diff options
| author | Eli Schwartz <eschwartz@archlinux.org> | 2018-06-05 12:48:53 -0400 |
|---|---|---|
| committer | Denys Vlasenko <vda.linux@googlemail.com> | 2018-06-09 21:19:35 +0200 |
| commit | 6fb8bd795c3f40735ced3f51b8082f91956fd786 (patch) | |
| tree | 286c4c09d7507ca141dde2acd24415ec986eb658 /scripts | |
| parent | 43b17b1cd0dd3eac740e4770be77db2c9010ad04 (diff) | |
| download | busybox-6fb8bd795c3f40735ced3f51b8082f91956fd786.tar.gz | |
Update release script to generate detached signatures and checksum files
This is more usable for programmatically checking the validity of a
release.
Signed-off-by: Eli Schwartz <eschwartz@archlinux.org>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
Diffstat (limited to 'scripts')
| -rwxr-xr-x | scripts/bb_release | 22 |
1 files changed, 5 insertions, 17 deletions
diff --git a/scripts/bb_release b/scripts/bb_release index 8aa380438..2e146bf84 100755 --- a/scripts/bb_release +++ b/scripts/bb_release @@ -15,20 +15,8 @@ VERSION=`ls busybox-*.tar.gz | sed 's/busybox-\(.*\)\.tar\.gz/\1/'` zcat busybox-$VERSION.tar.gz | bzip2 > busybox-$VERSION.tar.bz2 -test -f busybox-$VERSION.tar.gz || { echo "no busybox-$VERSION.tar.gz"; exit 1; } -test -f busybox-$VERSION.tar.bz2 || { echo "no busybox-$VERSION.tar.bz2"; exit 1; } - -signit() -{ -echo "$1 released `date -r $1 -R` - -MD5: `md5sum $1` -SHA1: `sha1sum $1` - -To verify this signature, you can obtain my public key -from http://busybox.net/~vda/vda_pubkey.gpg -" | gpg --clearsign > "$1.sign" -} - -signit busybox-$VERSION.tar.gz -signit busybox-$VERSION.tar.bz2 +for releasefile in busybox-$VERSION.tar.gz busybox-$VERSION.tar.bz2; do + test -f $releasefile || { echo "no $releasefile"; exit 1; } + gpg --detach-sign $releasefile + sha256sum $releasefile > $releasefile.sha256 +done |