From ffdebd95160f93269da74e47b3a3e3270d079d4a Mon Sep 17 00:00:00 2001 From: Ciaran Gultnieks Date: Mon, 12 May 2014 21:55:59 +0100 Subject: [PATCH] Add 'fdroid gpgsign' command Creates detached gpg signatures for any apks that don't have them yet. Relevant configuration fields need to be set first. --- fdroid | 1 + fdroidserver/gpgsign.py | 76 +++++++++++++++++++++++++++++++++++++++++ 2 files changed, 77 insertions(+) create mode 100644 fdroidserver/gpgsign.py diff --git a/fdroid b/fdroid index c597eaea..b6e37dc7 100755 --- a/fdroid +++ b/fdroid @@ -25,6 +25,7 @@ commands = { "build": "Build a package from source", "init": "Quickly start a new repository", "publish": "Sign and place packages in the repo", + "gpgsign": "Add gpg signatures for packages in repo", "update": "Update repo information for new packages", "verify": "Verify the integrity of downloaded packages", "checkupdates": "Check for updates to applications", diff --git a/fdroidserver/gpgsign.py b/fdroidserver/gpgsign.py new file mode 100644 index 00000000..c1ce3547 --- /dev/null +++ b/fdroidserver/gpgsign.py @@ -0,0 +1,76 @@ +#!/usr/bin/env python2 +# -*- coding: utf-8 -*- +# +# publish.py - part of the FDroid server tools +# Copyright (C) 2010-2014, Ciaran Gultnieks, ciaran@ciarang.com +# Copyright (C) 2013-2014 Daniel Martí +# +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU Affero General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU Affero General Public License for more details. +# +# You should have received a copy of the GNU Affero General Public License +# along with this program. If not, see . + +import sys +import os +import shutil +import md5 +import glob +from optparse import OptionParser +import logging + +import common +import metadata +from common import FDroidPopen, BuildException + +config = None +options = None + + +def main(): + + global config, options + + # Parse command line... + parser = OptionParser(usage="Usage: %prog [options] [APPID[:VERCODE] [APPID[:VERCODE] ...]]") + parser.add_option("-v", "--verbose", action="store_true", default=False, + help="Spew out even more information than normal") + parser.add_option("-q", "--quiet", action="store_true", default=False, + help="Restrict output to warnings and errors") + (options, args) = parser.parse_args() + + config = common.read_config(options) + + output_dir = 'repo' + if not os.path.isdir(output_dir): + logging.error("Missing output directory") + sys.exit(1) + + # Process any apks that are waiting to be signed... + for apkfile in sorted(glob.glob(os.path.join(output_dir, '*.apk'))): + + apkfilename = os.path.basename(apkfile) + sigfilename = apkfilename + ".txt" + sigpath = os.path.join(output_dir, sigfilename) + + if not os.path.exists(sigpath): + p = FDroidPopen(['gpg', '-a', + '--output', sigpath, + '--detach-sig', + os.path.join(output_dir, apkfilename)]) + if p.returncode != 0: + logging.error("Signing failed.") + sys.exit(1) + + logging.info('Signed ' + apkfilename) + + +if __name__ == "__main__": + main() -- 2.30.2