Changeset View
Changeset View
Standalone View
Standalone View
contrib/gitian/gitian-build.sh
Show All 29 Lines | |||||
# Help Message | # Help Message | ||||
read -d '' usage <<- EOF | read -d '' usage <<- EOF | ||||
Usage: $scriptName [-c|u|v|b|s|B|o|h|j|m|] signer version | Usage: $scriptName [-c|u|v|b|s|B|o|h|j|m|] signer version | ||||
Run this script from the directory containing the bitcoin, gitian-builder, gitian.sigs, and bitcoin-detached-sigs. | Run this script from the directory containing the bitcoin, gitian-builder, gitian.sigs, and bitcoin-detached-sigs. | ||||
Arguments: | Arguments: | ||||
signer GPG signer to sign each build assert file | signer GPG signer to sign each build assert file | ||||
version Version number, commit, or branch to build. If building a commit or branch, the -c option must be specified | version Version number, commit, or branch to build. If building a commit or branch, the -c option must be specified | ||||
Options: | Options: | ||||
-c|--commit Indicate that the version argument is for a commit or branch | -c|--commit Indicate that the version argument is for a commit or branch | ||||
-u|--url Specify the URL of the repository. Default is https://github.com/bitcoin/bitcoin | -u|--url Specify the URL of the repository. Default is https://github.com/bitcoin/bitcoin | ||||
-v|--verify Verify the gitian build | -v|--verify Verify the gitian build | ||||
-b|--build Do a gitian build | -b|--build Do a gitian build | ||||
-s|--sign Make signed binaries for Windows and Mac OSX | -s|--sign Make signed binaries for Windows and Mac OSX | ||||
-B|--buildsign Build both signed and unsigned binaries | -B|--buildsign Build both signed and unsigned binaries | ||||
-o|--os Specify which Operating Systems the build is for. Default is lwx. l for linux, w for windows, x for osx | -o|--os Specify which Operating Systems the build is for. Default is lwx. l for linux, w for windows, x for osx | ||||
-j Number of processes to use. Default 2 | -j Number of processes to use. Default 2 | ||||
-m Memory to allocate in MiB. Default 2000 | -m Memory to allocate in MiB. Default 2000 | ||||
--kvm Use KVM instead of LXC | --kvm Use KVM instead of LXC | ||||
--setup Setup the gitian building environment. Uses KVM. If you want to use lxc, use the --lxc option. Only works on Debian-based systems (Ubuntu, Debian) | --setup Setup the gitian building environment. Uses KVM. If you want to use lxc, use the --lxc option. Only works on Debian-based systems (Ubuntu, Debian) | ||||
--detach-sign Create the assert file for detached signing. Will not commit anything. | --detach-sign Create the assert file for detached signing. Will not commit anything. | ||||
--no-commit Do not commit anything to git | --no-commit Do not commit anything to git | ||||
-h|--help Print this help message | -h|--help Print this help message | ||||
EOF | EOF | ||||
# Get options and arguments | # Get options and arguments | ||||
while :; do | while :; do | ||||
case $1 in | case $1 in | ||||
# Verify | # Verify | ||||
-v|--verify) | -v|--verify) | ||||
