#!/usr/bin/ruby require 'optparse' require 'yaml' require 'fileutils' require 'pathname' @options = {} def system!(cmd) system(cmd) or raise "failed to run #{cmd}" end def sanitize(str, where) raise "unsanitary string in #{where}" if (str =~ /[^\w.-]/) str end def sanitize_path(str, where) raise "unsanitary string in #{where}" if (str =~ /[^@\w\/.:+-]/) str end def info(str) puts str unless @options[:quiet] end ################################ OptionParser.new do |opts| opts.banner = "Usage: build [options] .yml" opts.on("-q", "--quiet", "be quiet") do |v| @options[:quiet] = v end opts.on("-s SIGNER", "--signer SIGNER", "identity to sign as") do |v| @options[:signer] = v end opts.on("-r REL", "--release REL", "release name") do |v| @options[:release] = v end opts.on("-d DEST", "--destination DEST", "directory to place signature in") do |v| @options[:destination] = v end end.parse! base_dir = Pathname.new(__FILE__).expand_path.dirname.parent build_desc_file = ARGV.shift or raise "must supply YAML build description file" build_desc = YAML.load_file(build_desc_file) in_sums = [] result_dir = 'result' package_name = build_desc["name"] or raise "must supply name" optionals = build_desc["optionals"] or [] package_name = sanitize(package_name, "package name") result_file = "#{package_name}-res.yml" result_path = File.join(result_dir, result_file) File.exists?(result_path) or raise "#{result_path} does not exist" result = YAML.load_file(result_path) destination = @options[:destination] || File.join(base_dir, "sigs", package_name) release = @options[:release] || "test" release = sanitize(release, "release") result['release'] = release result['name'] = package_name result['type'] = 'build' result['optionals'] = optionals signer = @options[:signer] or raise "must supply signer with --signer" FileUtils.mkdir_p(destination) release_path = File.join(destination, release, signer) FileUtils.mkdir_p(release_path) assert_path = File.join(release_path, "#{package_name}-build.assert") File.open(assert_path, "w") do |io| io.write result.to_yaml end system!("gpg --detach-sign -u \"#{signer}\" \"#{assert_path}\"")