Add GPG signing to processRelease

This commit is contained in:
Tad 2020-06-17 13:18:16 -04:00
parent f48dd5f84c
commit 900183743d
4 changed files with 32 additions and 10 deletions

View File

@ -4,6 +4,7 @@ java -jar $DOS_BINARY_PATCHER scraper "https://www.qualcomm.com/company/product-
java -jar $DOS_BINARY_PATCHER scraper "https://www.qualcomm.com/company/product-security/bulletins/march-2020-bulletin" >> cve_list-qc.txt
java -jar $DOS_BINARY_PATCHER scraper "https://www.qualcomm.com/company/product-security/bulletins/february-2020-bulletin" >> cve_list-qc.txt
java -jar $DOS_BINARY_PATCHER scraper "https://www.qualcomm.com/company/product-security/bulletins/january-2020-bulletin" >> cve_list-qc.txt
java -jar $DOS_BINARY_PATCHER scraper "https://www.qualcomm.com/company/product-security/bulletins/december-2019-bulletin" >> cve_list-qc.txt
java -jar $DOS_BINARY_PATCHER scraper "https://www.qualcomm.com/company/product-security/bulletins/november-2019-bulletin" >> cve_list-qc.txt
java -jar $DOS_BINARY_PATCHER scraper "https://www.qualcomm.com/company/product-security/bulletins/october-2019-bulletin" >> cve_list-qc.txt
@ -14,15 +15,7 @@ java -jar $DOS_BINARY_PATCHER scraper "https://www.qualcomm.com/company/product-
java -jar $DOS_BINARY_PATCHER scraper "https://www.qualcomm.com/company/product-security/bulletins/march-2019-bulletin" >> cve_list-qc.txt
java -jar $DOS_BINARY_PATCHER scraper "https://www.qualcomm.com/company/product-security/bulletins/february-2019-bulletin" >> cve_list-qc.txt
java -jar $DOS_BINARY_PATCHER scraper "https://www.qualcomm.com/company/product-security/bulletins/january-2019-bulletin" >> cve_list-qc.txt
java -jar $DOS_BINARY_PATCHER scraper "https://www.qualcomm.com/company/product-security/bulletins/december-2018-bulletin" >> cve_list-qc.txt
java -jar $DOS_BINARY_PATCHER scraper "https://www.qualcomm.com/company/product-security/bulletins/november-2018-bulletin" >> cve_list-qc.txt
java -jar $DOS_BINARY_PATCHER scraper "https://www.qualcomm.com/company/product-security/bulletins/archives/october-2018" >> cve_list-qc.txt
java -jar $DOS_BINARY_PATCHER scraper "https://www.qualcomm.com/company/product-security/bulletins/archives/september-2018" >> cve_list-qc.txt
java -jar $DOS_BINARY_PATCHER scraper "https://www.qualcomm.com/company/product-security/bulletins/archives/august-2018" >> cve_list-qc.txt
java -jar $DOS_BINARY_PATCHER scraper "https://www.qualcomm.com/company/product-security/bulletins/archives/july-2018" >> cve_list-qc.txt
java -jar $DOS_BINARY_PATCHER scraper "https://www.qualcomm.com/company/product-security/bulletins/archives/june-2018" >> cve_list-qc.txt
java -jar $DOS_BINARY_PATCHER scraper "https://www.qualcomm.com/company/product-security/bulletins/archives/may-2018" >> cve_list-qc.txt
java -jar $DOS_BINARY_PATCHER scraper "https://www.qualcomm.com/product-security/bulletins/archives/december-2017" >> cve_list-qc.txt
java -jar $DOS_BINARY_PATCHER scraper "https://www.codeaurora.org/security-bulletin/2019/08/05/august-2019-code-aurora-security-bulletin" >> cve_list-qc.txt
java -jar $DOS_BINARY_PATCHER scraper "https://www.codeaurora.org/security-bulletin/2019/07/01/july-2019-code-aurora-security-bulletin" >> cve_list-qc.txt
java -jar $DOS_BINARY_PATCHER scraper "https://www.codeaurora.org/security-bulletin/2019/06/03/june-2019-code-aurora-security-bulletin" >> cve_list-qc.txt
@ -31,6 +24,16 @@ java -jar $DOS_BINARY_PATCHER scraper "https://www.codeaurora.org/security-bulle
java -jar $DOS_BINARY_PATCHER scraper "https://www.codeaurora.org/security-bulletin/2019/03/04/2304-2" >> cve_list-qc.txt
java -jar $DOS_BINARY_PATCHER scraper "https://www.codeaurora.org/security-bulletin/2019/02/04/february-2019-code-aurora-security-bulletin" >> cve_list-qc.txt
java -jar $DOS_BINARY_PATCHER scraper "https://www.codeaurora.org/security-bulletin/2019/01/07/january-2019-code-aurora-security-bulletin" >> cve_list-qc.txt
java -jar $DOS_BINARY_PATCHER scraper "https://www.qualcomm.com/company/product-security/bulletins/december-2018-bulletin" >> cve_list-qc.txt
java -jar $DOS_BINARY_PATCHER scraper "https://www.qualcomm.com/company/product-security/bulletins/november-2018-bulletin" >> cve_list-qc.txt
java -jar $DOS_BINARY_PATCHER scraper "https://www.qualcomm.com/company/product-security/bulletins/archives/october-2018" >> cve_list-qc.txt
java -jar $DOS_BINARY_PATCHER scraper "https://www.qualcomm.com/company/product-security/bulletins/archives/september-2018" >> cve_list-qc.txt
java -jar $DOS_BINARY_PATCHER scraper "https://www.qualcomm.com/company/product-security/bulletins/archives/august-2018" >> cve_list-qc.txt
java -jar $DOS_BINARY_PATCHER scraper "https://www.qualcomm.com/company/product-security/bulletins/archives/july-2018" >> cve_list-qc.txt
java -jar $DOS_BINARY_PATCHER scraper "https://www.qualcomm.com/company/product-security/bulletins/archives/june-2018" >> cve_list-qc.txt
java -jar $DOS_BINARY_PATCHER scraper "https://www.qualcomm.com/company/product-security/bulletins/archives/may-2018" >> cve_list-qc.txt
java -jar $DOS_BINARY_PATCHER scraper "https://www.codeaurora.org/security-bulletin/2018/12/03/december-2018-code-aurora-security-bulletin" >> cve_list-qc.txt
java -jar $DOS_BINARY_PATCHER scraper "https://www.codeaurora.org/security-bulletin/2018/11/05/november-2018-code-aurora-security-bulletin" >> cve_list-qc.txt
java -jar $DOS_BINARY_PATCHER scraper "https://www.codeaurora.org/security-bulletin/2018/10/01/october-2018-code-aurora-security-bulletin" >> cve_list-qc.txt
@ -43,7 +46,14 @@ java -jar $DOS_BINARY_PATCHER scraper "https://www.codeaurora.org/security-bulle
java -jar $DOS_BINARY_PATCHER scraper "https://www.codeaurora.org/security-bulletin/2018/03/29/march-2018-code-aurora-security-bulletin" >> cve_list-qc.txt
java -jar $DOS_BINARY_PATCHER scraper "https://www.codeaurora.org/security-bulletin/2018/02/16/february-2018-code-aurora-security-bulletin" >> cve_list-qc.txt
java -jar $DOS_BINARY_PATCHER scraper "https://www.codeaurora.org/security-bulletin/2018/01/26/january-2018-code-aurora-security-bulletin" >> cve_list-qc.txt
java -jar $DOS_BINARY_PATCHER scraper "https://www.qualcomm.com/product-security/bulletins/archives/december-2017" >> cve_list-qc.txt
java -jar $DOS_BINARY_PATCHER scraper "https://www.codeaurora.org/security-bulletin/2017/12/14/december-2017-security-bulletin" >> cve_list-qc.txt
java -jar $DOS_BINARY_PATCHER scraper "https://www.codeaurora.org/security-bulletin/2017/11/28/november-2017-security-bulletin" >> cve_list-qc.txt
java -jar $DOS_BINARY_PATCHER scraper "https://www.codeaurora.org/security-bulletin/2017/10/20/october-2017-v1" >> cve_list-qc.txt
java -jar $DOS_BINARY_PATCHER scraper "https://www.codeaurora.org/security-bulletin/2017/09/27/september-2017-v1" >> cve_list-qc.txt
# clean a bit
# sort: java -jar $DOS_BINARY_PATCHER sort cve_list-qc.txt >> cve_list-qc-sorted.txt
# clean some more

