Skip to content

Commit 6ffd6b4

Browse files
achow101achow101
committed
Create option to detach sign gitian builds and not commit the files in the script
Gitian builds can be done where the assert files are made but no signing is done. The sigs can also optionally not be committed automatically.
1 parent 498d8da commit 6ffd6b4

File tree

1 file changed

+44
-25
lines changed

1 file changed

+44
-25
lines changed

contrib/gitian-build.sh

Lines changed: 44 additions & 25 deletions
Original file line numberDiff line numberDiff line change
@@ -20,6 +20,8 @@ lxc=true
2020
osslTarUrl=http://downloads.sourceforge.net/project/osslsigncode/osslsigncode/osslsigncode-1.7.1.tar.gz
2121
osslPatchUrl=https://bitcoincore.org/cfields/osslsigncode-Backports-to-1.7.1.patch
2222
scriptName=$(basename -- "$0")
23+
signProg="gpg --detach-sign"
24+
commitFiles=true
2325

2426
# Help Message
2527
read -d '' usage <<- EOF
@@ -43,6 +45,8 @@ Options:
4345
-m Memory to allocate in MiB. Default 2000
4446
--kvm Use KVM instead of LXC
4547
--setup Setup the gitian building environment. Uses KVM. If you want to use lxc, use the --lxc option. Only works on Debian-based systems (Ubuntu, Debian)
48+
--detach-sign Create the assert file for detached signing. Will not commit anything.
49+
--no-commit Do not commit anything to git
4650
-h|--help Print this help message
4751
EOF
4852

@@ -148,6 +152,15 @@ while :; do
148152
--kvm)
149153
lxc=false
150154
;;
155+
# Detach sign
156+
--detach-sign)
157+
signProg="true"
158+
commitFiles=false
159+
;;
160+
# Commit files
161+
--no-commit)
162+
commitFiles=false
163+
;;
151164
# Setup
152165
--setup)
153166
setup=true
@@ -214,11 +227,11 @@ echo ${COMMIT}
214227
# Setup build environment
215228
if [[ $setup = true ]]
216229
then
217-
pushd ./gitian-builder
218230
sudo apt-get install ruby apache2 git apt-cacher-ng python-vm-builder qemu-kvm qemu-utils
219231
git clone https://github.com/bitcoin-core/gitian.sigs.git
220232
git clone https://github.com/bitcoin-core/bitcoin-detached-sigs.git
221233
git clone https://github.com/devrandom/gitian-builder.git
234+
pushd ./gitian-builder
222235
if [[ -n "$USE_LXC" ]]
223236
then
224237
sudo apt-get install lxc
@@ -258,7 +271,7 @@ then
258271
echo "Compiling ${VERSION} Linux"
259272
echo ""
260273
./bin/gbuild -j ${proc} -m ${mem} --commit bitcoin=${COMMIT} --url bitcoin=${url} ../bitcoin/contrib/gitian-descriptors/gitian-linux.yml
261-
./bin/gsign --signer $SIGNER --release ${VERSION}-linux --destination ../gitian.sigs/ ../bitcoin/contrib/gitian-descriptors/gitian-linux.yml
274+
./bin/gsign -p $signProg --signer $SIGNER --release ${VERSION}-linux --destination ../gitian.sigs/ ../bitcoin/contrib/gitian-descriptors/gitian-linux.yml
262275
mv build/out/bitcoin-*.tar.gz build/out/src/bitcoin-*.tar.gz ../bitcoin-binaries/${VERSION}
263276
fi
264277
# Windows
@@ -268,7 +281,7 @@ then
268281
echo "Compiling ${VERSION} Windows"
269282
echo ""
270283
./bin/gbuild -j ${proc} -m ${mem} --commit bitcoin=${COMMIT} --url bitcoin=${url} ../bitcoin/contrib/gitian-descriptors/gitian-win.yml
271-
./bin/gsign --signer $SIGNER --release ${VERSION}-win-unsigned --destination ../gitian.sigs/ ../bitcoin/contrib/gitian-descriptors/gitian-win.yml
284+
./bin/gsign -p $signProg --signer $SIGNER --release ${VERSION}-win-unsigned --destination ../gitian.sigs/ ../bitcoin/contrib/gitian-descriptors/gitian-win.yml
272285
mv build/out/bitcoin-*-win-unsigned.tar.gz inputs/bitcoin-win-unsigned.tar.gz
273286
mv build/out/bitcoin-*.zip build/out/bitcoin-*.exe ../bitcoin-binaries/${VERSION}
274287
fi
@@ -279,22 +292,25 @@ then
279292
echo "Compiling ${VERSION} Mac OSX"
280293
echo ""
281294
./bin/gbuild -j ${proc} -m ${mem} --commit bitcoin=${COMMIT} --url bitcoin=${url} ../bitcoin/contrib/gitian-descriptors/gitian-osx.yml
282-
./bin/gsign --signer $SIGNER --release ${VERSION}-osx-unsigned --destination ../gitian.sigs/ ../bitcoin/contrib/gitian-descriptors/gitian-osx.yml
295+
./bin/gsign -p $signProg --signer $SIGNER --release ${VERSION}-osx-unsigned --destination ../gitian.sigs/ ../bitcoin/contrib/gitian-descriptors/gitian-osx.yml
283296
mv build/out/bitcoin-*-osx-unsigned.tar.gz inputs/bitcoin-osx-unsigned.tar.gz
284297
mv build/out/bitcoin-*.tar.gz build/out/bitcoin-*.dmg ../bitcoin-binaries/${VERSION}
285298
fi
286299
popd
287300

