>&2 + if [ $? -ne 0 ]; then + echo "Error: failed to sign $1." >&2 + return 1 + fi + echo $sig + fi + return 0 +} + + +sign_packages() { + tar_name="$1" + targz="${tar_name}.tar.gz" + tarbz2="${tar_name}.tar.bz2" + tarxz="${tar_name}.tar.xz" + zip="${tar_name}.zip" + + for tarball in $targz $tarxz $tarbz2 $zip; do + if [ -e "${tarball}" ]; then + sig="$(sign_or_fail ${tarball})" + gpgsignerr=$((${gpgsignerr} + $?)) + sig_url="http://inkscape.org/.../$sig" + cat <<EOF +https://inkscape.org/en/download/source/ +MD5: `$MD5SUM $tarball` +SHA1: `$SHA1SUM $tarball` +SHA256: `$SHA256SUM $tarball` +$sig_url + +EOF + fi + done + + if [ ${gpgsignerr} -ne 0 ]; then + echo "Error: unable to sign at least one of the tarballs." + return 1 + elif [ -z "$siggz" ]; then + # The tar.gz is always required + echo "Error: Unable to sign the tar.gz file." + return 2 + fi + + return 0; +} + +generate_announce() { + cat <<RELEASE +Subject: [ANNOUNCE] $PKG_NAME $VERSION +To: $LIST_TO +Cc: $LIST_CC + +The Inkscape community proudly announces the release of Inkscape $VERSION. + + https://inkscape.org/en/download/ + +Inkscape is a drawing and painting tool similar to Illustrator, +CorelDraw, and Xara X, but with features, new tools, and interface style +of its own. It emphasizes the W3C standard Scalable Vector Graphics +(SVG) file format, but reads and writes a wealth of other formats +including PDF, so it is an easy complement to your other graphics and +desktop tools. Best of all, Inkscape is created *by* the community *for* +the community: Inkscape is 100% Open Source and freely available to +everyone in the world. + +<INSERT DETAILS ABOUT THE RELEASE HERE> + +The above barely scratches the surface of what's included in this +release. For the full scoop, please see our detailed Release Notes: + + http://wiki.inkscape.org/wiki/index.php/Release_notes/$VERSION + +RELEASE +} + +process() { + top_src=$(pwd) + + tar_name=$(make_dist) + generate_announce > "${tar_name}.announce" + + # TODO: Once converted to git, enable display of shortlog + #tag_previous=`git describe --abbrev=0 HEAD^ 2>/dev/null` + #tag_range="FIXME..FIXME" + #`git log --no-merges "$tag_range" | git shortlog` + echo "${VCS_SYSTEM} tag: $tar_name" >> ${tar_name}.announce + + sign_packages ${tar_name} >> "${tar_name}.announce" + if [ $? -ne 0 ]; then + rm "${tar_name}.announce" + echo "Error: Failed signatures" + return 1 + fi + + # TODO: Verify the top commit SHA has a version bump + # local_top_commit_sha=`git rev-list --max-count=1 HEAD` + # git diff --unified=0 HEAD^ | $GREP -F $pkg_version >/dev/null 2>&1 + # TODO: Check that the top commit is pushed to remote + # git rev-list --max-count=1 $remote_name/$remote_branch + + echo "TODO: Tag the top commit as $tar_name" + echo "TODO: Upload the tarballs to the remote" + echo "TODO: Push all local changes and tags to remote" + + echo "Info: [ANNOUNCE] template generated in \"$tar_name.announce\" file." + echo " Please pgp sign and send it." + + return 0 +} + +process |