Martchus
/
syncthing
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Signing is done by stsigtool only

This commit is contained in:
Jakob Borg 2015-08-30 20:50:07 +02:00
parent 0664c6b5b0
commit 55002d7adf
2 changed files with 21 additions and 75 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

55
build.go
View File

@ -27,19 +27,16 @@ import (
"strconv" "strconv"
"strings" "strings"
"time" "time"
"github.com/syncthing/syncthing/lib/signature"
) )
var ( var (
versionRe = regexp.MustCompile(`-[0-9]{1,3}-g[0-9a-f]{5,10}`) versionRe = regexp.MustCompile(`-[0-9]{1,3}-g[0-9a-f]{5,10}`)
goarch string goarch string
goos string goos string
noupgrade bool noupgrade bool
version string version string
goVersion float64 goVersion float64
race bool race bool
signingKey string
) )
const minGoVersion = 1.3 const minGoVersion = 1.3
@ -64,7 +61,6 @@ func main() {
flag.BoolVar(&noupgrade, "no-upgrade", noupgrade, "Disable upgrade functionality") flag.BoolVar(&noupgrade, "no-upgrade", noupgrade, "Disable upgrade functionality")
flag.StringVar(&version, "version", getVersion(), "Set compiled in version string") flag.StringVar(&version, "version", getVersion(), "Set compiled in version string")
flag.BoolVar(&race, "race", race, "Use race detector") flag.BoolVar(&race, "race", race, "Use race detector")
flag.StringVar(&signingKey, "sign", signingKey, "Private key file for signing binaries")
flag.Parse() flag.Parse()
switch goarch { switch goarch {
@ -229,15 +225,6 @@ func build(pkg string, tags []string) {
args = append(args, pkg) args = append(args, pkg)
setBuildEnv() setBuildEnv()
runPrint("go", args...) runPrint("go", args...)
if signingKey != "" {
// Create an signature of the binary, to be included in the archive for
// automatic upgrades.
err := signFile(signingKey, binary)
if err != nil {
log.Fatal(err)
}
}
} }
func buildTar() { func buildTar() {
@ -723,34 +710,6 @@ func zipFile(out string, files []archiveFile) {
} }
} }
func signFile(keyname, file string) error {
privkey, err := ioutil.ReadFile(keyname)
if err != nil {
return err
}
fd, err := os.Open(file)
if err != nil {
return err
}
defer fd.Close()
sig, err := signature.Sign(privkey, fd)
if err != nil {
return err
}
out, err := os.Create(file + ".sig")
if err != nil {
return err
}
_, err = out.Write(sig)
if err != nil {
return err
}
return out.Close()
}
func vet(pkg string) { func vet(pkg string) {
bs, err := runError("go", "vet", pkg) bs, err := runError("go", "vet", pkg)
if err != nil && err.Error() == "exit status 3" || bytes.Contains(bs, []byte("no such tool \"vet\"")) { if err != nil && err.Error() == "exit status 3" || bytes.Contains(bs, []byte("no such tool \"vet\"")) {

41
build.sh
View File

@ -74,33 +74,27 @@ case "${1:-default}" in
;; ;;
all) all)
if [ -f /etc/syncthing/syncthing.priv ] ; then build -goos darwin -goarch amd64 tar
# Default signing key location. If present, use it to sign the
# release.
extra=(-sign /etc/syncthing/syncthing.priv)
fi
build -goos darwin -goarch amd64 ${extra[@]-} tar build -goos dragonfly -goarch amd64 tar
build -goos dragonfly -goarch amd64 ${extra[@]-} tar build -goos freebsd -goarch 386 tar
build -goos freebsd -goarch amd64 tar
build -goos freebsd -goarch 386 ${extra[@]-} tar build -goos linux -goarch 386 tar
build -goos freebsd -goarch amd64 ${extra[@]-} tar build -goos linux -goarch amd64 tar
build -goos linux -goarch arm tar
build -goos linux -goarch 386 ${extra[@]-} tar build -goos netbsd -goarch 386 tar
build -goos linux -goarch amd64 ${extra[@]-} tar build -goos netbsd -goarch amd64 tar
build -goos linux -goarch arm ${extra[@]-} tar
build -goos netbsd -goarch 386 ${extra[@]-} tar build -goos openbsd -goarch 386 tar
build -goos netbsd -goarch amd64 ${extra[@]-} tar build -goos openbsd -goarch amd64 tar
build -goos openbsd -goarch 386 ${extra[@]-} tar build -goos solaris -goarch amd64 tar
build -goos openbsd -goarch amd64 ${extra[@]-} tar
build -goos solaris -goarch amd64 ${extra[@]-} tar build -goos windows -goarch 386 zip
build -goos windows -goarch amd64 zip
build -goos windows -goarch 386 ${extra[@]-} zip
build -goos windows -goarch amd64 ${extra[@]-} zip
;; ;;
test-cov) test-cov)
@ -134,17 +128,10 @@ case "${1:-default}" in
docker-all) docker-all)
img=${DOCKERIMG:-syncthing/build:latest} img=${DOCKERIMG:-syncthing/build:latest}
if [ -f /etc/syncthing/syncthing.priv ] ; then
# Default signing key location. If present, pass into Docker so we
# can sign the release from in there.
extra=(-v /etc/syncthing/syncthing.priv:/etc/syncthing/syncthing.priv)
fi
docker run --rm -h syncthing-builder -u $(id -u) -t \ docker run --rm -h syncthing-builder -u $(id -u) -t \
-v $(pwd):/go/src/github.com/syncthing/syncthing \ -v $(pwd):/go/src/github.com/syncthing/syncthing \
-w /go/src/github.com/syncthing/syncthing \ -w /go/src/github.com/syncthing/syncthing \
-e "STTRACE=$STTRACE" \ -e "STTRACE=$STTRACE" \
${extra[@]-} \
"$img" \ "$img" \
sh -c './build.sh clean \ sh -c './build.sh clean \
&& ./build.sh test-cov \ && ./build.sh test-cov \