Compare commits
No commits in common. "dacaf8cdae98cfab1177f21dea6497de4663ed10" and "4676d9f889de71446bf9caa1411c856584769124" have entirely different histories.
dacaf8cdae
...
4676d9f889
|
@ -1,2 +1 @@
|
||||||
dist/*.iso filter=lfs diff=lfs merge=lfs -text
|
dist/*.iso filter=lfs diff=lfs merge=lfs -text
|
||||||
dist/airgap.iso filter=lfs diff=lfs merge=lfs -text
|
|
||||||
|
|
93
Makefile
93
Makefile
|
@ -3,38 +3,12 @@ GIT_REF := $(shell git log -1 --format=%H)
|
||||||
GIT_AUTHOR := $(shell git log -1 --format=%an)
|
GIT_AUTHOR := $(shell git log -1 --format=%an)
|
||||||
GIT_KEY := $(shell git log -1 --format=%GP)
|
GIT_KEY := $(shell git log -1 --format=%GP)
|
||||||
GIT_TIMESTAMP := $(shell git log -1 --format=%cd --date=iso)
|
GIT_TIMESTAMP := $(shell git log -1 --format=%cd --date=iso)
|
||||||
VERSION := development
|
|
||||||
export
|
|
||||||
|
|
||||||
## Use env vars from latest release when reproducing
|
|
||||||
ifeq ($(REPRODUCE),"TRUE")
|
|
||||||
include dist/release.env
|
|
||||||
export
|
|
||||||
endif
|
|
||||||
|
|
||||||
.DEFAULT_GOAL :=
|
.DEFAULT_GOAL :=
|
||||||
.PHONY: default
|
.PHONY: default
|
||||||
default: \
|
default: \
|
||||||
out/release.env \
|
|
||||||
out/manifest.txt \
|
|
||||||
out/airgap.iso
|
out/airgap.iso
|
||||||
|
|
||||||
## Primary targets
|
|
||||||
|
|
||||||
out/airgap.iso: Containerfile $(shell git ls-files rootfs)
|
|
||||||
docker build \
|
|
||||||
--progress=plain \
|
|
||||||
--output type=local,dest=out \
|
|
||||||
--build-arg VERSION="$(or $(VERSION),"development")" \
|
|
||||||
--build-arg GIT_REF="$(GIT_REF)" \
|
|
||||||
--build-arg GIT_AUTHOR="$(GIT_AUTHOR)" \
|
|
||||||
--build-arg GIT_KEY="$(GIT_KEY)" \
|
|
||||||
--build-arg GIT_TIMESTAMP="$(GIT_TIMESTAMP)" \
|
|
||||||
-f Containerfile \
|
|
||||||
.
|
|
||||||
|
|
||||||
## Development Targets
|
|
||||||
|
|
||||||
.PHONY: vm
|
.PHONY: vm
|
||||||
vm: vm-bios
|
vm: vm-bios
|
||||||
|
|
||||||
|
@ -67,59 +41,14 @@ vm-efi: out/airgap.iso
|
||||||
-display gtk,show-menubar=off,zoom-to-fit=on \
|
-display gtk,show-menubar=off,zoom-to-fit=on \
|
||||||
-cdrom "out/airgap.iso"
|
-cdrom "out/airgap.iso"
|
||||||
|
|
||||||
## Signing, Verification, and Release Targets
|
out/airgap.iso: Containerfile $(shell git ls-files rootfs)
|
||||||
|
docker build \
|
||||||
.PHONY: clean
|
--progress=plain \
|
||||||
clean:
|
--output type=local,dest=out \
|
||||||
rm -rf out
|
--build-arg VERSION="$(or $(VERSION),"development")" \
|
||||||
|
--build-arg GIT_REF="$(GIT_REF)" \
|
||||||
.PHONY: release
|
--build-arg GIT_AUTHOR="$(GIT_AUTHOR)" \
|
||||||
release: default
|
--build-arg GIT_KEY="$(GIT_KEY)" \
|
||||||
rm -rf dist/*
|
--build-arg GIT_TIMESTAMP="$(GIT_TIMESTAMP)" \
|
||||||
cp -R out/release.env out/airgap.iso out/manifest.txt dist/
|
-f Containerfile \
|
||||||
|
.
|
||||||
.PHONY: sign
|
|
||||||
sign:
|
|
||||||
set -e; \
|
|
||||||
git config --get user.signingkey 2>&1 >/dev/null || { \
|
|
||||||
echo "Error: git user.signingkey is not defined"; \
|
|
||||||
exit 1; \
|
|
||||||
}; \
|
|
||||||
fingerprint=$$(\
|
|
||||||
git config --get user.signingkey \
|
|
||||||
| sed 's/.*\([A-Z0-9]\{16\}\).*/\1/g' \
|
|
||||||
); \
|
|
||||||
gpg --armor \
|
|
||||||
--detach-sig \
|
|
||||||
--output dist/manifest.$${fingerprint}.asc \
|
|
||||||
dist/manifest.txt
|
|
||||||
|
|
||||||
.PHONY: verify
|
|
||||||
verify: | dist/manifest.txt
|
|
||||||
set -e; \
|
|
||||||
for file in dist/manifest.*.asc; do \
|
|
||||||
echo "\nVerifying: $${file}\n"; \
|
|
||||||
gpg --verify $${file} dist/manifest.txt; \
|
|
||||||
done;
|
|
||||||
|
|
||||||
.PHONY: reproduce
|
|
||||||
reproduce: clean | out
|
|
||||||
$(MAKE)
|
|
||||||
diff -q out/manifest.txt dist/manifest.txt;
|
|
||||||
|
|
||||||
out:
|
|
||||||
mkdir -p $@
|
|
||||||
|
|
||||||
out/release.env: $(shell git ls-files) | out
|
|
||||||
echo 'VERSION=$(VERSION)' > out/release.env
|
|
||||||
echo 'GIT_REF=$(GIT_REF)' >> out/release.env
|
|
||||||
echo 'GIT_AUTHOR=$(GIT_AUTHOR)' >> out/release.env
|
|
||||||
echo 'GIT_KEY=$(GIT_KEY)' >> out/release.env
|
|
||||||
echo 'GIT_TIMESTAMP=$(GIT_TIMESTAMP)' >> out/release.env
|
|
||||||
|
|
||||||
out/manifest.txt: out/airgap.iso out/release.env | out
|
|
||||||
openssl sha256 -r \
|
|
||||||
out/airgap.iso \
|
|
||||||
out/release.env \
|
|
||||||
| sed -e 's/ \*out\// /g' -e 's/ \.\// /g' \
|
|
||||||
> $@
|
|
||||||
|
|
Binary file not shown.
|
@ -1,2 +0,0 @@
|
||||||
f1dbd9cdd76a117dc03177dad773359d56379e95bdae67bc656117d0da2bf5bc airgap.iso
|
|
||||||
985ad604d4cce9100424a86535f62a52c98b4869eb615bdf666ead9a9b751e8d release.env
|
|
|
@ -1,5 +0,0 @@
|
||||||
VERSION=1.0.0rc1
|
|
||||||
GIT_REF=f0270a2862e7c3874407357145f6b77fb0580065
|
|
||||||
GIT_AUTHOR=Lance R. Vick
|
|
||||||
GIT_KEY=6B61ECD76088748C70590D55E90A401336C8AAA9
|
|
||||||
GIT_TIMESTAMP=2024-08-02 21:44:19 -0700
|
|
Loading…
Reference in New Issue