forked from Mirrors/flatpak-builder
Add xdg-app build-sign to sign a single commit
parent
51781b50d2
commit
eb3a0df75c
|
@ -23,6 +23,7 @@ xdg_app_SOURCES = \
|
|||
app/xdg-app-builtins-build-finish.c \
|
||||
app/xdg-app-builtins-build-export.c \
|
||||
app/xdg-app-builtins-build-bundle.c \
|
||||
app/xdg-app-builtins-build-sign.c \
|
||||
app/xdg-app-builtins-repo-update.c \
|
||||
app/xdg-app-builtins-document.c \
|
||||
$(xdp_dbus_built_sources) \
|
||||
|
|
|
@ -0,0 +1,117 @@
|
|||
/*
|
||||
* Copyright © 2014 Red Hat, Inc
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or
|
||||
* modify it under the terms of the GNU Lesser General Public
|
||||
* License as published by the Free Software Foundation; either
|
||||
* version 2 of the License, or (at your option) any later version.
|
||||
*
|
||||
* This library is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
||||
* Lesser General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU Lesser General Public
|
||||
* License along with this library. If not, see <http://www.gnu.org/licenses/>.
|
||||
*
|
||||
* Authors:
|
||||
* Alexander Larsson <alexl@redhat.com>
|
||||
*/
|
||||
|
||||
#include "config.h"
|
||||
|
||||
#include <locale.h>
|
||||
#include <stdlib.h>
|
||||
#include <unistd.h>
|
||||
#include <string.h>
|
||||
|
||||
#include "libgsystem.h"
|
||||
#include "libglnx/libglnx.h"
|
||||
|
||||
#include "xdg-app-builtins.h"
|
||||
#include "xdg-app-utils.h"
|
||||
|
||||
static char *opt_arch;
|
||||
static gboolean opt_runtime;
|
||||
static char **opt_gpg_key_ids;
|
||||
static char *opt_gpg_homedir;
|
||||
|
||||
static GOptionEntry options[] = {
|
||||
{ "arch", 0, 0, G_OPTION_ARG_STRING, &opt_arch, "Arch to install for", "ARCH" },
|
||||
{ "runtime", 0, 0, G_OPTION_ARG_NONE, &opt_runtime, "Look for runtime with the specified name", },
|
||||
{ "gpg-sign", 0, 0, G_OPTION_ARG_STRING_ARRAY, &opt_gpg_key_ids, "GPG Key ID to sign the commit with", "KEY-ID"},
|
||||
{ "gpg-homedir", 0, 0, G_OPTION_ARG_STRING, &opt_gpg_homedir, "GPG Homedir to use when looking for keyrings", "HOMEDIR"},
|
||||
{ NULL }
|
||||
};
|
||||
|
||||
|
||||
gboolean
|
||||
xdg_app_builtin_build_sign (int argc, char **argv, GCancellable *cancellable, GError **error)
|
||||
{
|
||||
g_autoptr(GOptionContext) context = NULL;
|
||||
g_autoptr(GFile) repofile = NULL;
|
||||
g_autoptr(OstreeRepo) repo = NULL;
|
||||
const char *location;
|
||||
const char *branch;
|
||||
const char *id;
|
||||
g_autofree char *commit_checksum = NULL;
|
||||
g_autofree char *ref = NULL;
|
||||
char **iter;
|
||||
|
||||
context = g_option_context_new ("LOCATION ID [BRANCH] - Create a repository from a build directory");
|
||||
|
||||
if (!xdg_app_option_context_parse (context, options, &argc, &argv, XDG_APP_BUILTIN_FLAG_NO_DIR, NULL, cancellable, error))
|
||||
return FALSE;
|
||||
|
||||
if (argc < 3)
|
||||
{
|
||||
usage_error (context, "LOCATION and DIRECTORY must be specified", error);
|
||||
return FALSE;
|
||||
}
|
||||
|
||||
location = argv[1];
|
||||
id = argv[2];
|
||||
|
||||
if (argc >= 4)
|
||||
branch = argv[3];
|
||||
else
|
||||
branch = "master";
|
||||
|
||||
if (!xdg_app_is_valid_name (id))
|
||||
return xdg_app_fail (error, "'%s' is not a valid name", id);
|
||||
|
||||
if (!xdg_app_is_valid_branch (branch))
|
||||
return xdg_app_fail (error, "'%s' is not a valid branch name", branch);
|
||||
|
||||
if (opt_gpg_key_ids == NULL)
|
||||
return xdg_app_fail (error, "No gpg key ids specified");
|
||||
|
||||
if (opt_runtime)
|
||||
ref = xdg_app_build_runtime_ref (id, branch, opt_arch);
|
||||
else
|
||||
ref = xdg_app_build_app_ref (id, branch, opt_arch);
|
||||
|
||||
repofile = g_file_new_for_commandline_arg (location);
|
||||
repo = ostree_repo_new (repofile);
|
||||
|
||||
if (!ostree_repo_open (repo, cancellable, error))
|
||||
