smeserver-koji/utils/sign_build.sh

#!/bin/bash

if  [[ -z $1 ]] ; then
	echo "Must provide a package name"
	echo "sign_rpm.sh <package name> [<arch=x86_64> | <debuginfo> | <repo=dist-sme11-os> | <latestfrom=*> | <gpg_key=kojiadmin@koozali.org> | <debug>]"
	exit 1
else
	PACKAGE=$1
	echo "PACKAGE=$PACKAGE"
fi

ARCH=x86_64
REPO="dist-sme11-os"
GPG_KEY="kojiadmin@koozali.org"
DEBUG=false
DEBUGINFO="--debuginfo"
for param in $2 $3 $4 $5 $6 $7; do
  if [ $param ] ; then
	case $param in
		-h | --help )
			echo "sign_rpm.sh <package name> [<arch=x86_64> | <repo=dist-sme11-os> | <latestfrom=*> | <gpg_key=kojiadmin@koozali.org>]" ;;
		debug )
			DEBUG=true ;;
                debuginfo )
                        DEBUGINFO="--debuginfo" ;;
		arch=* )
			ARCH=${param#*=} ;;
		repo=* )
			REPO=${param#*=} ;;
		latestfrom=* )
			PACKAGE=$PACKAGE" --latestfrom="${param#*=} ;;
		gpg_key=* )
			GPG_KEY=${param#*=} ;;
		* )
			echo "Unkown parameter $param - aborting"
			exit 1
			;;
	esac
  else
	break
  fi
done

# if <package name>=all, sign ALL rpms in defined repo (use pkglist to identify packages)
# else just sign the specified rpms (using either a git tag or the latestfrom)
tmpdir="$(mktemp -d /tmp/sign.XXXXXX)"
pushd $tmpdir > /dev/null

if [[ $DEBUG ]] ; then 
	echo "PACKAGE=$PACKAGE"
	echo "ARCH=$ARCH" 
	echo "REPO=$REPO"
	echo "GPG_KEY=$GPG_KEY" 
fi
if [[ $DEBUG ]] ; then echo "koji download-build $DEBUGINFO $PACKAGE" ; fi
koji download-build $DEBUGINFO $PACKAGE
rpmsign --define "_gpg_name $GPG_KEY" --addsign *.rpm
koji import-sig *.rpm
popd > /dev/null

# if debug, leave the tmp directory in place
if [[ -z $DEBUG ]] ; then
	rm -f $tmpdir/*
        rmdir $tmpdir
fi

exit 0
add utils (e.g. sign_build.sh) 2024-11-15 01:58:24 +01:00			`#!/bin/bash`

			`if [[ -z $1 ]] ; then`
			`echo "Must provide a package name"`
			`echo "sign_rpm.sh <package name> [<arch=x86_64> \| <debuginfo> \| <repo=dist-sme11-os> \| <latestfrom=*> \| <gpg_key=kojiadmin@koozali.org> \| <debug>]"`
			`exit 1`
			`else`
			`PACKAGE=$1`
			`echo "PACKAGE=$PACKAGE"`
			`fi`

			`ARCH=x86_64`
			`REPO="dist-sme11-os"`
			`GPG_KEY="kojiadmin@koozali.org"`
			`DEBUG=false`
			`DEBUGINFO="--debuginfo"`
			`for param in $2 $3 $4 $5 $6 $7; do`
			`if [ $param ] ; then`
			`case $param in`
			`-h \| --help )`
			`echo "sign_rpm.sh <package name> [<arch=x86_64> \| <repo=dist-sme11-os> \| <latestfrom=*> \| <gpg_key=kojiadmin@koozali.org>]" ;;`
			`debug )`
			`DEBUG=true ;;`
			`debuginfo )`
			`DEBUGINFO="--debuginfo" ;;`
			`arch=* )`
			`ARCH=${param#*=} ;;`
			`repo=* )`
			`REPO=${param#*=} ;;`
			`latestfrom=* )`
			`PACKAGE=$PACKAGE" --latestfrom="${param#*=} ;;`
			`gpg_key=* )`
			`GPG_KEY=${param#*=} ;;`
			`* )`
			`echo "Unkown parameter $param - aborting"`
			`exit 1`
			`;;`
			`esac`
			`else`
			`break`
			`fi`
			`done`

			`# if <package name>=all, sign ALL rpms in defined repo (use pkglist to identify packages)`
			`# else just sign the specified rpms (using either a git tag or the latestfrom)`
			`tmpdir="$(mktemp -d /tmp/sign.XXXXXX)"`
			`pushd $tmpdir > /dev/null`

			`if [[ $DEBUG ]] ; then`
			`echo "PACKAGE=$PACKAGE"`
			`echo "ARCH=$ARCH"`
			`echo "REPO=$REPO"`
			`echo "GPG_KEY=$GPG_KEY"`
			`fi`
			`if [[ $DEBUG ]] ; then echo "koji download-build $DEBUGINFO $PACKAGE" ; fi`
			`koji download-build $DEBUGINFO $PACKAGE`
			`rpmsign --define "_gpg_name $GPG_KEY" --addsign *.rpm`
			`koji import-sig *.rpm`
			`popd > /dev/null`

			`# if debug, leave the tmp directory in place`
			`if [[ -z $DEBUG ]] ; then`
			`rm -f $tmpdir/*`
			`rmdir $tmpdir`
			`fi`

			`exit 0`