blob: 2cdc82212739cfdc9537d153be440d8edb837e42 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
|
#!/bin/sh
# Build and sign an OpenBSD package from a pre-compiled binary.
# Run on an OpenBSD host (e.g. fishfinger). Called by the Makefile via SSH.
# The signed .tgz is left in /tmp/<name>-pkg/out/ for the Makefile to retrieve.
#
# Arguments:
# $1 — package name (e.g. gogios)
# $2 — version (e.g. 1.4.1)
# $3 — one-line comment
# $4 — description
set -e
NAME="$1"
VERSION="$2"
COMMENT="$3"
DESC="$4"
WORKDIR="/tmp/${NAME}-pkg"
doas rm -rf "$WORKDIR"
mkdir -p "$WORKDIR/stage/usr/local/bin" "$WORKDIR/out"
# Place the pre-compiled binary
cp "/tmp/${NAME}" "$WORKDIR/stage/usr/local/bin/${NAME}"
chmod 755 "$WORKDIR/stage/usr/local/bin/${NAME}"
# Packing list
printf 'usr/local/bin/%s\n' "$NAME" > "$WORKDIR/plist"
# Description file
printf '%s\n' "$DESC" > "$WORKDIR/desc"
# Build the package
doas pkg_create \
-D COMMENT="$COMMENT" \
-d "$WORKDIR/desc" \
-f "$WORKDIR/plist" \
-B "$WORKDIR/stage" \
-p / \
"$WORKDIR/out/${NAME}-${VERSION}.tgz"
# Sign with signify if the key exists
if [ -f /etc/signify/custom-pkg.sec ]; then
mkdir -p "$WORKDIR/signed"
doas pkg_sign -s signify2 -s /etc/signify/custom-pkg.sec \
-o "$WORKDIR/signed" "$WORKDIR/out/${NAME}-${VERSION}.tgz"
mv "$WORKDIR/signed/${NAME}-${VERSION}.tgz" "$WORKDIR/out/${NAME}-${VERSION}.tgz"
rm -rf "$WORKDIR/signed"
echo "Package signed with signify"
else
echo "Warning: /etc/signify/custom-pkg.sec not found, package is unsigned"
fi
echo "OpenBSD package ${NAME}-${VERSION} built in $WORKDIR/out/"
|
