release-sign-tarballs revision 72ba327677b00dc4013e4ca19dd5ac4b87da63ce
#!/bin/bash
SIGNER="bryce@bryceharrington.org"
VERSION="0.92"
PKG_NAME="inkscape"
LIST_TO="inkscape-announce@lists.sf.net"
LIST_CC="inkscape-devel@lists.sf.net"
# Locate Dependencies
#------------------------------------------------------------------------------
MD5SUM=`which md5sum || which gmd5sum`
SHA1SUM=`which sha1sum || which gsha1sum`
SHA256SUM=`which sha256sum || which gsha256sum`
# Choose which make program to use (could be gmake)
MAKE=${MAKE:="make"}
# Set the default make tarball creation command
MAKE_DIST_CMD=distcheck
# Choose which grep program to use (on Solaris, must be gnu grep)
if [ "x$GREP" = "x" ] ; then
if [ -x /usr/gnu/bin/grep ] ; then
GREP=/usr/gnu/bin/grep
else
GREP=grep
fi
fi
# Find path for GnuPG v2
if [ "x$GPG" = "x" ] ; then
if [ -x /usr/bin/gpg2 ] ; then
GPG=/usr/bin/gpg2
else
GPG=gpg
fi
fi
# Function: sign_or_fail
#------------------------------------------------------------------------------
#
# Sign the given file, if any
# Output the name of the signature generated to stdout (all other output to
# stderr)
# Return 0 on success, 1 on fail
#
sign_or_fail() {
if [ -n "$1" ]; then
sig=$1.sig
rm -f $sig
[ -n ${SIGNER} ] && signer="-u $SIGNER"
echo "$GPG $signer --detach-sign $1" 1>&2
$GPG $signer --detach-sign $1 1>&2
if [ $? -ne 0 ]; then
echo "Error: failed to sign $1." >&2
return 1
fi
echo $sig
fi
return 0
}
sign_packages() {
targz="${PKG_NAME}-${VERSION}.tar.gz"
tarbz2="${PKG_NAME}-${VERSION}.tar.bz2"
tarxz="${PKG_NAME}-${VERSION}.tar.xz"
zip="${PKG_NAME}-${VERSION}.zip"
signatures=""
for tarball in $targz $tarxz $tarbz2 $zip; do
if [ -e "${tarball}" ]; then
sig="$(sign_or_fail ${tarball})"
gpgsignerr=$((${gpgsignerr} + $?))
sig_url="http://inkscape.org/.../$sig"
signatures="$signatures
https://inkscape.org/en/download/source/
MD5: `$MD5SUM $tarball`
SHA1: `$SHA1SUM $tarball`
SHA256: `$SHA256SUM $tarball`
$sig_url
"
fi
done
if [ ${gpgsignerr} -ne 0 ]; then
echo "Error: unable to sign at least one of the tarballs."
return 1
elif [ -z "$siggz" ]; then
# The tar.gz is always required
echo "Error: Unable to sign the tar.gz file."
return 2
fi
return 0;
}
generate_announce() {
# TODO: Once converted to git, enable display of shortlog
#tag_previous=`git describe --abbrev=0 HEAD^ 2>/dev/null`
#tag_range="FIXME..FIXME"
#`git log --no-merges "$tag_range" | git shortlog`
tag_name="$tar_name"
cat <<RELEASE
Subject: [ANNOUNCE] $PKG_NAME $VERSION
To: $LIST_TO
Cc: $LIST_CC
The Inkscape community proudly announces the release of Inkscape $VERSION.
https://inkscape.org/en/download/
Inkscape is a drawing and painting tool similar to Illustrator,
CorelDraw, and Xara X, but with features, new tools, and interface style
of its own. It emphasizes the W3C standard Scalable Vector Graphics
(SVG) file format, but reads and writes a wealth of other formats
including PDF, so it is an easy complement to your other graphics and
desktop tools. Best of all, Inkscape is created *by* the community *for*
the community: Inkscape is 100% Open Source and freely available to
everyone in the world.
<INSERT DETAILS ABOUT THE RELEASE HERE>
The above barely scratches the surface of what's included in this
release. For the full scoop, please see our detailed Release Notes:
http://wiki.inkscape.org/wiki/index.php/Release_notes/$VERSION
git tag: $tag_name
$signatures
RELEASE
}
process() {
sign_packages
generate_announce > "$tar_name.announce"
echo "Info: [ANNOUNCE] template generated in \"$tar_name.announce\" file."
echo " Please pgp sign and send it."
return 0
}
process