You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

gitian-build.sh 10KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389
  1. # Copyright (c) 2016 The Starwels developers
  2. # Distributed under the MIT software license, see the accompanying
  3. # file COPYING or http://www.opensource.org/licenses/mit-license.php.
  4. # What to do
  5. sign=false
  6. verify=false
  7. build=false
  8. # Systems to build
  9. linux=true
  10. windows=true
  11. osx=true
  12. # Other Basic variables
  13. SIGNER=
  14. VERSION=
  15. commit=false
  16. url=https://github.com/starwels/starwels
  17. proc=2
  18. mem=2000
  19. lxc=true
  20. osslTarUrl=http://downloads.sourceforge.net/project/osslsigncode/osslsigncode/osslsigncode-1.7.1.tar.gz
  21. osslPatchUrl=https://bitcoincore.org/cfields/osslsigncode-Backports-to-1.7.1.patch
  22. scriptName=$(basename -- "$0")
  23. signProg="gpg --detach-sign"
  24. commitFiles=true
  25. # Help Message
  26. read -d '' usage <<- EOF
  27. Usage: $scriptName [-c|u|v|b|s|B|o|h|j|m|] signer version
  28. Run this script from the directory containing the starwels, gitian-builder, gitian.sigs, and starwels-detached-sigs.
  29. Arguments:
  30. signer GPG signer to sign each build assert file
  31. version Version number, commit, or branch to build. If building a commit or branch, the -c option must be specified
  32. Options:
  33. -c|--commit Indicate that the version argument is for a commit or branch
  34. -u|--url Specify the URL of the repository. Default is https://github.com/starwels/starwels
  35. -v|--verify Verify the Gitian build
  36. -b|--build Do a Gitian build
  37. -s|--sign Make signed binaries for Windows and Mac OSX
  38. -B|--buildsign Build both signed and unsigned binaries
  39. -o|--os Specify which Operating Systems the build is for. Default is lwx. l for linux, w for windows, x for osx
  40. -j Number of processes to use. Default 2
  41. -m Memory to allocate in MiB. Default 2000
  42. --kvm Use KVM instead of LXC
  43. --setup Set up the Gitian building environment. Uses KVM. If you want to use lxc, use the --lxc option. Only works on Debian-based systems (Ubuntu, Debian)
  44. --detach-sign Create the assert file for detached signing. Will not commit anything.
  45. --no-commit Do not commit anything to git
  46. -h|--help Print this help message
  47. EOF
  48. # Get options and arguments
  49. while :; do
  50. case $1 in
  51. # Verify
  52. -v|--verify)
  53. verify=true
  54. ;;
  55. # Build
  56. -b|--build)
  57. build=true
  58. ;;
  59. # Sign binaries
  60. -s|--sign)
  61. sign=true
  62. ;;
  63. # Build then Sign
  64. -B|--buildsign)
  65. sign=true
  66. build=true
  67. ;;
  68. # PGP Signer
  69. -S|--signer)
  70. if [ -n "$2" ]
  71. then
  72. SIGNER=$2
  73. shift
  74. else
  75. echo 'Error: "--signer" requires a non-empty argument.'
  76. exit 1
  77. fi
  78. ;;
  79. # Operating Systems
  80. -o|--os)
  81. if [ -n "$2" ]
  82. then
  83. linux=false
  84. windows=false
  85. osx=false
  86. if [[ "$2" = *"l"* ]]
  87. then
  88. linux=true
  89. fi
  90. if [[ "$2" = *"w"* ]]
  91. then
  92. windows=true
  93. fi
  94. if [[ "$2" = *"x"* ]]
  95. then
  96. osx=true
  97. fi
  98. shift
  99. else
  100. echo 'Error: "--os" requires an argument containing an l (for linux), w (for windows), or x (for Mac OSX)'
  101. exit 1
  102. fi
  103. ;;
  104. # Help message
  105. -h|--help)
  106. echo "$usage"
  107. exit 0
  108. ;;
  109. # Commit or branch
  110. -c|--commit)
  111. commit=true
  112. ;;
  113. # Number of Processes
  114. -j)
  115. if [ -n "$2" ]
  116. then
  117. proc=$2
  118. shift
  119. else
  120. echo 'Error: "-j" requires an argument'
  121. exit 1
  122. fi
  123. ;;
  124. # Memory to allocate
  125. -m)
  126. if [ -n "$2" ]
  127. then
  128. mem=$2
  129. shift
  130. else
  131. echo 'Error: "-m" requires an argument'
  132. exit 1
  133. fi
  134. ;;
  135. # URL
  136. -u)
  137. if [ -n "$2" ]
  138. then
  139. url=$2
  140. shift
  141. else
  142. echo 'Error: "-u" requires an argument'
  143. exit 1
  144. fi
  145. ;;
  146. # kvm
  147. --kvm)
  148. lxc=false
  149. ;;
  150. # Detach sign
  151. --detach-sign)
  152. signProg="true"
  153. commitFiles=false
  154. ;;
  155. # Commit files
  156. --no-commit)
  157. commitFiles=false
  158. ;;
  159. # Setup
  160. --setup)
  161. setup=true
  162. ;;
  163. *) # Default case: If no more options then break out of the loop.
