verify tarballs during build

This follows
https://fedoraproject.org/wiki/PackagingDrafts:GPGSignatures .
This commit is contained in:
David Tardon 2017-09-23 17:01:38 +02:00
parent a559a32971
commit f01486efd1
4 changed files with 78 additions and 15 deletions

3
.gitignore vendored
View File

@ -80,3 +80,6 @@
/libreoffice-5.4.2.1.tar.xz /libreoffice-5.4.2.1.tar.xz
/libreoffice-help-5.4.2.1.tar.xz /libreoffice-help-5.4.2.1.tar.xz
/libreoffice-translations-5.4.2.1.tar.xz /libreoffice-translations-5.4.2.1.tar.xz
/libreoffice-5.4.2.1.tar.xz.asc
/libreoffice-help-5.4.2.1.tar.xz.asc
/libreoffice-translations-5.4.2.1.tar.xz.asc

View File

@ -0,0 +1,51 @@
-----BEGIN PGP PUBLIC KEY BLOCK-----
mQINBEyzEr0BEADT441wUITsTwDA2nM3kmUhGrzTdxZB5xv/E1ZJCw63qWdmdTdW
NZDfNDuLs4r2VjlEoA3xGK6jgnQvyAoNj0yiEbW/JedHHgOiVdXDlkgkY58myafT
FXqDLzTXVrsNnay0GS8XrNjptZJPhEPBvNUdkqpA9B7RTkfaXj779Pf/AeFMZVLl
UAci5RA0NNF910GHwoXT6SEv2PGoawsphnfmMVdKh9wz7asbtKXEmotCwX3k045x
LsIVK5ANOi+BI9C3LkrrFJWw2XHqDW2ulwCJ0L5QNSjOuY/v8REODwIXamvvdZOz
XBKSIzDOalJqFCHls3YlGyFw1knr6BAOmVOm32YtNTCLbVA/iK55fZWnUCjD3a4G
xz4qpQYWfpxhOmlHpk5JkraSNHzCc7SB43DwcHF5ecXHttMhO8MoN/bAZBgCuLGF
EwNvwFbDwIWo07mlv7wD8i1rtUCvLywJc5YL2PbjCLfB1Q4YzDX1EWnjKdnAsxxK
ftrx1DFlxzUF+TaHbLTPttUcsWQaL8wITznoWIwdIWlo2woPgWIpUXMOYwYV31Oo
fgmroHa3V4NOvkke09uhaZawg5yZCoRFohhfKPqT1ZrJ9SnRbW/WR3VTVY76ht5k
RuV3eb2VWBmPU9zn56Tbe6dvFkBuzHH1JdECAqy1BzFcmQQFBebFzf1XAQARAQAB
tEhMaWJyZU9mZmljZSBCdWlsZCBUZWFtIChDT0RFIFNJR05JTkcgS0VZKSA8YnVp
bGRAZG9jdW1lbnRmb3VuZGF0aW9uLm9yZz6JAjcEEwEKACEFAkyzEr0CGwMFCwkI
BwMFFQoJCAsFFgIDAQACHgECF4AACgkQ9DSh76/urqOc4w//X+74QlyRalcuLNw3
oJKB1+1z6xxhhpwg1kw5cMMrGu0w0YoPvLDKaiS02DdkIaXDECcQTOoEh7/bYbZq
6OtE1WyxqHYYOPK5yul5FRwZ5k5HZ7pDFcKCQ72UgWhz+QznRhgZ0jwEWl5Ln3rw
JpSynIvTXHmQogId0xmcrNQPyckzzugGx4qZFinSOmDGwTgG14NU3vat2iek37Ph
BLh5V8ohlEoccwwPejtKEWQudg0Q8K7uBuqLUhnJoZodEytqpOvtysuPtGxGXnmD
