aboutsummaryrefslogtreecommitdiff
path: root/contrib/gitian-build.py
diff options
context:
space:
mode:
authorWladimir J. van der Laan <laanwj@gmail.com>2019-05-09 17:22:24 +0200
committerWladimir J. van der Laan <laanwj@gmail.com>2019-05-09 17:29:44 +0200
commita65fd92f7b8ecb6a2d38aaac7660df01d2441723 (patch)
treec739dad586e8872283191dc5d68e97b0139977e2 /contrib/gitian-build.py
parent08788ce1701aed00fd2946f9a3b3e1f83526d4d2 (diff)
parentbeda0dae953aa125e08302713d2c7b214eddbe5a (diff)
Merge #15766: scripts and tools: Upgrade gitian image before signing
beda0dae953aa125e08302713d2c7b214eddbe5a Upgrade gitian image before signing (Hennadii Stepanov) Pull request description: The package upgrade in the Ubuntu repositories in the period between the building and the signing causes (particularly, using LXC) an error: ``` Creating package manifest Could not download some packages, please run gbuild --upgrade ``` For example, the [`busybox-initramfs`](https://packages.ubuntu.com/bionic/busybox-initramfs) package was [upgraded](http://changelogs.ubuntu.com/changelogs/pool/main/b/busybox/busybox_1.27.2-2ubuntu3.2/changelog) from `1:1.27.2-2ubuntu3.1` to `1:1.27.2-2ubuntu3.2` on 2019-03-06. This PR forces gitian image upgrade for the `--sign` command. Ref: [devrandom/gitian-builder/target-bin/grab-packages.sh](https://github.com/devrandom/gitian-builder/blob/04ab7c121842be8c5848b3de5076c8ded7761314/target-bin/grab-packages.sh) ``` #!/bin/sh # Get an installed package manifest set -e cd /var/cache/apt/archives # make sure all packages with installed versions are downloaded # (except for held packages, which may not be available for download) dpkg-query -W -f '${Status}\t${Package}=${Version}\n' | grep -v ^hold | cut -f2- | xargs -n 50 apt-get install -q --reinstall -y -d > /tmp/download.log grep "cannot be downloaded" /tmp/download.log && { echo Could not download some packages, please run gbuild --upgrade 1>&2 ; exit 1 ; } sha256sum *.deb | sort --key 2 ``` ACKs for commit beda0d: laanwj: utACK beda0dae953aa125e08302713d2c7b214eddbe5a fanquake: utACK beda0da Tree-SHA512: e2e3b3e3719e098d266ceec39bd69b950344a4eb2f43ae6ad3e696add70f743b363cc83676e339f7caa207d6478029869a8af01fe1f6d5690d2857003f7d8ce8
Diffstat (limited to 'contrib/gitian-build.py')
-rwxr-xr-xcontrib/gitian-build.py4
1 files changed, 2 insertions, 2 deletions
diff --git a/contrib/gitian-build.py b/contrib/gitian-build.py
index fc7fbb764d..d2c0553efc 100755
--- a/contrib/gitian-build.py
+++ b/contrib/gitian-build.py
@@ -95,7 +95,7 @@ def sign():
if args.windows:
print('\nSigning ' + args.version + ' Windows')
subprocess.check_call('cp inputs/bitcoin-' + args.version + '-win-unsigned.tar.gz inputs/bitcoin-win-unsigned.tar.gz', shell=True)
- subprocess.check_call(['bin/gbuild', '-i', '--commit', 'signature='+args.commit, '../bitcoin/contrib/gitian-descriptors/gitian-win-signer.yml'])
+ subprocess.check_call(['bin/gbuild', '--skip-image', '--upgrade', '--commit', 'signature='+args.commit, '../bitcoin/contrib/gitian-descriptors/gitian-win-signer.yml'])
subprocess.check_call(['bin/gsign', '-p', args.sign_prog, '--signer', args.signer, '--release', args.version+'-win-signed', '--destination', '../gitian.sigs/', '../bitcoin/contrib/gitian-descriptors/gitian-win-signer.yml'])
subprocess.check_call('mv build/out/bitcoin-*win64-setup.exe ../bitcoin-binaries/'+args.version, shell=True)
subprocess.check_call('mv build/out/bitcoin-*win32-setup.exe ../bitcoin-binaries/'+args.version, shell=True)
@@ -103,7 +103,7 @@ def sign():
if args.macos:
print('\nSigning ' + args.version + ' MacOS')
subprocess.check_call('cp inputs/bitcoin-' + args.version + '-osx-unsigned.tar.gz inputs/bitcoin-osx-unsigned.tar.gz', shell=True)
- subprocess.check_call(['bin/gbuild', '-i', '--commit', 'signature='+args.commit, '../bitcoin/contrib/gitian-descriptors/gitian-osx-signer.yml'])
+ subprocess.check_call(['bin/gbuild', '--skip-image', '--upgrade', '--commit', 'signature='+args.commit, '../bitcoin/contrib/gitian-descriptors/gitian-osx-signer.yml'])
subprocess.check_call(['bin/gsign', '-p', args.sign_prog, '--signer', args.signer, '--release', args.version+'-osx-signed', '--destination', '../gitian.sigs/', '../bitcoin/contrib/gitian-descriptors/gitian-osx-signer.yml'])
subprocess.check_call('mv build/out/bitcoin-osx-signed.dmg ../bitcoin-binaries/'+args.version+'/bitcoin-'+args.version+'-osx.dmg', shell=True)