[tor-commits] [tor-browser-build/master] Add option to sign the sha256sums-unsigned-build.txt file
boklm at torproject.org
boklm at torproject.org
Mon Feb 6 18:25:57 UTC 2017
commit c0242adc7a6a414bb183a3f07dddd64b7e3a51bc
Author: Nicolas Vigier <boklm at torproject.org>
Date: Mon Feb 6 19:23:44 2017 +0100
Add option to sign the sha256sums-unsigned-build.txt file
---
README | 9 +++++++++
projects/release/config | 3 +++
2 files changed, 12 insertions(+)
diff --git a/README b/README
index 0b8e510..2c36d74 100644
--- a/README
+++ b/README
@@ -149,6 +149,15 @@ the build files in the tor-browser-builds/ directory (unless you changed
the publish_dir option).
+Signing builds
+--------------
+
+If the environment variable RBM_SIGN_BUILD is set to 1, the
+sha256sums-unsigned-build.txt file will be signed with gpg.
+You can use the RBM_GPG_OPTS environment variable to add some options
+to the gpg command used to sign the file.
+
+
Cleaning obsolete files and containers images
---------------------------------------------
diff --git a/projects/release/config b/projects/release/config
index 09b4c0e..daa78dd 100644
--- a/projects/release/config
+++ b/projects/release/config
@@ -125,4 +125,7 @@ build: |
[% END -%]
cd "$destdir"
sha256sum $(ls -1 *.exe *.tar.xz *.dmg *.mar *.zip | grep -v '\.incremental\.mar$' | sort) > sha256sums-unsigned-build.txt
+ [% IF ENV.RBM_SIGN_BUILD -%]
+ gpg -abs [% ENV.RBM_GPG_OPTS %] sha256sums-unsigned-build.txt
+ [% END -%]
cat sha256sums-unsigned-build.txt
More information about the tor-commits
mailing list