Page MenuHomePhabricator
Differential D2136 Diff 6111 contrib/gitian/gitian-build.sh

Changeset View

Standalone View

View Options

contrib/gitian/gitian-build.sh

Show All 29 Lines
# Help Message # Help Message
read -d '' usage <<- EOF read -d '' usage <<- EOF
Usage: $scriptName [-c|u|v|b|s|B|o|h|j|m|] signer version Usage: $scriptName [-c|u|v|b|s|B|o|h|j|m|] signer version
Run this script from the directory containing the bitcoin, gitian-builder, gitian.sigs, and bitcoin-detached-sigs. Run this script from the directory containing the bitcoin, gitian-builder, gitian.sigs, and bitcoin-detached-sigs.
Arguments: Arguments:
signer GPG signer to sign each build assert file signer GPG signer to sign each build assert file
version Version number, commit, or branch to build. If building a commit or branch, the -c option must be specified version Version number, commit, or branch to build. If building a commit or branch, the -c option must be specified
Options: Options:
-c|--commit Indicate that the version argument is for a commit or branch -c|--commit Indicate that the version argument is for a commit or branch
-u|--url Specify the URL of the repository. Default is https://github.com/bitcoin/bitcoin -u|--url Specify the URL of the repository. Default is https://github.com/bitcoin/bitcoin
-v|--verify Verify the gitian build -v|--verify Verify the gitian build
-b|--build Do a gitian build -b|--build Do a gitian build
-s|--sign Make signed binaries for Windows and Mac OSX -s|--sign Make signed binaries for Windows and Mac OSX
-B|--buildsign Build both signed and unsigned binaries -B|--buildsign Build both signed and unsigned binaries
-o|--os Specify which Operating Systems the build is for. Default is lwx. l for linux, w for windows, x for osx -o|--os Specify which Operating Systems the build is for. Default is lwx. l for linux, w for windows, x for osx
-j Number of processes to use. Default 2 -j Number of processes to use. Default 2
-m Memory to allocate in MiB. Default 2000 -m Memory to allocate in MiB. Default 2000
--kvm Use KVM instead of LXC --kvm Use KVM instead of LXC
--setup Setup the gitian building environment. Uses KVM. If you want to use lxc, use the --lxc option. Only works on Debian-based systems (Ubuntu, Debian) --setup Setup the gitian building environment. Uses KVM. If you want to use lxc, use the --lxc option. Only works on Debian-based systems (Ubuntu, Debian)
--detach-sign Create the assert file for detached signing. Will not commit anything. --detach-sign Create the assert file for detached signing. Will not commit anything.
--no-commit Do not commit anything to git --no-commit Do not commit anything to git
-h|--help Print this help message -h|--help Print this help message
EOF EOF
# Get options and arguments # Get options and arguments
while :; do while :; do
case $1 in case $1 in
# Verify # Verify
-v|--verify) -v|--verify)
verify=true verify=true
;; ;;
# Build # Build
-b|--build) -b|--build)
build=true build=true
;; ;;
# Sign binaries # Sign binaries
-s|--sign) -s|--sign)
sign=true sign=true
;; ;;
# Build then Sign # Build then Sign
-B|--buildsign) -B|--buildsign)
sign=true sign=true
build=true build=true
;; ;;
# PGP Signer # PGP Signer
-S|--signer) -S|--signer)
if [ -n "$2" ] if [ -n "$2" ]
then then
SIGNER=$2 SIGNER=$2
shift shift
else else
echo 'Error: "--signer" requires a non-empty argument.' echo 'Error: "--signer" requires a non-empty argument.'
