From: Filippo Valsorda Date: Mon, 31 Dec 2012 18:15:30 +0000 (+0100) Subject: re-worked release workflow, it is one-step and creates GPG signatures now X-Git-Url: http://git.bitcoin.ninja/index.cgi?a=commitdiff_plain;h=b962b76f439f5614c5ce10c4efc601f290311986;p=youtube-dl re-worked release workflow, it is one-step and creates GPG signatures now --- diff --git a/.tarignore b/.tarignore new file mode 100644 index 000000000..986afeed6 --- /dev/null +++ b/.tarignore @@ -0,0 +1,17 @@ +updates_key.pem +*.pyc +*.pyo +youtube-dl.exe +wine-py2exe/ +py2exe.log +*.kate-swp +build/ +dist/ +MANIFEST +*.DS_Store +youtube-dl.tar.gz +.coverage +cover/ +__pycache__/ +.git/ +*~ diff --git a/Makefile b/Makefile index b49af6a7a..0069e7975 100644 --- a/Makefile +++ b/Makefile @@ -1,7 +1,7 @@ all: youtube-dl README.md README.txt youtube-dl.1 youtube-dl.bash-completion clean: - rm -rf youtube-dl youtube-dl.exe youtube-dl.1 youtube-dl.bash-completion README.txt MANIFEST build/ dist/ + rm -rf youtube-dl youtube-dl.exe youtube-dl.1 youtube-dl.bash-completion README.txt MANIFEST build/ dist/ .coverage cover/ PREFIX=/usr/local BINDIR=$(PREFIX)/bin @@ -43,7 +43,5 @@ youtube-dl.bash-completion: youtube_dl/*.py devscripts/bash-completion.in python devscripts/bash-completion.py youtube-dl.tar.gz: all - tar -czf youtube-dl.tar.gz -s "|^./|./youtube-dl/|" --exclude="updates_key.pem" \ - --exclude="*.pyc" --exclude="*.pyo" --exclude="*~" --exclude="youtube-dl.exe" \ - --exclude="wine-py2exe/" --exclude="py2exe.log" --exclude="*.kate-swp" \ - --exclude="build/" --exclude="dist/" --exclude="MANIFEST" --exclude=".git/" . + tar -cvzf youtube-dl.tar.gz -s "|^./|./youtube-dl/|" \ + --exclude-from=".tarignore" -- . diff --git a/devscripts/bash-completion.py b/devscripts/bash-completion.py old mode 100644 new mode 100755 diff --git a/devscripts/gh-pages/add-version.py b/devscripts/gh-pages/add-version.py new file mode 100755 index 000000000..6af8bb9d8 --- /dev/null +++ b/devscripts/gh-pages/add-version.py @@ -0,0 +1,33 @@ +#!/usr/bin/env python3 + +import json +import sys +import hashlib +import urllib.request + +if len(sys.argv) <= 1: + print('Specify the version number as parameter') + sys.exit() +version = sys.argv[1] + +with open('update/LATEST_VERSION', 'w') as f: + f.write(version) + +versions_info = json.load(open('update/versions.json')) +if 'signature' in versions_info: + del versions_info['signature'] + +new_version = {} + +filenames = {'bin': 'youtube-dl', 'exe': 'youtube-dl.exe', 'tar': 'youtube-dl-%s.tar.gz' % version} +for key, filename in filenames.items(): + print('Downloading and checksumming %s...' %filename) + url = 'http://youtube-dl.org/downloads/%s/%s' % (version, filename) + data = urllib.request.urlopen(url).read() + sha256sum = hashlib.sha256(data).hexdigest() + new_version[key] = (url, sha256sum) + +versions_info['versions'][version] = new_version +versions_info['latest'] = version + +json.dump(versions_info, open('update/versions.json', 'w'), indent=4, sort_keys=True) \ No newline at end of file diff --git a/devscripts/gh-pages/generate-download.py b/devscripts/gh-pages/generate-download.py index f19729f59..55912e12c 100755 --- a/devscripts/gh-pages/generate-download.py +++ b/devscripts/gh-pages/generate-download.py @@ -4,18 +4,13 @@ import shutil import subprocess import tempfile import urllib.request +import json -URL = 