From c214e5268fa9322a83cbba6d47d33f830efdd89e Mon Sep 17 00:00:00 2001 From: Ava Chow Date: Mon, 11 Nov 2024 18:38:51 -0500 Subject: [PATCH] guix: Rename unsigned.tar.gz to codesigning.tar.gz The tarballs used for codesigning are more than merely unsigned, they also contain scripts and other data for codesigning. Rename them to codesigning.tar.gz to distinguish from tarballs containing actually just the unsigned binaries. --- contrib/guix/guix-codesign | 24 ++++++++++++------------ contrib/guix/libexec/build.sh | 8 ++++---- contrib/guix/libexec/codesign.sh | 6 +++--- doc/release-process.md | 4 ++-- 4 files changed, 21 insertions(+), 21 deletions(-) diff --git a/contrib/guix/guix-codesign b/contrib/guix/guix-codesign index 4694209e00d..dedee135b4a 100755 --- a/contrib/guix/guix-codesign +++ b/contrib/guix/guix-codesign @@ -137,7 +137,7 @@ fi ################ -# Unsigned tarballs SHOULD exist +# Codesigning tarballs SHOULD exist ################ # Usage: outdir_for_host HOST SUFFIX @@ -149,13 +149,13 @@ outdir_for_host() { } -unsigned_tarball_for_host() { +codesigning_tarball_for_host() { case "$1" in *mingw*) - echo "$(outdir_for_host "$1")/${DISTNAME}-win64-unsigned.tar.gz" + echo "$(outdir_for_host "$1")/${DISTNAME}-win64-codesigning.tar.gz" ;; *darwin*) - echo "$(outdir_for_host "$1")/${DISTNAME}-${1}-unsigned.tar.gz" + echo "$(outdir_for_host "$1")/${DISTNAME}-${1}-codesigning.tar.gz" ;; *) exit 1 @@ -164,22 +164,22 @@ unsigned_tarball_for_host() { } # Accumulate a list of build directories that already exist... -hosts_unsigned_tarball_missing="" +hosts_codesigning_tarball_missing="" for host in $HOSTS; do - if [ ! -e "$(unsigned_tarball_for_host "$host")" ]; then - hosts_unsigned_tarball_missing+=" ${host}" + if [ ! -e "$(codesigning_tarball_for_host "$host")" ]; then + hosts_codesigning_tarball_missing+=" ${host}" fi done -if [ -n "$hosts_unsigned_tarball_missing" ]; then +if [ -n "$hosts_codesigning_tarball_missing" ]; then # ...so that we can print them out nicely in an error message cat << EOF -ERR: Unsigned tarballs do not exist +ERR: Codesigning tarballs do not exist ... EOF -for host in $hosts_unsigned_tarball_missing; do - echo " ${host} '$(unsigned_tarball_for_host "$host")'" +for host in $hosts_codesigning_tarball_missing; do + echo " ${host} '$(codesigning_tarball_for_host "$host")'" done exit 1 fi @@ -371,7 +371,7 @@ EOF OUTDIR="$(OUTDIR_BASE=/outdir-base && outdir_for_host "$HOST" codesigned)" \ DIST_ARCHIVE_BASE=/outdir-base/dist-archive \ DETACHED_SIGS_REPO=/detached-sigs \ - UNSIGNED_TARBALL="$(OUTDIR_BASE=/outdir-base && unsigned_tarball_for_host "$HOST")" \ + CODESIGNING_TARBALL="$(OUTDIR_BASE=/outdir-base && codesigning_tarball_for_host "$HOST")" \ bash -c "cd /bitcoin && bash contrib/guix/libexec/codesign.sh" ) diff --git a/contrib/guix/libexec/build.sh b/contrib/guix/libexec/build.sh index 6c252e78702..48abecc1af5 100755 --- a/contrib/guix/libexec/build.sh +++ b/contrib/guix/libexec/build.sh @@ -296,8 +296,8 @@ mkdir -p "$DISTSRC" find . -print0 \ | sort --zero-terminated \ | tar --create --no-recursion --mode='u+rw,go+r-w,a+X' --null --files-from=- \ - | gzip -9n > "${OUTDIR}/${DISTNAME}-${HOST}-unsigned.tar.gz" \ - || ( rm -f "${OUTDIR}/${DISTNAME}-${HOST}-unsigned.tar.gz" && exit 1 ) + | gzip -9n > "${OUTDIR}/${DISTNAME}-${HOST}-codesigning.tar.gz" \ + || ( rm -f "${OUTDIR}/${DISTNAME}-${HOST}-codesigning.tar.gz" && exit 1 ) ) ;; esac @@ -378,8 +378,8 @@ mkdir -p "$DISTSRC" find . -print0 \ | sort --zero-terminated \ | tar --create --no-recursion --mode='u+rw,go+r-w,a+X' --null --files-from=- \ - | gzip -9n > "${OUTDIR}/${DISTNAME}-win64-unsigned.tar.gz" \ - || ( rm -f "${OUTDIR}/${DISTNAME}-win64-unsigned.tar.gz" && exit 1 ) + | gzip -9n > "${OUTDIR}/${DISTNAME}-win64-codesigning.tar.gz" \ + || ( rm -f "${OUTDIR}/${DISTNAME}-win64-codesigning.tar.gz" && exit 1 ) ) ;; esac diff --git a/contrib/guix/libexec/codesign.sh b/contrib/guix/libexec/codesign.sh index b56d2a23094..8de60b45720 100755 --- a/contrib/guix/libexec/codesign.sh +++ b/contrib/guix/libexec/codesign.sh @@ -27,7 +27,7 @@ fi # Check that required environment variables are set cat << EOF Required environment variables as seen inside the container: - UNSIGNED_TARBALL: ${UNSIGNED_TARBALL:?not set} + CODESIGNING_TARBALL: ${CODESIGNING_TARBALL:?not set} DETACHED_SIGS_REPO: ${DETACHED_SIGS_REPO:?not set} DIST_ARCHIVE_BASE: ${DIST_ARCHIVE_BASE:?not set} DISTNAME: ${DISTNAME:?not set} @@ -63,7 +63,7 @@ mkdir -p "$DISTSRC" ( cd "$DISTSRC" - tar -xf "$UNSIGNED_TARBALL" + tar -xf "$CODESIGNING_TARBALL" mkdir -p codesignatures tar -C codesignatures -xf "$CODESIGNATURE_GIT_ARCHIVE" @@ -105,7 +105,7 @@ mv --no-target-directory "$OUTDIR" "$ACTUAL_OUTDIR" \ ( cd /outdir-base { - echo "$UNSIGNED_TARBALL" + echo "$CODESIGNING_TARBALL" echo "$CODESIGNATURE_GIT_ARCHIVE" find "$ACTUAL_OUTDIR" -type f } | xargs realpath --relative-base="$PWD" \ diff --git a/doc/release-process.md b/doc/release-process.md index 197ed8c0a4e..dec740e12b8 100644 --- a/doc/release-process.md +++ b/doc/release-process.md @@ -164,7 +164,7 @@ Then open a Pull Request to the [guix.sigs repository](https://github.com/bitcoi In the `guix-build-${VERSION}/output/x86_64-apple-darwin` and `guix-build-${VERSION}/output/arm64-apple-darwin` directories: - tar xf bitcoin-osx-unsigned.tar.gz + tar xf bitcoin-${VERSION}-${ARCH}-apple-darwin-codesigning.tar.gz ./detached-sig-create.sh /path/to/codesign.p12 Enter the keychain password and authorize the signature signature-osx.tar.gz will be created @@ -173,7 +173,7 @@ In the `guix-build-${VERSION}/output/x86_64-apple-darwin` and `guix-build-${VERS In the `guix-build-${VERSION}/output/x86_64-w64-mingw32` directory: - tar xf bitcoin-win-unsigned.tar.gz + tar xf bitcoin-${VERSION}-win64-codesigning.tar.gz ./detached-sig-create.sh -key /path/to/codesign.key Enter the passphrase for the key when prompted signature-win.tar.gz will be created