mirror of
https://github.com/ben-grande/qusal.git
synced 2025-02-25 01:09:59 -05:00
fc22726ee8
Passing files to Dom0 is always dangerous: - Passing a git repository is dangerous as it can have ignored modified files and signature verification will pass. - Passing an archive is troublesome for updates. - Passing an RPM package depends on the RPM verification to be correct, some times it is not. - Passing a RPM repository definition is less troublesome for the user, as it is a small file to verify the contents and update mechanism is via the package manager. Trust in RPM verification is still required. Many improvements were made to the build scripts: - requires-program: Single function to check if program is installed; - spec-get: Sort project names for the usage message; - spec-get: Only running commands that are necessary; - spec-get: Fix empty summary when readme has copyright header; - spec-gen: Fix grep warning of escaped symbol; - spec-build: Sign RPM and verify signature; - spec-build: Only lint the first SPEC for faster runtime; - yumrepo-gen: Generate a local yum repository with signed metadata; - qubesbuilder-gen: Generate a .qubesbuilder based on tracked projects; - release: Build, sign and push all RPMs to repository. Goal is to be able to build with qubes-builderv2 Qubes Executor. For: https://github.com/ben-grande/qusal/issues/37
20 lines
370 B
Bash
Executable File
20 lines
370 B
Bash
Executable File
#!/bin/sh
|
|
## SPDX-FileCopyrightText: 2024 Benjamin Grande M. S. <ben.grande.b@gmail.com>
|
|
##
|
|
## SPDX-License-Identifier: AGPL-3.0-or-later
|
|
|
|
set -eu
|
|
|
|
missing_program=0
|
|
for pkg in "${@}"; do
|
|
if ! command -v "${pkg}" >/dev/null; then
|
|
missing_program=1
|
|
echo "Missing program: ${pkg}" >&2
|
|
continue
|
|
fi
|
|
done
|
|
|
|
if test "${missing_program}" = "1"; then
|
|
exit 1
|
|
fi
|