diff options
author | Carl Dong <contact@carldong.me> | 2021-04-20 15:53:08 -0400 |
---|---|---|
committer | Carl Dong <contact@carldong.me> | 2021-05-03 13:18:19 -0400 |
commit | d522d8006b891eccd7901faf391f9c041ddf8e38 (patch) | |
tree | 6196e4a8400167e71b5570fb7b4aa17d5b1f4bc8 /contrib/guix/libexec | |
parent | f9e2960c018103be756a7f8a506816b49d662514 (diff) | |
download | bitcoin-d522d8006b891eccd7901faf391f9c041ddf8e38.tar.xz |
guix: Attest to inputs in inputs.SHA256SUMS
At build/codesigning-time, hash build inputs and output the digest to
${OUTDIR}/inputs.SHA256SUMS, which gets included in the final SHA256SUMS
constructed by guix-attest.
Example final SHA256SUMS:
ee832d2a35b7701bff581dea05a536118b118e3ad0a587a2855b6ee8cd6fba20 inputs/bitcoin-78199266af7b.tar.gz
ca765e70a0c12866dd63c0be228b675278a26329e5f8f5b5c52fd09200fedf21 bitcoin-78199266af7b-powerpc64le-linux-gnu-debug.tar.gz
dae95327d7f2c324e2728c4b73627be6cb2c0d2f2e5bea940d1d5e6463939327 bitcoin-78199266af7b-powerpc64le-linux-gnu.tar.gz
Diffstat (limited to 'contrib/guix/libexec')
-rw-r--r-- | contrib/guix/libexec/build.sh | 15 |
1 files changed, 15 insertions, 0 deletions
diff --git a/contrib/guix/libexec/build.sh b/contrib/guix/libexec/build.sh index 1bd4fee884..ce61cd52c7 100644 --- a/contrib/guix/libexec/build.sh +++ b/contrib/guix/libexec/build.sh @@ -231,6 +231,21 @@ if [ ! -e "$GIT_ARCHIVE" ]; then git archive --prefix="${DISTNAME}/" --output="$GIT_ARCHIVE" HEAD fi +# tmpdir="$(mktemp -d)" +# ( +# cd "$tmpdir" +# mkdir -p inputs +# ln -sf --target-directory=inputs "$GIT_ARCHIVE" + +# mkdir -p "$OUTDIR" +# find -L inputs -type f -print0 | xargs -0 sha256sum > "${OUTDIR}/inputs.SHA256SUMS" +# ) + +mkdir -p "$OUTDIR" +cat << EOF > "$OUTDIR"/inputs.SHA256SUMS +$(sha256sum "$GIT_ARCHIVE" | cut -d' ' -f1) inputs/$(basename "$GIT_ARCHIVE") +EOF + ########################### # Binary Tarball Building # ########################### |