From b962b76f439f5614c5ce10c4efc601f290311986 Mon Sep 17 00:00:00 2001 From: Filippo Valsorda Date: Mon, 31 Dec 2012 19:15:30 +0100 Subject: re-worked release workflow, it is one-step and creates GPG signatures now --- devscripts/gh-pages/add-version.py | 33 ++++++++++++++++++++++++++++++++ devscripts/gh-pages/generate-download.py | 19 +++++++++--------- devscripts/gh-pages/sign-versions.py | 28 +++++++++++++++++++++++++++ devscripts/gh-pages/sign_versions.py | 30 ----------------------------- 4 files changed, 70 insertions(+), 40 deletions(-) create mode 100755 devscripts/gh-pages/add-version.py create mode 100755 devscripts/gh-pages/sign-versions.py delete mode 100755 devscripts/gh-pages/sign_versions.py (limited to 'devscripts/gh-pages') diff --git a/devscripts/gh-pages/add-version.py b/devscripts/gh-pages/add-version.py new file mode 100755 index 000000000..6af8bb9d8 --- /dev/null +++ b/devscripts/gh-pages/add-version.py @@ -0,0 +1,33 @@ +#!/usr/bin/env python3 + +import json +import sys +import hashlib +import urllib.request + +if len(sys.argv) <= 1: + print('Specify the version number as parameter') + sys.exit() +version = sys.argv[1] + +with open('update/LATEST_VERSION', 'w') as f: + f.write(version) + +versions_info = json.load(open('update/versions.json')) +if 'signature' in versions_info: + del versions_info['signature'] + +new_version = {} + +filenames = {'bin': 'youtube-dl', 'exe': 'youtube-dl.exe', 'tar': 'youtube-dl-%s.tar.gz' % version} +for key, filename in filenames.items(): + print('Downloading and checksumming %s...' %filename) + url = 'http://youtube-dl.org/downloads/%s/%s' % (version, filename) + data = urllib.request.urlopen(url).read() + sha256sum = hashlib.sha256(data).hexdigest() + new_version[key] = (url, sha256sum) + +versions_info['versions'][version] = new_version +versions_info['latest'] = version + +json.dump(versions_info, open('update/versions.json', 'w'), indent=4, sort_keys=True) \ No newline at end of file diff --git a/devscripts/gh-pages/generate-download.py b/devscripts/gh-pages/generate-download.py index f19729f59..55912e12c 100755 --- a/devscripts/gh-pages/generate-download.py +++ b/devscripts/gh-pages/generate-download.py @@ -4,18 +4,13 @@ import shutil import subprocess import tempfile import urllib.request +import json -URL = 'https://github.com/downloads/rg3/youtube-dl/youtube-dl' +versions_info = json.load(open('update/versions.json')) +version = versions_info['latest'] +URL = versions_info['versions'][version]['bin'][0] -with tempfile.NamedTemporaryFile(suffix='youtube-dl', delete=True) as ytdl_file: - with urllib.request.urlopen(URL) as dl: - shutil.copyfileobj(dl, ytdl_file) - - ytdl_file.seek(0) - data = ytdl_file.read() - - ytdl_file.flush() - version = subprocess.check_output(['python3', ytdl_file.name, '--version']).decode('ascii').strip() +data = urllib.request.urlopen(URL).read() # Read template page with open('download.html.in', 'r', encoding='utf-8') as tmplf: @@ -29,5 +24,9 @@ template = template.replace('@PROGRAM_URL@', URL) template = template.replace('@PROGRAM_MD5SUM@', md5sum) template = template.replace('@PROGRAM_SHA1SUM@', sha1sum) template = template.replace('@PROGRAM_SHA256SUM@', sha256sum) +template = template.replace('@EXE_URL@', versions_info['versions'][version]['exe'][0]) +template = template.replace('@EXE_SHA256SUM@', versions_info['versions'][version]['exe'][1]) +template = template.replace('@TAR_URL@', versions_info['versions'][version]['tar'][0]) +template = template.replace('@TAR_SHA256SUM@', versions_info['versions'][version]['tar'][1]) with open('download.html', 'w', encoding='utf-8') as dlf: dlf.write(template) diff --git a/devscripts/gh-pages/sign-versions.py b/devscripts/gh-pages/sign-versions.py new file mode 100755 index 000000000..dd126df52 --- /dev/null +++ b/devscripts/gh-pages/sign-versions.py @@ -0,0 +1,28 @@ +#!/usr/bin/env python3 + +import rsa +import json +from binascii import hexlify + +versions_info = json.load(open('update/versions.json')) +if 'signature' in versions_info: + del versions_info['signature'] + +print('Enter the PKCS1 private key, followed by a blank line:') +privkey = '' +while True: + try: + line = input() + except EOFError: + break + if line == '': + break + privkey += line + '\n' +privkey = bytes(privkey, 'ascii') +privkey = rsa.PrivateKey.load_pkcs1(privkey) + +signature = hexlify(rsa.pkcs1.sign(json.dumps(versions_info, sort_keys=True).encode('utf-8'), privkey, 'SHA-256')).decode() +print('signature: ' + signature) + +versions_info['signature'] = signature +json.dump(versions_info, open('update/versions.json', 'w'), indent=4, sort_keys=True) \ No newline at end of file diff --git a/devscripts/gh-pages/sign_versions.py b/devscripts/gh-pages/sign_versions.py deleted file mode 100755 index 5d94a3a03..000000000 --- a/devscripts/gh-pages/sign_versions.py +++ /dev/null @@ -1,30 +0,0 @@ -#! /usr/bin/env python3 - -import rsa -import json -from binascii import hexlify - -# TODO path discovery -versions_info = json.load(open('update/versions.json')) -if 'signature' in versions_info: - del versions_info['signature'] - - -print('Enter the PKCS1 private key, followed by a blank line:') -privkey = '' -while True: - try: - line = input() - except EOFError: - break - if line == '': - break - privkey += line + '\n' -privkey = bytes(privkey, 'ascii') -privkey = rsa.PrivateKey.load_pkcs1(privkey) - -signature = hexlify(rsa.pkcs1.sign(json.dumps(versions_info, sort_keys=True).encode('utf-8'), privkey, 'SHA-256')).decode() -print('signature: ' + signature) - -versions_info['signature'] = signature -json.dump(versions_info, open('update/versions.json', 'w'), indent=4, sort_keys=True) \ No newline at end of file -- cgit v1.2.3