'https://github.com/downloads/rg3/youtube-dl/youtube-dl' +versions_info = json.load(open('update/versions.json')) +version = versions_info['latest'] +URL = versions_info['versions'][version]['bin'][0] -with tempfile.NamedTemporaryFile(suffix='youtube-dl', delete=True) as ytdl_file: - with urllib.request.urlopen(URL) as dl: - shutil.copyfileobj(dl, ytdl_file) - - ytdl_file.seek(0) - data = ytdl_file.read() - - ytdl_file.flush() - version = subprocess.check_output(['python3', ytdl_file.name, '--version']).decode('ascii').strip() +data = urllib.request.urlopen(URL).read() # Read template page with open('download.html.in', 'r', encoding='utf-8') as tmplf: @@ -29,5 +24,9 @@ template = template.replace('@PROGRAM_URL@', URL) template = template.replace('@PROGRAM_MD5SUM@', md5sum) template = template.replace('@PROGRAM_SHA1SUM@', sha1sum) template = template.replace('@PROGRAM_SHA256SUM@', sha256sum) +template = template.replace('@EXE_URL@', versions_info['versions'][version]['exe'][0]) +template = template.replace('@EXE_SHA256SUM@', versions_info['versions'][version]['exe'][1]) +template = template.replace('@TAR_URL@', versions_info['versions'][version]['tar'][0]) +template = template.replace('@TAR_SHA256SUM@', versions_info['versions'][version]['tar'][1]) with open('download.html', 'w', encoding='utf-8') as dlf: dlf.write(template) diff --git a/devscripts/gh-pages/sign-versions.py b/devscripts/gh-pages/sign-versions.py new file mode 100755 index 000000000..dd126df52 --- /dev/null +++ b/devscripts/gh-pages/sign-versions.py @@ -0,0 +1,28 @@ +#!/usr/bin/env python3 + +import rsa +import json +from binascii import hexlify + +versions_info = json.load(open('update/versions.json')) +if 'signature' in versions_info: + del versions_info['signature'] + +print('Enter the PKCS1 private key, followed by a blank line:') +privkey = '' +while True: + try: + line = input() + except EOFError: + break + if line == '': + break + privkey += line + '\n' +privkey = bytes(privkey, 'ascii') +privkey = rsa.PrivateKey.load_pkcs1(privkey) + +signature = hexlify(rsa.pkcs1.sign(json.dumps(versions_info, sort_keys=True).encode('utf-8'), privkey, 'SHA-256')).decode() +print('signature: ' + signature) + +versions_info['signature'] = signature +json.dump(versions_info, open('update/versions.json', 'w'), indent=4, sort_keys=True) \ No newline at end of file diff --git a/devscripts/gh-pages/sign_versions.py b/devscripts/gh-pages/sign_versions.py deleted file mode 100755 index 5d94a3a03..000000000 --- a/devscripts/gh-pages/sign_versions.py +++ /dev/null @@ -1,30 +0,0 @@ -#! /usr/bin/env python3 - -import rsa -import json -from binascii import hexlify - -# TODO path discovery -versions_info = json.load(open('update/versions.json')) -if 'signature' in versions_info: - del versions_info['signature'] - - -print('Enter the PKCS1 private key, followed by a blank line:') -privkey = '' -while True: - try: - line = input() - except EOFError: - break - if line == '': - break - privkey += line + '\n' -privkey = bytes(privkey, 'ascii') -privkey = rsa.PrivateKey.load_pkcs1(privkey) - -signature = hexlify(rsa.pkcs1.sign(json.dumps(versions_info, sort_keys=True).encode('utf-8'), privkey, 'SHA-256')).decode() -print('signature: ' + signature) - -versions_info['signature'] = signature -json.dump(versions_info, open('update/versions.json', 'w'), indent=4, sort_keys=True) \ No newline at end of file diff --git a/devscripts/make_readme.py b/devscripts/make_readme.py old mode 100644 new mode 100755 diff --git a/devscripts/release.sh b/devscripts/release.sh index 963a6c22b..776f17646 100755 --- a/devscripts/release.sh +++ b/devscripts/release.sh @@ -1,11 +1,74 @@ #!