2009-03-12 06:23:32 +01:00
|
|
|
#!/bin/bash
|
|
|
|
|
scripts/release: make the script more robust, and release a source repository snapshot
Following Petr Lautrbach's suggestion, release a snapshot of the source
repository next to the individual archives which constitute a release.
While at it, make scripts/release more robust:
- Fix many warnings reported by shellcheck, by quoting strings.
- Use bash arrays for DIRS and DIRS_NEED_PREFIX
- Merge DIRS and DIRS_NEED_PREFIX into a single array, in order to
produce SHA256 digests that are directly in alphabetical order, for
https://github.com/SELinuxProject/selinux/wiki/Releases
- Use "set -e" in order to fail as soon as a command fails
- Change to the top-level directory at the start of the script, in order
to be able to run it from anywhere.
- Use `cat $DIR/VERSION` and `git -C $DIR` instead of `cd $i ; cat VERSION`
in order to prevent unexpected issues from directory change.
Finally, if version tags already exists, re-use them. This enables using
this script to re-generate the release archive (and check that they
really match the git repository). Currently, running scripts/release
will produce the same archives as the ones published in the 3.2-rc1
release (with the same SHA256 digests as the ones on the release page,
https://github.com/SELinuxProject/selinux/wiki/Releases). This helps to
ensure that the behaviour of the script is still fine.
Suggested-by: Petr Lautrbach <plautrba@redhat.com>
Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org>
2021-02-01 23:16:46 +01:00
|
|
|
# Fail when a command fails
|
|
|
|
set -e
|
2016-10-06 18:45:18 +02:00
|
|
|
|
scripts/release: make the script more robust, and release a source repository snapshot
Following Petr Lautrbach's suggestion, release a snapshot of the source
repository next to the individual archives which constitute a release.
While at it, make scripts/release more robust:
- Fix many warnings reported by shellcheck, by quoting strings.
- Use bash arrays for DIRS and DIRS_NEED_PREFIX
- Merge DIRS and DIRS_NEED_PREFIX into a single array, in order to
produce SHA256 digests that are directly in alphabetical order, for
https://github.com/SELinuxProject/selinux/wiki/Releases
- Use "set -e" in order to fail as soon as a command fails
- Change to the top-level directory at the start of the script, in order
to be able to run it from anywhere.
- Use `cat $DIR/VERSION` and `git -C $DIR` instead of `cd $i ; cat VERSION`
in order to prevent unexpected issues from directory change.
Finally, if version tags already exists, re-use them. This enables using
this script to re-generate the release archive (and check that they
really match the git repository). Currently, running scripts/release
will produce the same archives as the ones published in the 3.2-rc1
release (with the same SHA256 digests as the ones on the release page,
https://github.com/SELinuxProject/selinux/wiki/Releases). This helps to
ensure that the behaviour of the script is still fine.
Suggested-by: Petr Lautrbach <plautrba@redhat.com>
Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org>
2021-02-01 23:16:46 +01:00
|
|
|
# Ensure the script is running from the top level directory
|
|
|
|
cd "$(dirname -- "$0")/.."
|
2009-03-12 06:23:32 +01:00
|
|
|
|
scripts/release: make the script more robust, and release a source repository snapshot
Following Petr Lautrbach's suggestion, release a snapshot of the source
repository next to the individual archives which constitute a release.
While at it, make scripts/release more robust:
- Fix many warnings reported by shellcheck, by quoting strings.
- Use bash arrays for DIRS and DIRS_NEED_PREFIX
- Merge DIRS and DIRS_NEED_PREFIX into a single array, in order to
produce SHA256 digests that are directly in alphabetical order, for
https://github.com/SELinuxProject/selinux/wiki/Releases
- Use "set -e" in order to fail as soon as a command fails
- Change to the top-level directory at the start of the script, in order
to be able to run it from anywhere.
- Use `cat $DIR/VERSION` and `git -C $DIR` instead of `cd $i ; cat VERSION`
in order to prevent unexpected issues from directory change.
Finally, if version tags already exists, re-use them. This enables using
this script to re-generate the release archive (and check that they
really match the git repository). Currently, running scripts/release
will produce the same archives as the ones published in the 3.2-rc1
release (with the same SHA256 digests as the ones on the release page,
https://github.com/SELinuxProject/selinux/wiki/Releases). This helps to
ensure that the behaviour of the script is still fine.
Suggested-by: Petr Lautrbach <plautrba@redhat.com>
Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org>
2021-02-01 23:16:46 +01:00
|
|
|
WIKIDIR=../selinux.wiki
|
2013-10-30 19:28:30 +01:00
|
|
|
|
scripts/release: make the script more robust, and release a source repository snapshot
Following Petr Lautrbach's suggestion, release a snapshot of the source
repository next to the individual archives which constitute a release.
