[MacPorts] archives modified

MacPorts noreply at macports.org
Sun Jul 3 08:52:14 PDT 2011


Changed page "archives" by snc at macports.org from 24.61.43.26*
Page URL: <https://trac.macports.org/wiki/archives>
Diff URL: <https://trac.macports.org/wiki/archives?action=diff&version=7>
Revision 7
Comment: update information for beta/trunk

-------8<------8<------8<------8<------8<------8<------8<------8<--------
Index: archives
=========================================================================
--- archives (version: 6)
+++ archives (version: 7)
@@ -1,5 +1,5 @@
  = Using Your Own Archives =
-MacPorts recently added the ability to verify archives when `archivemode` is enabled. Signing archives is basically a requirement now. This page will serve as a guide showing how to do this.
+MacPorts verifies archives when `archivemode` is enabled, making the signing archives a requirement. This page will serve as a guide showing how to do this.
 
  = Create Keys =
 The first step (also detailed in [browser:trunk/base/doc/pubkeys.conf.in ${prefix}/etc/macports/pubkeys.conf]) is to make keys to sign your archives.
@@ -25,16 +25,16 @@
 If you have lots of archives to sign, this can be done via a for loop in your shell. Here I use bash:
 {{{
 cd /archive/repository
-for i in */*/*/*tbz2; do openssl dgst -ripemd160 -sign ~/.ssh/privkey.pem.bare -out $i.rmd160 $i; done
+for i in */*tbz2; do openssl dgst -ripemd160 -sign ~/.ssh/privkey.pem.bare -out $i.rmd160 $i; done
 }}}
-Note that this saves the signatures along side the archives, by simply using `.rmd160` as a suffix. This is what MacPorts presently expects.
+Note that this saves the signatures along side the archives, by simply using `.rmd160` as a suffix. This is what MacPorts expects.
 
  = Configure MacPorts =
 Now we need to add your key to MacPorts. This is done in two places:
  * save copy of public key
  * add path to this copy in pubkeys.conf
 
-I saved my key as `/opt/local/etc/macports/snc.pub` for simplicity. To avoid naming collisions I suggest adding all custom keys to just one file.
+I used `${prefix}/etc/macports/snc.pub` for simplicity.
 
  = Try It =
 Your archives are now signed and MacPorts should be configured to recognize your signature. Try it out!
@@ -42,7 +42,7 @@
  = Maintenance of Archive Repository =
 Each day (really, every 30 minutes) new ports arrive and several are updated. Rather than rebuilding the whole tree you'll want to go after the ones with changes. This is easily achieved by the `find` command.
 {{{
-cd /opt/local/var/macports/sources/rsync.macports.org/release/ports
+cd ${prefix}/var/macports/sources/rsync.macports.org/release/ports
 sudo port selfupdate
 find . -name Portfile -mtime -1d  | while read i
 do
@@ -50,18 +50,30 @@
 done
 }}}
 
-As you build archives, you'll eventually come across an instance where you're upgrading an older version. Keeping these outdated archives around might be less than ideal. We can wipe them out by looping through the repository checking the versions against what's current.
+As you build archives, you'll eventually come across an instance where you're upgrading an older version. Keeping these outdated archives around might be less than ideal. We can wipe them out as we build the updates in the repository, checking the versions against what's current.
 {{{
 cd /archive/repository
 sudo port selfupdate
-for i in */*/*
+for i in *
 do
     port -q info --index --version `basename $i` | while read j
     do
-        ls $i | grep -v $j | while read k
+        ls "$i" | grep -v "$j" | while read k
         do
-            sudo rm -v $i/$k
+            sudo rm -v "$i/$k"
         done
     done
 done
 }}}
+
+This can also be accomplished using `rsync` between a build box and a web server. After syncing you'd run a `sign_archives` routine described above.
+{{{
+for i in ${prefix}/var/macports/software/*
+do
+    port -q info --index --version `basename $i` | while read j
+    do
+        rsync -az --delete --filter "P *$j*" "$i" snc at tazamahal.com:/var/www/macports/
+    done
+done
+ssh snc at tazamahal.com sign_archives.sh
+}}}

-------8<------8<------8<------8<------8<------8<------8<------8<--------

* The IP shown here might not mean anything if the user or the server is
behind a proxy.

--
MacPorts <http://www.macports.org/>
Ports system for Mac OS

This is an automated message. Someone at http://www.macports.org/ added your email
address to be notified of changes on archives. If it was not you, please
report to .


More information about the macports-changes mailing list