/bin/sh +# IMPORTANT: the following assumptions are made +# * you did --set-upstream +# * the gh-pages branch is named so locally +# * the git config user.signingkey is properly set + +# You will need +# pip install coverage nose rsa + +set -e + if [ -z "$1" ]; then echo "ERROR: specify version number like this: $0 1994.09.06"; exit 1; fi version="$1" if [ ! -z "`git tag | grep "$version"`" ]; then echo 'ERROR: version already present'; exit 1; fi -if [ ! -z "`git status --porcelain`" ]; then echo 'ERROR: the working directory is not clean; commit or stash changes'; exit 1; fi -sed -i "s/__version__ = '.*'/__version__ = '$version'/" youtube_dl/__init__.py -make all -git add -A +if [ ! -z "`git status --porcelain | grep -v CHANGELOG`" ]; then echo 'ERROR: the working directory is not clean; commit or stash changes'; exit 1; fi +if [ ! -f "updates_key.pem" ]; then echo 'ERROR: updates_key.pem missing'; exit 1; fi + +echo "\n### First of all, testing..." +make clean +nosetests --with-coverage --cover-package=youtube_dl --cover-html test || exit 1 + +echo "\n### Changing version in version.py..." +sed -i~ "s/__version__ = '.*'/__version__ = '$version'/" youtube_dl/version.py + +echo "\n### Committing CHANGELOG README.md and youtube_dl/version.py..." +make README.md +git add CHANGELOG README.md youtube_dl/version.py git commit -m "release $version" -git tag -m "Release $version" "$version" \ No newline at end of file + +echo "\n### Now tagging, signing and pushing..." +git tag -s -m "Release $version" "$version" +git show "$version" +read -p "Is it good, can I push? (y/n) " -n 1 +if [[ ! $REPLY =~ ^[Yy]$ ]]; then exit 1; fi +echo +git push + +echo "\n### OK, now it is time to build the binaries..." +REV=$(git rev-parse HEAD) +make youtube-dl youtube-dl.tar.gz +wget "http://jeromelaheurte.net:8142/download/rg3/youtube-dl/youtube-dl.exe?rev=$REV" -O youtube-dl.exe || \ + wget "http://jeromelaheurte.net:8142/build/rg3/youtube-dl/youtube-dl.exe?rev=$REV" -O youtube-dl.exe +mkdir -p "update_staging/$version" +mv youtube-dl youtube-dl.exe "update_staging/$version" +mv youtube-dl.tar.gz "update_staging/$version/youtube-dl-$version.tar.gz" +git checkout HEAD -- youtube-dl youtube-dl.exe + +echo "\n### Signing and uploading the new binaries to youtube-dl.org..." +for f in update_staging/$version/*; do gpg --detach-sig "$f"; done +scp -r "update_staging/$version" ytdl@youtube-dl.org:html/downloads/ +rm -r update_staging + +echo "\n### Now switching to gh-pages..." +MASTER=$(git rev-parse --abbrev-ref HEAD) +git checkout gh-pages +git checkout "$MASTER" -- devscripts/gh-pages/ +git reset devscripts/gh-pages/ +devscripts/gh-pages/add-version.py $version +devscripts/gh-pages/sign-versions.py < updates_key.pem +devscripts/gh-pages/generate-download.py +devscripts/gh-pages/update-copyright.py +rm -r test_coverage +mv cover test_coverage +git add *.html *.html.in update test_coverage +git commit -m "release $version" +git show HEAD +read -p "Is it good, can I push? (y/n) " -n 1 +if [[ ! $REPLY =~ ^[Yy]$ ]]; then exit 1; fi +echo +git push + +echo "\n### DONE!" +git checkout $MASTER