288-
# Commit to gitian.sigs repo
289-
echo ""
290-
echo "Committing ${VERSION} Unsigned Sigs"
291-
echo ""
292-
pushd gitian.sigs
293-
git add ${VERSION}-linux/${SIGNER}
294-
git add ${VERSION}-win-unsigned/${SIGNER}
295-
git add ${VERSION}-osx-unsigned/${SIGNER}
296-
git commit -a -m "Add ${VERSION} unsigned sigs for ${SIGNER}"
297-
popd
301+
if [[ $commitFiles = true ]]
302+
then
303+
# Commit to gitian.sigs repo
304+
echo ""
305+
echo "Committing ${VERSION} Unsigned Sigs"
306+
echo ""
307+
pushd gitian.sigs
308+
git add ${VERSION}-linux/${SIGNER}
309+
git add ${VERSION}-win-unsigned/${SIGNER}
310+
git add ${VERSION}-osx-unsigned/${SIGNER}
311+
git commit -a -m "Add ${VERSION} unsigned sigs for ${SIGNER}"
312+
popd
313+
fi
298314
fi
299315

300316
# Verify the build
@@ -341,7 +357,7 @@ then
341357
echo "Signing ${VERSION} Windows"
342358
echo ""
343359
./bin/gbuild -i --commit signature=${COMMIT} ../bitcoin/contrib/gitian-descriptors/gitian-win-signer.yml
344-
./bin/gsign --signer $SIGNER --release ${VERSION}-win-signed --destination ../gitian.sigs/ ../bitcoin/contrib/gitian-descriptors/gitian-win-signer.yml
360+
./bin/gsign -p $signProg --signer $SIGNER --release ${VERSION}-win-signed --destination ../gitian.sigs/ ../bitcoin/contrib/gitian-descriptors/gitian-win-signer.yml
345361
mv build/out/bitcoin-*win64-setup.exe ../bitcoin-binaries/${VERSION}
346362
mv build/out/bitcoin-*win32-setup.exe ../bitcoin-binaries/${VERSION}
347363
fi
@@ -352,18 +368,21 @@ then
352368
echo "Signing ${VERSION} Mac OSX"
353369
echo ""
354370
./bin/gbuild -i --commit signature=${COMMIT} ../bitcoin/contrib/gitian-descriptors/gitian-osx-signer.yml
355-
./bin/gsign --signer $SIGNER --release ${VERSION}-osx-signed --destination ../gitian.sigs/ ../bitcoin/contrib/gitian-descriptors/gitian-osx-signer.yml
371+
./bin/gsign -p $signProg --signer $SIGNER --release ${VERSION}-osx-signed --destination ../gitian.sigs/ ../bitcoin/contrib/gitian-descriptors/gitian-osx-signer.yml
356372
mv build/out/bitcoin-osx-signed.dmg ../bitcoin-binaries/${VERSION}/bitcoin-${VERSION}-osx.dmg
357373
fi
358374
popd
359375

360-
# Commit Sigs
361-
pushd gitian.sigs
362-
echo ""
363-
echo "Committing ${VERSION} Signed Sigs"
364-
echo ""
365-
git add ${VERSION}-win-signed/${SIGNER}
366-
git add ${VERSION}-osx-signed/${SIGNER}
367-
git commit -a -m "Add ${VERSION} signed binary sigs for ${SIGNER}"
368-
popd
376+
if [[ $commitFiles = true ]]
377+
then
378+
# Commit Sigs
379+
pushd gitian.sigs
380+
echo ""
381+
echo "Committing ${VERSION} Signed Sigs"
382+
echo ""
383+
git add ${VERSION}-win-signed/${SIGNER}
384+
git add ${VERSION}-osx-signed/${SIGNER}
385+
git commit -a -m "Add ${VERSION} signed binary sigs for ${SIGNER}"
386+
popd
387+
fi
369388
fi

0 commit comments

Comments
 (0)