[X2Go-Commits] [buildscripts] 03/03: bin/build-rpm-package: use ${GPG_KEY} or ${GPG_KEY_EPEL5} to sign packages and RPM repo data.
git-admin at x2go.org
git-admin at x2go.org
Thu Jul 2 02:58:22 CEST 2015
This is an automated email from the git hooks/post-receive script.
x2go pushed a commit to branch master
in repository buildscripts.
commit e6f76455ac92c08197f6d50e0dee989ff548a0d1
Author: Mihai Moldovan <ionic at ionic.de>
Date: Thu Jul 2 02:55:41 2015 +0200
bin/build-rpm-package: use ${GPG_KEY} or ${GPG_KEY_EPEL5} to sign packages and RPM repo data.
---
bin/build-rpm-package | 30 ++++++++++++++++--------------
1 file changed, 16 insertions(+), 14 deletions(-)
diff --git a/bin/build-rpm-package b/bin/build-rpm-package
index 0fdea9a..8af6d23 100755
--- a/bin/build-rpm-package
+++ b/bin/build-rpm-package
@@ -692,7 +692,7 @@ build_packages() {
find "/var/cache/obs-build/${l_DIST}/${l_CODENAME}/x86_64/${BUILD_RESULT}/RPMS/" -type f \( -iname '*.rpm' -and -not -iname '*.src.rpm' \) -print0 | while read -r -d '' rpmfile; do
cp "${rpmfile}" "${PKGDIST}/${l_DIST}/${l_CODENAME}/x86_64/"
done
- rpmsign-unattended -D "%_gpg_name debian at x2go.org" --addsign "${PKGDIST}/${l_DIST}/${l_CODENAME}/x86_64/"*.rpm
+ rpmsign-unattended -D "%_gpg_name ${GPG_KEY}" --addsign "${PKGDIST}/${l_DIST}/${l_CODENAME}/x86_64/"*.rpm
# also copy and sign source RPM's
# For information on why this weird -print0 | read -r -d '' construction works,
@@ -700,7 +700,7 @@ build_packages() {
find "/var/cache/obs-build/${l_DIST}/${l_CODENAME}/x86_64/${BUILD_RESULT}/SRPMS/" -type f -iname '*.rpm' -print0 | while read -r -d '' rpmfile; do
cp "${rpmfile}" "$PKGDIST/${l_DIST}/${l_CODENAME}/SRPM/"
done
- rpmsign-unattended -D "%_gpg_name debian at x2go.org" --addsign "${PKGDIST}/${l_DIST}/${l_CODENAME}/SRPM/"*.rpm
+ rpmsign-unattended -D "%_gpg_name ${GPG_KEY}" --addsign "${PKGDIST}/${l_DIST}/${l_CODENAME}/SRPM/"*.rpm
else
exit 1
fi
@@ -729,11 +729,11 @@ build_packages() {
# /usr/lib/rpm/macros
# http://adminotes.blogspot.fr/2011/12/centos-6-rpm-sign-problem-v4-signatures.html
RPMMACRO_V3SIGN="%__gpg_sign_cmd %{__gpg} /usr/bin/gpg --force-v3-sigs --digest-algo=sha1 --batch --no-verbose --no-armor --passphrase-fd 3 --no-secmem-warning -u \"%{_gpg_name}\" -sbo %{__signature_filename} %{__plaintext_filename}"
- rpmsign-unattended -D "%_gpg_name debian at x2go.org" -D "${RPMMACRO_V3SIGN}" --addsign "${PKGDIST}/${l_DIST}/${l_CODENAME}/x86_64/"*.rpm
- rpmsign-unattended -D "%_gpg_name debian at x2go.org" -D "${RPMMACRO_V3SIGN}" --addsign "${PKGDIST}/${l_DIST}/${l_CODENAME}/SRPM/"*.rpm
