Provide also asserts for detached signatures

This commit is contained in:
gdm85 2015-01-14 15:10:20 +01:00
parent 900f80ec76
commit 41f182c9c7
3 changed files with 52 additions and 11 deletions

View File

@ -13,11 +13,16 @@ COPY input-sources/ /home/debian/input-sources/
COPY bin/build-bitcoin.sh /home/debian/ COPY bin/build-bitcoin.sh /home/debian/
COPY bin/sign.sh /home/debian/ COPY bin/sign.sh /home/debian/
COPY gitian-gbuild.patch /home/debian/
## patch to not attempt removal of build directory (will be a volume) ## patch to not attempt removal of build directory (will be a volume)
COPY gitian-gbuild.patch /home/debian/
RUN cd gitian-builder && patch -p1 < ../gitian-gbuild.patch && rm ../gitian-gbuild.patch RUN cd gitian-builder && patch -p1 < ../gitian-gbuild.patch && rm ../gitian-gbuild.patch
## patch to write asserts only (best for detached signatures)
COPY gitian-gasserts.patch /home/debian/
RUN cd gitian-builder && cp bin/gsign bin/gasserts && patch -p1 < ../gitian-gasserts.patch && rm ../gitian-gasserts.patch
WORKDIR /home/debian WORKDIR /home/debian
RUN chown -R debian.debian input-sources build-bitcoin.sh sign.sh RUN mkdir gitian-builder/inputs
RUN chown -R debian.debian input-sources build-bitcoin.sh sign.sh gitian-builder/inputs

View File

@ -0,0 +1,8 @@
--- a/bin/gasserts 2015-01-13 15:39:29.000000000 +0000
+++ b/bin/gasserts 2015-01-14 13:52:49.287255738 +0000
@@ -85,4 +85,3 @@
File.open(assert_path, "w") do |io|
io.write result.to_yaml
end
-system!("gpg --detach-sign -u \"#{signer}\" \"#{assert_path}\"")

View File

@ -12,6 +12,12 @@
SCRIPTS=$(dirname $(readlink -m $0)) || exit $? SCRIPTS=$(dirname $(readlink -m $0)) || exit $?
## place this file in script's directory in order to build for Mac OS X
SDK=MacOSX10.7.sdk.tar.gz
## change the assert directory as desired
SIGNER="$USER"
if [ $# -lt 1 ]; then if [ $# -lt 1 ]; then
echo "Usage: gitian-build.sh linux [win] [osx] [...]" 1>&2 echo "Usage: gitian-build.sh linux [win] [osx] [...]" 1>&2
exit 1 exit 1
@ -41,8 +47,12 @@ set -o pipefail && \
MOSTRECENT="$(curl -s https://api.github.com/repos/bitcoin/bitcoin/tags | jq -r '.[0].name' | awk '{ print substr($0, 2) }')" || exit $? MOSTRECENT="$(curl -s https://api.github.com/repos/bitcoin/bitcoin/tags | jq -r '.[0].name' | awk '{ print substr($0, 2) }')" || exit $?
## volumes inside container that are provided externally (bind mount) ## volumes inside container that are provided externally (bind mount)
LRESULT="$SCRIPTS/gitian-result"
LSIGS="$SCRIPTS/gitian-sigs"
LSOURCE="$SCRIPTS/gitian-cache" LSOURCE="$SCRIPTS/gitian-cache"
LDEST="$SCRIPTS/gitian-built" LDEST="$SCRIPTS/gitian-built"
CRESULT="/home/debian/gitian-builder/result"
CSIGS="/home/debian/gitian.sigs"
CSOURCE="/home/debian/gitian-builder/cache" CSOURCE="/home/debian/gitian-builder/cache"
CDEST="/home/debian/gitian-builder/build" CDEST="/home/debian/gitian-builder/build"
@ -53,17 +63,25 @@ function run_all() {
for OS in "$@"; do for OS in "$@"; do
mkdir -p "$LSOURCE/${OS}" && \ mkdir -p "$LSOURCE/${OS}" && \
rm -rf "$LDEST" && \ rm -rf "$LDEST/${OS}" && \
mkdir -p "$LDEST" || return $? mkdir -p "$LDEST/${OS}" || return $?
done done
mkdir -p "$LSOURCE" "$LDEST" && \ mkdir -p "$LSIGS/$USER" && \
chown -R 1000.1000 "$LDEST" "$LSOURCE" || return $? mkdir -p "$LSOURCE" && \
mkdir -p "$LRESULT" && \
chown -R 1000.1000 "$LDEST" "$LSOURCE" "$LSIGS" "$LRESULT" || return $?
for OS in "$@"; do for OS in "$@"; do
echo "docker run -d --privileged -v $LSOURCE/${OS}:${CSOURCE} -v $LDEST/${OS}:$CDEST gdm85/gitian-bitcoin-host" || return $? echo "docker run -d --privileged -v $LRESULT:$CRESULT -v $LSIGS:$CSIGS -v $LSOURCE/${OS}:${CSOURCE} -v $LDEST/${OS}:$CDEST gdm85/gitian-bitcoin-host" || return $?
done | $PARALLEL done | $PARALLEL
} }
function inject_mac_sdk() {
local CID="$1"
docker-inject "$CID" "$SCRIPTS/$SDK" /home/debian/gitian-builder/inputs/
}
function build_all() { function build_all() {
local ALL=($@) local ALL=($@)
local LEN=$(($#/2)) local LEN=$(($#/2))
@ -71,15 +89,25 @@ function build_all() {
local OSES=("${ALL[@]:$LEN}") local OSES=("${ALL[@]:$LEN}")
local CID local CID
local OS local OS
local IP
local I=0 local I=0
for CID in $CREATED; do for CID in $CREATED; do
OS=${OSES[$I]} OS=${OSES[$I]}
if [[ "$OS" == "osx" ]]; then
inject_mac_sdk "$CID" || return $?
fi
let I+=1
done
I=0
for CID in $CREATED; do
OS=${OSES[$I]}
## first, fix rights of mounted volumes ## first, fix rights of mounted volumes
echo -n "docker exec $CID chown -R debian.debian '$CSOURCE' '$CDEST' && " && \ # echo -n "docker exec $CID chown -R debian.debian '$CSOURCE' '$CDEST' && " && \
echo "docker exec $CID su -c 'cd /home/debian && source .bash_profile && ./build-bitcoin.sh $MOSTRECENT ${OS}' debian" echo -n "docker exec $CID su -c 'cd /home/debian && source .bash_profile && ./build-bitcoin.sh $MOSTRECENT ${OS} && " && \
echo "cd gitian-builder && ./bin/gasserts --signer $SIGNER --release ${MOSTRECENT} --destination ../gitian.sigs/ ../bitcoin/contrib/gitian-descriptors/gitian-${OS}.yml' debian"
let I+=1 let I+=1
done | $PARALLEL done | $PARALLEL
} }