While at it, make scripts/release more robust:
- Fix many warnings reported by shellcheck, by quoting strings.
- Use bash arrays for DIRS and DIRS_NEED_PREFIX
- Merge DIRS and DIRS_NEED_PREFIX into a single array, in order to
produce SHA256 digests that are directly in alphabetical order, for
https://github.com/SELinuxProject/selinux/wiki/Releases
- Use "set -e" in order to fail as soon as a command fails
- Change to the top-level directory at the start of the script, in order
to be able to run it from anywhere.
- Use `cat $DIR/VERSION` and `git -C $DIR` instead of `cd $i ; cat VERSION`
in order to prevent unexpected issues from directory change.
Finally, if version tags already exists, re-use them. This enables using
this script to re-generate the release archive (and check that they
really match the git repository). Currently, running scripts/release
will produce the same archives as the ones published in the 3.2-rc1
release (with the same SHA256 digests as the ones on the release page,
https://github.com/SELinuxProject/selinux/wiki/Releases). This helps to
ensure that the behaviour of the script is still fine.
Suggested-by: Petr Lautrbach <plautrba@redhat.com>
Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org>
2021-02-01 23:16:46 +01:00
|
|
|
if ! [ -d "$WIKIDIR" ]; then
|
|
|
|
git clone git@github.com:SELinuxProject/selinux.wiki.git "$WIKIDIR"
|
|
|
|
fi
|
2009-03-12 06:23:32 +01:00
|
|
|
|
scripts/release: make the script more robust, and release a source repository snapshot
Following Petr Lautrbach's suggestion, release a snapshot of the source
repository next to the individual archives which constitute a release.
While at it, make scripts/release more robust:
- Fix many warnings reported by shellcheck, by quoting strings.
- Use bash arrays for DIRS and DIRS_NEED_PREFIX
- Merge DIRS and DIRS_NEED_PREFIX into a single array, in order to
produce SHA256 digests that are directly in alphabetical order, for
https://github.com/SELinuxProject/selinux/wiki/Releases
- Use "set -e" in order to fail as soon as a command fails
- Change to the top-level directory at the start of the script, in order
to be able to run it from anywhere.
- Use `cat $DIR/VERSION` and `git -C $DIR` instead of `cd $i ; cat VERSION`
in order to prevent unexpected issues from directory change.
Finally, if version tags already exists, re-use them. This enables using
this script to re-generate the release archive (and check that they
really match the git repository). Currently, running scripts/release
will produce the same archives as the ones published in the 3.2-rc1
release (with the same SHA256 digests as the ones on the release page,
https://github.com/SELinuxProject/selinux/wiki/Releases). This helps to
ensure that the behaviour of the script is still fine.
Suggested-by: Petr Lautrbach <plautrba@redhat.com>
Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org>
2021-02-01 23:16:46 +01:00
|
|
|
RELEASE_TAG="$(cat VERSION)"
|
|
|
|
DEST="releases/$RELEASE_TAG"
|
|
|
|
DIRS=(
|
|
|
|
checkpolicy
|
|
|
|
libselinux
|
|
|
|
libsemanage
|
|
|
|
libsepol
|
|
|
|
mcstrans
|
|
|
|
policycoreutils
|
|
|
|
restorecond
|
|
|
|
secilc
|
|
|
|
selinux-dbus
|
|
|
|
selinux-gui
|
|
|
|
selinux-python
|
|
|
|
selinux-sandbox
|
|
|
|
semodule-utils
|
|
|
|
)
|
|
|
|
|
|
|
|
if git rev-parse "$RELEASE_TAG" &> /dev/null ; then
|
|
|
|
echo "Warning: tag $RELEASE_TAG already exists"
|
|
|
|
else
|
|
|
|
git tag -a "$RELEASE_TAG" -m "Release $RELEASE_TAG"
|
|
|
|
fi
|
2009-03-12 06:23:32 +01:00
|
|
|
|
scripts/release: make the script more robust, and release a source repository snapshot
Following Petr Lautrbach's suggestion, release a snapshot of the source
repository next to the individual archives which constitute a release.
While at it, make scripts/release more robust:
- Fix many warnings reported by shellcheck, by quoting strings.
- Use bash arrays for DIRS and DIRS_NEED_PREFIX
- Merge DIRS and DIRS_NEED_PREFIX into a single array, in order to
produce SHA256 digests that are directly in alphabetical order, for
https://github.com/SELinuxProject/selinux/wiki/Releases
- Use "set -e" in order to fail as soon as a command fails
- Change to the top-level directory at the start of the script, in order
to be able to run it from anywhere.
- Use `cat $DIR/VERSION` and `git -C $DIR` instead of `cd $i ; cat VERSION`
in order to prevent unexpected issues from directory change.