+ rpmsign-unattended -D "%_gpg_name ${GPG_KEY_EPEL5}" -D "${RPMMACRO_V3SIGN}" --addsign "${PKGDIST}/${l_DIST}/${l_CODENAME}/x86_64/"*.rpm
+ rpmsign-unattended -D "%_gpg_name ${GPG_KEY_EPEL5}" -D "${RPMMACRO_V3SIGN}" --addsign "${PKGDIST}/${l_DIST}/${l_CODENAME}/SRPM/"*.rpm
else
- rpmsign-unattended -D "%_gpg_name debian at x2go.org" --addsign "${PKGDIST}/${l_DIST}/${l_CODENAME}/x86_64/"*.rpm
- rpmsign-unattended -D "%_gpg_name debian at x2go.org" --addsign "${PKGDIST}/${l_DIST}/${l_CODENAME}/SRPM/"*.rpm
+ rpmsign-unattended -D "%_gpg_name ${GPG_KEY}" --addsign "${PKGDIST}/${l_DIST}/${l_CODENAME}/x86_64/"*.rpm
+ rpmsign-unattended -D "%_gpg_name ${GPG_KEY}" --addsign "${PKGDIST}/${l_DIST}/${l_CODENAME}/SRPM/"*.rpm
fi
cat "${PKGDIST}/${l_DIST}/${l_CODENAME}/x86_64/build.log"
else
@@ -775,7 +775,7 @@ build_packages() {
find "/var/cache/obs-build/${l_DIST}/${l_CODENAME}/i386/${BUILD_RESULT}/RPMS/" -type 'f' \( -iname '*.rpm' -and -not -iname '*.src.rpm' \) -print0 | while read -r -d '' rpmfile; do
cp "${rpmfile}" "${PKGDIST}/${l_DIST}/${l_CODENAME}/i386/"
done
- rpmsign-unattended -D "%_gpg_name debian at x2go.org" --addsign "${PKGDIST}/${l_DIST}/${l_CODENAME}/i386/"*.rpm
+ rpmsign-unattended -D "%_gpg_name ${GPG_KEY}" --addsign "${PKGDIST}/${l_DIST}/${l_CODENAME}/i386/"*.rpm
# copy and later sign source RPM's, if needed (that is, not already generated by x86_64/noarch code above)
SEARCH_SRPM="$(find "${PKGDIST}/${l_DIST}/${l_CODENAME}/SRPM" -type 'f' -iname "*.src.rpm" -print)"
@@ -785,7 +785,7 @@ build_packages() {
find "/var/cache/obs-build/${l_DIST}/${l_CODENAME}/i386/${BUILD_RESULT}/SRPMS/" -type 'f' -iname '*.src.rpm' -print0 | while read -r -d '' rpmfile; do
cp "${rpmfile}" "${PKGDIST}/${l_DIST}/${l_CODENAME}/SRPM/"
done
- rpmsign-unattended -D "%_gpg_name debian at x2go.org" --addsign "${PKGDIST}/${l_DIST}/${l_CODENAME}/SRPM/"*.rpm
+ rpmsign-unattended -D "%_gpg_name ${GPG_KEY}" --addsign "${PKGDIST}/${l_DIST}/${l_CODENAME}/SRPM/"*.rpm
fi
else
exit 1
@@ -816,11 +816,11 @@ build_packages() {
if [ "${l_DIST}" = "epel" ] && [ "${l_CODENAME}" = "5" ]; then
RPMMACRO_V3SIGN="%__gpg_sign_cmd /usr/bin/gpg --force-v3-sigs --digest-algo=sha1 --batch --no-verbose --no-armor --passphrase-fd 3 --no-secmem-warning -u \"%_gpg_name\" -sbo %{__signature_filename} %{__plaintext_filename}"
- rpmsign-unattended -D "%_gpg_name debian at x2go.org" -D "${RPMMACRO_V3SIGN}" --addsign "${PKGDIST}/${l_DIST}/${l_CODENAME}/i386/"*.rpm
