Page MenuHomePhabricator

Add a script to generate sha256sums from Gitian output
ClosedPublic

Authored by jasonbcox on Jan 11 2020, 01:07.

Details

Summary

Currently, the sha256sums files are assembled by hand (copy-pasting the hash results from the Gitian build).
This patch introduces make-sha256sums.sh to do this automatically.

Test Plan
make-sha256sums.sh -h
make-sha256sums.sh    # errors as expected
make-sha256sums.sh [path to some gitian output]
make-sha256sums.sh path/to/0.20.9 > jasonbcox-sha256sums.0.20.9

Diff Detail

Repository
rABC Bitcoin ABC
Branch
make-sha256sums
Lint
Lint Passed
Unit
No Test Coverage
Build Status
Buildable 8846
Build 15667: Default Diff Build & Tests
Build 15666: arc lint + arc unit

Event Timeline

Fabien requested changes to this revision.Jan 11 2020, 06:18
Fabien added a subscriber: Fabien.
Fabien added inline comments.
contrib/release/make-sha256sums.sh
33

Since there is no version number in the res.yml anymore the wildcard is not required.
On the grep side I would rather use a non greedy approach:
bitcoin-abc-.*-linux.([0-9]+\.){3}.tar.gz (not sure the syntax is grep compliant).

This revision now requires changes to proceed.Jan 11 2020, 06:18
contrib/release/make-sha256sums.sh
33

On the contrary, I wanted this script to work for old releases until we get one or two new ones out. It allows me to easily test the script, etc.

I can make it less greedy though.

contrib/release/make-sha256sums.sh
33

Also note that the pattern you gave will greedily match, so not really working as intended:
"0.20.10" will match as (0.20.)(1)(0) or something similar. I think I'll just use what I did above [0-9.]*

While I don't have anything against that patch per se, it seems somewhat questionable that the signing process that core used was ditched in favor of something that clearly requires work.

Make the patterns less greedy by including a weak requirement for version number

This revision is now accepted and ready to land.Jan 14 2020, 11:22

While I don't have anything against that patch per se, it seems somewhat questionable that the signing process that core used was ditched in favor of something that clearly requires work.

Core's process makes many assumptions that do not patch over to ours well. It will take some time to reconcile these before our process closely matches theirs. In the mean time, this saves us time on every release.