Stage the Distribution Binaries

/!\ TODO: Fix paths

The distribution binaries should be copied from <PATH> to /www/ After copying the builds, make sure you can view them in the staging distribution site

Signing the distribution binaries

Prerequisite: If you have never signed distribution binaries before, generate and add your key to the KEYS file (instructions are at the top of the file). I have found GnuPG to be easy to use.

/!\ TODO: the location of the assemblies need to be updated to the correct location

1. cd into the <PATH> directory. Here's what it looks like:

esm@clue$ ls
pluto-1.1.0-bin.tar.bz2     pluto-1.1.0-container-bin.tar.bz2
pluto-1.1.0-bin.tar.gz   pluto-1.1.0-bundle.tar.bz2  pluto-1.1.0-container-bin.tar.gz      pluto-1.1.0-bundle.tar.gz

2. Sign the files using gpg. I use this simple one liner:

$ for file in * ; do gpg -a -b $file ; done

3. If you do this correctly you should have a *.asc file for each distribution file. The *.asc file contains the digital signature.

esm@clue$ ls
pluto-1.1.0-bin.tar.bz2      pluto-1.1.0-bundle.tar.bz2.asc         pluto-1.1.0-container-bin.tar.gz
pluto-1.1.0-bin.tar.bz2.asc  pluto-1.1.0-bundle.tar.gz              pluto-1.1.0-container-bin.tar.gz.asc
pluto-1.1.0-bin.tar.gz       pluto-1.1.0-bundle.tar.gz.asc
pluto-1.1.0-bin.tar.gz.asc                pluto-1.1.0-container-bin.tar.bz2
pluto-1.1.0-bundle.tar.bz2   pluto-1.1.0-container-bin.tar.bz2.asc

4. We seem to also be adding md5 sums as well as digital signatures. You can use md5sum <filename> or openssl md5 <filename> to do this. has gpg and openssl:

for file in *[!.asc] ; do echo `openssl md5 $file` > $file.md5 ; done

Now for each distribution file we have a digital signature (in *.asc) and a MD5 checksum (in *.md5).