From 9587d90546c2ca3a830d80f75b0475fbbad852dd Mon Sep 17 00:00:00 2001
From: Thomas Orozco <torozco@fb.com>
Date: Sun, 19 Apr 2020 17:32:27 +0100
Subject: [PATCH] run_build: publish sha256 checksums to releases

Fixes #153. It doesn't hurt to have those, though in general clients
probably shouldn't rely too much on getting their binary and their
checksum from the same source.
---
 ci/run_build.sh | 65 +++++++++++++++++++++++--------------------------
 1 file changed, 31 insertions(+), 34 deletions(-)

diff --git a/ci/run_build.sh b/ci/run_build.sh
index d51177d..5d006c4 100755
--- a/ci/run_build.sh
+++ b/ci/run_build.sh
@@ -211,12 +211,7 @@ if [[ -n "${ARCH_NATIVE-}" ]]; then
   # Run tests
   python3 "${SOURCE_DIR}/test/run_inner_tests.py"
 else
-  if [[ ! -n "${ARCH_SUFFIX-}" ]]; then
-    echo "Built cross package, but $ARCH_SUFFIX is empty!"
-    exit 1
-  fi
-  echo "Built cross package (ARCH_SUFFIX=${ARCH_SUFFIX})"
-  echo "Skipping smoke and internal tests"
+  echo "Not a native build, skipping smoke and internal tests"
 fi
 
 # Now, copy over files to DIST_DIR, with appropriate names depending on the
@@ -224,42 +219,42 @@ fi
 # Handle the DEB / RPM
 mkdir -p "${DIST_DIR}"
 
-TINIS=()
-
-for tini in tini tini-static; do
-  if [[ -n "${ARCH_SUFFIX-}" ]]; then
-    to="${DIST_DIR}/${tini}-${ARCH_SUFFIX}"
-    TINIS+=("$to")
-    cp "${BUILD_DIR}/${tini}" "$to"
-  else
-    to="${DIST_DIR}/${tini}"
-    TINIS+=("$to")
-    cp "${BUILD_DIR}/${tini}" "$to"
-  fi
+DIST_TINIS=()
+
+SUFFIX=""
+if [[ -n "$ARCH_SUFFIX" ]]; then
+  SUFFIX="-${ARCH_SUFFIX}"
+elif [[ -z "$ARCH_NATIVE" ]]; then
+  echo "Refusing to publish a non-native build without suffix!"
+  exit 1
+fi
+
+for build_tini in tini tini-static; do
+  dist_tini="${build_tini}${SUFFIX}"
+  cp "${BUILD_DIR}/${build_tini}" "${DIST_DIR}/${dist_tini}"
+  DIST_TINIS+=("$dist_tini")
 done
 
 if [[ -n "${ARCH_NATIVE-}" ]]; then
   for pkg_format in deb rpm; do
-    src="${BUILD_DIR}/tini_${pkg_version}.${pkg_format}"
-
-    if [[ -n "${ARCH_SUFFIX-}" ]]; then
-      to="${DIST_DIR}/tini_${pkg_version}-${ARCH_SUFFIX}.${pkg_format}"
-      TINIS+=("$to")
-      cp "$src" "$to"
-    else
-      to="${DIST_DIR}/tini_${pkg_version}.${pkg_format}"
-      TINIS+=("$to")
-      cp "$src" "$to"
-    fi
+    build_tini="tini_${pkg_version}.${pkg_format}"
+    dist_tini="tini_${pkg_version}${SUFFIX}.${pkg_format}"
+    cp "${BUILD_DIR}/${build_tini}" "${DIST_DIR}/${dist_tini}"
+    DIST_TINIS+=("$dist_tini")
   done
 fi
 
-echo "Tinis: ${TINIS[*]}"
+echo "Tinis: ${DIST_TINIS[*]}"
+
+pushd "$DIST_DIR"
 
-for tini in "${TINIS[@]}"; do
+for tini in "${DIST_TINIS[@]}"; do
   echo "${tini}:"
-  sha1sum "$tini"
-  sha256sum "$tini"
+
+  for sum in sha1sum sha256sum; do
+    "$sum" "$tini" | tee "${tini}.${sum}"
+  done
+
   file "$tini"
   echo "--"
 done
@@ -279,8 +274,10 @@ if [[ -n "$GPG_PASSPHRASE" ]] && [[ -f "${SOURCE_DIR}/sign.key" ]]; then
   gpg --homedir "${GPG_SIGN_HOMEDIR}" --import "${SOURCE_DIR}/sign.key"
   gpg --homedir "${GPG_VERIFY_HOMEDIR}" --keyserver "$PGP_KEYSERVER" --recv-keys "$PGP_KEY_FINGERPRINT"
 
-  for tini in "${TINIS[@]}"; do
+  for tini in "${DIST_TINIS[@]}"; do
     echo "${GPG_PASSPHRASE}" | gpg --homedir "${GPG_SIGN_HOMEDIR}" --passphrase-fd 0 --armor --detach-sign "${tini}"
     gpg --homedir "${GPG_VERIFY_HOMEDIR}" --verify "${tini}.asc"
   done
 fi
+
+popd