exit 1 exit 1
fi fi
;; ;;
# Operating Systems # Operating Systems
-o|--os) -o|--os)
if [ -n "$2" ] if [ -n "$2" ]
then then
linux=false linux=false
windows=false windows=false
osx=false osx=false
if [[ "$2" = *"l"* ]] if [[ "$2" = *"l"* ]]
then then
linux=true linux=true
fi fi
if [[ "$2" = *"w"* ]] if [[ "$2" = *"w"* ]]
then then
windows=true windows=true
fi fi
if [[ "$2" = *"x"* ]] if [[ "$2" = *"x"* ]]
then then
osx=true osx=true
fi fi
shift shift
else else
echo 'Error: "--os" requires an argument containing an l (for linux), w (for windows), or x (for Mac OSX)\n' echo 'Error: "--os" requires an argument containing an l (for linux), w (for windows), or x (for Mac OSX)\n'
exit 1 exit 1
fi fi
;; ;;
# Help message # Help message
-h|--help) -h|--help)
echo "$usage" echo "$usage"
exit 0 exit 0
;; ;;
# Commit or branch # Commit or branch
-c|--commit) -c|--commit)
commit=true commit=true
;; ;;
# Number of Processes # Number of Processes
-j) -j)
if [ -n "$2" ] if [ -n "$2" ]
then then
proc=$2 proc=$2
shift shift
else else
echo 'Error: "-j" requires an argument' echo 'Error: "-j" requires an argument'
exit 1 exit 1
fi fi
;; ;;
# Memory to allocate # Memory to allocate
-m) -m)
if [ -n "$2" ] if [ -n "$2" ]
then then
mem=$2 mem=$2
shift shift
else else
echo 'Error: "-m" requires an argument' echo 'Error: "-m" requires an argument'
exit 1 exit 1
fi fi
;; ;;
# URL # URL
-u) -u)
if [ -n "$2" ] if [ -n "$2" ]
then then
url=$2 url=$2
shift shift
else else
echo 'Error: "-u" requires an argument' echo 'Error: "-u" requires an argument'
exit 1 exit 1
fi fi
;; ;;
# kvm # kvm
--kvm) --kvm)
lxc=false lxc=false
;; ;;
# Detach sign # Detach sign
--detach-sign) --detach-sign)
signProg="true" signProg="true"
commitFiles=false commitFiles=false
;; ;;
# Commit files # Commit files
--no-commit) --no-commit)
commitFiles=false commitFiles=false
;; ;;
# Setup # Setup
--setup) --setup)
setup=true setup=true
;; ;;
*) # Default case: If no more options then break out of the loop. # Default case: If no more options then break out of the loop.
*)
break break
esac esac
shift shift
done done
# Set up LXC # Set up LXC
if [[ $lxc = true ]] if [[ $lxc = true ]]
then then
export USE_LXC=1 export USE_LXC=1
Show All 37 Linesthen
echo "$scriptName: Missing version." echo "$scriptName: Missing version."
echo "Try $scriptName --help for more information" echo "Try $scriptName --help for more information"
exit 1 exit 1
fi fi
# Add a "v" if no -c # Add a "v" if no -c
if [[ $commit = false ]] if [[ $commit = false ]]
then then
COMMIT="v${VERSION}" COMMIT="v${VERSION}"
fi fi
echo ${COMMIT} echo ${COMMIT}
# Setup build environment # Setup build environment
if [[ $setup = true ]] if [[ $setup = true ]]
then then
sudo apt-get install ruby apache2 git apt-cacher-ng python-vm-builder qemu-kvm qemu-utils sudo apt-get install ruby apache2 git apt-cacher-ng python-vm-builder qemu-kvm qemu-utils
git clone https://github.com/bitcoin-core/gitian.sigs.git git clone https://github.com/bitcoin-core/gitian.sigs.git
Show All 14 Lines
pushd ./bitcoin pushd ./bitcoin