verify=true | verify=true | ||||
;; | ;; | ||||
# Build | # Build | ||||
-b|--build) | -b|--build) | ||||
build=true | build=true | ||||
;; | ;; | ||||
# Sign binaries | # Sign binaries | ||||
-s|--sign) | -s|--sign) | ||||
sign=true | sign=true | ||||
;; | ;; | ||||
# Build then Sign | # Build then Sign | ||||
-B|--buildsign) | -B|--buildsign) | ||||
sign=true | sign=true | ||||
build=true | build=true | ||||
;; | ;; | ||||
# PGP Signer | # PGP Signer | ||||
-S|--signer) | -S|--signer) | ||||
if [ -n "$2" ] | if [ -n "$2" ] | ||||
then | then | ||||
SIGNER=$2 | SIGNER=$2 | ||||
shift | shift | ||||
else | else | ||||
echo 'Error: "--signer" requires a non-empty argument.' | echo 'Error: "--signer" requires a non-empty argument.' | ||||
exit 1 | exit 1 | ||||
fi | fi | ||||
;; | ;; | ||||
# Operating Systems | # Operating Systems | ||||
-o|--os) | -o|--os) | ||||
if [ -n "$2" ] | if [ -n "$2" ] | ||||
then | then | ||||
linux=false | linux=false | ||||
windows=false | windows=false | ||||
osx=false | osx=false | ||||
if [[ "$2" = *"l"* ]] | if [[ "$2" = *"l"* ]] | ||||
then | then | ||||
linux=true | linux=true | ||||
fi | fi | ||||
if [[ "$2" = *"w"* ]] | if [[ "$2" = *"w"* ]] | ||||
then | then | ||||
windows=true | windows=true | ||||
fi | fi | ||||
if [[ "$2" = *"x"* ]] | if [[ "$2" = *"x"* ]] | ||||
then | then | ||||
osx=true | osx=true | ||||
fi | fi | ||||
shift | shift | ||||
else | else | ||||
echo 'Error: "--os" requires an argument containing an l (for linux), w (for windows), or x (for Mac OSX)\n' | echo 'Error: "--os" requires an argument containing an l (for linux), w (for windows), or x (for Mac OSX)\n' | ||||
exit 1 | exit 1 | ||||
fi | fi | ||||
;; | ;; | ||||
# Help message | # Help message | ||||
-h|--help) | -h|--help) | ||||
echo "$usage" | echo "$usage" | ||||
exit 0 | exit 0 | ||||
;; | ;; | ||||
# Commit or branch | # Commit or branch | ||||
-c|--commit) | -c|--commit) | ||||
commit=true | commit=true | ||||
;; | ;; | ||||
# Number of Processes | # Number of Processes | ||||
-j) | -j) | ||||
if [ -n "$2" ] | if [ -n "$2" ] | ||||
then | then | ||||
proc=$2 | proc=$2 | ||||
shift | shift | ||||
else | else | ||||
echo 'Error: "-j" requires an argument' | echo 'Error: "-j" requires an argument' | ||||
exit 1 | exit 1 | ||||
fi | fi | ||||
;; | ;; | ||||
# Memory to allocate | # Memory to allocate | ||||
-m) | -m) | ||||
if [ -n "$2" ] | if [ -n "$2" ] | ||||
then | then | ||||
mem=$2 | mem=$2 | ||||
shift | shift | ||||
else | else | ||||
echo 'Error: "-m" requires an argument' | echo 'Error: "-m" requires an argument' | ||||
exit 1 | exit 1 | ||||
fi | fi | ||||
;; | ;; | ||||
# URL | # URL | ||||
-u) | -u) | ||||
if [ -n "$2" ] | if [ -n "$2" ] | ||||
then | then | ||||
url=$2 | url=$2 | ||||
shift | shift | ||||
else | else | ||||
echo 'Error: "-u" requires an argument' | echo 'Error: "-u" requires an argument' | ||||
exit 1 | exit 1 | ||||
fi | fi | ||||
;; | ;; | ||||
# kvm | # kvm | ||||
--kvm) | --kvm) | ||||
lxc=false | lxc=false | ||||
