commit c0242adc7a6a414bb183a3f07dddd64b7e3a51bc Author: Nicolas Vigier boklm@torproject.org Date: Mon Feb 6 19:23:44 2017 +0100
Add option to sign the sha256sums-unsigned-build.txt file --- README | 9 +++++++++ projects/release/config | 3 +++ 2 files changed, 12 insertions(+)
diff --git a/README b/README index 0b8e510..2c36d74 100644 --- a/README +++ b/README @@ -149,6 +149,15 @@ the build files in the tor-browser-builds/ directory (unless you changed the publish_dir option).
+Signing builds +-------------- + +If the environment variable RBM_SIGN_BUILD is set to 1, the +sha256sums-unsigned-build.txt file will be signed with gpg. +You can use the RBM_GPG_OPTS environment variable to add some options +to the gpg command used to sign the file. + + Cleaning obsolete files and containers images ---------------------------------------------
diff --git a/projects/release/config b/projects/release/config index 09b4c0e..daa78dd 100644 --- a/projects/release/config +++ b/projects/release/config @@ -125,4 +125,7 @@ build: | [% END -%] cd "$destdir" sha256sum $(ls -1 *.exe *.tar.xz *.dmg *.mar *.zip | grep -v '.incremental.mar$' | sort) > sha256sums-unsigned-build.txt + [% IF ENV.RBM_SIGN_BUILD -%] + gpg -abs [% ENV.RBM_GPG_OPTS %] sha256sums-unsigned-build.txt + [% END -%] cat sha256sums-unsigned-build.txt