7oXtBVEF3X6eFRXDIp81cx2isHK4Krf4z4T9KUimNLHjWRa+ZQtp2pZLHQlblfsn
CUf6TYZ0Yi909EhcM/hxAgBZXellOCQ/8U2cJsTUyN5Dp1wbf6X0uK4uaed1/037
EGLAO6PP6WQz6jWd1/hhsQ5oAmdjkzlMFEfKNeIIDuKMOjXcTvM8/KRXhufwICvS
FBlSIveHfDFWCvOVgq0VjAY7NFMFKRUnRHB58qBamtyhOyscRIvT5QH8HYfUA/YN
l9FguczYUIQi3t+H1hoHIywdtmRuhYx5WlIUe8FO9QD5RMPbBjVbkCYgdHdxgnJD
KCoRGsoKlLB7UZc4Ak9j6plZbYtFRonm2MjU4zxblCFNuEqVQ0V/y6/OIGpBYF9Y
aEAtTgEJd9OmmDCM3d8O0zZHYma5Ag0ETLMSvQEQAMDp0HxSDWd+2Od/aJutCMFe
8tfw7+nP9gfHOCUqesb88QvRMJgVY6z1aNdMllxTKlsxUiuA6uNcrUAkzDp/qRWR
58rWIO642PLifng3urJ1cDbSKC+K4RHpQC+hXllMKLqq8dwNy1LO4fPo9SdtUF4B
ev6enKmo4yCiOGv2tvztPh9gMGYoDncaOsS0t2UPr2MMQIVUmmIzfJBkdOxbZiWO
doeNbWsYJHQaO+Ahal6SjPHKzhdjeXhZzHl1vqeDkV4MXHprrOwXNXwPiEpkZe2O
dc7yaMkQc0k8WRrfKHApbnwDx6Mi8HYaf+LvRq7P0eMO9osD1q44wQQvVzk199zp
MMHS5/kAv7RBNmDOSJQIZ4zT4lzRDODjMf01Ljn02zon12GfJo0WbbpmLulta7uj
HgMrUU54by8WPFGW0fljXiDX0EpkHhxUsUsfaNfBsFnE+sRxQjNF/ljvofkyApI2
1OjtEa9krwvgDqaXsL+a2076OsoFpORlTZ30REb0eRS6rEt8M+7s4xTaA7GFxlY/
N+bnaM8m+ItygfFHHW4H0wLbbgajDeooSTgaheVNF5V9HS0EkN4MNVvtJH7J6drd
iR1QVhX87n7+JtQzTtCOyfeKjaB+kcbAm/2VOFOeHdig5+BygpXt3IixVq72xmGz
h0jhY565MjXrqg5O3pvLABEBAAGJAh8EGAEKAAkFAkyzEr0CGwwACgkQ9DSh76/u
rqPaeg//avI2/a94XlSYtSZb2hVdW3qa9AEypQurqtVrKJfEKFV+ZQBPXbPRy8Mz
5LMEH1sfD6B4SVGIGJ8opSyieJkcKIke+GMekTWvSqDpFOgY2rw7eHNn/33ZJs3O
zQOyWz8smE/AIM/5lyiVGuSlU7RjYncf1V9bIBc91q9Edqk4IYUo/7W+yafC0VW/
8oHUFYjHNaujiOsEoLiXsh9Y0R/6Jxs6fvE4XbCANV/ecN5UX+9BBrNZNN/9GbNr
6CYGZ57M2f1Pgywy/XvOnEPnJ8aWXUyGLqq34KvMPFPSOeAmFbkFEsB4mdDMFaDw
rzziiZE/zS8/nKiH4X2JgmLgFsadEihdfYxeDcGbhREK/qA1f3bGnr1j05V07yko
2FFZdiOr4OgiT5ymgwVUXQ2Aiz+J/C8URjfpcPxetmuDQT9AYfgmMKPNVXPFWuNQ
dzN5GZbI+E1/cb5+uLNknvjngw2G4PR/4uPHX1HCSftlNawBqWzyun1k+B7/u3Oe
FebWXcdqSmZuLQ7l0Pkuz/Nlp6M6cKpceL+9zCgaiR5+v9h94VvtXKd/mw9ZLACc
VcOANiwCtsJP3lt7jRSHtkuUe6vUm5tLS582RfXxoI1BlPjNtG9xAQ3JKBHIXbal
T18pAFO3t74cxg3h0iI1G51F3oL0DwILP2MBBmardVEp5CMnB/M=
=1iQB
-----END PGP PUBLIC KEY BLOCK-----