git fetch git fetch
git checkout ${COMMIT} git checkout ${COMMIT}
popd popd
# Build # Build
if [[ $build = true ]] if [[ $build = true ]]
then then
# Make output folder # Make output folder
mkdir -p ./bitcoin-binaries/${VERSION} mkdir -p ./bitcoin-binaries/${VERSION}
# Build Dependencies # Build Dependencies
echo "" echo ""
echo "Building Dependencies" echo "Building Dependencies"
echo "" echo ""
pushd ./gitian-builder pushd ./gitian-builder
mkdir -p inputs mkdir -p inputs
wget -N -P inputs $osslPatchUrl wget -N -P inputs $osslPatchUrl
wget -N -P inputs $osslTarUrl wget -N -P inputs $osslTarUrl
make -C ../bitcoin/depends download SOURCES_PATH=`pwd`/cache/common make -C ../bitcoin/depends download SOURCES_PATH=`pwd`/cache/common
# Linux # Linux
if [[ $linux = true ]] if [[ $linux = true ]]
then then
echo "" echo ""
echo "Compiling ${VERSION} Linux" echo "Compiling ${VERSION} Linux"
echo "" echo ""
./bin/gbuild -j ${proc} -m ${mem} --commit bitcoin=${COMMIT} --url bitcoin=${url} ../bitcoin/contrib/gitian-descriptors/gitian-linux.yml ./bin/gbuild -j ${proc} -m ${mem} --commit bitcoin=${COMMIT} --url bitcoin=${url} ../bitcoin/contrib/gitian-descriptors/gitian-linux.yml
./bin/gsign -p $signProg --signer $SIGNER --release ${VERSION}-linux --destination ../gitian.sigs/ ../bitcoin/contrib/gitian-descriptors/gitian-linux.yml ./bin/gsign -p $signProg --signer $SIGNER --release ${VERSION}-linux --destination ../gitian.sigs/ ../bitcoin/contrib/gitian-descriptors/gitian-linux.yml
mv build/out/bitcoin-*.tar.gz build/out/src/bitcoin-*.tar.gz ../bitcoin-binaries/${VERSION} mv build/out/bitcoin-*.tar.gz build/out/src/bitcoin-*.tar.gz ../bitcoin-binaries/${VERSION}
fi fi
# Windows # Windows
if [[ $windows = true ]] if [[ $windows = true ]]
then then
echo "" echo ""
echo "Compiling ${VERSION} Windows" echo "Compiling ${VERSION} Windows"
echo "" echo ""
./bin/gbuild -j ${proc} -m ${mem} --commit bitcoin=${COMMIT} --url bitcoin=${url} ../bitcoin/contrib/gitian-descriptors/gitian-win.yml ./bin/gbuild -j ${proc} -m ${mem} --commit bitcoin=${COMMIT} --url bitcoin=${url} ../bitcoin/contrib/gitian-descriptors/gitian-win.yml
./bin/gsign -p $signProg --signer $SIGNER --release ${VERSION}-win-unsigned --destination ../gitian.sigs/ ../bitcoin/contrib/gitian-descriptors/gitian-win.yml ./bin/gsign -p $signProg --signer $SIGNER --release ${VERSION}-win-unsigned --destination ../gitian.sigs/ ../bitcoin/contrib/gitian-descriptors/gitian-win.yml
mv build/out/bitcoin-*-win-unsigned.tar.gz inputs/bitcoin-win-unsigned.tar.gz mv build/out/bitcoin-*-win-unsigned.tar.gz inputs/bitcoin-win-unsigned.tar.gz
mv build/out/bitcoin-*.zip build/out/bitcoin-*.exe ../bitcoin-binaries/${VERSION} mv build/out/bitcoin-*.zip build/out/bitcoin-*.exe ../bitcoin-binaries/${VERSION}
fi fi
# Mac OSX # Mac OSX
if [[ $osx = true ]] if [[ $osx = true ]]
then then
echo "" echo ""
echo "Compiling ${VERSION} Mac OSX" echo "Compiling ${VERSION} Mac OSX"
echo "" echo ""
