1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
|
#!/usr/bin/env python
"""Script to sign exe bundle"""
import argparse
import os
import sys
sys.path.append(os.path.dirname(os.path.dirname(os.path.abspath(__file__))))
from utils import BadRCError, run
ROOT = os.path.dirname(
os.path.dirname(os.path.dirname(os.path.abspath(__file__)))
)
EXE_ZIP_NAME = 'awscli-exe.zip'
SIGNATURE_FILENAME = EXE_ZIP_NAME + '.sig'
def sign_exe(exe_zipfile, signature_filename, key_name=None):
_verify_gpg_installed()
_sign_exe_zip(exe_zipfile, signature_filename, key_name)
def _verify_gpg_installed():
try:
run('gpg --version')
except BadRCError:
raise RuntimeError('Please install gpg to run this script')
def _sign_exe_zip(exe_zipfile, signature_filename, key_name):
options = ['--yes', '--output', signature_filename]
if key_name:
options.extend(['--local-user', key_name])
options = ' '.join(options)
run('gpg ' + options + ' --detach-sign %s' % exe_zipfile)
def main():
parser = argparse.ArgumentParser(description=__doc__)
parser.add_argument(
'--output',
default=os.path.join(ROOT, 'dist', SIGNATURE_FILENAME),
help=(
'The output signature file. By default, this will be '
'"dist/%s" in the root of the awscli.' % SIGNATURE_FILENAME
),
)
parser.add_argument(
'--exe',
default=os.path.join(ROOT, 'dist', EXE_ZIP_NAME),
help=(
'The exe zip to sign. By default, this will be the'
'"dist/%s" zipfile in the root of the awscli.' % EXE_ZIP_NAME
),
)
parser.add_argument(
'--key-name',
help=(
'The name of the key to use for signing. This corresponds to the '
'--local-user option when running gpg. By default, the key used '
'is your default private key in gpg.'
),
)
args = parser.parse_args()
sign_exe(args.exe, args.output, args.key_name)
if __name__ == "__main__":
main()
|