View File

@ -22,7 +22,7 @@
# rhbz#465664 jar-repacking breaks help by reordering META-INF/MANIFEST.MF # rhbz#465664 jar-repacking breaks help by reordering META-INF/MANIFEST.MF
%global __jar_repack %{nil} %global __jar_repack %{nil}
# make it easier to download sources from pre-release site # make it easier to download sources from pre-release site
%if 0%{?rebase} %if 0%{?prerelease}
%global source_url http://dev-builds.libreoffice.org/pre-releases/src %global source_url http://dev-builds.libreoffice.org/pre-releases/src
%else %else
%global source_url http://download.documentfoundation.org/libreoffice/src/%{libo_version} %global source_url http://download.documentfoundation.org/libreoffice/src/%{libo_version}
@ -62,22 +62,21 @@ License: (MPLv1.1 or LGPLv3+) and LGPLv3 and LGPLv2+ and BSD and (MPLv1.1
URL: http://www.libreoffice.org/ URL: http://www.libreoffice.org/
Source0: %{source_url}/libreoffice-%{version}%{?libo_prerelease}%{?libo_buildfix}.tar.xz Source0: %{source_url}/libreoffice-%{version}%{?libo_prerelease}%{?libo_buildfix}.tar.xz
Source1: %{source_url}/libreoffice-help-%{version}%{?libo_prerelease}%{?libo_buildfix}.tar.xz Source1: %{source_url}/libreoffice-%{version}%{?libo_prerelease}%{?libo_buildfix}.tar.xz.asc
Source2: %{source_url}/libreoffice-translations-%{version}%{?libo_prerelease}%{?libo_buildfix}.tar.xz Source2: %{source_url}/libreoffice-help-%{version}%{?libo_prerelease}%{?libo_buildfix}.tar.xz
%if 0%{?rebase} Source3: %{source_url}/libreoffice-help-%{version}%{?libo_prerelease}%{?libo_buildfix}.tar.xz.asc
Source3: %{source_url}/libreoffice-%{version}%{?libo_prerelease}%{?libo_buildfix}.tar.xz.asc Source4: %{source_url}/libreoffice-translations-%{version}%{?libo_prerelease}%{?libo_buildfix}.tar.xz
Source4: %{source_url}/libreoffice-help-%{version}%{?libo_prerelease}%{?libo_buildfix}.tar.xz.asc
Source5: %{source_url}/libreoffice-translations-%{version}%{?libo_prerelease}%{?libo_buildfix}.tar.xz.asc Source5: %{source_url}/libreoffice-translations-%{version}%{?libo_prerelease}%{?libo_buildfix}.tar.xz.asc
%endif Source6: gpgkey-C2839ECAD9408FBE9531C3E9F434A1EFAFEEAEA3.gpg.asc
Source6: http://dev-www.libreoffice.org/extern/185d60944ea767075d27247c3162b3bc-unowinreg.dll Source7: http://dev-www.libreoffice.org/extern/185d60944ea767075d27247c3162b3bc-unowinreg.dll
Source7: libreoffice-multiliblauncher.sh Source8: libreoffice-multiliblauncher.sh
Source8: %{external_url}/a7983f859eafb2677d7ff386a023bc40-xsltml_2.1.2.zip Source9: %{external_url}/a7983f859eafb2677d7ff386a023bc40-xsltml_2.1.2.zip
Source9: %{external_url}/xmlsec1-1.2.24.tar.gz Source10: %{external_url}/xmlsec1-1.2.24.tar.gz
Source10: %{external_url}/798b2ffdc8bcfe7bca2cf92b62caf685-rhino1_5R5.zip Source11: %{external_url}/798b2ffdc8bcfe7bca2cf92b62caf685-rhino1_5R5.zip
Source11: %{external_url}/35c94d2df8893241173de1d16b6034c0-swingExSrc.zip Source12: %{external_url}/35c94d2df8893241173de1d16b6034c0-swingExSrc.zip
#Unfortunately later versions of hsqldb changed the file format, so if we use a later version we loose #Unfortunately later versions of hsqldb changed the file format, so if we use a later version we loose
#backwards compatability. #backwards compatability.
Source12: %{external_url}/17410483b5b5f267aa18b7e00b65e6e0-hsqldb_1_8_0.zip Source13: %{external_url}/17410483b5b5f267aa18b7e00b65e6e0-hsqldb_1_8_0.zip
%global bundling_options %{?bundling_options} --without-system-hsqldb %global bundling_options %{?bundling_options} --without-system-hsqldb
%if 0%{?fedora} %if 0%{?fedora}
@ -124,6 +123,7 @@ BuildRequires: flex
BuildRequires: gcc-c++ BuildRequires: gcc-c++
BuildRequires: gdb BuildRequires: gdb
BuildRequires: git BuildRequires: git
BuildRequires: gnupg2
BuildRequires: gperf BuildRequires: gperf
BuildRequires: icu BuildRequires: icu
BuildRequires: make BuildRequires: make
@ -934,7 +934,13 @@ done \
%{!?-l:%{error:-l must be present}} %{!?-l:%{error:-l must be present}}
%prep %prep
%setup -q -n %{name}-%{version}%{?libo_prerelease} -b 1 -b 2 # verify tarballs
gpg2 --dearmor < %{SOURCE6} > keyring.gpg
gpgv2 --keyring ./keyring.gpg %{SOURCE1} %{SOURCE0}
gpgv2 --keyring ./keyring.gpg %{SOURCE3} %{SOURCE2}
gpgv2 --keyring ./keyring.gpg %{SOURCE5} %{SOURCE4}
%setup -q -n %{name}-%{version}%{?libo_prerelease} -b 2 -b 4
rm -rf git-hooks */git-hooks rm -rf git-hooks */git-hooks
# set up git repo # set up git repo