./bin/gbuild -j ${proc} -m ${mem} --commit bitcoin=${COMMIT} --url bitcoin=${url} ../bitcoin/contrib/gitian-descriptors/gitian-osx.yml ./bin/gbuild -j ${proc} -m ${mem} --commit bitcoin=${COMMIT} --url bitcoin=${url} ../bitcoin/contrib/gitian-descriptors/gitian-osx.yml
./bin/gsign -p $signProg --signer $SIGNER --release ${VERSION}-osx-unsigned --destination ../gitian.sigs/ ../bitcoin/contrib/gitian-descriptors/gitian-osx.yml ./bin/gsign -p $signProg --signer $SIGNER --release ${VERSION}-osx-unsigned --destination ../gitian.sigs/ ../bitcoin/contrib/gitian-descriptors/gitian-osx.yml
mv build/out/bitcoin-*-osx-unsigned.tar.gz inputs/bitcoin-osx-unsigned.tar.gz mv build/out/bitcoin-*-osx-unsigned.tar.gz inputs/bitcoin-osx-unsigned.tar.gz
mv build/out/bitcoin-*.tar.gz build/out/bitcoin-*.dmg ../bitcoin-binaries/${VERSION} mv build/out/bitcoin-*.tar.gz build/out/bitcoin-*.dmg ../bitcoin-binaries/${VERSION}
fi fi
popd popd
if [[ $commitFiles = true ]] if [[ $commitFiles = true ]]
then then
# Commit to gitian.sigs repo # Commit to gitian.sigs repo
echo "" echo ""
echo "Committing ${VERSION} Unsigned Sigs" echo "Committing ${VERSION} Unsigned Sigs"
echo "" echo ""
pushd gitian.sigs pushd gitian.sigs
git add ${VERSION}-linux/${SIGNER} git add ${VERSION}-linux/${SIGNER}
git add ${VERSION}-win-unsigned/${SIGNER} git add ${VERSION}-win-unsigned/${SIGNER}
git add ${VERSION}-osx-unsigned/${SIGNER} git add ${VERSION}-osx-unsigned/${SIGNER}
git commit -a -m "Add ${VERSION} unsigned sigs for ${SIGNER}" git commit -a -m "Add ${VERSION} unsigned sigs for ${SIGNER}"
popd popd
fi fi
fi fi
# Verify the build # Verify the build
if [[ $verify = true ]] if [[ $verify = true ]]
then then
# Linux # Linux
pushd ./gitian-builder pushd ./gitian-builder
echo "" echo ""
echo "Verifying v${VERSION} Linux" echo "Verifying v${VERSION} Linux"
echo "" echo ""
./bin/gverify -v -d ../gitian.sigs/ -r ${VERSION}-linux ../bitcoin/contrib/gitian-descriptors/gitian-linux.yml ./bin/gverify -v -d ../gitian.sigs/ -r ${VERSION}-linux ../bitcoin/contrib/gitian-descriptors/gitian-linux.yml
# Windows # Windows
echo "" echo ""
echo "Verifying v${VERSION} Windows" echo "Verifying v${VERSION} Windows"
echo "" echo ""
./bin/gverify -v -d ../gitian.sigs/ -r ${VERSION}-win-unsigned ../bitcoin/contrib/gitian-descriptors/gitian-win.yml ./bin/gverify -v -d ../gitian.sigs/ -r ${VERSION}-win-unsigned ../bitcoin/contrib/gitian-descriptors/gitian-win.yml
# Mac OSX # Mac OSX
echo "" echo ""
echo "Verifying v${VERSION} Mac OSX" echo "Verifying v${VERSION} Mac OSX"
echo "" echo ""
./bin/gverify -v -d ../gitian.sigs/ -r ${VERSION}-osx-unsigned ../bitcoin/contrib/gitian-descriptors/gitian-osx.yml ./bin/gverify -v -d ../gitian.sigs/ -r ${VERSION}-osx-unsigned ../bitcoin/contrib/gitian-descriptors/gitian-osx.yml
# Signed Windows # Signed Windows
echo "" echo ""
echo "Verifying v${VERSION} Signed Windows" echo "Verifying v${VERSION} Signed Windows"
echo "" echo ""
./bin/gverify -v -d ../gitian.sigs/ -r ${VERSION}-osx-signed ../bitcoin/contrib/gitian-descriptors/gitian-osx-signer.yml ./bin/gverify -v -d ../gitian.sigs/ -r ${VERSION}-osx-signed ../bitcoin/contrib/gitian-descriptors/gitian-osx-signer.yml