;; | ;; | ||||
# Detach sign | # Detach sign | ||||
--detach-sign) | --detach-sign) | ||||
signProg="true" | signProg="true" | ||||
commitFiles=false | commitFiles=false | ||||
;; | ;; | ||||
# Commit files | # Commit files | ||||
--no-commit) | --no-commit) | ||||
commitFiles=false | commitFiles=false | ||||
;; | ;; | ||||
# Setup | # Setup | ||||
--setup) | --setup) | ||||
setup=true | setup=true | ||||
;; | ;; | ||||
*) # Default case: If no more options then break out of the loop. | # Default case: If no more options then break out of the loop. | ||||
*) | |||||
break | break | ||||
esac | esac | ||||
shift | shift | ||||
done | done | ||||
# Set up LXC | # Set up LXC | ||||
if [[ $lxc = true ]] | if [[ $lxc = true ]] | ||||
then | then | ||||
export USE_LXC=1 | export USE_LXC=1 | ||||
Show All 37 Lines | then | ||||
echo "$scriptName: Missing version." | echo "$scriptName: Missing version." | ||||
echo "Try $scriptName --help for more information" | echo "Try $scriptName --help for more information" | ||||
exit 1 | exit 1 | ||||
fi | fi | ||||
# Add a "v" if no -c | # Add a "v" if no -c | ||||
if [[ $commit = false ]] | if [[ $commit = false ]] | ||||
then | then | ||||
COMMIT="v${VERSION}" | COMMIT="v${VERSION}" | ||||
fi | fi | ||||
echo ${COMMIT} | echo ${COMMIT} | ||||
# Setup build environment | # Setup build environment | ||||
if [[ $setup = true ]] | if [[ $setup = true ]] | ||||
then | then | ||||
sudo apt-get install ruby apache2 git apt-cacher-ng python-vm-builder qemu-kvm qemu-utils | sudo apt-get install ruby apache2 git apt-cacher-ng python-vm-builder qemu-kvm qemu-utils | ||||
git clone https://github.com/bitcoin-core/gitian.sigs.git | git clone https://github.com/bitcoin-core/gitian.sigs.git | ||||
Show All 14 Lines | |||||
pushd ./bitcoin | pushd ./bitcoin | ||||
git fetch | git fetch | ||||
git checkout ${COMMIT} | git checkout ${COMMIT} | ||||
popd | popd | ||||
# Build | # Build | ||||
if [[ $build = true ]] | if [[ $build = true ]] | ||||
then | then | ||||
# Make output folder | # Make output folder | ||||
mkdir -p ./bitcoin-binaries/${VERSION} | mkdir -p ./bitcoin-binaries/${VERSION} | ||||
# Build Dependencies | # Build Dependencies | ||||
echo "" | echo "" | ||||
echo "Building Dependencies" | echo "Building Dependencies" | ||||
echo "" | echo "" | ||||
pushd ./gitian-builder | pushd ./gitian-builder | ||||
mkdir -p inputs | mkdir -p inputs | ||||
wget -N -P inputs $osslPatchUrl | wget -N -P inputs $osslPatchUrl | ||||
wget -N -P inputs $osslTarUrl | wget -N -P inputs $osslTarUrl | ||||
make -C ../bitcoin/depends download SOURCES_PATH=`pwd`/cache/common | make -C ../bitcoin/depends download SOURCES_PATH=`pwd`/cache/common | ||||
# Linux | # Linux | ||||
if [[ $linux = true ]] | if [[ $linux = true ]] | ||||
then | then | ||||
echo "" | echo "" | ||||
echo "Compiling ${VERSION} Linux" | echo "Compiling ${VERSION} Linux" | ||||
echo "" | echo "" | ||||