View File

@ -245,6 +245,16 @@ processRelease() {
sed -i "s|$OUT_DIR/||" $OUT_DIR/*.md5sum $OUT_DIR/*.sha512sum;
#GPG signing
if [ "$DOS_GPG_SIGNING" = true ]; then
for checksum in $OUT_DIR/*.sha512sum; do
gpg --homedir "$DOS_SIGNING_GPG" --sign --local-user "$DOS_GPG_SIGNING_KEY" --clearsign "$checksum";
if [ "$?" -eq "0" ]; then
mv -f "$checksum.asc" "$checksum";
fi;
done;
fi;
#Copy to archive
if [ "$DOS_AUTO_ARCHIVE_BUILDS" = true ]; then
echo -e "\e[0;32mCopying files to archive\e[0m";

View File

@ -26,6 +26,7 @@ export DOS_WORKSPACE_ROOT="/mnt/dos/"; #XXX: THIS MUST BE CORRECT TO BUILD!
#export DOS_BUILDS=$DOS_WORKSPACE_ROOT"Builds/";
export DOS_BUILDS="/mnt/backup-1/DOS/Builds/";
export DOS_SIGNING_KEYS=$DOS_WORKSPACE_ROOT"Signing_Keys/4096pro";
export DOS_SIGNING_GPG=$DOS_WORKSPACE_ROOT"Signing_Keys/gnupg";
#export USE_CCACHE=1;
#export CCACHE_DIR="";
export CCACHE_COMPRESS=1;
@ -72,6 +73,8 @@ export DOS_MALWARE_SCAN_BEFORE_SIGN=false; #Scan device files for malware before
export DOS_GENERATE_DELTAS=true; #Creates deltas from existing target_files in $DOS_BUILDS
export DOS_AUTO_ARCHIVE_BUILDS=true; #Copies files to $DOS_BUILDS after signing
export DOS_REMOVE_AFTER=true; #Removes device OUT directory after complete to reclaim space. Requires AUTO_ARCHIVE_BUILDS=true
export DOS_GPG_SIGNING=true;
export DOS_GPG_SIGNING_KEY="B8744D67F9F1E14E145DFD8E7F627E920F316994";
#Branding
export DOS_BRANDING_NAME="DivestOS";

1
TODO
View File

@ -15,7 +15,6 @@ High Priority (Release blockers)
- Switch from Shadow to Piwik and update Privacy Policy
- mod_removeip for GDPR and update Privacy Policy
- Update cryptocurrency addresses
- Add a page on how to verify builds
Medium Priority
Build