# Signed Mac OSX # Signed Mac OSX
echo "" echo ""
echo "Verifying v${VERSION} Signed Mac OSX" echo "Verifying v${VERSION} Signed Mac OSX"
echo "" echo ""
./bin/gverify -v -d ../gitian.sigs/ -r ${VERSION}-osx-signed ../bitcoin/contrib/gitian-descriptors/gitian-osx-signer.yml ./bin/gverify -v -d ../gitian.sigs/ -r ${VERSION}-osx-signed ../bitcoin/contrib/gitian-descriptors/gitian-osx-signer.yml
popd popd
fi fi
# Sign binaries # Sign binaries
if [[ $sign = true ]] if [[ $sign = true ]]
then then
pushd ./gitian-builder pushd ./gitian-builder
# Sign Windows # Sign Windows
if [[ $windows = true ]] if [[ $windows = true ]]
then then
echo "" echo ""
echo "Signing ${VERSION} Windows" echo "Signing ${VERSION} Windows"
echo "" echo ""
./bin/gbuild -i --commit signature=${COMMIT} ../bitcoin/contrib/gitian-descriptors/gitian-win-signer.yml ./bin/gbuild -i --commit signature=${COMMIT} ../bitcoin/contrib/gitian-descriptors/gitian-win-signer.yml
./bin/gsign -p $signProg --signer $SIGNER --release ${VERSION}-win-signed --destination ../gitian.sigs/ ../bitcoin/contrib/gitian-descriptors/gitian-win-signer.yml ./bin/gsign -p $signProg --signer $SIGNER --release ${VERSION}-win-signed --destination ../gitian.sigs/ ../bitcoin/contrib/gitian-descriptors/gitian-win-signer.yml
mv build/out/bitcoin-*win64-setup.exe ../bitcoin-binaries/${VERSION} mv build/out/bitcoin-*win64-setup.exe ../bitcoin-binaries/${VERSION}
mv build/out/bitcoin-*win32-setup.exe ../bitcoin-binaries/${VERSION} mv build/out/bitcoin-*win32-setup.exe ../bitcoin-binaries/${VERSION}
fi fi
# Sign Mac OSX # Sign Mac OSX
if [[ $osx = true ]] if [[ $osx = true ]]
then then
echo "" echo ""
echo "Signing ${VERSION} Mac OSX" echo "Signing ${VERSION} Mac OSX"
echo "" echo ""
./bin/gbuild -i --commit signature=${COMMIT} ../bitcoin/contrib/gitian-descriptors/gitian-osx-signer.yml ./bin/gbuild -i --commit signature=${COMMIT} ../bitcoin/contrib/gitian-descriptors/gitian-osx-signer.yml
./bin/gsign -p $signProg --signer $SIGNER --release ${VERSION}-osx-signed --destination ../gitian.sigs/ ../bitcoin/contrib/gitian-descriptors/gitian-osx-signer.yml ./bin/gsign -p $signProg --signer $SIGNER --release ${VERSION}-osx-signed --destination ../gitian.sigs/ ../bitcoin/contrib/gitian-descriptors/gitian-osx-signer.yml
mv build/out/bitcoin-osx-signed.dmg ../bitcoin-binaries/${VERSION}/bitcoin-${VERSION}-osx.dmg mv build/out/bitcoin-osx-signed.dmg ../bitcoin-binaries/${VERSION}/bitcoin-${VERSION}-osx.dmg
fi fi
popd popd
if [[ $commitFiles = true ]] if [[ $commitFiles = true ]]
then then
# Commit Sigs # Commit Sigs
pushd gitian.sigs pushd gitian.sigs
echo "" echo ""
echo "Committing ${VERSION} Signed Sigs" echo "Committing ${VERSION} Signed Sigs"
echo "" echo ""
git add ${VERSION}-win-signed/${SIGNER} git add ${VERSION}-win-signed/${SIGNER}
git add ${VERSION}-osx-signed/${SIGNER} git add ${VERSION}-osx-signed/${SIGNER}
git commit -a -m "Add ${VERSION} signed binary sigs for ${SIGNER}" git commit -a -m "Add ${VERSION} signed binary sigs for ${SIGNER}"
popd popd
fi fi
fi fi