- [ "x${SIGN_SRPM}" = "x1" ] && rpmsign-unattended -D "%_gpg_name debian at x2go.org" -D "${RPMMACRO_V3SIGN}" --addsign "${PKGDIST}/${l_DIST}/${l_CODENAME}/SRPM/"*.rpm
+ rpmsign-unattended -D "%_gpg_name ${GPG_KEY_EPEL5}" -D "${RPMMACRO_V3SIGN}" --addsign "${PKGDIST}/${l_DIST}/${l_CODENAME}/i386/"*.rpm
+ [ "x${SIGN_SRPM}" = "x1" ] && rpmsign-unattended -D "%_gpg_name ${GPG_KEY_EPEL5}" -D "${RPMMACRO_V3SIGN}" --addsign "${PKGDIST}/${l_DIST}/${l_CODENAME}/SRPM/"*.rpm
else
- rpmsign-unattended -D "%_gpg_name debian at x2go.org" --addsign "${PKGDIST}/${l_DIST}/${l_CODENAME}/i386/"*.rpm
- [ "x$SIGN_SRPM" = "x1" ] && rpmsign-unattended -D "%_gpg_name debian at x2go.org" --addsign "${PKGDIST}/${l_DIST}/${l_CODENAME}/i386/"*.rpm
+ rpmsign-unattended -D "%_gpg_name ${GPG_KEY}" --addsign "${PKGDIST}/${l_DIST}/${l_CODENAME}/i386/"*.rpm
+ [ "x$SIGN_SRPM" = "x1" ] && rpmsign-unattended -D "%_gpg_name ${GPG_KEY}" --addsign "${PKGDIST}/${l_DIST}/${l_CODENAME}/i386/"*.rpm
fi
cat "${PKGDIST}/${l_DIST}/${l_CODENAME}/i386/build.log"
else
@@ -871,13 +871,15 @@ upload_packages() {
scp *.rpm "${REPOS_SERVER}:${RPM_REPOS_BASE}/${l_DIST}/${l_CODENAME}/${COMPONENT}/${l_ARCH}/rpms/${PROJECT}/" || true
CREATEREPO_OPTS=""
+ typeset gpg_sign_with="${GPG_KEY}"
if [ "${l_DIST}" = "epel" ] && [ "${l_CODENAME}" = "5" ]; then
CREATEREPO_OPTS="-s sha"
+ gpg_sign_with="${GPG_KEY_EPEL5}"
fi
0</dev/null ssh "${REPOS_SERVER}" "cd ${RPM_REPOS_BASE}/${l_DIST}/${l_CODENAME}/${COMPONENT}/${l_ARCH}/ && createrepo ${CREATEREPO_OPTS} ."
- 0</dev/null ssh "${REPOS_SERVER}" "cd ${RPM_REPOS_BASE}/${l_DIST}/${l_CODENAME}/${COMPONENT}/${l_ARCH}/repodata && rm -f -- repomd.xml.asc && gpg -a -u ${GPG_KEY} --detach-sign repomd.xml" 1>/dev/null 2>/dev/null
- 0</dev/null ssh "${REPOS_SERVER}" "cd ${RPM_REPOS_BASE}/${l_DIST}/${l_CODENAME}/${COMPONENT}/${l_ARCH}/repodata && test -e repomd.xml.key || gpg -a --output repomd.xml.key --export ${GPG_KEY}"
+ 0</dev/null ssh "${REPOS_SERVER}" "cd ${RPM_REPOS_BASE}/${l_DIST}/${l_CODENAME}/${COMPONENT}/${l_ARCH}/repodata && rm -f -- repomd.xml.asc && gpg -a -u ${gpg_sign_with} --detach-sign repomd.xml" 1>/dev/null 2>/dev/null
+ 0</dev/null ssh "${REPOS_SERVER}" "cd ${RPM_REPOS_BASE}/${l_DIST}/${l_CODENAME}/${COMPONENT}/${l_ARCH}/repodata && test -e repomd.xml.key || gpg -a --output repomd.xml.key --export ${gpg_sign_with}"
fi
done
done
--
Alioth's /srv/git/code.x2go.org/buildscripts.git//..//_hooks_/post-receive-email on /srv/git/code.x2go.org/buildscripts.git
More information about the x2go-commits
mailing list