./bin/gbuild -j ${proc} -m ${mem} --commit bitcoin=${COMMIT} --url bitcoin=${url} ../bitcoin/contrib/gitian-descriptors/gitian-linux.yml | ./bin/gbuild -j ${proc} -m ${mem} --commit bitcoin=${COMMIT} --url bitcoin=${url} ../bitcoin/contrib/gitian-descriptors/gitian-linux.yml | ||||
./bin/gsign -p $signProg --signer $SIGNER --release ${VERSION}-linux --destination ../gitian.sigs/ ../bitcoin/contrib/gitian-descriptors/gitian-linux.yml | ./bin/gsign -p $signProg --signer $SIGNER --release ${VERSION}-linux --destination ../gitian.sigs/ ../bitcoin/contrib/gitian-descriptors/gitian-linux.yml | ||||
mv build/out/bitcoin-*.tar.gz build/out/src/bitcoin-*.tar.gz ../bitcoin-binaries/${VERSION} | mv build/out/bitcoin-*.tar.gz build/out/src/bitcoin-*.tar.gz ../bitcoin-binaries/${VERSION} | ||||
fi | fi | ||||
# Windows | # Windows | ||||
if [[ $windows = true ]] | if [[ $windows = true ]] | ||||
then | then | ||||
echo "" | echo "" | ||||
echo "Compiling ${VERSION} Windows" | echo "Compiling ${VERSION} Windows" | ||||
echo "" | echo "" | ||||
./bin/gbuild -j ${proc} -m ${mem} --commit bitcoin=${COMMIT} --url bitcoin=${url} ../bitcoin/contrib/gitian-descriptors/gitian-win.yml | ./bin/gbuild -j ${proc} -m ${mem} --commit bitcoin=${COMMIT} --url bitcoin=${url} ../bitcoin/contrib/gitian-descriptors/gitian-win.yml | ||||
./bin/gsign -p $signProg --signer $SIGNER --release ${VERSION}-win-unsigned --destination ../gitian.sigs/ ../bitcoin/contrib/gitian-descriptors/gitian-win.yml | ./bin/gsign -p $signProg --signer $SIGNER --release ${VERSION}-win-unsigned --destination ../gitian.sigs/ ../bitcoin/contrib/gitian-descriptors/gitian-win.yml | ||||
mv build/out/bitcoin-*-win-unsigned.tar.gz inputs/bitcoin-win-unsigned.tar.gz | mv build/out/bitcoin-*-win-unsigned.tar.gz inputs/bitcoin-win-unsigned.tar.gz | ||||
mv build/out/bitcoin-*.zip build/out/bitcoin-*.exe ../bitcoin-binaries/${VERSION} | mv build/out/bitcoin-*.zip build/out/bitcoin-*.exe ../bitcoin-binaries/${VERSION} | ||||
fi | fi | ||||
# Mac OSX | # Mac OSX | ||||
if [[ $osx = true ]] | if [[ $osx = true ]] | ||||
then | then | ||||
echo "" | echo "" | ||||
echo "Compiling ${VERSION} Mac OSX" | echo "Compiling ${VERSION} Mac OSX" | ||||
echo "" | echo "" | ||||
./bin/gbuild -j ${proc} -m ${mem} --commit bitcoin=${COMMIT} --url bitcoin=${url} ../bitcoin/contrib/gitian-descriptors/gitian-osx.yml | ./bin/gbuild -j ${proc} -m ${mem} --commit bitcoin=${COMMIT} --url bitcoin=${url} ../bitcoin/contrib/gitian-descriptors/gitian-osx.yml | ||||
./bin/gsign -p $signProg --signer $SIGNER --release ${VERSION}-osx-unsigned --destination ../gitian.sigs/ ../bitcoin/contrib/gitian-descriptors/gitian-osx.yml | ./bin/gsign -p $signProg --signer $SIGNER --release ${VERSION}-osx-unsigned --destination ../gitian.sigs/ ../bitcoin/contrib/gitian-descriptors/gitian-osx.yml | ||||
mv build/out/bitcoin-*-osx-unsigned.tar.gz inputs/bitcoin-osx-unsigned.tar.gz | mv build/out/bitcoin-*-osx-unsigned.tar.gz inputs/bitcoin-osx-unsigned.tar.gz | ||||
mv build/out/bitcoin-*.tar.gz build/out/bitcoin-*.dmg ../bitcoin-binaries/${VERSION} | mv build/out/bitcoin-*.tar.gz build/out/bitcoin-*.dmg ../bitcoin-binaries/${VERSION} | ||||
