You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

gitian-build.sh 10KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392
  1. # Copyright (c) 2016 The Starwels developers
  2. # Distributed under the MIT software license, see the accompanying
  3. # file COPYING or http://www.opensource.org/licenses/mit-license.php.
  4. # What to do
  5. sign=false
  6. verify=false
  7. build=false
  8. setupenv=false
  9. # Systems to build
  10. linux=true
  11. windows=true
  12. osx=true
  13. # Other Basic variables
  14. SIGNER=
  15. VERSION=
  16. commit=false
  17. url=https://github.com/starwels/starwels
  18. proc=2
  19. mem=2000
  20. lxc=true
  21. osslTarUrl=http://downloads.sourceforge.net/project/osslsigncode/osslsigncode/osslsigncode-1.7.1.tar.gz
  22. osslPatchUrl=https://bitcoincore.org/cfields/osslsigncode-Backports-to-1.7.1.patch
  23. scriptName=$(basename -- "$0")
  24. signProg="gpg --detach-sign"
  25. commitFiles=true
  26. # Help Message
  27. read -d '' usage <<- EOF
  28. Usage: $scriptName [-c|u|v|b|s|B|o|h|j|m|] signer version
  29. Run this script from the directory containing the starwels, gitian-builder, gitian.sigs, and starwels-detached-sigs.
  30. Arguments:
  31. signer GPG signer to sign each build assert file
  32. version Version number, commit, or branch to build. If building a commit or branch, the -c option must be specified
  33. Options:
  34. -c|--commit Indicate that the version argument is for a commit or branch
  35. -u|--url Specify the URL of the repository. Default is https://github.com/starwels/starwels
  36. -v|--verify Verify the gitian build
  37. -b|--build Do a gitian build
  38. -s|--sign Make signed binaries for Windows and Mac OSX
  39. -B|--buildsign Build both signed and unsigned binaries
  40. -o|--os Specify which Operating Systems the build is for. Default is lwx. l for linux, w for windows, x for osx
  41. -j Number of processes to use. Default 2
  42. -m Memory to allocate in MiB. Default 2000
  43. --kvm Use KVM instead of LXC
  44. --setup Setup the gitian building environment. Uses KVM. If you want to use lxc, use the --lxc option. Only works on Debian-based systems (Ubuntu, Debian)
  45. --detach-sign Create the assert file for detached signing. Will not commit anything.
  46. --no-commit Do not commit anything to git
  47. -h|--help Print this help message
  48. EOF
  49. # Get options and arguments
  50. while :; do
  51. case $1 in
  52. # Verify
  53. -v|--verify)
  54. verify=true
  55. ;;
  56. # Build
  57. -b|--build)
  58. build=true
  59. ;;
  60. # Sign binaries
  61. -s|--sign)
  62. sign=true
  63. ;;
  64. # Build then Sign
  65. -B|--buildsign)
  66. sign=true
  67. build=true
  68. ;;
  69. # PGP Signer
  70. -S|--signer)
  71. if [ -n "$2" ]
  72. then
  73. SIGNER=$2
  74. shift
  75. else
  76. echo 'Error: "--signer" requires a non-empty argument.'
  77. exit 1
  78. fi
  79. ;;
  80. # Operating Systems
  81. -o|--os)
  82. if [ -n "$2" ]
  83. then
  84. linux=false
  85. windows=false
  86. osx=false
  87. if [[ "$2" = *"l"* ]]
  88. then
  89. linux=true
  90. fi
  91. if [[ "$2" = *"w"* ]]
  92. then
  93. windows=true
  94. fi
  95. if [[ "$2" = *"x"* ]]
  96. then
  97. osx=true
  98. fi
  99. shift
  100. else
  101. echo 'Error: "--os" requires an argument containing an l (for linux), w (for windows), or x (for Mac OSX)\n'
  102. exit 1
  103. fi
  104. ;;
  105. # Help message
  106. -h|--help)
  107. echo "$usage"
  108. exit 0
  109. ;;
  110. # Commit or branch
  111. -c|--commit)
  112. commit=true
  113. ;;
  114. # Number of Processes
  115. -j)
  116. if [ -n "$2" ]
  117. then
  118. proc=$2
  119. shift
  120. else
  121. echo 'Error: "-j" requires an argument'
  122. exit 1
  123. fi
  124. ;;
  125. # Memory to allocate
  126. -m)
  127. if [ -n "$2" ]
  128. then
  129. mem=$2
  130. shift
  131. else
  132. echo 'Error: "-m" requires an argument'
  133. exit 1
  134. fi
  135. ;;
  136. # URL
  137. -u)
  138. if [ -n "$2" ]
  139. then
  140. url=$2
  141. shift
  142. else
  143. echo 'Error: "-u" requires an argument'
  144. exit 1
  145. fi
  146. ;;
  147. # kvm
  148. --kvm)
  149. lxc=false
  150. ;;
  151. # Detach sign
  152. --detach-sign)
  153. signProg="true"
  154. commitFiles=false
  155. ;;
  156. # Commit files
  157. --no-commit)
  158. commitFiles=false
  159. ;;
  160. # Setup
  161. --setup)
  162. setup=true
  163. ;;
  164. *) # Default case: If no more options then break out of the loop.