  164. break
  165. esac
  166. shift
  167. done
  168. # Set up LXC
  169. if [[ $lxc = true ]]
  170. then
  171. export USE_LXC=1
  172. fi
  173. # Check for OSX SDK
  174. if [[ ! -e "gitian-builder/inputs/MacOSX10.11.sdk.tar.gz" && $osx == true ]]
  175. then
  176. echo "Cannot build for OSX, SDK does not exist. Will build for other OSes"
  177. osx=false
  178. fi
  179. # Get signer
  180. if [[ -n "$1" ]]
  181. then
  182. SIGNER=$1
  183. shift
  184. fi
  185. # Get version
  186. if [[ -n "$1" ]]
  187. then
  188. VERSION=$1
  189. COMMIT=$VERSION
  190. shift
  191. fi
  192. # Check that a signer is specified
  193. if [[ $SIGNER == "" ]]
  194. then
  195. echo "$scriptName: Missing signer."
  196. echo "Try $scriptName --help for more information"
  197. exit 1
  198. fi
  199. # Check that a version is specified
  200. if [[ $VERSION == "" ]]
  201. then
  202. echo "$scriptName: Missing version."
  203. echo "Try $scriptName --help for more information"
  204. exit 1
  205. fi
  206. # Add a "v" if no -c
  207. if [[ $commit = false ]]
  208. then
  209. COMMIT="v${VERSION}"
  210. fi
  211. echo ${COMMIT}
  212. # Setup build environment
  213. if [[ $setup = true ]]
  214. then
  215. sudo apt-get install ruby apache2 git apt-cacher-ng python-vm-builder qemu-kvm qemu-utils
  216. git clone https://github.com/starwels/gitian.sigs.git
  217. git clone https://github.com/starwels/starwels-detached-sigs.git
  218. git clone https://github.com/devrandom/gitian-builder.git
  219. pushd ./gitian-builder
  220. if [[ -n "$USE_LXC" ]]
  221. then
  222. sudo apt-get install lxc
  223. bin/make-base-vm --suite trusty --arch amd64 --lxc
  224. else
  225. bin/make-base-vm --suite trusty --arch amd64
  226. fi
  227. popd
  228. fi
  229. # Set up build
  230. pushd ./starwels
  231. git fetch
  232. git checkout ${COMMIT}
  233. popd
  234. # Build
  235. if [[ $build = true ]]
  236. then
  237. # Make output folder
  238. mkdir -p ./starwels-binaries/${VERSION}
  239. # Build Dependencies
  240. echo ""
  241. echo "Building Dependencies"
  242. echo ""
  243. pushd ./gitian-builder
  244. mkdir -p inputs
  245. wget -N -P inputs $osslPatchUrl
  246. wget -N -P inputs $osslTarUrl
  247. make -C ../starwels/depends download SOURCES_PATH=`pwd`/cache/common
  248. # Linux
  249. if [[ $linux = true ]]
  250. then
  251. echo ""
  252. echo "Compiling ${VERSION} Linux"
  253. echo ""
  254. ./bin/gbuild -j ${proc} -m ${mem} --commit starwels=${COMMIT} --url starwels=${url} ../starwels/contrib/gitian-descriptors/gitian-linux.yml
  255. ./bin/gsign -p $signProg --signer $SIGNER --release ${VERSION}-linux --destination ../gitian.sigs/ ../starwels/contrib/gitian-descriptors/gitian-linux.yml
  256. mv build/out/starwels-*.tar.gz build/out/src/starwels-*.tar.gz ../starwels-binaries/${VERSION}
  257. fi
  258. # Windows
  259. if [[ $windows = true ]]
  260. then
  261. echo ""
  262. echo "Compiling ${VERSION} Windows"
  263. echo ""
  264. ./bin/gbuild -j ${proc} -m ${mem} --commit starwels=${COMMIT} --url starwels=${url} ../starwels/contrib/gitian-descriptors/gitian-win.yml
  265. ./bin/gsign -p $signProg --signer $SIGNER --release ${VERSION}-win-unsigned --destination ../gitian.sigs/ ../starwels/contrib/gitian-descriptors/gitian-win.yml
  266. mv build/out/starwels-*-win-unsigned.tar.gz inputs/starwels-win-unsigned.tar.gz
  267. mv build/out/starwels-*.zip build/out/starwels-*.exe ../starwels-binaries/${VERSION}
  268. fi
  269. # Mac OSX
  270. if [[ $osx = true ]]
  271. then
  272. echo ""
  273. echo "Compiling ${VERSION} Mac OSX"
  274. echo ""
