You are viewing a plain text version of this content. The canonical link for it is here.

Posted to scm@geronimo.apache.org by db...@apache.org on 2005/12/15 01:46:55 UTC

svn commit: r356962 - /geronimo/gbuild/sign.sh

Author: dblevins
Date: Wed Dec 14 16:46:53 2005
New Revision: 356962

URL: http://svn.apache.org/viewcvs?rev=356962&view=rev
Log:
A script that just does one part of the publish_build.sh.  May or may not work.

Added:
    geronimo/gbuild/sign.sh

Added: geronimo/gbuild/sign.sh
URL: http://svn.apache.org/viewcvs/geronimo/gbuild/sign.sh?rev=356962&view=auto
==============================================================================
--- geronimo/gbuild/sign.sh (added)
+++ geronimo/gbuild/sign.sh Wed Dec 14 16:46:53 2005
@@ -0,0 +1,26 @@
+#!/bin/bash
+
+function shash {
+    openssl $1 < $2 > $2.$1 ;
+}
+function sign {
+    archive=$1
+    phrase=$2
+    echo $prase | gpg -passphrase-fd 0 --armor --output $archive.asc --detach-sig $archive
+    gpg --verify $archive.asc $archive
+}
+function fail () { echo $1 >&2; exit 1;}
+function package () {
+    DEST=$1; SOURCE=$2
+    tar czf $DEST.tar.gz $SOURCE
+    zip -9rq $DEST.zip $SOURCE
+}
+
+#  Let's create checksums for our source and binary tars and zips.
+for archive in $DIST/*.{zip,tar.gz}; do
+    echo $archive
+    shash md5 $archive
+    shash sha $archive
+    sign $archive $PHRASE
+done || fail "Unable to sign or hash release archives"
+