mirror of
https://github.com/firehol/firehol.git
synced 2024-06-28 09:52:19 +00:00
Add tag signature checking and deployment to github releases
This commit is contained in:
parent
a5fba51ae1
commit
682e831191
24
.travis.yml
24
.travis.yml
@ -19,6 +19,7 @@ language: c
|
||||
addons:
|
||||
apt:
|
||||
packages:
|
||||
- gnupg
|
||||
- pandoc
|
||||
- texlive-base
|
||||
- texlive-latex-base
|
||||
@ -36,8 +37,25 @@ before_install:
|
||||
- export PATH=$PATH:/tmp/fake-tools
|
||||
#
|
||||
# Run
|
||||
script:
|
||||
# Run the commit hooks before building
|
||||
before_script:
|
||||
- gpg --import packaging/gpg.keys
|
||||
# Run the commit hooks in case the developer didn't
|
||||
- git diff 4b825dc642cb6eb9a060e54bf8d69288fbee4904 | ./packaging/check-files -
|
||||
# Build the packaged tar file, then the final files and run any tests we can
|
||||
script:
|
||||
- fakeroot ./packaging/git-build && ./configure && make check
|
||||
#
|
||||
# Deploy as required
|
||||
after_success:
|
||||
- for i in *.tar.*; do md5sum -b $i > $i.md5; sha512sum -b $i > $i.sha; done
|
||||
- echo "TODO: send results to firehol.org"
|
||||
deploy:
|
||||
# Upload results to GitHub (tag only)
|
||||
- provider: releases
|
||||
api_key:
|
||||
secure: ZzcEY83+1eL7OLXIGvmvB3LiDGjYXv2DVPxi4iFOuP8O+7wg9amQZShhwkH+3Sjc1bhzW4vpEtKXErSDmaSHMz9/fU7U/ztfGny1ulwmpPLwkDNUUsLJEuHI23gkKqGb7Dt0gfR0emqLt6Qitqvar680le/q1ruj/jk+1sJ1B6Jo3jfoW04F5dXdtDaZApXrHoA7gvvHccMrkk74b0guA4zjipaITjcvUsHuOW2UX6WI9I6+7B2ab3/Bg7WwgPcUHdspkAFPx3dCIOWRrRHQqtX3kHzOQvLIMcjbVSlCpKsOC8R+vO/kOmauBk8VCPZ78WKk/reIwYGfmqdU9yrhm0B8DviutP/V5nUoxAr26Y9ZCI1Jr3kbRPoKOjFCrzyC2xln5VP54NpJi40xtWvaMODsYvswHq3XeFbrFUlULuTFjbSgZKjh+K8mzJRrNvj/bzH9dwVAOEe0pU4G07Fy3LtcUkOh27euwisPvOffoqZgzMzixR3t5PwaB3PEn9H2lSt2cZhRJ9k4VXaCLV6DyzUvDXBI8+ST18zscN8e+AbQZ+573Vs2gOLMxQUqgimJxh6QzYun3+4lGaG13fKtIs/416dX6085GfEeRh7KngZOdsSAvn3NHdHn8ot4U6rdKBhWB3Cghk2Alz4WerCyWCYfUYp+zSyec7oJuoYlWE4=
|
||||
skip_cleanup: true
|
||||
file_glob: true
|
||||
file: "firehol*.tar.*"
|
||||
on:
|
||||
repo: firehol/firehol
|
||||
tags: true
|
||||
|
@ -18,6 +18,9 @@ and post-release update.
|
||||
Programs and packages with specific needs should create extra
|
||||
`whatever.functions` and supporting scripts in a subdirectory.
|
||||
|
||||
The `gpg.keys` file is a list of keys that can be expected to sign
|
||||
tags and packages.
|
||||
|
||||
Making a release
|
||||
----------------
|
||||
`
|
||||
|
@ -13,6 +13,20 @@ fi
|
||||
# just make the assumption
|
||||
if [ -d .git ]
|
||||
then
|
||||
if [ -n "$TRAVIS_TAG" ]
|
||||
then
|
||||
echo "Checking we have a good signature during CI build..."
|
||||
echo "Checking tag: $TRAVIS_TAG"
|
||||
git tag -v "$TRAVIS_TAG" 2>&1 | tee /tmp/tagcheck
|
||||
grep -iq "gpg. good signature" /tmp/tagcheck
|
||||
status=$?
|
||||
rm -f /tmp/tagcheck
|
||||
if [ $status -ne 0 ]
|
||||
then
|
||||
exit $status
|
||||
fi
|
||||
fi
|
||||
|
||||
clean=$(git status -s | grep "^?")
