From 827dcd03b983deebfb3c560d4578c531f5e1ab72 Mon Sep 17 00:00:00 2001 From: Michele Calgaro Date: Thu, 22 Feb 2018 23:09:31 +0900 Subject: [PATCH] DEB build scripts: added support for GPG sign key. Signed-off-by: Michele Calgaro --- .../local/scripts/_build_config_template.sh | 7 ++-- .../local/scripts/build_module.sh | 42 ++++++++++--------- 2 files changed, 27 insertions(+), 22 deletions(-) diff --git a/debian/_buildscripts/local/scripts/_build_config_template.sh b/debian/_buildscripts/local/scripts/_build_config_template.sh index d9dbbf8b0..51aac00fe 100644 --- a/debian/_buildscripts/local/scripts/_build_config_template.sh +++ b/debian/_buildscripts/local/scripts/_build_config_template.sh @@ -9,8 +9,9 @@ DISTRO_NAME="buster" # Distro name of specific version ARCHITECTURE="amd64" # Build for this architecture USE_LOCAL_BUILD_NUMBER="n" # If == "y", use local build numbering for modules BUILD_NUMBER="b001" # TDE build number -BUILD_DATE="" # module build date (automatic if "" or fixed otherwise, ex 20171201) -BUILD_DEFAULT_OPTIONS="-g -lr" # default building options (pbuilder) +BUILD_DATE="" # Module build date (automatic if "" or fixed otherwise, ex 20171201) +BUILD_DEFAULT_OPTIONS="-g -lr" # Default building options (pbuilder) +GPG_SIGN_KEYID="" # Use this GPG key to sign packages. If null, packages will not be signed #---------------------------- # Base directories @@ -33,7 +34,7 @@ PBUILDER_SHELL_HOOK="$PBUILDER_HOOK_DIR/C10shell" PBUILDER_SHELL_HOOK_TEMPLATE="$PBUILDER_HOOK_DIR/__template_C10shell" #---------------------------- -# Build output directories and logs +# Build output directories #---------------------------- CFG_TDE_BUILD_DIR="$CFG_BUILD_DIR/build" CFG_TDE_DEBS_DIR="$CFG_BUILD_DIR/debs" diff --git a/debian/_buildscripts/local/scripts/build_module.sh b/debian/_buildscripts/local/scripts/build_module.sh index fe70aba25..7862e5fe9 100755 --- a/debian/_buildscripts/local/scripts/build_module.sh +++ b/debian/_buildscripts/local/scripts/build_module.sh @@ -47,7 +47,7 @@ function recreate_folder() #---------------------------- -# Check command line arguments +# Check command line arguments and set options #---------------------------- MOD_NAME="" # the module to be built bool_BUILD_FROM_GIT="n" @@ -91,13 +91,27 @@ if [[ $MOD_NAME =~ ^edeps/ ]]; then bool_EXTRADEP_MOD="y" fi -# Shell hook is only valid if NOT building locally +# Shell hook is only valid if not building locally # Internal pbuilder option has no meaning if we are building locally if [ "bool_BUILD_LOCALLY" = "y" ]; then bool_SHELL_HOOK="n" bool_INTERNAL_PBUILDER="n" fi +# Local option variables +# - internal pbuilder +OPT_INTERNAL_PBUILDER="" +if [ "$bool_INTERNAL_PBUILDER" = "y" ]; then + OPT_INTERNAL_PBUILDER="--use-pdebuild-internal" +fi +# - sign packages +OPT_SIGN_PKG_LOCAL="-uc -us" +OPT_SIGN_PKG_PBUILDER="" +if [ ! -z "$GPG_SIGN_KEYID" ]; then + OPT_SIGN_PKG_LOCAL="-k$GPG_SIGN_KEYID" + OPT_SIGN_PKG_PBUILDER="--auto-debsign --debsign-k $GPG_SIGN_KEYID" +fi + # Log start echo -e "${CLightCyan}#### Processing module \"$MOD_NAME\" ####${CNone}" @@ -370,9 +384,9 @@ if [ "$bool_BUILD_LOCALLY" = "y" ]; then ## Build module locally echo -e "${CYellow}> Building locally${CNone}" if [ "$bool_SHOW_BUILD_LOGS" = "y" ]; then - dpkg-buildpackage -us -uc | tee "$BUILDING_LOG_FILE" + dpkg-buildpackage $OPT_SIGN_PKG_LOCAL | tee "$BUILDING_LOG_FILE" else - dpkg-buildpackage -us -uc &>"$BUILDING_LOG_FILE" + dpkg-buildpackage $OPT_SIGN_PKG_LOCAL &>"$BUILDING_LOG_FILE" fi build_retval=$? # @@ -399,17 +413,9 @@ else # echo -e "${CYellow}> Building using pbuilder${CNone}" if [ "$bool_SHOW_BUILD_LOGS" = "y" ]; then - if [ "$bool_INTERNAL_PBUILDER" = "y" ]; then - pdebuild --use-pdebuild-internal --architecture $ARCHITECTURE --buildresult "$MOD_DEB_PATH" --pbuilderroot "sudo DIST=$DISTRO_NAME ARCH=$ARCHITECTURE" --logfile "$BUILDING_LOG_FILE" - else - pdebuild --architecture $ARCHITECTURE --buildresult "$MOD_DEB_PATH" --pbuilderroot "sudo DIST=$DISTRO_NAME ARCH=$ARCHITECTURE" --logfile "$BUILDING_LOG_FILE" - fi + pdebuild $OPT_INTERNAL_PBUILDER $OPT_SIGN_PKG_PBUILDER --architecture $ARCHITECTURE --buildresult "$MOD_DEB_PATH" --pbuilderroot "sudo DIST=$DISTRO_NAME ARCH=$ARCHITECTURE" --logfile "$BUILDING_LOG_FILE" else - if [ "$bool_INTERNAL_PBUILDER" = "y" ]; then - pdebuild --use-pdebuild-internal --architecture $ARCHITECTURE --buildresult "$MOD_DEB_PATH" --pbuilderroot "sudo DIST=$DISTRO_NAME ARCH=$ARCHITECTURE" --logfile "$BUILDING_LOG_FILE" &>"$BUILDING_LOG_FILE" - else - pdebuild --architecture $ARCHITECTURE --buildresult "$MOD_DEB_PATH" --pbuilderroot "sudo DIST=$DISTRO_NAME ARCH=$ARCHITECTURE" --logfile "$BUILDING_LOG_FILE" &>"$BUILDING_LOG_FILE" - fi + pdebuild $OPT_INTERNAL_PBUILDER $OPT_SIGN_PKG_PBUILDER --architecture $ARCHITECTURE --buildresult "$MOD_DEB_PATH" --pbuilderroot "sudo DIST=$DISTRO_NAME ARCH=$ARCHITECTURE" --logfile "$BUILDING_LOG_FILE" &>"$BUILDING_LOG_FILE" fi build_retval=$? umount "$PBUILDER_REPO" @@ -440,16 +446,14 @@ fi #---------------------------- if [ "$bool_BUILD_LOCALLY" = "y" ]; then cd "$MOD_BUILD_PATH/.." - if [ "$bool_BUILD_LOCALLY" == "y" ]; then - mv *.deb "$MOD_DEB_PATH" &>/dev/null - fi + mv *.deb "$MOD_DEB_PATH" &>/dev/null mv *.dsc *.changes *.tar.xz *.tar.bz2 *.tar.gz *.buildinfo "$MOD_DEBSRC_PATH" &>/dev/null else cd "$MOD_DEB_PATH" mv *.dsc *.changes *.tar.xz *.tar.bz2 *.tar.gz *.buildinfo "$MOD_DEBSRC_PATH" &>/dev/null + cd "$MOD_BUILD_PATH/.." + mv *.dsc *.changes *.tar.xz *.tar.bz2 *.tar.gz *.buildinfo "$MOD_DEBSRC_PATH" &>/dev/null fi -cd "$MOD_BUILD_PATH/.." -mv *.orig.tar.xz "$MOD_DEBSRC_PATH" &>/dev/null #----------------------------