Finally, if version tags already exists, re-use them. This enables using
this script to re-generate the release archive (and check that they
really match the git repository). Currently, running scripts/release
will produce the same archives as the ones published in the 3.2-rc1
release (with the same SHA256 digests as the ones on the release page,
https://github.com/SELinuxProject/selinux/wiki/Releases). This helps to
ensure that the behaviour of the script is still fine.
Suggested-by: Petr Lautrbach <plautrba@redhat.com>
Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org>
2021-02-01 23:16:46 +01:00
|
|
|
rm -rf "$DEST"
|
|
|
|
mkdir -p "$DEST"
|
|
|
|
|
|
|
|
for COMPONENT in "${DIRS[@]}"; do
|
|
|
|
DIR="${COMPONENT#selinux-}"
|
|
|
|
VERS="$(cat "$DIR/VERSION")"
|
|
|
|
TAG="$COMPONENT-$VERS"
|
|
|
|
if git rev-parse "$TAG" &> /dev/null ; then
|
|
|
|
echo "Warning: tag $TAG already exists"
|
|
|
|
else
|
|
|
|
git tag "$TAG" > /dev/null
|
|
|
|
fi
|
|
|
|
git -C "$DIR" archive -o "../$DEST/$TAG.tar.gz" --prefix="$TAG/" "$TAG"
|
2022-04-06 19:53:39 +02:00
|
|
|
gpg -b -a "../$DEST/$TAG.tar.gz"
|
2016-11-04 20:45:16 +01:00
|
|
|
done
|
|
|
|
|
scripts/release: make the script more robust, and release a source repository snapshot
Following Petr Lautrbach's suggestion, release a snapshot of the source
repository next to the individual archives which constitute a release.
While at it, make scripts/release more robust:
- Fix many warnings reported by shellcheck, by quoting strings.
- Use bash arrays for DIRS and DIRS_NEED_PREFIX
- Merge DIRS and DIRS_NEED_PREFIX into a single array, in order to
produce SHA256 digests that are directly in alphabetical order, for
https://github.com/SELinuxProject/selinux/wiki/Releases
- Use "set -e" in order to fail as soon as a command fails
- Change to the top-level directory at the start of the script, in order
to be able to run it from anywhere.
- Use `cat $DIR/VERSION` and `git -C $DIR` instead of `cd $i ; cat VERSION`
in order to prevent unexpected issues from directory change.
Finally, if version tags already exists, re-use them. This enables using
this script to re-generate the release archive (and check that they
really match the git repository). Currently, running scripts/release
will produce the same archives as the ones published in the 3.2-rc1
release (with the same SHA256 digests as the ones on the release page,
https://github.com/SELinuxProject/selinux/wiki/Releases). This helps to
ensure that the behaviour of the script is still fine.
Suggested-by: Petr Lautrbach <plautrba@redhat.com>
Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org>
2021-02-01 23:16:46 +01:00
|
|
|
git archive -o "$DEST/selinux-${RELEASE_TAG}.tar.gz" --prefix="selinux-${RELEASE_TAG}/" "${RELEASE_TAG}"
|
2016-10-06 18:45:18 +02:00
|
|
|
|
2016-10-14 17:36:11 +02:00
|
|
|
echo "Add the following to the $WIKIDIR/Releases.md wiki page:"
|
2013-10-31 19:23:26 +01:00
|
|
|
|
|
|
|
echo ""
|
2013-10-30 19:28:30 +01:00
|
|
|
|
2020-11-27 09:52:20 +01:00
|
|
|
echo "## Release $RELEASE_TAG"
|
2013-10-30 19:28:30 +01:00
|
|
|
|
2019-01-24 21:54:57 +01:00
|
|
|
echo ""
|
|
|
|
|
|
|
|
echo "[Release Notes](https://github.com/SELinuxProject/selinux/releases/download/$RELEASE_TAG/RELEASE-$RELEASE_TAG.txt)"
|
|
|
|
echo ""
|
|
|
|
echo "[full log](https://github.com/SELinuxProject/selinux/releases/download/$RELEASE_TAG/log-$RELEASE_TAG.txt)"
|
|
|
|
echo ""
|
|
|
|
echo "[short log](https://github.com/SELinuxProject/selinux/releases/download/$RELEASE_TAG/shortlog-$RELEASE_TAG.txt)"
|
|
|
|
echo ""
|
|
|
|
|
scripts/release: make the script more robust, and release a source repository snapshot
Following Petr Lautrbach's suggestion, release a snapshot of the source
repository next to the individual archives which constitute a release.
While at it, make scripts/release more robust:
- Fix many warnings reported by shellcheck, by quoting strings.
