Hi, Peter Hutterer suggested I send this here; it's a patch to add gpg signing to release.sh, both for the git tag and the generated tarballs.
This version tries to use gpg unconditionnally, it might be more useful with a parameter to switch the behaviour... gpg-sign the git tag and the generated tarballs, and upload the signatures along with the tarballs. Signed-off-by: Stephen Kitt <[email protected]> --- release.sh.orig 2014-05-06 01:04:22.652607233 +0200 +++ release.sh 2014-05-06 01:12:17.114860393 +0200 @@ -299,6 +299,10 @@ return 1 fi + [ -n "$targz" ] && gpg -b $targz && siggz=${targz}.sig || true + [ -n "$tarbz2" ] && gpg -b $tarbz2 && sigbz2=${tarbz2}.sig || true + [ -n "$tarxz" ] && gpg -b $tarxz && sigxz=${tarxz}.sig || true + # Obtain the top commit SHA which should be the version bump # It should not have been tagged yet (the script will do it later) local_top_commit_sha=`git rev-list --max-count=1 HEAD` @@ -354,7 +358,7 @@ else # Tag the top commit with the tar name if [ x"$DRY_RUN" = x ]; then - git tag -m $tar_name $tar_name + git tag -s -m $tar_name $tar_name if [ $? -ne 0 ]; then echo "Error: unable to tag module with \"$tar_name\"." cd $top_src @@ -501,7 +505,7 @@ # Upload to host using the 'scp' remote file copy program if [ x"$DRY_RUN" = x ]; then echo "Info: uploading tarballs to web server:" - scp $targz $tarbz2 $tarxz $USER_NAME$hostname:$srv_path + scp $targz $tarbz2 $tarxz $siggz $sigbz2 $sigxz $USER_NAME$hostname:$srv_path if [ $? -ne 0 ]; then echo "Error: the tarballs uploading failed." cd $top_src Regards, Stephen _______________________________________________ [email protected]: X.Org development Archives: http://lists.x.org/archives/xorg-devel Info: http://lists.x.org/mailman/listinfo/xorg-devel
