From 9afec3d3eae58d26a932eb390d0c40b7c6793c9e Mon Sep 17 00:00:00 2001 From: sommerfeld Date: Wed, 24 Apr 2024 15:28:42 +0100 Subject: Make generate-changelog.sh more robust --- utils/generate_changelog.sh | 24 ++++++++++++++++++------ 1 file changed, 18 insertions(+), 6 deletions(-) (limited to 'utils/generate_changelog.sh') diff --git a/utils/generate_changelog.sh b/utils/generate_changelog.sh index 05e7e9e..eea2c2a 100755 --- a/utils/generate_changelog.sh +++ b/utils/generate_changelog.sh @@ -1,10 +1,19 @@ #|/usr/bin/env sh +set -e + script_dir=$(dirname -- "$(readlink -f "$0")") +root_dir=$script_dir/.. + +cwd=$(pwd) +cd "$root_dir" + +version=$(head -n 1 docs/CHANGELOG.md | cut -f 1 -d ' ') -sed '/^$/q' "$script_dir"/../docs/CHANGELOG.md +sed '/^$/q' docs/CHANGELOG.md -echo '## Verifying the release +printf 'Verifying the release +--------------------- 0. Import my gpg public key into your keyring (you only need to do this once, not for every release): @@ -12,15 +21,18 @@ echo '## Verifying the release gpg --auto-key-locate clear,wkd --locate-keys sommerfeld@sommerfeld.dev ``` -1. Download `sentrum-%s-manifest.txt` and `sentrum-%s-manifest.txt.asc` to the same directory where you are downloading the binary. +1. Download `sentrum-v%s-manifest.txt` and `sentrum-v%s-manifest.txt.asc` to the same directory where you are downloading the binary. 2. Verify the gpg signature is mine (should ouput `Good signature`)`: ```bash -gpg --verify sentrum-%s-manifest.txt.asc +gpg --verify sentrum-v%s-manifest.txt.asc ``` 3. Verify the checksums of the binaries (should output `OK`): ```bash -sha256sum --check --ignore-missing sentrum-%s-manifest.txt -```' | sed "s/%s/$1/g" +sha256sum --check --ignore-missing sentrum-v%s-manifest.txt +``` +' "$version" "$version" "$version" "$version" + +cd "$cwd" -- cgit v1.2.3-70-g09d2