smeserver-koji/utils/sign_build.sh

73 lines
1.7 KiB
Bash
Raw Normal View History

2024-11-15 01:58:24 +01:00
#!/bin/bash
if [[ -z $1 ]] ; then
echo "Must provide a package name"
echo "sign_build.sh <n-v-r | build_id | package name | rpm> [<arch=x86_64> | <nodebuginfo> | <latestfrom=*> | <gpg_key=kojiadmin@koozali.org> | <debug>]"
2024-11-15 01:58:24 +01:00
exit 1
else
PACKAGE=$1
echo "PACKAGE=$PACKAGE"
fi
GPG_KEY="kojiadmin@koozali.org"
DEBUGINFO="--debuginfo"
ARCHES=
DEBUG=
RPM=
2024-11-15 01:58:24 +01:00
for param in $2 $3 $4 $5 $6 $7; do
if [ $param ] ; then
case $param in
-h | --help )
echo "sign_build.sh <n-v-r | build_id | package name | rpm> [<arch=*> | <nodebuginfo> | <latestfrom=*> | <gpg_key=kojiadmin@koozali.org>]" ;;
2024-11-15 01:58:24 +01:00
debug )
DEBUG=true ;;
nodebuginfo )
DEBUGINFO= ;;
2024-11-15 01:58:24 +01:00
arch=* )
arches=${param#*=}
for arch in ${arches//,/ } ; do
ARCHES=ARCHES"--arch=$arch "
done
;;
2024-11-15 01:58:24 +01:00
latestfrom=* )
PACKAGE=$PACKAGE" --latestfrom="${param#*=} ;;
gpg_name=* )
GPG_NAME=${param#*=} ;;
2024-11-15 01:58:24 +01:00
* )
echo "Unkown parameter $param - aborting"
exit 1
;;
esac
else
break
fi
done
# If an rpm name passed assume signing of an individual rpm
if (${1##*.} == "rpm") ; then RPM="--rpm" ; fi
# sign the specified rpms (using either a git tag or the latestfrom)
2024-11-15 01:58:24 +01:00
tmpdir="$(mktemp -d /tmp/sign.XXXXXX)"
pushd $tmpdir > /dev/null
if [[ $DEBUG ]] ; then
echo "PACKAGE=$PACKAGE"
echo "ARCH=$ARCHES"
echo "DEBUGINFO=$DEBUGINFO"
echo "RPM=$RPM"
echo "GPG_NAME=$GPG_NAME"
2024-11-15 01:58:24 +01:00
fi
if [[ $DEBUG ]] ; then echo "koji download-build $DEBUGINFO $RPM $ARCHES $PACKAGE" ; fi
koji download-build $DEBUGINFO $RPM $ARCHES $PACKAGE
rpmsign --define "_gpg_name $GPG_NAME" --addsign *.rpm
2024-11-15 01:58:24 +01:00
koji import-sig *.rpm
popd > /dev/null
# if debug, leave the tmp directory in place
if [[ -z $DEBUG ]] ; then
rm -f $tmpdir/*
rmdir $tmpdir
2024-11-15 01:58:24 +01:00
fi
exit 0