View File

@ -10,3 +10,6 @@ SHA512 (xmlsec1-1.2.24.tar.gz) = a01feb9af8f85e77f2c5d2d7f596fba3ef58bc593cb9a7c
SHA512 (libreoffice-5.4.2.1.tar.xz) = 203e2f7a8f726a125611566363c7ec6d7fb8f2d9731109029ca40ef1642b5270436b918e6f917629543d00252e8e6f5d7d6f16b055ed22fb0ce0cb4117c7ee23 SHA512 (libreoffice-5.4.2.1.tar.xz) = 203e2f7a8f726a125611566363c7ec6d7fb8f2d9731109029ca40ef1642b5270436b918e6f917629543d00252e8e6f5d7d6f16b055ed22fb0ce0cb4117c7ee23
SHA512 (libreoffice-help-5.4.2.1.tar.xz) = e2c80e06cc3d5859a400bcdcdd8328008cde7042f816d64c5d4648d119e222ea489f16ccc5af52e43a2bc739f1a4586230045d9440c8ee997a58a3fec9f08d70 SHA512 (libreoffice-help-5.4.2.1.tar.xz) = e2c80e06cc3d5859a400bcdcdd8328008cde7042f816d64c5d4648d119e222ea489f16ccc5af52e43a2bc739f1a4586230045d9440c8ee997a58a3fec9f08d70
SHA512 (libreoffice-translations-5.4.2.1.tar.xz) = 31e11b2f5da20fa57dae6545a20ed40f5f3770b07c89e788d21bdd15174cdf43c1d7136dd10013c0730523f532871f9d3659a8ac2bf856786be7dea28b13dfc5 SHA512 (libreoffice-translations-5.4.2.1.tar.xz) = 31e11b2f5da20fa57dae6545a20ed40f5f3770b07c89e788d21bdd15174cdf43c1d7136dd10013c0730523f532871f9d3659a8ac2bf856786be7dea28b13dfc5
SHA512 (libreoffice-5.4.2.1.tar.xz.asc) = 3908d92e4d172f0a040927925cfd40f789e15238f24ff383f16e1d5fa45e6918dfc5f340f2431be8584eeb4a2433f56118da2bca1e50a97f2321d2ea850417d3
SHA512 (libreoffice-help-5.4.2.1.tar.xz.asc) = 277cb462b3e6a79f5d2cc001ea09eb90389050a0ef056aa9a42bb4a768d97c4da17def083f8ed0fed4ab953b420de2519d48eb9ba7f7f8b37882d4dda30e3658
SHA512 (libreoffice-translations-5.4.2.1.tar.xz.asc) = 8c6be32fdd0c8cbb91ee39a73dd81bcb287b8634d71e85281cb3f7dc230a425ac544992ef2bc98310f35f427851c004a02ffdc4498b3991dec88bc8af7367a49