dropbear/release.sh

#!/bin/sh

set -e

VERSION=$(echo '#include "sysoptions.h"\necho DROPBEAR_VERSION' | cpp - | sh)
echo Releasing version "$VERSION" ...
if ! head -n1 CHANGES | grep -q $VERSION ; then
	echo "CHANGES needs updating"
	exit 1
fi

if ! head -n1 debian/changelog | grep -q $VERSION ; then
	echo "debian/changelog needs updating"
	exit 1
fi

head -n1 CHANGES

if tar --version | grep -q 'GNU tar'; then
	TAR=tar
else
	TAR=gtar
fi

RELDIR=$PWD/../dropbear-$VERSION
ARCHIVE=${RELDIR}.tar.bz2
if test -e $RELDIR; then
	echo "$RELDIR exists"
	exit 1
fi

if test -e $ARCHIVE; then
	echo "$ARCHIVE exists"
	exit 1
fi

hg archive "$RELDIR"  || exit 2

rm "$RELDIR/.hgtags"
# .hg_archival.txt seems to differ between hg versions, isn't good for reproducibility
rm "$RELDIR/.hg_archival.txt"

RELDATE=$(head -n1 CHANGES | cut -d - -f 2)
# timezone keeps it consistent, choose a plausible release time
RELTIME="22:30:00 +0800"

# from https://reproducible-builds.org/docs/archives/
TAROPTS="--sort=name --owner=0 --group=0 --numeric-owner"
(cd "$RELDIR/.." && $TAR cjf $ARCHIVE $TAROPTS --mtime="$RELDATE $RELTIME" `basename "$RELDIR"`) || exit 2

ls -l $ARCHIVE
openssl sha256 $ARCHIVE
echo Done to
echo "$ARCHIVE"
echo Sign it with
echo gpg2 --detach-sign -a -u F29C6773 "$ARCHIVE"
- Don't use multichar constants since recent gcc complains - Add release script - Simplify print_version 2014-07-27 14:55:29 +00:00			`#!/bin/sh`
Make releases tarballs more deterministic Not fully tested on different systems yet 2021-03-30 14:08:14 +00:00
			`set -e`

- Don't use multichar constants since recent gcc complains - Add release script - Simplify print_version 2014-07-27 14:55:29 +00:00			`VERSION=$(echo '#include "sysoptions.h"\necho DROPBEAR_VERSION' \| cpp - \| sh)`
			`echo Releasing version "$VERSION" ...`
			`if ! head -n1 CHANGES \| grep -q $VERSION ; then`
			`echo "CHANGES needs updating"`
			`exit 1`
			`fi`

			`if ! head -n1 debian/changelog \| grep -q $VERSION ; then`
changelog for 2015.67 2015-01-28 14:54:23 +00:00			`echo "debian/changelog needs updating"`
- Don't use multichar constants since recent gcc complains - Add release script - Simplify print_version 2014-07-27 14:55:29 +00:00			`exit 1`
			`fi`

			`head -n1 CHANGES`

Make releases tarballs more deterministic Not fully tested on different systems yet 2021-03-30 14:08:14 +00:00			`if tar --version \| grep -q 'GNU tar'; then`
			`TAR=tar`
			`else`
			`TAR=gtar`
			`fi`
- Don't use multichar constants since recent gcc complains - Add release script - Simplify print_version 2014-07-27 14:55:29 +00:00
			`RELDIR=$PWD/../dropbear-$VERSION`
			`ARCHIVE=${RELDIR}.tar.bz2`
			`if test -e $RELDIR; then`
			`echo "$RELDIR exists"`
			`exit 1`
			`fi`

			`if test -e $ARCHIVE; then`
			`echo "$ARCHIVE exists"`
			`exit 1`
			`fi`

			`hg archive "$RELDIR" \|\| exit 2`

remove .hgtags from release 2015-08-03 13:05:42 +00:00			`rm "$RELDIR/.hgtags"`
Don't include .hg_archival.txt in tarballs. They're now reproducible. 2021-03-31 15:31:26 +00:00			`# .hg_archival.txt seems to differ between hg versions, isn't good for reproducibility`
			`rm "$RELDIR/.hg_archival.txt"`
remove .hgtags from release 2015-08-03 13:05:42 +00:00
Make releases tarballs more deterministic Not fully tested on different systems yet 2021-03-30 14:08:14 +00:00			`RELDATE=$(head -n1 CHANGES \| cut -d - -f 2)`
Add configure script to version control. Set timezone for release tarball 2021-03-31 15:23:14 +00:00			`# timezone keeps it consistent, choose a plausible release time`
			`RELTIME="22:30:00 +0800"`
Make releases tarballs more deterministic Not fully tested on different systems yet 2021-03-30 14:08:14 +00:00
			`# from https://reproducible-builds.org/docs/archives/`
			`TAROPTS="--sort=name --owner=0 --group=0 --numeric-owner"`
Add configure script to version control. Set timezone for release tarball 2021-03-31 15:23:14 +00:00			(cd "$RELDIR/.." && $TAR cjf $ARCHIVE $TAROPTS --mtime="$RELDATE $RELTIME" `basename "$RELDIR"`) \|\| exit 2
- Don't use multichar constants since recent gcc complains - Add release script - Simplify print_version 2014-07-27 14:55:29 +00:00
			`ls -l $ARCHIVE`
use "openssl sha256" 2019-03-23 13:45:00 +00:00			`openssl sha256 $ARCHIVE`
release.sh reminds how to sign 2015-11-25 15:30:56 +00:00			`echo Done to`
			`echo "$ARCHIVE"`
			`echo Sign it with`
			`echo gpg2 --detach-sign -a -u F29C6773 "$ARCHIVE"`