Commit Graph

55 Commits

Author SHA1 Message Date
sputn1ck
d16fcf12aa
scripts: add sputn1ck pgp key
[skip ci]
2022-10-11 09:00:46 +02:00
Robyn
8ab914dae5
scripts: add ffranr PGP signing key [skip ci] 2022-10-10 19:08:28 +01:00
Andras Banki-Horvath
c09a81624c
keys: update key for bhandras 2022-06-09 09:28:46 +02:00
Olaoluwa Osuntokun
dec389d54f
build: update CI to build against bitcoind 23 2022-05-04 15:24:22 -07:00
Elle Mouton
eca2ac8a57
scripts: add gpg key for ellemouton [skip ci] 2022-04-19 11:38:04 +02:00
Oliver Gugger
bdda2aa059
docs+github+scripts: remove submodule update check
Because we want to avoid local replace directives (as they make it easy
to screw up things for external applications that use lnd as a library
without us noticing), we're going to switch over to a new process.
See section "Use of Golang submodules" in the code contribution
guideline.
2022-03-22 14:17:26 +01:00
Oliver Gugger
a6282ab08e
scripts: remove expiring key for cfromknecht [skip ci]
The user cfromknecht isn't an active contributor anymore and the key
will expire in less than two weeks.
2022-02-21 10:26:48 +01:00
Oliver Gugger
d46e9d2d29
scripts: remove expired key for halseth
Fixes #6272.
The user halseth isn't an active contributor anymore and the key
expired.
2022-02-21 10:21:54 +01:00
Oliver Gugger
55edd1b260
scripts+GitHub: check submodule version bump 2021-11-22 14:40:28 +01:00
Olaoluwa Osuntokun
56d00f40ef
script: update CI to bitcoind 22 2021-11-03 16:43:27 -07:00
Oliver Gugger
d7d1574095
scripts: verify version in manifest
To make a downgrade attack harder, we also check that the version string
is contained in the manifest, on the same line as the hash.
2021-09-27 15:49:12 +02:00
Oliver Gugger
5bafff2cf2
scripts: allow packaged release archive to be verified
Instead of only allowing to verify installed/unpacked binaries, we also
allow a single binary or packaged release archive to be verified.
2021-09-27 15:49:11 +02:00
Oliver Gugger
6d0368a189
scripts: pin signatures to keys
With this commit we add a new restriction that checks that the
username in the signature file (manifest-<username>-<version>.sig) actually
does have a signing key and that the signature was created with that key.
The signature is only counted towards the minimum of 5 signatures if
that check is successful.
The changes in this commit were inspired by @kixunil in #5048.
2021-09-27 15:49:11 +02:00
Oliver Gugger
0984638a74
scripts: make sure signature files have unique names
To fix a simple attack where the same file would be uploaded multiple
times under the same name, we make sure we only count unique file names.
2021-09-27 15:49:10 +02:00
positiveblue
c8987ec2c5
scripts: add positiveblue key to verify script 2021-09-27 15:49:10 +02:00
Oliver Gugger
f6c66ca980
scripts: add signing keys to repo
Instead of importing the keys from Keybase, we add all the signing keys
to the repository. In addition to having the key file present each key's
ID must also be added to the verification script. This acts as a double
check that the correct key is added and makes a key change more
explicit.
2021-09-27 15:49:08 +02:00
Conner Fromknecht
fc4a16b672
scripts/verify-install.sh: pass expected version as argument
This removes a vulnerability brought up by @Kixunil where both the lnd
and lncli binaries are executed to obtain their version before they have
been verified against the release. A malicious binary could have already
compromised the user's system before any of the checks had been
performed.