|
||||
|
||||
if [ "$clean" ]
|
||||
|
65
packaging/gpg.keys
Normal file
65
packaging/gpg.keys
Normal file
@ -0,0 +1,65 @@
|
||||
-----BEGIN PGP PUBLIC KEY BLOCK-----
|
||||
|
||||
mQENBE/SZE8BCAC2tGkIFG2jYmtO7X/SFzqAlgWd4iW3ZSpjAki5Z9PGMIkaOFgL
|
||||
fnNrQV/il4mMUzmvetgV9ShA288JT6KLT4lnL/lHCgxY9dJgzXfOrHxxlXQNU7i4
|
||||
XWRO+96aNysFjVJPsjRv+51836OV+w+TvE495zG7YNUUcWVAqsc49WPyt1Bm4Bsw
|
||||
X8fG7NggsV7wA+bMV/CzRAbiXSkJYKVn+GQk1wRYwR6YlpsZ22EKR2rEUxCc4CwN
|
||||
75mo9nY3cUKJfFvR7xg1rG6tLwLgv4/SSXbtHPfdKce6dmNWJjwTv8iAZxJUGM1D
|
||||
lhAWCl/ZnGIRBf7KDsxk6NCODenDEZvOoxKTABEBAAG0IVBoaWwgV2hpbmVyYXkg
|
||||
PHBoaWxAc2FuZXdhbGwub3JnPokBOAQTAQIAIgUCT9JkTwIbAwYLCQgHAwIGFQgC
|
||||
CQoLBBYCAwECHgECF4AACgkQY98eRNgpeX4//QgAtCvArmgn/Mt6IJmx8mowPpJz
|
||||
Rv6ErwYgBkVRxd87yFHZDV2DX+BjhuD5k8e3/z+1GqwrUCR/+svLsb5e6s9ISSES
|
||||
A68xlBNLG8sfZHm4CMEN63lqZsoiMposNUTOa2NY53qYNy8oDmNkjrfIkeKdTeUB
|
||||
w8atfFGWe8PZMhaxFox/acQfleyTKPIjfzHGoFvgs7nmYdfFHiFBh5hc+mEI+S+z
|
||||
Ao9CVoT3MzyANhJJLINGcQVdexRfvv4210euHQIH2NClRv3qo5cZmeo9DyLdGU9T
|
||||
wkAosRNflxciap5hyQvK/Z9pRAPzOR5SnpJj+Daa+Xslq5j61uUdEeMsI2dTv7Qg
|
||||
UGhpbCBXaGluZXJheSA8cGhpbEBmaXJlaG9sLm9yZz6JATgEEwECACIFAlZIrFYC
|
||||
GwMGCwkIBwMCBhUIAgkKCwQWAgMBAh4BAheAAAoJEGPfHkTYKXl+Hh4H/RkLQui0
|
||||
mKwLAq4+aLEJu3yCgFdpQPYFZFYw7fGKcrw92g8pnoY5V43yNaJMiJFkYrHv/UqN
|
||||
k0A2v/JIOKBXfe1YWakSIirrNMBMFwBUup4X7losPcAxF8K3Vtuo8PR/c2QF8UZB
|
||||
xkB3oPr/4DCBUKKYnk1g+yozfnqut7UNFKPZLWcNCcfy+ueLTmfzGg2CDGvsuY7m
|
||||
uXARkY7/h3YptJrRXkmBM8A1g3+Pia90RaJASR9W1LRiPVVb8M0pqVPeeccw1FNq
|
||||
yxrZzJl967T5gIWzRZ8ASvhJc/RMxeA6BCfqGp6ehGUgGVb2dlOHQkU9fu6l+4NG
|
||||
9sNAzAEkFe2Gdfq5AQ0ET9JkTwEIAOfdWdtPzHRgRLw0uEegoocn47exFoacgEGP
|
||||
xi5OFSnDY1IxckvpNap1bshvPQGPtA/p/K33NvX8hZzhk6YGgPzHh0b04GRFQFRC
|
||||
TspjjDk8poSuX8JiWnL1jzluFpriV8X7j1pos9fdIS0gQMBAHFTeGJooAfopZAoy
|
||||
8GycXUNBOiuLG4Eihbqq3E1BnDVdr5HIJKrMV2RisyukL5GYNbSp0l1DIAurYEbN
|
||||
AoUMK/9qe/6iSiX0VMgpXJpVZyFJhI6Z+/7Na0WPN4jjLgva+6g/eo8HPzKZOTak
|
||||
lhInBr9+5rl9uA8P1LqYwg0oshK/2LYF+STqfrzcRGldXajd6G0AEQEAAYkBHwQY
|
||||
AQIACQUCT9JkTwIbDAAKCRBj3x5E2Cl5frptB/4z7KzQV9X0vR6NdRVHWFnaAuFW
|
||||
gzIefG+XZR9xS4Wgc9pEMRs5ZR1bRbHWd2yNiBckajHOOSYdRD2ECMlCYrBhmH0M
|
||||
ep3vS9ly2rJRlgeFeNUdXtu0+XVdZGFsULlW2Kcb2Pv/UvOnmEppL1caAfEAMMjw
