Skip to content

Commit

Permalink
Merge pull request #351 from matrix-org/rav/sign_source_tarball
Browse files Browse the repository at this point in the history 
Make a sig for source tarballs when releasing
  • Loading branch information
@dbkr
dbkr authored Feb 6, 2017
2 parents 07f1453 + 3d9173a commit 4388cc2
Showing 1 changed file with 7 additions and 0 deletions.
7 changes: 7 additions & 0 deletions release.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -186,6 +186,13 @@ if [ -n "$signing_id" ]; then
# make a signed tag
# gnupg seems to fail to get the right tty device unless we set it here
GIT_COMMITTER_EMAIL="$signing_id" GPG_TTY=`tty` git tag -u "$signing_id" -F "${latest_changes}" "$tag"

# also make a signature for the source tarball.
project_name=`jq -r '.name' package.json`
source_sigfile="${tag}-src.tar.gz.asc"
git archive --format tgz --prefix="${project_name}-${release}/" "$tag" |
gpg -u "$signing_id" --armor --output "$source_sigfile" --detach-sig -
assets="$assets -a $source_sigfile"
else
git tag -a -F "${latest_changes}" "$tag"
fi
Expand Down

0 comments on commit 4388cc2

Please sign in to comment.