|
|
|
#!/bin/sh
|
|
|
|
|
|
|
|
set -e
|
|
|
|
|
|
|
|
echo "Updating apt..."
|
|
|
|
apt-get -qq update
|
|
|
|
|
|
|
|
echo "Installing get tools..."
|
|
|
|
apt-get -qq -y --no-install-recommends install curl jq ca-certificates git > /dev/null
|
|
|
|
|
|
|
|
REPO_NAME="deltachat/deltachat-desktop"
|
|
|
|
REPO_URL="https://github.com/${REPO_NAME}.git"
|
|
|
|
|
|
|
|
if [ -z ${1+x} ]; then
|
|
|
|
echo "No release selected, selecting the latest..."
|
|
|
|
CHECKOUT="$(curl --silent --fail --show-error "https://api.github.com/repos/${REPO_NAME}/releases/latest" | jq -r .tag_name)"
|
|
|
|
echo "Latest release: ${CHECKOUT}"
|
|
|
|
else
|
|
|
|
CHECKOUT="${1}"
|
|
|
|
echo "Release selected: ${CHECKOUT}"
|
|
|
|
fi
|
|
|
|
|
|
|
|
echo "Getting the source..."
|
|
|
|
./getsauce.sh "git" \
|
|
|
|
"${REPO_URL}" \
|
|
|
|
"${CHECKOUT}"
|
|
|
|
|
|
|
|
cd project
|
|
|
|
|
|
|
|
echo "Installing build dependencies (apt)..."
|
|
|
|
apt-get -qq -y --no-install-recommends install npm cargo > /dev/null
|
|
|
|
echo "Installing build dependencies (npm)..."
|
|
|
|
npm install
|
|
|
|
echo "Build dependencies installed."
|
|
|
|
|
|
|
|
echo "Building the app..."
|
|
|
|
NODE_ENV=production npm run build
|
|
|
|
NO_ASAR=true npm run pack:generate_config
|
|
|
|
echo "App built successfully."
|
|
|
|
|
|
|
|
echo "Packaging..."
|
|
|
|
npm run pack:linux
|
|
|
|
echo "App packaged successfully."
|
|
|
|
|
|
|
|
cd ..
|
|
|
|
|
|
|
|
echo "Package(s) deploy..."
|
|
|
|
INCOMING_DIR="repo/incoming"
|
|
|
|
|
|
|
|
mkdir -p ${INCOMING_DIR}
|
|
|
|
|
|
|
|
READY_SUFFIX=".ready"
|
|
|
|
DIST_DIR="project/dist"
|
|
|
|
for ENTRY in "${DIST_DIR}"/*.deb; do
|
|
|
|
# If is not a file skip
|
|
|
|
if [ -f "${ENTRY}" ]; then
|
|
|
|
FILENAME=$(basename "${ENTRY}")
|
|
|
|
#scp "${ENTRY}" reposerver:"${INCOMING_DIR}/${FILENAME}"
|
|
|
|
#scp "${ENTRY}" reposerver:"${INCOMING_DIR}/${FILENAME}${READY_SUFFIX}"
|
|
|
|
cp "${ENTRY}" "${INCOMING_DIR}/${FILENAME}"
|
|
|
|
cp "${ENTRY}" "${INCOMING_DIR}/${FILENAME}${READY_SUFFIX}"
|
|
|
|
fi
|
|
|
|
done
|
|
|
|
|
|
|
|
echo "Moving package(s) to the repo..."
|
|
|
|
MAIN_DIR="repo/main"
|
|
|
|
mkdir -p "${MAIN_DIR}"
|
|
|
|
|
|
|
|
for ENTRY in "${INCOMING_DIR}"/*"${READY_SUFFIX}"; do
|
|
|
|
# If is not a file skip
|
|
|
|
if [ -f "${ENTRY}" ]; then
|
|
|
|
FILENAME_DEB=$(basename --suffix="${READY_SUFFIX}" "${ENTRY}")
|
|
|
|
BASEDIRPATH=$(dirname "${ENTRY}")
|
|
|
|
mv "${BASEDIRPATH}/${FILENAME_DEB}" "${MAIN_DIR}/${FILENAME_DEB}"
|
|
|
|
rm "${ENTRY}" "${BASEDIRPATH}/${FILENAME_DEB}"
|
|
|
|
fi
|
|
|
|
done
|
|
|
|
|
|
|
|
echo "Installing repository build dependencies (apt)..."
