GitLab is used only for code review, issue tracking and project management. Canonical locations for source code are still https://gitweb.torproject.org/ https://git.torproject.org/ and git-rw.torproject.org.

Unverified Commit 8c36b34c authored by boklm's avatar boklm
Browse files

Add build signing options to rbm.local.conf

parent 99f69d0a
......@@ -157,7 +157,9 @@ Signing builds
If the environment variable RBM_SIGN_BUILD is set to 1, the
sha256sums-unsigned-build.txt file will be signed with gpg.
You can use the RBM_GPG_OPTS environment variable to add some options
to the gpg command used to sign the file.
to the gpg command used to sign the file. You can also set the
var/sign_build and var/sign_build_gpg_opts options in the rbm.local.conf
file.
Cleaning obsolete files and containers images
......
......@@ -125,7 +125,7 @@ build: |
[% END -%]
cd "$destdir"
sha256sum $(ls -1 *.exe *.tar.xz *.dmg *.mar *.zip | grep -v '\.incremental\.mar$' | sort) > sha256sums-unsigned-build.txt
[% IF ENV.RBM_SIGN_BUILD -%]
gpg -abs [% ENV.RBM_GPG_OPTS %] sha256sums-unsigned-build.txt
[% IF c("var/sign_build") -%]
gpg -abs [% c("var/sign_build_gpg_opts") %] sha256sums-unsigned-build.txt
[% END -%]
cat sha256sums-unsigned-build.txt
......@@ -49,6 +49,9 @@ var:
- vi
- zh-CN
sign_build: '[% ENV.RBM_SIGN_BUILD %]'
sign_build_gpg_opts: '[% ENV.RBM_GPG_OPTS %]'
targets:
notarget: linux-x86_64
......
......@@ -19,4 +19,13 @@
var:
local_conf: 1
### The var/sign_build option defines if you want to sign the
### sha256sums-unsigned-build.txt file with gpg.
#sign_build: 1
### The var/sign_build_gpg_opts option can be used to define some gpg
### options to select the key to use to sign the sha256sums-unsigned-build.txt
### file.
#sign_build_gpg_opts: '--local-user XXXXXXXX'
# vim: filetype=yaml sw=2
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment