From: Sergey Matveev Date: Wed, 16 Aug 2023 07:19:27 +0000 (+0300) Subject: .ziphash.sig X-Git-Url: http://www.git.cypherpunks.ru/?a=commitdiff_plain;h=c029dd647443c511ffacabe10edaa922072ad652b544f6440e0350367f5e3ab1;p=prepro.git .ziphash.sig --- diff --git a/USAGE b/USAGE index e3cd6ab..e51d886 100644 --- a/USAGE +++ b/USAGE @@ -1,9 +1,11 @@ mk-mod utility creates GOPROXY-compatible version of the module in the current directory: - mk-mod VCS-URL VCS-PATH MODULE-NAME VERSION + mk-mod VCS-URL VCS-PATH MODULE-NAME VERSION [SIGNKEY] Only Git VCS is supported. Git tag's name must be equal to VERSION. mk-mods iterates through all tags: - mk-mods VCS-URL VCS-PATH MODULE-BASE-NAME + mk-mods VCS-URL VCS-PATH MODULE-BASE-NAME [SIGNKEY] +SIGNKEY is optional path to OpenSSH signing key, that will sign the +.ziphash file. mk-list utility collects all known versions in current GOPROXY directory and creates corresponding "list" files. diff --git a/mk-mod b/mk-mod index dc83c8b..1d9332a 100755 --- a/mk-mod +++ b/mk-mod @@ -6,6 +6,7 @@ vcsurl=$1 vcspath=$2 modname=$3 version=$4 +signkey=$5 dst=$modname/@v mkdir -p $dst @@ -32,4 +33,9 @@ $ziphash $version.zip > $version.ziphash unzip -p $version.zip ${modname}@${version}/go.mod > $version.mod printf '{"Version":"%s","Time":"%s","Origin":{"VCS":"git","URL":"%s","Ref":"refs/tags/%s","Hash":"%s"}}' \ $version $when $vcsurl $version $hsh > $version.info -touch -d $when $version.info $version.mod $version.zip $version.ziphash +totouch=($version.info $version.mod $version.zip $version.ziphash) +[[ -z $signkey ]] || { + ssh-keygen -Y sign -f $signkey -n file $version.ziphash + totouch=($totouch $version.ziphash.sig) +} +touch -d $when $totouch diff --git a/mk-mods b/mk-mods index dbc2bba..dc72176 100755 --- a/mk-mods +++ b/mk-mods @@ -5,7 +5,8 @@ root=$0:h:a vcsurl=$1 vcspath=$2 modbase=$3 +signkey=$4 $root/list-vers $vcspath $modbase | while IFS=" " read modname version ; do - $root/mk-mod $vcsurl $vcspath $modname $version + $root/mk-mod $vcsurl $vcspath $modname $version $signkey done