Signing is done by stsigtool only
This commit is contained in:
Jakob Borg
parent
0664c6b5b0
commit
55002d7adf
55
build.go
55
build.go
|
|
@ -27,19 +27,16 @@ import (
|
|||
"strconv"
|
||||
"strings"
|
||||
"time"
|
||||
|
||||
"github.com/syncthing/syncthing/lib/signature"
|
||||
)
|
||||
|
||||
var (
|
||||
versionRe = regexp.MustCompile(`-[0-9]{1,3}-g[0-9a-f]{5,10}`)
|
||||
goarch string
|
||||
goos string
|
||||
noupgrade bool
|
||||
version string
|
||||
goVersion float64
|
||||
race bool
|
||||
signingKey string
|
||||
versionRe = regexp.MustCompile(`-[0-9]{1,3}-g[0-9a-f]{5,10}`)
|
||||
goarch string
|
||||
goos string
|
||||
noupgrade bool
|
||||
version string
|
||||
goVersion float64
|
||||
race bool
|
||||
)
|
||||
|
||||
const minGoVersion = 1.3
|
||||
|
|
@ -64,7 +61,6 @@ func main() {
|
|||
flag.BoolVar(&noupgrade, "no-upgrade", noupgrade, "Disable upgrade functionality")
|
||||
flag.StringVar(&version, "version", getVersion(), "Set compiled in version string")
|
||||
flag.BoolVar(&race, "race", race, "Use race detector")
|
||||
flag.StringVar(&signingKey, "sign", signingKey, "Private key file for signing binaries")
|
||||
flag.Parse()
|
||||
|
||||
switch goarch {
|
||||
|
|
@ -229,15 +225,6 @@ func build(pkg string, tags []string) {
|
|||
args = append(args, pkg)
|
||||
setBuildEnv()
|
||||
runPrint("go", args...)
|
||||
|
||||
if signingKey != "" {
|
||||
// Create an signature of the binary, to be included in the archive for
|
||||
// automatic upgrades.
|
||||
err := signFile(signingKey, binary)
|
||||
if err != nil {
|
||||
log.Fatal(err)
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
func buildTar() {
|
||||
|
|
@ -723,34 +710,6 @@ func zipFile(out string, files []archiveFile) {
|
|||
}
|
||||
}
|
||||
|
||||
func signFile(keyname, file string) error {
|
||||
privkey, err := ioutil.ReadFile(keyname)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
fd, err := os.Open(file)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
defer fd.Close()
|
||||
|
||||
sig, err := signature.Sign(privkey, fd)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
out, err := os.Create(file + ".sig")
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
_, err = out.Write(sig)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
return out.Close()
|
||||
}
|
||||
|
||||
func vet(pkg string) {
|
||||
bs, err := runError("go", "vet", pkg)
|
||||
if err != nil && err.Error() == "exit status 3" || bytes.Contains(bs, []byte("no such tool \"vet\"")) {
|
||||
|
|
|
|||
41
build.sh
41
build.sh
|
|
@ -74,33 +74,27 @@ case "${1:-default}" in
|
|||
;;
|
||||
|
||||
all)
|
||||
if [ -f /etc/syncthing/syncthing.priv ] ; then
|
||||
# Default signing key location. If present, use it to sign the
|
||||
# release.
|
||||
extra=(-sign /etc/syncthing/syncthing.priv)
|
||||
fi
|
||||
build -goos darwin -goarch amd64 tar
|
||||
|
||||
build -goos darwin -goarch amd64 ${extra[@]-} tar
|
||||
build -goos dragonfly -goarch amd64 tar
|
||||
|
||||
build -goos dragonfly -goarch amd64 ${extra[@]-} tar
|
||||
build -goos freebsd -goarch 386 tar
|
||||
build -goos freebsd -goarch amd64 tar
|
||||
|
||||
build -goos freebsd -goarch 386 ${extra[@]-} tar
|
||||
build -goos freebsd -goarch amd64 ${extra[@]-} tar
|
||||
build -goos linux -goarch 386 tar
|
||||
build -goos linux -goarch amd64 tar
|
||||
build -goos linux -goarch arm tar
|
||||
|
||||
build -goos linux -goarch 386 ${extra[@]-} tar
|
||||
build -goos linux -goarch amd64 ${extra[@]-} tar
|
||||
build -goos linux -goarch arm ${extra[@]-} tar
|
||||
build -goos netbsd -goarch 386 tar
|
||||
build -goos netbsd -goarch amd64 tar
|
||||
|
||||
build -goos netbsd -goarch 386 ${extra[@]-} tar
|
||||
build -goos netbsd -goarch amd64 ${extra[@]-} tar
|
||||
build -goos openbsd -goarch 386 tar
|
||||
build -goos openbsd -goarch amd64 tar
|
||||
|
||||
build -goos openbsd -goarch 386 ${extra[@]-} tar
|
||||
build -goos openbsd -goarch amd64 ${extra[@]-} tar
|
||||
build -goos solaris -goarch amd64 tar
|
||||
|
||||
build -goos solaris -goarch amd64 ${extra[@]-} tar
|
||||
|
||||
build -goos windows -goarch 386 ${extra[@]-} zip
|
||||
build -goos windows -goarch amd64 ${extra[@]-} zip
|
||||
build -goos windows -goarch 386 zip
|
||||
build -goos windows -goarch amd64 zip
|
||||
;;
|
||||
|
||||
test-cov)
|
||||
|
|
@ -134,17 +128,10 @@ case "${1:-default}" in
|
|||
|
||||
docker-all)
|
||||
img=${DOCKERIMG:-syncthing/build:latest}
|
||||
if [ -f /etc/syncthing/syncthing.priv ] ; then
|
||||
# Default signing key location. If present, pass into Docker so we
|
||||
# can sign the release from in there.
|
||||
extra=(-v /etc/syncthing/syncthing.priv:/etc/syncthing/syncthing.priv)
|
||||
fi
|
||||
|
||||
docker run --rm -h syncthing-builder -u $(id -u) -t \
|
||||
-v $(pwd):/go/src/github.com/syncthing/syncthing \
|
||||
-w /go/src/github.com/syncthing/syncthing \
|
||||
-e "STTRACE=$STTRACE" \
|
||||
${extra[@]-} \
|
||||
"$img" \
|
||||
sh -c './build.sh clean \
|
||||
&& ./build.sh test-cov \
|
||||
|
|
|
|||
Loading…
Reference in New Issue