upload-release.pl: Copy the install script and sign everything
Note: this means that for those doing 'curl | sh', you can now pin a specific version, e.g. curl https://nixos.org/releases/nix/nix-2.0.4/install | sh https://nixos.org/nix/{install,install.sig} are now just symlinks to the corresponding files in the latest release directory.
This commit is contained in:
parent
93aa3bea2e
commit
f0d9909f10
1 changed files with 9 additions and 15 deletions
|
@ -76,15 +76,20 @@ sub downloadFile {
|
||||||
|
|
||||||
write_file("$dstFile.sha256", $sha256_expected);
|
write_file("$dstFile.sha256", $sha256_expected);
|
||||||
|
|
||||||
|
if (! -e "$dstFile.asc") {
|
||||||
|
system("gpg2 --detach-sign --armor $dstFile") == 0 or die "unable to sign $dstFile\n";
|
||||||
|
}
|
||||||
|
|
||||||
return ($dstFile, $sha256_expected);
|
return ($dstFile, $sha256_expected);
|
||||||
}
|
}
|
||||||
|
|
||||||
downloadFile("tarball", "2"); # .tar.bz2
|
downloadFile("tarball", "2"); # .tar.bz2
|
||||||
my ($tarball, $tarballHash) = downloadFile("tarball", "3"); # .tar.xz
|
my ($tarball, $tarballHash) = downloadFile("tarball", "3"); # .tar.xz
|
||||||
my ($tarball_i686_linux, $tarball_i686_linux_hash) = downloadFile("binaryTarball.i686-linux", "1");
|
downloadFile("binaryTarball.i686-linux", "1");
|
||||||
my ($tarball_x86_64_linux, $tarball_x86_64_linux_hash) = downloadFile("binaryTarball.x86_64-linux", "1");
|
downloadFile("binaryTarball.x86_64-linux", "1");
|
||||||
my ($tarball_aarch64_linux, $tarball_aarch64_linux_hash) = downloadFile("binaryTarball.aarch64-linux", "1");
|
downloadFile("binaryTarball.aarch64-linux", "1");
|
||||||
my ($tarball_x86_64_darwin, $tarball_x86_64_darwin_hash) = downloadFile("binaryTarball.x86_64-darwin", "1");
|
downloadFile("binaryTarball.x86_64-darwin", "1");
|
||||||
|
downloadFile("installerScript", "1");
|
||||||
|
|
||||||
# Update Nixpkgs in a very hacky way.
|
# Update Nixpkgs in a very hacky way.
|
||||||
system("cd $nixpkgsDir && git pull") == 0 or die;
|
system("cd $nixpkgsDir && git pull") == 0 or die;
|
||||||
|
@ -144,17 +149,6 @@ system("cd $siteDir && git pull") == 0 or die;
|
||||||
write_file("$siteDir/nix-release.tt",
|
write_file("$siteDir/nix-release.tt",
|
||||||
"[%-\n" .
|
"[%-\n" .
|
||||||
"latestNixVersion = \"$version\"\n" .
|
"latestNixVersion = \"$version\"\n" .
|
||||||
"nix_hash_i686_linux = \"$tarball_i686_linux_hash\"\n" .
|
|
||||||
"nix_hash_x86_64_linux = \"$tarball_x86_64_linux_hash\"\n" .
|
|
||||||
"nix_hash_aarch64_linux = \"$tarball_aarch64_linux_hash\"\n" .
|
|
||||||
"nix_hash_x86_64_darwin = \"$tarball_x86_64_darwin_hash\"\n" .
|
|
||||||
"-%]\n");
|
"-%]\n");
|
||||||
|
|
||||||
system("cd $siteDir && nix-shell --run 'make nix/install nix/install.sig'") == 0 or die;
|
|
||||||
|
|
||||||
copy("$siteDir/nix/install", "$siteDir/nix/install-$version") or die;
|
|
||||||
copy("$siteDir/nix/install.sig", "$siteDir/nix/install-$version.sig") or die;
|
|
||||||
|
|
||||||
system("cd $siteDir && git add nix/install-$version nix/install-$version.sig") == 0 or die;
|
|
||||||
|
|
||||||
system("cd $siteDir && git commit -a -m 'Nix $version released'") == 0 or die;
|
system("cd $siteDir && git commit -a -m 'Nix $version released'") == 0 or die;
|
||||||
|
|
Loading…
Reference in a new issue