return FALSE;
|
||||
|
||||
if (!ostree_repo_resolve_rev (repo, ref, TRUE, &commit_checksum, error))
|
||||
return FALSE;
|
||||
|
||||
for (iter = opt_gpg_key_ids; iter && *iter; iter++)
|
||||
{
|
||||
const char *keyid = *iter;
|
||||
|
||||
if (!ostree_repo_sign_commit (repo,
|
||||
commit_checksum,
|
||||
keyid,
|
||||
opt_gpg_homedir,
|
||||
cancellable,
|
||||
error))
|
||||
return FALSE;
|
||||
}
|
||||
|
||||
return TRUE;
|
||||
}
|
|
@ -65,6 +65,7 @@ BUILTINPROTO(enter);
|
|||
BUILTINPROTO(build_init);
|
||||
BUILTINPROTO(build);
|
||||
BUILTINPROTO(build_finish);
|
||||
BUILTINPROTO(build_sign);
|
||||
BUILTINPROTO(build_export);
|
||||
BUILTINPROTO(build_bundle);
|
||||
BUILTINPROTO(build_update_repo);
|
||||
|
|
|
@ -70,6 +70,7 @@ static XdgAppCommand commands[] = {
|
|||
{ "build-finish", xdg_app_builtin_build_finish, "Finish a build dir for export" },
|
||||
{ "build-export", xdg_app_builtin_build_export, "Export a build dir to a repository" },
|
||||
{ "build-bundle", xdg_app_builtin_build_bundle, "Create a bundle file from a build directory" },
|
||||
{ "build-sign", xdg_app_builtin_build_sign, "Sign an application or runtime" },
|
||||
{ "build-update-repo", xdg_app_builtin_build_update_repo, "Update the summary file in a repository" },
|
||||
|
||||
/* Deprecated old names */
|
||||
|
|
|
@ -37,6 +37,7 @@ man_MANS = \
|
|||
xdg-app-build-finish.1 \
|
||||
xdg-app-build-export.1 \
|
||||
xdg-app-build-update-repo.1 \
|
||||
xdg-app-build-sign.1 \
|
||||
xdg-app-builder.1 \
|
||||
$(NULL)
|
||||
|
||||
|
|
|
@ -215,6 +215,7 @@ Content Bytes Written: 305
|
|||
<citerefentry><refentrytitle>xdg-app-build-init</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
|
||||
<citerefentry><refentrytitle>xdg-app-build</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
|
||||
<citerefentry><refentrytitle>xdg-app-build-finish</refentrytitle><manvolnum>1</manvolnum></citerefentry>
|
||||
<citerefentry><refentrytitle>xdg-app-build-sign</refentrytitle><manvolnum>1</manvolnum></citerefentry>
|
||||
<citerefentry><refentrytitle>xdg-app-repo-update</refentrytitle><manvolnum>1</manvolnum></citerefentry>
|
||||
</para>
|
||||
|
||||
|
|
|
@ -0,0 +1,154 @@
|
|||
<?xml version='1.0'?> <!--*-nxml-*-->
|
||||
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN"
|
||||
"http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd">
|
||||
|
||||
<refentry id="xdg-app-build-export">
|
||||
|
||||
<refentryinfo>
|
||||
<title>xdg-app build-sign</title>
|
||||
<productname>xdg-app</productname>
|
||||
|
||||
<authorgroup>
|
||||
<author>
|
||||
<contrib>Developer</contrib>
|
||||
<firstname>Alexander</firstname>
|
||||
<surname>Larsson</surname>
|
||||
<email>alexl@redhat.com</email>
|
||||
</author>
|
||||
</authorgroup>
|
||||
</refentryinfo>
|
||||
|
||||
<refmeta>
|
||||
<refentrytitle>xdg-app build-sign</refentrytitle>
|
||||
<manvolnum>1</manvolnum>
|
||||
</refmeta>
|
||||
|
||||
<refnamediv>
|
||||
<refname>xdg-app-build-sign</refname>
|
||||
<refpurpose>Sign an application or runtime</refpurpose>
|
||||
</refnamediv>
|
||||
|
||||
<refsynopsisdiv>
|
||||
<cmdsynopsis>
|
||||
<command>xdg-app build-sign</command>
|
||||
<arg choice="opt" rep="repeat">OPTION</arg>
|
||||
<arg choice="plain">LOCATION</arg>
|
||||
<arg choice="plain">ID</arg>
|
||||
<arg choice="opt">BRANCH</arg>
|
||||
</cmdsynopsis>
|
||||
</refsynopsisdiv>
|
||||
|
||||
<refsect1>
|
||||
<title>Description</title>
|
||||
|
||||
<para>
|
||||
Signs the commit for a speficied application or runtime in
|
||||
a local repository. <arg choice="plain">LOCATION</arg> is
|
||||
the location of the repository. <arg
|
||||
choice="plain">ID</arg> is the name of the application, or
|
||||
runtime if --runtime is specified. If <arg
|
||||
choice="plain">BRANCH</arg> is not specified, it is
|
||||
assumed to be "master".