  165. break
  166. esac
  167. shift
  168. done
  169. # Set up LXC
  170. if [[ $lxc = true ]]
  171. then
  172. export USE_LXC=1
  173. export LXC_BRIDGE=lxcbr0
  174. sudo ifconfig lxcbr0 up 10.0.2.2
  175. fi
  176. # Check for OSX SDK
  177. if [[ ! -e "gitian-builder/inputs/MacOSX10.11.sdk.tar.gz" && $osx == true ]]
  178. then
  179. echo "Cannot build for OSX, SDK does not exist. Will build for other OSes"
  180. osx=false
  181. fi
  182. # Get signer
  183. if [[ -n"$1" ]]
  184. then
  185. SIGNER=$1
  186. shift
  187. fi
  188. # Get version
  189. if [[ -n "$1" ]]
  190. then
  191. VERSION=$1
  192. COMMIT=$VERSION
  193. shift
  194. fi
  195. # Check that a signer is specified
  196. if [[ $SIGNER == "" ]]
  197. then
  198. echo "$scriptName: Missing signer."
  199. echo "Try $scriptName --help for more information"
  200. exit 1
  201. fi
  202. # Check that a version is specified
  203. if [[ $VERSION == "" ]]
  204. then
  205. echo "$scriptName: Missing version."
  206. echo "Try $scriptName --help for more information"
  207. exit 1
  208. fi
  209. # Add a "v" if no -c
  210. if [[ $commit = false ]]
  211. then
  212. COMMIT="v${VERSION}"
  213. fi
  214. echo ${COMMIT}
  215. # Setup build environment
  216. if [[ $setup = true ]]
  217. then
  218. sudo apt-get install ruby apache2 git apt-cacher-ng python-vm-builder qemu-kvm qemu-utils
  219. git clone https://github.com/starwels/gitian.sigs.git
  220. git clone https://github.com/starwels/starwels-detached-sigs.git
  221. git clone https://github.com/devrandom/gitian-builder.git
  222. pushd ./gitian-builder
  223. if [[ -n "$USE_LXC" ]]
  224. then
  225. sudo apt-get install lxc
  226. bin/make-base-vm --suite trusty --arch amd64 --lxc
  227. else
  228. bin/make-base-vm --suite trusty --arch amd64
  229. fi
  230. popd
  231. fi
  232. # Set up build
  233. pushd ./starwels
  234. git fetch
  235. git checkout ${COMMIT}
  236. popd
  237. # Build
  238. if [[ $build = true ]]
  239. then
  240. # Make output folder
  241. mkdir -p ./starwels-binaries/${VERSION}
  242. # Build Dependencies
  243. echo ""
  244. echo "Building Dependencies"
  245. echo ""
  246. pushd ./gitian-builder
  247. mkdir -p inputs
  248. wget -N -P inputs $osslPatchUrl
  249. wget -N -P inputs $osslTarUrl
  250. make -C ../starwels/depends download SOURCES_PATH=`pwd`/cache/common
  251. # Linux
  252. if [[ $linux = true ]]
  253. then
  254. echo ""
  255. echo "Compiling ${VERSION} Linux"
  256. echo ""
  257. ./bin/gbuild -j ${proc} -m ${mem} --commit starwels=${COMMIT} --url starwels=${url} ../starwels/contrib/gitian-descriptors/gitian-linux.yml
  258. ./bin/gsign -p $signProg --signer $SIGNER --release ${VERSION}-linux --destination ../gitian.sigs/ ../starwels/contrib/gitian-descriptors/gitian-linux.yml
  259. mv build/out/starwels-*.tar.gz build/out/src/starwels-*.tar.gz ../starwels-binaries/${VERSION}
  260. fi
  261. # Windows
  262. if [[ $windows = true ]]
  263. then
  264. echo ""
  265. echo "Compiling ${VERSION} Windows"
  266. echo ""
  267. ./bin/gbuild -j ${proc} -m ${mem} --commit starwels=${COMMIT} --url starwels=${url} ../starwels/contrib/gitian-descriptors/gitian-win.yml
  268. ./bin/gsign -p $signProg --signer $SIGNER --release ${VERSION}-win-unsigned --destination ../gitian.sigs/ ../starwels/contrib/gitian-descriptors/gitian-win.yml
  269. mv build/out/starwels-*-win-unsigned.tar.gz inputs/starwels-win-unsigned.tar.gz
  270. mv build/out/starwels-*.zip build/out/starwels-*.exe ../starwels-binaries/${VERSION}
  271. fi
  272. # Mac OSX
  273. if [[ $osx = true ]]
  274. then
  275. echo ""
  276. echo "Compiling ${VERSION} Mac OSX"
  277. echo ""
