You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@camel.apache.org by ge...@apache.org on 2010/02/09 10:24:45 UTC

svn commit: r907982 - /camel/scripts/check_camel_release.sh

Author: gertv
Date: Tue Feb  9 09:24:45 2010
New Revision: 907982

URL: http://svn.apache.org/viewvc?rev=907982&view=rev
Log:
Adding a script to validate signatures/hashes on a staged release

Added:
    camel/scripts/check_camel_release.sh   (with props)

Added: camel/scripts/check_camel_release.sh
URL: http://svn.apache.org/viewvc/camel/scripts/check_camel_release.sh?rev=907982&view=auto
==============================================================================
--- camel/scripts/check_camel_release.sh (added)
+++ camel/scripts/check_camel_release.sh Tue Feb  9 09:24:45 2010
@@ -0,0 +1,60 @@
+#!/bin/sh
+
+STAGING=${1}
+DOWNLOAD=${2:-/tmp/camel-staging}
+mkdir ${DOWNLOAD} 2>/dev/null
+
+# The following code automatically imports the signing KEYS, but it may actually be
+# better to download them from a key server and/or let the user choose what keys
+# he wants to import.
+wget --no-check-certificate -P "${DOWNLOAD}" http://www.apache.org/dist/camel/apache-camel/KEYS 
+gpg --import "${DOWNLOAD}/KEYS"
+
+if [ -z "${STAGING}" -o ! -d "${DOWNLOAD}" ]
+then
+ echo "Usage: check_staged_release.sh <staging-number> [temp-directory]"
+ exit
+fi
+
+if [ ! -e "${DOWNLOAD}/${STAGING}" ]
+then
+ echo "################################################################################"
+ echo "                           DOWNLOAD STAGED REPOSITORY                           "
+ echo "################################################################################"
+
+ wget \
+  -r -np "--reject=html,txt" "--follow-tags=" \
+  -P "${DOWNLOAD}/${STAGING}" -nH "--cut-dirs=3" --ignore-length --no-check-certificate \
+  "http://repository.apache.org/content/repositories/orgapachecamel-${STAGING}/org/apache/camel/"
+
+else
+ echo "################################################################################"
+ echo "                       USING EXISTING STAGED REPOSITORY                         "
+ echo "################################################################################"
+ echo "${DOWNLOAD}/${STAGING}"
+fi
+
+echo "################################################################################"
+echo "                          CHECK SIGNATURES AND DIGESTS                          "
+echo "################################################################################"
+
+for i in `find "${DOWNLOAD}/${STAGING}" -type f | grep -v '\.\(asc\|sha1\|md5\)$'`
+do
+ f=`echo $i | sed 's/\.asc$//'`
+ echo "$f"
+ gpg --verify $f.asc 2>/dev/null
+ if [ "$?" = "0" ]; then CHKSUM="GOOD"; else CHKSUM="BAD!!!!!!!!"; fi
+ if [ ! -f "$f.asc" ]; then CHKSUM="----"; fi
+ echo "gpg:  ${CHKSUM}"
+ if [ "`cat $f.md5 2>/dev/null`" = "`openssl md5 < $f 2>/dev/null`" ]; then CHKSUM="GOOD"; else CHKSUM="BAD!!!!!!!!"; fi
+ if [ ! -f "$f.md5" ]; then CHKSUM="----"; fi
+ echo "md5:  ${CHKSUM}"
+ if [ "`cat $f.sha1 2>/dev/null`" = "`openssl sha1 < $f 2>/dev/null`" ]; then CHKSUM="GOOD"; else CHKSUM="BAD!!!!!!!!"; fi
+ if [ ! -f "$f.sha1" ]; then CHKSUM="----"; fi
+ echo "sha1: ${CHKSUM}"
+done
+
+if [ -z "${CHKSUM}" ]; then echo "WARNING: no files found!"; fi
+
+echo "################################################################################"
+

Propchange: camel/scripts/check_camel_release.sh
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: camel/scripts/check_camel_release.sh
------------------------------------------------------------------------------
    svn:executable = *