github.com/tych0/umoci@v0.4.2/hack/release.sh (about) 1 #!/bin/bash 2 # Copyright (C) 2017, 2018 SUSE LLC. 3 # 4 # Licensed under the Apache License, Version 2.0 (the "License"); 5 # you may not use this file except in compliance with the License. 6 # You may obtain a copy of the License at 7 # 8 # http://www.apache.org/licenses/LICENSE-2.0 9 # 10 # Unless required by applicable law or agreed to in writing, software 11 # distributed under the License is distributed on an "AS IS" BASIS, 12 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 # See the License for the specific language governing permissions and 14 # limitations under the License. 15 16 set -e 17 18 ## ---> 19 # Project-specific options and functions. In *theory* you shouldn't need to 20 # touch anything else in this script in order to use this elsewhere. 21 project="umoci" 22 root="$(readlink -f "$(dirname "${BASH_SOURCE}")/..")" 23 24 # This function takes an output path as an argument, where the built 25 # (preferably static) binary should be placed. 26 function build_project() { 27 builddir="$(dirname "$1")" 28 29 make -C "$root" BUILD_DIR="$builddir" COMMIT_NO= "$project.static" 30 mv "$builddir/$project.static" "$1" 31 } 32 33 # End of the easy-to-configure portion. 34 ## <--- 35 36 # Print usage information. 37 function usage() { 38 echo "usage: release.sh [-S <gpg-key-id>] [-c <commit-ish>] [-r <release-dir>] [-v <version>]" >&2 39 exit 1 40 } 41 42 # Log something to stderr. 43 function log() { 44 echo "[*] $*" >&2 45 } 46 47 # Log something to stderr and then exit with 0. 48 function bail() { 49 log "$@" 50 exit 0 51 } 52 53 # Conduct a sanity-check to make sure that GPG provided with the given 54 # arguments can sign something. Inability to sign things is not a fatal error. 55 function gpg_cansign() { 56 gpg "$@" --clear-sign </dev/null >/dev/null 57 } 58 59 # When creating releases we need to build static binaries, an archive of the 60 # current commit, and generate detached signatures for both. 61 keyid="" 62 commit="HEAD" 63 version="" 64 releasedir="" 65 hashcmd="" 66 while getopts "S:c:r:v:h:" opt; do 67 case "$opt" in 68 S) 69 keyid="$OPTARG" 70 ;; 71 c) 72 commit="$OPTARG" 73 ;; 74 r) 75 releasedir="$OPTARG" 76 ;; 77 v) 78 version="$OPTARG" 79 ;; 80 h) 81 hashcmd="$OPTARG" 82 ;; 83 \:) 84 echo "Missing argument: -$OPTARG" >&2 85 usage 86 ;; 87 \?) 88 echo "Invalid option: -$OPTARG" >&2 89 usage 90 ;; 91 esac 92 done 93 94 version="${version:-$(<"$root/VERSION")}" 95 releasedir="${releasedir:-release/$version}" 96 hashcmd="${hashcmd:-sha256sum}" 97 goarch="$(go env GOARCH || echo "amd64")" 98 99 log "creating $project release in '$releasedir'" 100 log " version: $version" 101 log " commit: $commit" 102 log " key: ${keyid:-DEFAULT}" 103 log " hash: $hashcmd" 104 105 # Make explicit what we're doing. 106 set -x 107 108 # Make the release directory. 109 rm -rf "$releasedir" && mkdir -p "$releasedir" 110 111 # Build project. 112 build_project "$releasedir/$project.$goarch" 113 114 # Generate new archive. 115 git archive --format=tar --prefix="$project-$version/" "$commit" | xz > "$releasedir/$project.tar.xz" 116 117 # Generate sha256 checksums for both. 118 ( cd "$releasedir" ; "$hashcmd" "$project".{"$goarch",tar.xz} > "$project.$hashcmd" ; ) 119 120 # Set up the gpgflags. 121 [[ "$keyid" ]] && export gpgflags="--default-key $keyid" 122 gpg_cansign $gpgflags || bail "Could not find suitable GPG key, skipping signing step." 123 124 # Sign everything. 125 gpg $gpgflags --detach-sign --armor "$releasedir/$project.$goarch" 126 gpg $gpgflags --detach-sign --armor "$releasedir/$project.tar.xz" 127 gpg $gpgflags --clear-sign --armor \ 128 --output "$releasedir/$project.$hashcmd"{.tmp,} && \ 129 mv "$releasedir/$project.$hashcmd"{.tmp,}