fi | fi | ||||
popd | popd | ||||
if [[ $commitFiles = true ]] | if [[ $commitFiles = true ]] | ||||
then | then | ||||
# Commit to gitian.sigs repo | # Commit to gitian.sigs repo | ||||
echo "" | echo "" | ||||
echo "Committing ${VERSION} Unsigned Sigs" | echo "Committing ${VERSION} Unsigned Sigs" | ||||
echo "" | echo "" | ||||
pushd gitian.sigs | pushd gitian.sigs | ||||
git add ${VERSION}-linux/${SIGNER} | git add ${VERSION}-linux/${SIGNER} | ||||
git add ${VERSION}-win-unsigned/${SIGNER} | git add ${VERSION}-win-unsigned/${SIGNER} | ||||
git add ${VERSION}-osx-unsigned/${SIGNER} | git add ${VERSION}-osx-unsigned/${SIGNER} | ||||
git commit -a -m "Add ${VERSION} unsigned sigs for ${SIGNER}" | git commit -a -m "Add ${VERSION} unsigned sigs for ${SIGNER}" | ||||
popd | popd | ||||
fi | fi | ||||
fi | fi | ||||
# Verify the build | # Verify the build | ||||
if [[ $verify = true ]] | if [[ $verify = true ]] | ||||
then | then | ||||
# Linux | # Linux | ||||
pushd ./gitian-builder | pushd ./gitian-builder | ||||
echo "" | echo "" | ||||
echo "Verifying v${VERSION} Linux" | echo "Verifying v${VERSION} Linux" | ||||
echo "" | echo "" | ||||
./bin/gverify -v -d ../gitian.sigs/ -r ${VERSION}-linux ../bitcoin/contrib/gitian-descriptors/gitian-linux.yml | ./bin/gverify -v -d ../gitian.sigs/ -r ${VERSION}-linux ../bitcoin/contrib/gitian-descriptors/gitian-linux.yml | ||||
# Windows | # Windows | ||||
echo "" | echo "" | ||||
echo "Verifying v${VERSION} Windows" | echo "Verifying v${VERSION} Windows" | ||||
echo "" | echo "" | ||||
./bin/gverify -v -d ../gitian.sigs/ -r ${VERSION}-win-unsigned ../bitcoin/contrib/gitian-descriptors/gitian-win.yml | ./bin/gverify -v -d ../gitian.sigs/ -r ${VERSION}-win-unsigned ../bitcoin/contrib/gitian-descriptors/gitian-win.yml | ||||
# Mac OSX | # Mac OSX | ||||
echo "" | echo "" | ||||
echo "Verifying v${VERSION} Mac OSX" | echo "Verifying v${VERSION} Mac OSX" | ||||
echo "" | echo "" | ||||
./bin/gverify -v -d ../gitian.sigs/ -r ${VERSION}-osx-unsigned ../bitcoin/contrib/gitian-descriptors/gitian-osx.yml | ./bin/gverify -v -d ../gitian.sigs/ -r ${VERSION}-osx-unsigned ../bitcoin/contrib/gitian-descriptors/gitian-osx.yml | ||||
# Signed Windows | # Signed Windows | ||||
echo "" | echo "" | ||||
echo "Verifying v${VERSION} Signed Windows" | echo "Verifying v${VERSION} Signed Windows" | ||||
echo "" | echo "" | ||||
./bin/gverify -v -d ../gitian.sigs/ -r ${VERSION}-osx-signed ../bitcoin/contrib/gitian-descriptors/gitian-osx-signer.yml | ./bin/gverify -v -d ../gitian.sigs/ -r ${VERSION}-osx-signed ../bitcoin/contrib/gitian-descriptors/gitian-osx-signer.yml | ||||
# Signed Mac OSX | # Signed Mac OSX | ||||
echo "" | echo "" | ||||
echo "Verifying v${VERSION} Signed Mac OSX" | echo "Verifying v${VERSION} Signed Mac OSX" | ||||
echo "" | echo "" | ||||
./bin/gverify -v -d ../gitian.sigs/ -r ${VERSION}-osx-signed ../bitcoin/contrib/gitian-descriptors/gitian-osx-signer.yml | ./bin/gverify -v -d ../gitian.sigs/ -r ${VERSION}-osx-signed ../bitcoin/contrib/gitian-descriptors/gitian-osx-signer.yml | ||||
