smeserver-koji/utils/sign_build.sh

68 lines
1.6 KiB
Bash
Executable File

#!/bin/bash
if [[ -z $1 ]] ; then
echo "Must provide a package name"
echo "sign_rpm.sh <package name> [<arch=x86_64> | <debuginfo> | <repo=dist-sme11-os> | <latestfrom=*> | <gpg_key=kojiadmin@koozali.org> | <debug>]"
exit 1
else
PACKAGE=$1
echo "PACKAGE=$PACKAGE"
fi
ARCH=x86_64
REPO="dist-sme11-os"
GPG_KEY="kojiadmin@koozali.org"
DEBUG=false
DEBUGINFO="--debuginfo"
for param in $2 $3 $4 $5 $6 $7; do
if [ $param ] ; then
case $param in
-h | --help )
echo "sign_rpm.sh <package name> [<arch=x86_64> | <repo=dist-sme11-os> | <latestfrom=*> | <gpg_key=kojiadmin@koozali.org>]" ;;
debug )
DEBUG=true ;;
debuginfo )
DEBUGINFO="--debuginfo" ;;
arch=* )
ARCH=${param#*=} ;;
repo=* )
REPO=${param#*=} ;;
latestfrom=* )
PACKAGE=$PACKAGE" --latestfrom="${param#*=} ;;
gpg_key=* )
GPG_KEY=${param#*=} ;;
* )
echo "Unkown parameter $param - aborting"
exit 1
;;
esac
else
break
fi
done
# if <package name>=all, sign ALL rpms in defined repo (use pkglist to identify packages)
# else just sign the specified rpms (using either a git tag or the latestfrom)
tmpdir="$(mktemp -d /tmp/sign.XXXXXX)"
pushd $tmpdir > /dev/null
if [[ $DEBUG ]] ; then
echo "PACKAGE=$PACKAGE"
echo "ARCH=$ARCH"
echo "REPO=$REPO"
echo "GPG_KEY=$GPG_KEY"
fi
if [[ $DEBUG ]] ; then echo "koji download-build $DEBUGINFO $PACKAGE" ; fi
koji download-build $DEBUGINFO $PACKAGE
rpmsign --define "_gpg_name $GPG_KEY" --addsign *.rpm
koji import-sig *.rpm
popd > /dev/null
# if debug, leave the tmp directory in place
if [[ -z $DEBUG ]] ; then
rm -f $tmpdir/*
rmdir $tmpdir
fi
exit 0