You are viewing a plain text version of this content. The canonical link for it is here.
Posted to scm@geronimo.apache.org by db...@apache.org on 2005/12/15 01:46:55 UTC
svn commit: r356962 - /geronimo/gbuild/sign.sh
Author: dblevins
Date: Wed Dec 14 16:46:53 2005
New Revision: 356962
URL: http://svn.apache.org/viewcvs?rev=356962&view=rev
Log:
A script that just does one part of the publish_build.sh. May or may not work.
Added:
geronimo/gbuild/sign.sh
Added: geronimo/gbuild/sign.sh
URL: http://svn.apache.org/viewcvs/geronimo/gbuild/sign.sh?rev=356962&view=auto
==============================================================================
--- geronimo/gbuild/sign.sh (added)
+++ geronimo/gbuild/sign.sh Wed Dec 14 16:46:53 2005
@@ -0,0 +1,26 @@
+#!/bin/bash
+
+function shash {
+ openssl $1 < $2 > $2.$1 ;
+}
+function sign {
+ archive=$1
+ phrase=$2
+ echo $prase | gpg -passphrase-fd 0 --armor --output $archive.asc --detach-sig $archive
+ gpg --verify $archive.asc $archive
+}
+function fail () { echo $1 >&2; exit 1;}
+function package () {
+ DEST=$1; SOURCE=$2
+ tar czf $DEST.tar.gz $SOURCE
+ zip -9rq $DEST.zip $SOURCE
+}
+
+# Let's create checksums for our source and binary tars and zips.
+for archive in $DIST/*.{zip,tar.gz}; do
+ echo $archive
+ shash md5 $archive
+ shash sha $archive
+ sign $archive $PHRASE
+done || fail "Unable to sign or hash release archives"
+