  278. ./bin/gbuild -j ${proc} -m ${mem} --commit starwels=${COMMIT} --url starwels=${url} ../starwels/contrib/gitian-descriptors/gitian-osx.yml
  279. ./bin/gsign -p $signProg --signer $SIGNER --release ${VERSION}-osx-unsigned --destination ../gitian.sigs/ ../starwels/contrib/gitian-descriptors/gitian-osx.yml
  280. mv build/out/starwels-*-osx-unsigned.tar.gz inputs/starwels-osx-unsigned.tar.gz
  281. mv build/out/starwels-*.tar.gz build/out/starwels-*.dmg ../starwels-binaries/${VERSION}
  282. fi
  283. popd
  284. if [[ $commitFiles = true ]]
  285. then
  286. # Commit to gitian.sigs repo
  287. echo ""
  288. echo "Committing ${VERSION} Unsigned Sigs"
  289. echo ""
  290. pushd gitian.sigs
  291. git add ${VERSION}-linux/${SIGNER}
  292. git add ${VERSION}-win-unsigned/${SIGNER}
  293. git add ${VERSION}-osx-unsigned/${SIGNER}
  294. git commit -a -m "Add ${VERSION} unsigned sigs for ${SIGNER}"
  295. popd
  296. fi
  297. fi
  298. # Verify the build
  299. if [[ $verify = true ]]
  300. then
  301. # Linux
  302. pushd ./gitian-builder
  303. echo ""
  304. echo "Verifying v${VERSION} Linux"
  305. echo ""
  306. ./bin/gverify -v -d ../gitian.sigs/ -r ${VERSION}-linux ../starwels/contrib/gitian-descriptors/gitian-linux.yml
  307. # Windows
  308. echo ""
  309. echo "Verifying v${VERSION} Windows"
  310. echo ""
  311. ./bin/gverify -v -d ../gitian.sigs/ -r ${VERSION}-win-unsigned ../starwels/contrib/gitian-descriptors/gitian-win.yml
  312. # Mac OSX
  313. echo ""
  314. echo "Verifying v${VERSION} Mac OSX"
  315. echo ""
  316. ./bin/gverify -v -d ../gitian.sigs/ -r ${VERSION}-osx-unsigned ../starwels/contrib/gitian-descriptors/gitian-osx.yml
  317. # Signed Windows
  318. echo ""
  319. echo "Verifying v${VERSION} Signed Windows"
  320. echo ""
  321. ./bin/gverify -v -d ../gitian.sigs/ -r ${VERSION}-osx-signed ../starwels/contrib/gitian-descriptors/gitian-osx-signer.yml
  322. # Signed Mac OSX
  323. echo ""
  324. echo "Verifying v${VERSION} Signed Mac OSX"
  325. echo ""
  326. ./bin/gverify -v -d ../gitian.sigs/ -r ${VERSION}-osx-signed ../starwels/contrib/gitian-descriptors/gitian-osx-signer.yml
  327. popd
  328. fi
  329. # Sign binaries
  330. if [[ $sign = true ]]
  331. then
  332. pushd ./gitian-builder
  333. # Sign Windows
  334. if [[ $windows = true ]]
  335. then
  336. echo ""
  337. echo "Signing ${VERSION} Windows"
  338. echo ""
  339. ./bin/gbuild -i --commit signature=${COMMIT} ../starwels/contrib/gitian-descriptors/gitian-win-signer.yml
  340. ./bin/gsign -p $signProg --signer $SIGNER --release ${VERSION}-win-signed --destination ../gitian.sigs/ ../starwels/contrib/gitian-descriptors/gitian-win-signer.yml
  341. mv build/out/starwels-*win64-setup.exe ../starwels-binaries/${VERSION}
  342. mv build/out/starwels-*win32-setup.exe ../starwels-binaries/${VERSION}
  343. fi
  344. # Sign Mac OSX
  345. if [[ $osx = true ]]
  346. then
  347. echo ""
  348. echo "Signing ${VERSION} Mac OSX"
  349. echo ""
  350. ./bin/gbuild -i --commit signature=${COMMIT} ../starwels/contrib/gitian-descriptors/gitian-osx-signer.yml
  351. ./bin/gsign -p $signProg --signer $SIGNER --release ${VERSION}-osx-signed --destination ../gitian.sigs/ ../starwels/contrib/gitian-descriptors/gitian-osx-signer.yml
  352. mv build/out/starwels-osx-signed.dmg ../starwels-binaries/${VERSION}/starwels-${VERSION}-osx.dmg
  353. fi
  354. popd
  355. if [[ $commitFiles = true ]]
  356. then
  357. # Commit Sigs
  358. pushd gitian.sigs
  359. echo ""
  360. echo "Committing ${VERSION} Signed Sigs"
  361. echo ""
  362. git add ${VERSION}-win-signed/${SIGNER}
  363. git add ${VERSION}-osx-signed/${SIGNER}
  364. git commit -a -m "Add ${VERSION} signed binary sigs for ${SIGNER}"
  365. popd
  366. fi
  367. fi