Patrice Ferlet
e9ad85a0ac
- split Makefile in several sub files - use a separated container for tests -
34 lines
959 B
Makefile
34 lines
959 B
Makefile
## GPG signing
|
|
|
|
gpg-sign:
|
|
rm -f dist/*.asc
|
|
$(MAKE) $(ASC_BINARIES)
|
|
|
|
check-sign:
|
|
@echo "=> Checking signatures..."
|
|
@for f in $(ASC_BINARIES); do \
|
|
if gpg --verify $$f &>/dev/null; then \
|
|
echo "Signature for $$f is valid"; \
|
|
else \
|
|
echo "Signature for $$f is invalid"; \
|
|
exit 1; \
|
|
fi; \
|
|
done
|
|
@echo "=> checking in blank environment..."
|
|
keyid=$(shell gpg -k --with-colons $(SIGNER)| grep '^pub' | cut -d: -f5);
|
|
$(CTN) run --rm -it -e GPGKEY=$${keyid} -v ./dist:/opt/dist:z \
|
|
packaging:fedora \
|
|
bash -c '
|
|
gpg --recv-key $$GPGKEY || exit 1;
|
|
echo "Trusting $(SIGNER) key...";
|
|
echo "trusted-key 483493B2DD0845DA8F21A26DF3702E3FAD8F76DC" >> ~/.gnupg/gpg.conf;
|
|
gpg --update-trustdb;
|
|
rm -f ~/.gnupg/gpg.conf;
|
|
for f in /opt/dist/*.asc; do echo "==> $${f}"; gpg --verify $${f}; done;
|
|
echo "=> Listing imported keys...";
|
|
gpg -k
|
|
'
|
|
|
|
dist/%.asc: dist/%
|
|
gpg --armor --detach-sign --default-key $(SIGNER) $< &>/dev/null || exit 1
|