|
||||
</para>
|
||||
<para>
|
||||
Applications can also be signed during build-export, but
|
||||
it is sometimes useful to add additionaly signatures later.
|
||||
</para>
|
||||
</refsect1>
|
||||
|
||||
<refsect1>
|
||||
<title>Options</title>
|
||||
|
||||
<para>The following options are understood:</para>
|
||||
|
||||
<variablelist>
|
||||
<varlistentry>
|
||||
<term><option>-h</option></term>
|
||||
<term><option>--help</option></term>
|
||||
|
||||
<listitem><para>
|
||||
Show help options and exit.
|
||||
</para></listitem>
|
||||
</varlistentry>
|
||||
|
||||
<varlistentry>
|
||||
<term><option>--gpg-sign=KEYID</option></term>
|
||||
|
||||
<listitem><para>
|
||||
Sign the commit with this GPG key
|
||||
</para></listitem>
|
||||
</varlistentry>
|
||||
|
||||
<varlistentry>
|
||||
<term><option>--gpg-homedir=PATH</option></term>
|
||||
|
||||
<listitem><para>
|
||||
GPG Homedir to use when looking for keyrings
|
||||
</para></listitem>
|
||||
</varlistentry>
|
||||
|
||||
<varlistentry>
|
||||
<term><option>--runtime</option></term>
|
||||
|
||||
<listitem><para>
|
||||
Sign a runtime instead of an app.
|
||||
</para></listitem>
|
||||
</varlistentry>
|
||||
|
||||
<varlistentry>
|
||||
<term><option>--arch=ARCH</option></term>
|
||||
|
||||
<listitem><para>
|
||||
The architecture to use.
|
||||
</para></listitem>
|
||||
</varlistentry>
|
||||
|
||||
<varlistentry>
|
||||
<term><option>-v</option></term>
|
||||
<term><option>--verbose</option></term>
|
||||
|
||||
<listitem><para>
|
||||
Print debug information during command processing.
|
||||
</para></listitem>
|
||||
</varlistentry>
|
||||
|
||||
<varlistentry>
|
||||
<term><option>--version</option></term>
|
||||
|
||||
<listitem><para>
|
||||
Print version information and exit.
|
||||
</para></listitem>
|
||||
</varlistentry>
|
||||
</variablelist>
|
||||
</refsect1>
|
||||
|
||||
<refsect1>
|
||||
<title>Examples</title>
|
||||
|
||||
<para>
|
||||
<command>$ xdg-app build-export ~/repos/gnome-calculator/ ~/build/gnome-calculator/ org.gnome.Calculator</command>
|
||||
</para>
|
||||
<programlisting>
|
||||
Commit: 9d0044ea480297114d03aec85c3d7ae3779438f9d2cb69d717fb54237acacb8c
|
||||
Metadata Total: 605
|
||||
Metadata Written: 5
|
||||
Content Total: 1174
|
||||
Content Written: 1
|
||||
Content Bytes Written: 305
|
||||
</programlisting>
|
||||
|
||||
</refsect1>
|
||||
|
||||
<refsect1>
|
||||
<title>See also</title>
|
||||
|
||||
<para>
|
||||
<citerefentry><refentrytitle>ostree</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
|
||||
<citerefentry><refentrytitle>xdg-app</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
|
||||
<citerefentry><refentrytitle>xdg-app-build-export</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
|
||||
<citerefentry><refentrytitle>xdg-app-build</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
|
||||
</para>
|
||||
|
||||
</refsect1>
|
||||
|
||||
</refentry>
|
|
@ -262,6 +262,13 @@
|
|||
Update the summary file in a repository.
|
||||
</para></listitem>
|
||||
</varlistentry>
|
||||
<varlistentry>
|
||||
<term><citerefentry><refentrytitle>xdg-app-build-sign</refentrytitle><manvolnum>1</manvolnum></citerefentry></term>
|
||||
|
||||
<listitem><para>
|
||||
Sign an application or runtime after its been exported.
|
||||
</para></listitem>
|
||||
</varlistentry>
|
||||
</variablelist>
|
||||
</refsect1>
|
||||
|
||||
|
|
Loading…
Reference in New Issue