popd | popd | ||||
fi | fi | ||||
# Sign binaries | # Sign binaries | ||||
if [[ $sign = true ]] | if [[ $sign = true ]] | ||||
then | then | ||||
pushd ./gitian-builder | pushd ./gitian-builder | ||||
# Sign Windows | # Sign Windows | ||||
if [[ $windows = true ]] | if [[ $windows = true ]] | ||||
then | then | ||||
echo "" | echo "" | ||||
echo "Signing ${VERSION} Windows" | echo "Signing ${VERSION} Windows" | ||||
echo "" | echo "" | ||||
./bin/gbuild -i --commit signature=${COMMIT} ../bitcoin/contrib/gitian-descriptors/gitian-win-signer.yml | ./bin/gbuild -i --commit signature=${COMMIT} ../bitcoin/contrib/gitian-descriptors/gitian-win-signer.yml | ||||
./bin/gsign -p $signProg --signer $SIGNER --release ${VERSION}-win-signed --destination ../gitian.sigs/ ../bitcoin/contrib/gitian-descriptors/gitian-win-signer.yml | ./bin/gsign -p $signProg --signer $SIGNER --release ${VERSION}-win-signed --destination ../gitian.sigs/ ../bitcoin/contrib/gitian-descriptors/gitian-win-signer.yml | ||||
mv build/out/bitcoin-*win64-setup.exe ../bitcoin-binaries/${VERSION} | mv build/out/bitcoin-*win64-setup.exe ../bitcoin-binaries/${VERSION} | ||||
mv build/out/bitcoin-*win32-setup.exe ../bitcoin-binaries/${VERSION} | mv build/out/bitcoin-*win32-setup.exe ../bitcoin-binaries/${VERSION} | ||||
fi | fi | ||||
# Sign Mac OSX | # Sign Mac OSX | ||||
if [[ $osx = true ]] | if [[ $osx = true ]] | ||||
then | then | ||||
echo "" | echo "" | ||||
echo "Signing ${VERSION} Mac OSX" | echo "Signing ${VERSION} Mac OSX" | ||||
echo "" | echo "" | ||||
./bin/gbuild -i --commit signature=${COMMIT} ../bitcoin/contrib/gitian-descriptors/gitian-osx-signer.yml | ./bin/gbuild -i --commit signature=${COMMIT} ../bitcoin/contrib/gitian-descriptors/gitian-osx-signer.yml | ||||
./bin/gsign -p $signProg --signer $SIGNER --release ${VERSION}-osx-signed --destination ../gitian.sigs/ ../bitcoin/contrib/gitian-descriptors/gitian-osx-signer.yml | ./bin/gsign -p $signProg --signer $SIGNER --release ${VERSION}-osx-signed --destination ../gitian.sigs/ ../bitcoin/contrib/gitian-descriptors/gitian-osx-signer.yml | ||||
mv build/out/bitcoin-osx-signed.dmg ../bitcoin-binaries/${VERSION}/bitcoin-${VERSION}-osx.dmg | mv build/out/bitcoin-osx-signed.dmg ../bitcoin-binaries/${VERSION}/bitcoin-${VERSION}-osx.dmg | ||||
fi | fi | ||||
popd | popd | ||||
if [[ $commitFiles = true ]] | if [[ $commitFiles = true ]] | ||||
then | then | ||||
# Commit Sigs | # Commit Sigs | ||||
pushd gitian.sigs | pushd gitian.sigs | ||||
echo "" | echo "" | ||||
echo "Committing ${VERSION} Signed Sigs" | echo "Committing ${VERSION} Signed Sigs" | ||||
echo "" | echo "" | ||||
git add ${VERSION}-win-signed/${SIGNER} | git add ${VERSION}-win-signed/${SIGNER} | ||||
git add ${VERSION}-osx-signed/${SIGNER} | git add ${VERSION}-osx-signed/${SIGNER} | ||||
git commit -a -m "Add ${VERSION} signed binary sigs for ${SIGNER}" | git commit -a -m "Add ${VERSION} signed binary sigs for ${SIGNER}" | ||||
popd | popd | ||||
fi | fi | ||||
fi | fi |