|
|
|
|
apt-get -qq -y --no-install-recommends install apt-utils > /dev/null
|
|
|
|
|
|
|
|
TEMP_DIR="$(mktemp -d)"
|
|
|
|
|
|
|
|
echo "Updating the repo..."
|
|
|
|
initial_position="$(pwd)"
|
|
|
|
cd repo
|
|
|
|
apt-ftparchive packages . > "${TEMP_DIR}/Packages"
|
|
|
|
cd "${initial_position}"
|
|
|
|
gzip -k -f "${TEMP_DIR}/Packages" --to-stdout > "${TEMP_DIR}/Packages.gz"
|
|
|
|
apt-ftparchive release "${TEMP_DIR}" > "${TEMP_DIR}/Release"
|
|
|
|
|
|
|
|
apt-get -qq -y --no-install-recommends install gpg gpg-agent
|
|
|
|
|
|
|
|
echo "Checking if is possible to sign the repo..."
|
|
|
|
mkdir -p keys
|
|
|
|
chmod 600 keys
|
|
|
|
export GNUPGHOME="${PWD}/keys"
|
|
|
|
|
|
|
|
if [ ! -f "keys/pubring.kbx" ]; then
|
|
|
|
echo "The file 'pubring.kbx' file has not been found. Generating automatically a new one with a new set of keys..."
|
|
|
|
KEY_NAME="Joe Tester"
|
|
|
|
KEY_PASSPHRASE="over-the-lazy-dog"
|
|
|
|
cat >foo_keys <<EOF
|
|
|
|
%echo Generating a basic OpenPGP key
|
|
|
|
Key-Type: RSA
|
|
|
|
Key-Usage: sign
|
|
|
|
Key-Length: 4096
|
|
|
|
Subkey-Type: RSA
|
|
|
|
Subkey-Usage: sign
|
|
|
|
Subkey-Length: 4096
|
|
|
|
Name-Real: ${KEY_NAME}
|
|
|
|
Name-Comment: with stupid passphrase
|
|
|
|
Name-Email: joe@foo.bar
|
|
|
|
Expire-Date: 0
|
|
|
|
Passphrase: ${KEY_PASSPHRASE}
|
|
|
|
# Do a commit here, so that we can later print "done" :-)
|
|
|
|
%commit
|
|
|
|
%echo done
|
|
|
|
EOF
|
|
|
|
|
|
|
|
gpg --batch --generate-key foo_keys
|
|
|
|
echo "${KEY_PASSPHRASE}" > keys/passphrase
|
|
|
|
fi
|
|
|
|
|
|
|
|
if [ -z ${GPG_SUBKEY_ID+x} ]; then
|
|
|
|
echo "A GPG key id has not been defined. Automatically selecting a fingerprint..."
|
|
|
|
# List key and its subkey with their respective fingerprints | filter fingerprints of both keys | pick fingerprint of the second row
|
|
|
|
# (the subkey seems to be listed always after its respective subkey)
|
|
|
|
GPG_SUBKEY_ID="$(gpg --list-secret-key --with-subkey-fingerprint --with-colons | awk -F: '$1 == "fpr" {print $10;}' | sed -n '2 p')"
|
|
|
|
fi
|
|
|
|
|
|
|
|
if [ ! -f repo/key.pub.asc ];then
|
|
|
|
echo "Public key not published. Generating and publishing it..."
|
|
|
|
gpg --armor --export "${GPG_SUBKEY_ID}" > repo/key.pub.asc
|
|
|
|
fi
|
|
|
|
|
|
|
|
echo "Signing the repo..."
|
|
|
|
gpg --passphrase-file keys/passphrase --pinentry-mode loopback --default-key "${GPG_SUBKEY_ID}" -abs -o - "${TEMP_DIR}/Release" > "${TEMP_DIR}/Release.gpg"
|
|
|
|
gpg --passphrase-file keys/passphrase --pinentry-mode loopback --default-key "${GPG_SUBKEY_ID}" --clearsign -o - "${TEMP_DIR}/Release" > "${TEMP_DIR}/InRelease"
|
|
|
|
echo "Done."
|
|
|
|
|
|
|
|
echo "Committing changes..."
|
|
|
|
mv "${TEMP_DIR}"/* repo/
|
|
|
|
|
|
|
|
#echo "deb file:/repo /" > /etc/apt/sources.list.d/custom-repo.list
|