|
||||
Nc2QIKPYEyMLVQ/x7x61/RRqIuwSZL4xVAjrMic9m/gpsnwB+pxwmT2h3+BDF/gY
|
||||
jOz4YFWYV1HDYu1EFRmtpsnpuSC7xiMN92RNkBsdXLeXSkNqxLbqEISx37NFxcCy
|
||||
5pz0AytWpZNyYql2RWfiWWQa8TDjPeufxxd0+87OpJ6eHrRtpTRMsbdnC21s
|
||||
=fY8a
|
||||
-----END PGP PUBLIC KEY BLOCK-----
|
||||
-----BEGIN PGP PUBLIC KEY BLOCK-----
|
||||
|
||||
mQENBFbxoXsBCADm7C+gJkjU10vpMkmB9LP2HuJrzzvCuOLeaFKB0wM0y3seNvKJ
|
||||
VSeNg76Db4gCZ0Fw8eBk3V49cnjPqtHqB6fBlx3zyu9jcN6RQLO+sLZy7xrqwZkx
|
||||
Lox+D/iBU97wXDudVE3Li4J04goBH8NsQ/bf41H6ZEhLWO3xM4mrwb1BNhyC7+Hm
|
||||
O0wkCNHe2P+Vf7Vss3FZ6ZPAynLOvFHHE2W0mAV0fA79Pe/nbA7kP6CueyxKLsFR
|
||||
xGavRir+19WSFq19xzMg1S4pDGOqm4PBnJvwlwjFz/4yIn0uSoaFtuJIfDvYTgFh
|
||||
XZJFR8sV/0AbZLybKsCv9pEgYlm1oeiQSk77ABEBAAG0IkNvc3RhIFRzYW91c2lz
|
||||
IDxjb3N0YUB0c2FvdXNpcy5ncj6JATkEEwEIACMFAlbxoXsCGwMHCwkIBwMCAQYV
|
||||
CAIJCgsEFgIDAQIeAQIXgAAKCRApyjNYibmoY1RPB/9o8azh6siD7VsHWjaMStBU
|
||||
alSa9nyGIinZzmb2u94VzdPUF0ZW08HI++I37HoAIQmXEa1oUtNK4D6pUYhrJpL6
|
||||
NnOVVhfFbJH1Siwl1v0dqpNqKmcJ0oUvHEHsKfGWBGqqQCFE4bnDmyayedunzoUV
|
||||
aXnUt+3dTD8hwOcicKQ1CID2rT8QvEoSv4jIGqks8t+Dnvp0Gx8bKvxF2CYfEQlr
|
||||
LxZbXrjloXQR4IaAjv/Wxpghl0RXslXIx6yRiHYu4QavBDYvL9iZ2168eIUiRiUD
|
||||
xkT38N6Itj/YfhBjW+ZXHF73UeGwFlYjagJM7YG3dKrB31OsUdch9leBcw2satmA
|
||||
uQENBFbxoXsBCADC+y/ZuxxKn742DYoXX6BvedjNwdrs5swEWrg4JnzdXRAW8g5D
|
||||
6YkPlfQ56ov7yXuOAjTgU4vMA0OjI0JN1DrR9ZmsyvmOtQq9+mZMZLFeFSPYXDRa
|
||||
0EuBFs6m2V0kq5sfFqcsItC6RSQu0mTu+1HmOmrat2o4XZXhT5Jr/QXQ6ShHkWmm
|
||||
823y4XBOxHzDRD6NfZKJbiWfLkmS5Ojza2pOp6otxlLmsknQrEe8V2mHNjiJntMv
|
||||
cSv9tJO6EnN613eo/IDejz9mrGJURbu/hTWHX00ONYmwfOmCtF4nPMyh85B3NSTF
|
||||
JhORjziEGt4lnOPV6G0vK1hlD2kwmZ48tLy3ABEBAAGJAR8EGAEIAAkFAlbxoXsC
|
||||
GwwACgkQKcozWIm5qGPD7Af+Pg398YBVnYW/ze5pGDd/IEPhmUp/mSRu2nU9pZXa
|
||||
k30eItf3Cd5JfYIKBFgeOlEx8hb0bXU2OReb1bUpT9aAW7h7YW2F9tjm1gBPdtD4
|
||||
iO9jBiNbI6wvUwPsW95f7BMKlh9tO71MmFpghKD5Dougl9X8LmXUa35PDrJxcXAi
|
||||
BaLXcrdqjxB/6r+0RFHYzr/JgMCgenu7DQMHUi0P7P+uMbhZwMuVvAtUIgbb8Vw3
|
||||
WQ6cJBbrwiAWwVjF1JauFdB8Oy/fm7k1TTein9nWXF1tZ/OTdUDriqktHbkSVjvN
|
||||
SKW3nD2RpZ4F5Pa3uNcK9lcbBfM126HCzybjZHZntcyvSA==
|
||||
=7nny
|
||||
-----END PGP PUBLIC KEY BLOCK-----
|
Loading…
Reference in New Issue
Block a user