[PATCH util/modular] Add gpg signing to release.sh

Stephen Kitt skitt at debian.org
Thu Jun 5 07:22:41 PDT 2014


Hi Peter,

On Thu, 5 Jun 2014 10:05:15 +1000, Peter Hutterer
<peter.hutterer at who-t.net> wrote:
> On Sun, Jun 01, 2014 at 03:13:13PM +0200, Stephen Kitt wrote:
> > +    [ -n "$targz" ] && rm -f ${targz}.sig && $GPG -b $targz &&
> > siggz=${targz}.sig || true
> > +    [ -n "$tarbz2" ] && rm -f ${tarbz2}.sig && $GPG -b $tarbz2 &&
> > sigbz2=${tarbz2}.sig || true
> > +    [ -n "$tarxz" ] && rm -f ${tarxz}.sig && $GPG -b $tarxz &&
> > sigxz=${tarxz}.sig || true
> 
> shouldn't we fail here if creating the detached sig fails?

My initial intent was to make gpg signing a "best effort" thing, so if the
tarballs can be gpg-signed so much the better, but if they can't the release
can proceed anyway. But you're right, this patch turns gpg into a hard
requirement because of the signed git tag ("git tag -s" fails if gpg can't
sign the tag), so failing to create the detached sig could justifiably fail
the release.

I'll rework the patch by Saturday...

Regards,

Stephen
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: not available
URL: <http://lists.x.org/archives/xorg-devel/attachments/20140605/017e0e0d/attachment-0001.sig>


More information about the xorg-devel mailing list