From 00b401c64856af98a7baab4ded8fbcf848f4a75e Mon Sep 17 00:00:00 2001 From: Ava Chow Date: Mon, 11 Nov 2024 18:38:51 -0500 Subject: [PATCH] guix: Rename unsigned.tar.gz to codesigning.tar.gz The tarballs used for codesigning are more than merely unsigned, they also contain scripts and other data for codesigning. Rename them to codesigning.tar.gz to distinguish from tarballs containing actually just the unsigned binaries. Github-Pull: #31407 Rebased-From: c214e5268fa9322a83cbba6d47d33f830efdd89e --- contrib/guix/guix-codesign | 24 ++++++++++++------------ contrib/guix/libexec/build.sh | 8 ++++---- contrib/guix/libexec/codesign.sh | 6 +++--- doc/release-process.md | 4 ++-- 4 files changed, 21 insertions(+), 21 deletions(-) diff --git a/contrib/guix/guix-codesign b/contrib/guix/guix-codesign index 4694209e00d..dedee135b4a 100755 --- a/contrib/guix/guix-codesign +++ b/contrib/guix/guix-codesign @@ -137,7 +137,7 @@ fi ################ -# Unsigned tarballs SHOULD exist +# Codesigning tarballs SHOULD exist ################ # Usage: outdir_for_host HOST SUFFIX @@ -149,13 +149,13 @@ outdir_for_host() { } -unsigned_tarball_for_host() { +codesigning_tarball_for_host() { case "$1" in *mingw*) - echo "$(outdir_for_host "$1")/${DISTNAME}-win64-unsigned.tar.gz" + echo "$(outdir_for_host "$1")/${DISTNAME}-win64-codesigning.tar.gz" ;; *darwin*) - echo "$(outdir_for_host "$1")/${DISTNAME}-${1}-unsigned.tar.gz" + echo "$(outdir_for_host "$1")/${DISTNAME}-${1}-codesigning.tar.gz" ;; *) exit 1 @@ -164,22 +164,22 @@ unsigned_tarball_for_host() { } # Accumulate a list of build directories that already exist... -hosts_unsigned_tarball_missing="" +hosts_codesigning_tarball_missing="" for host in $HOSTS; do - if [ ! -e "$(unsigned_tarball_for_host "$host")" ]; then - hosts_unsigned_tarball_missing+=" ${host}" + if [ ! -e "$(codesigning_tarball_for_host "$host")" ]; then + hosts_codesigning_tarball_missing+=" ${host}" fi done -if [ -n "$hosts_unsigned_tarball_missing" ]; then +if [ -n "$hosts_codesigning_tarball_missing" ]; then # ...so that we can print them out nicely in an error message cat << EOF -ERR: Unsigned tarballs do not exist +ERR: Codesigning tarballs do not exist ... EOF -for host in $hosts_unsigned_tarball_missing; do - echo " ${host} '$(unsigned_tarball_for_host "$host")'" +for host in $hosts_codesigning_tarball_missing; do + echo " ${host} '$(codesigning_tarball_for_host "$host")'" done exit 1 fi @@ -371,7 +371,7 @@ EOF OUTDIR="$(OUTDIR_BASE=/outdir-base && outdir_for_host "$HOST" codesigned)" \ DIST_ARCHIVE_BASE=/outdir-base/dist-archive \ DETACHED_SIGS_REPO=/detached-sigs \ - UNSIGNED_TARBALL="$(OUTDIR_BASE=/outdir-base && unsigned_tarball_for_host "$HOST")" \ + CODESIGNING_TARBALL="$(OUTDIR_BASE=/outdir-base && codesigning_tarball_for_host "$HOST")" \ bash -c "cd /bitcoin && bash contrib/guix/libexec/codesign.sh" ) diff --git a/contrib/guix/libexec/build.sh b/contrib/guix/libexec/build.sh index fa6933b3328..8a2bcd7623c 100755 --- a/contrib/guix/libexec/build.sh +++ b/contrib/guix/libexec/build.sh @@ -301,8 +301,8 @@ mkdir -p "$DISTSRC" find . -print0 \ | sort --zero-terminated \ | tar --create --no-recursion --mode='u+rw,go+r-w,a+X' --null --files-from=- \ - | gzip -9n > "${OUTDIR}/${DISTNAME}-${HOST}-unsigned.tar.gz" \ - || ( rm -f "${OUTDIR}/${DISTNAME}-${HOST}-unsigned.tar.gz" && exit 1 ) + | gzip -9n > "${OUTDIR}/${DISTNAME}-${HOST}-codesigning.tar.gz" \ + || ( rm -f "${OUTDIR}/${DISTNAME}-${HOST}-codesigning.tar.gz" && exit 1 ) ) make deploy ${V:+V=1} OSX_ZIP="${OUTDIR}/${DISTNAME}-${HOST}-unsigned.zip" ;; @@ -388,8 +388,8 @@ mkdir -p "$DISTSRC" find . -print0 \ | sort --zero-terminated \ | tar --create --no-recursion --mode='u+rw,go+r-w,a+X' --null --files-from=- \ - | gzip -9n > "${OUTDIR}/${DISTNAME}-win64-unsigned.tar.gz" \ - || ( rm -f "${OUTDIR}/${DISTNAME}-win64-unsigned.tar.gz" && exit 1 ) + | gzip -9n > "${OUTDIR}/${DISTNAME}-win64-codesigning.tar.gz" \ + || ( rm -f "${OUTDIR}/${DISTNAME}-win64-codesigning.tar.gz" && exit 1 ) ) ;; esac diff --git a/contrib/guix/libexec/codesign.sh b/contrib/guix/libexec/codesign.sh index b56d2a23094..8de60b45720 100755 --- a/contrib/guix/libexec/codesign.sh +++ b/contrib/guix/libexec/codesign.sh @@ -27,7 +27,7 @@ fi # Check that required environment variables are set cat << EOF Required environment variables as seen inside the container: - UNSIGNED_TARBALL: ${UNSIGNED_TARBALL:?not set} + CODESIGNING_TARBALL: ${CODESIGNING_TARBALL:?not set} DETACHED_SIGS_REPO: ${DETACHED_SIGS_REPO:?not set} DIST_ARCHIVE_BASE: ${DIST_ARCHIVE_BASE:?not set} DISTNAME: ${DISTNAME:?not set} @@ -63,7 +63,7 @@ mkdir -p "$DISTSRC" ( cd "$DISTSRC" - tar -xf "$UNSIGNED_TARBALL" + tar -xf "$CODESIGNING_TARBALL" mkdir -p codesignatures tar -C codesignatures -xf "$CODESIGNATURE_GIT_ARCHIVE" @@ -105,7 +105,7 @@ mv --no-target-directory "$OUTDIR" "$ACTUAL_OUTDIR" \ ( cd /outdir-base { - echo "$UNSIGNED_TARBALL" + echo "$CODESIGNING_TARBALL" echo "$CODESIGNATURE_GIT_ARCHIVE" find "$ACTUAL_OUTDIR" -type f } | xargs realpath --relative-base="$PWD" \ diff --git a/doc/release-process.md b/doc/release-process.md index fa2c53eb0c5..d813fa8e207 100644 --- a/doc/release-process.md +++ b/doc/release-process.md @@ -164,7 +164,7 @@ Then open a Pull Request to the [guix.sigs repository](https://github.com/bitcoi In the `guix-build-${VERSION}/output/x86_64-apple-darwin` and `guix-build-${VERSION}/output/arm64-apple-darwin` directories: - tar xf bitcoin-osx-unsigned.tar.gz + tar xf bitcoin-${VERSION}-${ARCH}-apple-darwin-codesigning.tar.gz ./detached-sig-create.sh /path/to/codesign.p12 Enter the keychain password and authorize the signature signature-osx.tar.gz will be created @@ -173,7 +173,7 @@ In the `guix-build-${VERSION}/output/x86_64-apple-darwin` and `guix-build-${VERS In the `guix-build-${VERSION}/output/x86_64-w64-mingw32` directory: - tar xf bitcoin-win-unsigned.tar.gz + tar xf bitcoin-${VERSION}-win64-codesigning.tar.gz ./detached-sig-create.sh -key /path/to/codesign.key Enter the passphrase for the key when prompted signature-win.tar.gz will be created