- Use bash arrays for DIRS and DIRS_NEED_PREFIX
- Merge DIRS and DIRS_NEED_PREFIX into a single array, in order to
produce SHA256 digests that are directly in alphabetical order, for
https://github.com/SELinuxProject/selinux/wiki/Releases
- Use "set -e" in order to fail as soon as a command fails
- Change to the top-level directory at the start of the script, in order
to be able to run it from anywhere.
- Use `cat $DIR/VERSION` and `git -C $DIR` instead of `cd $i ; cat VERSION`
in order to prevent unexpected issues from directory change.
Finally, if version tags already exists, re-use them. This enables using
this script to re-generate the release archive (and check that they
really match the git repository). Currently, running scripts/release
will produce the same archives as the ones published in the 3.2-rc1
release (with the same SHA256 digests as the ones on the release page,
https://github.com/SELinuxProject/selinux/wiki/Releases). This helps to
ensure that the behaviour of the script is still fine.
Suggested-by: Petr Lautrbach <plautrba@redhat.com>
Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org>
2021-02-01 23:16:46 +01:00
|
|
|
for COMPONENT in "${DIRS[@]}"; do
|
|
|
|
DIR="${COMPONENT#selinux-}"
|
|
|
|
VERS="$(cat "$DIR/VERSION")"
|
|
|
|
TAG="$COMPONENT-$VERS"
|
|
|
|
tarball="$TAG.tar.gz"
|
|
|
|
echo -n "[$tarball](https://github.com/SELinuxProject/selinux/releases/download/$RELEASE_TAG/$tarball) "
|
|
|
|
sha256sum "$DEST/$tarball" | cut -d " " -f 1
|
2013-10-30 19:28:30 +01:00
|
|
|
echo ""
|
|
|
|
done
|
2016-10-06 18:45:18 +02:00
|
|
|
|
scripts/release: make the script more robust, and release a source repository snapshot
Following Petr Lautrbach's suggestion, release a snapshot of the source
repository next to the individual archives which constitute a release.
While at it, make scripts/release more robust:
- Fix many warnings reported by shellcheck, by quoting strings.
- Use bash arrays for DIRS and DIRS_NEED_PREFIX
- Merge DIRS and DIRS_NEED_PREFIX into a single array, in order to
produce SHA256 digests that are directly in alphabetical order, for
https://github.com/SELinuxProject/selinux/wiki/Releases
- Use "set -e" in order to fail as soon as a command fails
- Change to the top-level directory at the start of the script, in order
to be able to run it from anywhere.
- Use `cat $DIR/VERSION` and `git -C $DIR` instead of `cd $i ; cat VERSION`
in order to prevent unexpected issues from directory change.
Finally, if version tags already exists, re-use them. This enables using
this script to re-generate the release archive (and check that they
really match the git repository). Currently, running scripts/release
will produce the same archives as the ones published in the 3.2-rc1
release (with the same SHA256 digests as the ones on the release page,
https://github.com/SELinuxProject/selinux/wiki/Releases). This helps to
ensure that the behaviour of the script is still fine.
Suggested-by: Petr Lautrbach <plautrba@redhat.com>
Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org>
2021-02-01 23:16:46 +01:00
|
|
|
echo "### Source repository snapshot"
|
|
|
|
|
|
|
|
echo ""
|
|
|
|
|
|
|
|
echo -n "[selinux-${RELEASE_TAG}.tar.gz](https://github.com/SELinuxProject/selinux/releases/download/$RELEASE_TAG/selinux-${RELEASE_TAG}.tar.gz) "
|
|
|
|
sha256sum "$DEST/selinux-${RELEASE_TAG}.tar.gz" | cut -d " " -f 1
|
|
|
|
echo ""
|
|
|
|
|
2016-10-06 18:45:18 +02:00
|
|
|
echo "And then run:"
|
2016-10-14 17:47:29 +02:00
|
|
|
echo " cd $WIKIDIR"
|
2019-01-24 21:54:57 +01:00
|
|
|
echo " git commit -m \"Release $RELEASE_TAG\" -a -s"
|
2016-10-14 17:47:29 +02:00
|
|
|
echo " git push"
|
2016-10-06 18:45:18 +02:00
|
|
|
|
2016-10-14 17:47:29 +02:00
|
|
|
echo ""
|
2016-10-06 18:45:18 +02:00
|
|
|
echo "Push the release and its tags to git via:"
|
|
|
|
echo " git push"
|
|
|
|
echo " git push --tags"
|
2019-01-24 21:54:57 +01:00
|
|
|
|
|
|
|
echo ""
|
|
|
|
echo "Create a new release from the latest tag on https://github.com/SELinuxProject/selinux/tags"
|
|
|
|
|
|
|
|
echo ""
|
|
|
|
echo "Add files from releases/$RELEASE_TAG as assets to the new github release"
|