Add checksums for download tools
The signature prepare tool and the gitian-builder git repo should be checked for their content. For this purpose, checkout the gitian-builder repo at a specific commit and take the sha256sum of the osslsigncode tool.
This commit is contained in:
parent
c2f178902a
commit
f2127f9dca
|
@ -24,13 +24,12 @@ def setup():
|
|||
subprocess.check_call(['sudo', 'apt-get', 'install', '-qq'] + programs)
|
||||
if not os.path.isdir('gitian.sigs'):
|
||||
subprocess.check_call(['git', 'clone', 'https://github.com/bitcoin-core/gitian.sigs.git'])
|
||||
if not os.path.isdir('monero-detached-sigs'):
|
||||
subprocess.check_call(['git', 'clone', 'https://github.com/bitcoin-core/bitcoin-detached-sigs.git'])
|
||||
if not os.path.isdir('gitian-builder'):
|
||||
subprocess.check_call(['git', 'clone', 'https://github.com/devrandom/gitian-builder.git'])
|
||||
if not os.path.isdir('monero'):
|
||||
subprocess.check_call(['git', 'clone', 'https://github.com/bitcoin-core/monero.git'])
|
||||
subprocess.check_call(['git', 'clone', 'https://github.com/monero-project/monero.git'])
|
||||
os.chdir('gitian-builder')
|
||||
subprocess.check_call(['git', 'checkout', '963322de8420c50502c4cc33d4d7c0d84437b576'])
|
||||
make_image_prog = ['bin/make-base-vm', '--suite', 'bionic', '--arch', 'amd64']
|
||||
if args.docker:
|
||||
make_image_prog += ['--docker']
|
||||
|
@ -51,8 +50,10 @@ def build():
|
|||
os.chdir('gitian-builder')
|
||||
os.makedirs('inputs', exist_ok=True)
|
||||
|
||||
subprocess.check_call(['wget', '-N', '-P', 'inputs', 'http://downloads.sourceforge.net/project/osslsigncode/osslsigncode/osslsigncode-1.7.1.tar.gz'])
|
||||
subprocess.check_call(['wget', '-N', '-P', 'inputs', 'https://downloads.sourceforge.net/project/osslsigncode/osslsigncode/osslsigncode-1.7.1.tar.gz'])
|
||||
subprocess.check_call(['wget', '-N', '-P', 'inputs', 'https://bitcoincore.org/cfields/osslsigncode-Backports-to-1.7.1.patch'])
|
||||
subprocess.check_output(["echo 'a8c4e9cafba922f89de0df1f2152e7be286aba73f78505169bc351a7938dd911 inputs/osslsigncode-Backports-to-1.7.1.patch' | sha256sum -c"], shell=True)
|
||||
subprocess.check_output(["echo 'f9a8cdb38b9c309326764ebc937cba1523a3a751a7ab05df3ecc99d18ae466c9 inputs/osslsigncode-1.7.1.tar.gz' | sha256sum -c"], shell=True)
|
||||
subprocess.check_call(['make', '-C', '../monero/contrib/depends', 'download', 'SOURCES_PATH=' + os.getcwd() + '/cache/common'])
|
||||
|
||||
if args.linux:
|
||||
|
|
Loading…
Reference in New Issue