Git-Mirrors/DivestOS
1
0
Fork 0
mirror of https://github.com/Divested-Mobile/DivestOS-Build.git synced 2025-05-02 14:36:17 -04:00
Code Issues Projects Releases Packages Wiki Activity

GPG verification for all platform repositories

Browse source 
Signed-off-by: Tad <tad@spotco.us>
This commit is contained in:
Tad 2022-08-26 22:00:59 -04:00
parent 7854c05aa4
commit 3618774d9f
No known key found for this signature in database
GPG key ID: B286E9F57A07424B
10 changed files with 71 additions and 37 deletions
Download patch file Download diff file Expand all files Collapse all files

11
Scripts/Common/Functions.sh
View file

@ -21,6 +21,17 @@ startPatcher() {
}
export -f startPatcher;
resetWorkspace() {
umask 0022;
repo forall -c 'git add -A && git reset --hard' && rm -rf out DOS_PATCHED_FLAG && repo sync -j8 --force-sync --detach;
}
export -f resetWorkspace;
verifyAllTags() {
repo forall -c 'source $DOS_WORKSPACE_ROOT/Scripts/Common/Tag_Verifier.sh && verifyTagIfPossible $REPO_PROJECT $REPO_PATH';
}
export -f verifyAllTags;
enter() {
echo "================================================================================================"
local dir="$1";

46
Scripts/Common/Tag_Verifier.sh Normal file
View file

@ -0,0 +1,46 @@
#!/bin/bash
#DivestOS: A privacy focused mobile distribution
#Copyright (c) 2022 Divested Computing Group
#
#This program is free software: you can redistribute it and/or modify
#it under the terms of the GNU General Public License as published by
#the Free Software Foundation, either version 3 of the License, or
#(at your option) any later version.
#
#This program is distributed in the hope that it will be useful,
#but WITHOUT ANY WARRANTY; without even the implied warranty of
#MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
#GNU General Public License for more details.
#
#You should have received a copy of the GNU General Public License
#along with this program. If not, see <https://www.gnu.org/licenses/>.
umask 0022;
set -uo pipefail;
source "$DOS_SCRIPTS_COMMON/Shell.sh";
gpgVerifyGitTag() {
if [ -r "$DOS_TMP_GNUPG/pubring.kbx" ]; then
if git -C "$1" verify-tag "$2" &>/dev/null; then
echo -e "\e[0;32mGPG Verified Git Tag Successfully: $1\e[0m";
else
echo -e "\e[0;31mWARNING: GPG Verification of Git Tag Failed: $1\e[0m";
#sleep 60;
fi;
#git -C $1 log --show-signature -1;
else
echo -e "\e[0;33mWARNING: keyring is unavailable, GPG verification of $1 will not be performed!\e[0m";
fi;
}
export -f gpgVerifyGitHead;
verifyTagIfPossible() {
if [[ "$1" == "platform/"* ]]; then
tagMatch=$(git -C "$DOS_BUILD_BASE$2" describe --exact-match HEAD);
if [ ! -z "$tagMatch" ]; then
gpgVerifyGitTag "$DOS_BUILD_BASE$2" "$tagMatch";
else
echo -e "\e[0;33mWARNING: No tag match for $2 \e[0m";
fi;
fi;
}
export -f verifyTagIfPossible;