  275. ./bin/gbuild -j ${proc} -m ${mem} --commit starwels=${COMMIT} --url starwels=${url} ../starwels/contrib/gitian-descriptors/gitian-osx.yml
  276. ./bin/gsign -p $signProg --signer $SIGNER --release ${VERSION}-osx-unsigned --destination ../gitian.sigs/ ../starwels/contrib/gitian-descriptors/gitian-osx.yml
  277. mv build/out/starwels-*-osx-unsigned.tar.gz inputs/starwels-osx-unsigned.tar.gz
  278. mv build/out/starwels-*.tar.gz build/out/starwels-*.dmg ../starwels-binaries/${VERSION}
  279. fi
  280. popd
  281. if [[ $commitFiles = true ]]
  282. then
  283. # Commit to gitian.sigs repo
  284. echo ""
  285. echo "Committing ${VERSION} Unsigned Sigs"
  286. echo ""
  287. pushd gitian.sigs
  288. git add ${VERSION}-linux/${SIGNER}
  289. git add ${VERSION}-win-unsigned/${SIGNER}
  290. git add ${VERSION}-osx-unsigned/${SIGNER}
  291. git commit -a -m "Add ${VERSION} unsigned sigs for ${SIGNER}"
  292. popd
  293. fi
  294. fi
  295. # Verify the build
  296. if [[ $verify = true ]]
  297. then
  298. # Linux
  299. pushd ./gitian-builder
  300. echo ""
  301. echo "Verifying v${VERSION} Linux"
  302. echo ""
  303. ./bin/gverify -v -d ../gitian.sigs/ -r ${VERSION}-linux ../starwels/contrib/gitian-descriptors/gitian-linux.yml
  304. # Windows
  305. echo ""
  306. echo "Verifying v${VERSION} Windows"
  307. echo ""
  308. ./bin/gverify -v -d ../gitian.sigs/ -r ${VERSION}-win-unsigned ../starwels/contrib/gitian-descriptors/gitian-win.yml
  309. # Mac OSX
  310. echo ""
  311. echo "Verifying v${VERSION} Mac OSX"
  312. echo ""
  313. ./bin/gverify -v -d ../gitian.sigs/ -r ${VERSION}-osx-unsigned ../starwels/contrib/gitian-descriptors/gitian-osx.yml
  314. # Signed Windows
  315. echo ""
  316. echo "Verifying v${VERSION} Signed Windows"
  317. echo ""
  318. ./bin/gverify -v -d ../gitian.sigs/ -r ${VERSION}-osx-signed ../starwels/contrib/gitian-descriptors/gitian-osx-signer.yml
  319. # Signed Mac OSX
  320. echo ""
  321. echo "Verifying v${VERSION} Signed Mac OSX"
  322. echo ""
  323. ./bin/gverify -v -d ../gitian.sigs/ -r ${VERSION}-osx-signed ../starwels/contrib/gitian-descriptors/gitian-osx-signer.yml
  324. popd
  325. fi
  326. # Sign binaries
  327. if [[ $sign = true ]]
  328. then
  329. pushd ./gitian-builder
  330. # Sign Windows
  331. if [[ $windows = true ]]
  332. then
  333. echo ""
  334. echo "Signing ${VERSION} Windows"
  335. echo ""
  336. ./bin/gbuild -i --commit signature=${COMMIT} ../starwels/contrib/gitian-descriptors/gitian-win-signer.yml
  337. ./bin/gsign -p $signProg --signer $SIGNER --release ${VERSION}-win-signed --destination ../gitian.sigs/ ../starwels/contrib/gitian-descriptors/gitian-win-signer.yml
  338. mv build/out/starwels-*win64-setup.exe ../starwels-binaries/${VERSION}
  339. mv build/out/starwels-*win32-setup.exe ../starwels-binaries/${VERSION}
  340. fi
  341. # Sign Mac OSX
  342. if [[ $osx = true ]]
  343. then
  344. echo ""
  345. echo "Signing ${VERSION} Mac OSX"
  346. echo ""
  347. ./bin/gbuild -i --commit signature=${COMMIT} ../starwels/contrib/gitian-descriptors/gitian-osx-signer.yml
  348. ./bin/gsign -p $signProg --signer $SIGNER --release ${VERSION}-osx-signed --destination ../gitian.sigs/ ../starwels/contrib/gitian-descriptors/gitian-osx-signer.yml
  349. mv build/out/starwels-osx-signed.dmg ../starwels-binaries/${VERSION}/starwels-${VERSION}-osx.dmg
  350. fi
  351. popd
  352. if [[ $commitFiles = true ]]
  353. then
  354. # Commit Sigs
  355. pushd gitian.sigs
  356. echo ""
  357. echo "Committing ${VERSION} Signed Sigs"
  358. echo ""
  359. git add ${VERSION}-win-signed/${SIGNER}
  360. git add ${VERSION}-osx-signed/${SIGNER}
  361. git commit -a -m "Add ${VERSION} signed binary sigs for ${SIGNER}"
  362. popd
  363. fi
  364. fi