This commit it split out from the doc changes so that it can easily be
cherry-picked to master/0.13.0.
2021-09-27 15:48:19 +02:00
Oliver Gugger
4c8bf9c28d
scripts: extract functions
As a preparation to make the script easier to understand, we extract
some of the sub tasks into functions.
2021-09-27 15:48:19 +02:00
Harsha Goli
5d1bcaeb61
scripts: add arshbot key to verify script 2021-09-26 21:57:04 -04:00
Oliver Gugger
36a316e29a
make+scripts: fix rpc-check command 2021-07-27 12:59:54 +02:00
Olaoluwa Osuntokun
fee92941f1
scripts: account for master branch merges in release notes script
Without this commit, the build may break if a PR commit is created, as
that shows the `PR_NUMBER` field we parse out as "master", reflecting
that its a merge commit into the master branch.
2021-07-20 16:22:37 -07:00
Olaoluwa Osuntokun
6570749f7f
build: add new GH actions to require release note updates
In this commit, we add a simple bash script to parse out the current PR
number from an environment variable in the GH actions context, and use
that to check to see if the PR has been referenced in the release notes
or not. This isn't 100% fool proof, but it should catch most of the
common cases.
2021-07-16 11:00:56 -07:00
Oliver Gugger
591954ff61
scripts: detect whether sha256sum or shasum is available
The shasum command isn't available in Alpine linux while the sha256sum
command isn't available on MacOS. We add a simple switch that tries to
detect which one is available.
2021-02-17 18:11:42 +01:00
Conner Fromknecht
95eadfee2f
scripts/verify-install.sh: combine final SUCCESS logs 2021-02-15 10:00:42 -08:00
Conner Fromknecht
c03f95a63b
scripts/verify-install: bump min required signatures to 5 2021-02-15 09:59:59 -08:00
Oliver Gugger
85c42b0b79
scripts: add more verbose error messages to verification
We want to be more precise in what exactly went wrong and what the cause
could be.
2021-02-15 10:47:46 +01:00
Oliver Gugger
99ba272822
docs+scripts: switch to detached signatures
Due to a misunderstanding of how the gpg command line options work, we
didn't actually create detached signatures because the --clear-sign
flag would overwrite that. We update our verification script to now only
download the detached signatures and verify them against the main
manifest file.
We also update the signing instructions.
2021-02-15 10:33:20 +01:00
Oliver Gugger
132d23c964
scripts: verify hash length
To make sure we've actually calculated the hash correctly, we make sure
it's 64 characters long.
2021-02-15 10:26:17 +01:00
Oliver Gugger
644424296b
scripts: use shasum instead of sha256sum
Because the sha256sum binary isn't available on MacOS we instead use the
shasum -a 256 command that was used before.
2021-02-15 10:26:15 +01:00
Oliver Gugger
aca93199cf
scripts: allow verification of custom binary
Instead of only allowing the installed versions of lnd and lncli to be
verified, we now also support specifying explicit paths to binaries that
we want to verify.
2021-02-12 13:22:13 +01:00
Johan T. Halseth
315f97ffd5
Merge pull request #4911 from guggero/docker-rpc-compile
lnrpc+mobile: use docker to compile/format protos
2021-02-01 13:42:42 +01:00
Oliver Gugger
688a8045f0
Merge pull request #4963 from guggero/verify-no-key-fix
scripts: don't fail signature verification on missing public key
2021-01-28 14:52:22 +01:00
Oliver Gugger
9c6e208797
multi: remove proto install script 2021-01-28 10:29:01 +01:00
Oliver Gugger
734441d6c0
scripts: don't fail on missing public key
When verifying the release signatures, we don't want to fail if a
signer's signature is not available in the gpg key ring. Instead we just
don't want to count the signature for now and still succeed if there's
at least one other good sig with a known key.
2021-01-27 11:12:04 +01:00
Johan T. Halseth
991e077bf3
scripts: add halseth key to verify script 2021-01-27 10:43:32 +01:00
Oliver Gugger
97a141e7af
docker: add verification script to production image
The verification script makes sure the hashes of the binaries inside of
a docker image match those of an official release.
The script first downloads all signatures, validates them, then compares
the hashes of the installed binaries to those contained in the detached
signature files.
2021-01-14 21:48:32 +01:00
Oliver Gugger
25ac071300
build: add release-install goal, hash individual binaries
We add a new make goal called release-install that creates the same
reproducible binaries as the release script would create, but only for
the current OS/architecture. It then installs those binaries to the
system's GOBIN directory.
To allow easy verification of individual binaries (instead of just the
packag tarballs/zips), we also add the hashes of lnd and lncli binaries
to the manifest. We do the same in the docker build.
2021-01-13 15:36:11 +01:00
Oliver Gugger
2686391c31
scripts: package release artifacts deterministically
A number of tricks need to be applied to the tar and zip commands
respectively to make sure they always produce deterministic archives.
This includes setting the file timestamps to a fixed date and setting
specific ownership attributes (tar) or no attributes at all (zip).
2021-01-08 15:03:20 +01:00
Oliver Gugger
330f3c4dd0
make: use --tags to describe commit 2021-01-08 11:27:46 +01:00
Conner Fromknecht
dce4d2abcd
build: check compilation of each commit
Inspired by Rust Lightning's GH action :)
2020-12-08 16:19:26 -08:00
Oliver Gugger
b42c5e5fad
make+scripts: use pre-compiled btcd in itest
To make sure we build the exact version of btcd that is referenced in
the project's go.mod file and to not overwrite any binary the user might
already have installed on the system, we compile btcd into an explicit
file in the itest directory.
This should also speed up invocations of "make itest-only" because the
test harness doesn't always compile btcd on its own.

We also fix a bug with the version parsing where adding a "replace"
directive in the go.mod would result in the awk commands to extract the
wrong version. Because we no longer use the DEPGET goal to build and
install btcd, using a replace directive now actually works for itests.
2020-12-03 23:23:49 +01:00
Oliver Gugger
8fea653c61
release: skip version check in automated builds 2020-11-19 12:35:58 +01:00
Oliver Gugger
d4068e9892
travis+make: execute test groups in parallel 2020-11-04 11:03:33 +01:00
Oliver Gugger
5189cb799a
make: add fuzz-build and fuzz commands 2020-10-09 09:53:55 +02:00
Oliver Gugger
785e797ef8
scripts: install bitcoind binary from docker image
Because the bitcoind mirror is extremely slow, we spend at least 2 to 3
minutes of each bitcoind related test on just downloading the binary. We
can achieve the same result by just pulling the docker image and
extracting the binary from that.
2020-10-08 21:29:51 +02:00
Wilmer Paulino
6e8021f858
scripts: bump bitcoind version to 0.20 2020-06-12 10:46:20 -07:00
Oliver Gugger
3ef41dd198
lnrpc: update grpc-gateway to v1.14.3 2020-06-04 08:43:49 +02:00
Oliver Gugger
caf4cb16c4
build+make: move release script
Because this script is now run from the main Makefile, it is more
suitable to be located in the main scripts folder where the other
build related scripts reside.
2020-04-24 14:29:06 +02:00
Wilmer Paulino
4b8d0d913a
build: bump travis bitcoind version to v0.19.1 2020-03-13 11:03:00 -07:00
Conner Fromknecht
7a1013fb9e
make+travis: verify compiled protos on travis 2020-03-10 13:03:01 +01:00