[Python-checkins] Fix GPG signing in Windows release build (GH-32089)
zooba
webhook-mailer at python.org
Wed Mar 23 19:36:34 EDT 2022
https://github.com/python/cpython/commit/366c54633e7d6a4ce94c3f0f80c2abf82a869e15
commit: 366c54633e7d6a4ce94c3f0f80c2abf82a869e15
branch: main
author: Steve Dower <steve.dower at python.org>
committer: zooba <steve.dower at microsoft.com>
date: 2022-03-23T23:36:26Z
summary:
Fix GPG signing in Windows release build (GH-32089)
files:
D .azure-pipelines/windows-release/gpg-sign.yml
M .azure-pipelines/windows-release/stage-publish-pythonorg.yml
diff --git a/.azure-pipelines/windows-release/gpg-sign.yml b/.azure-pipelines/windows-release/gpg-sign.yml
deleted file mode 100644
index 04206d23e4996..0000000000000
--- a/.azure-pipelines/windows-release/gpg-sign.yml
+++ /dev/null
@@ -1,31 +0,0 @@
-parameters:
- GPGKeyFile: $(GPGKey)
- GPGPassphrase: $(GPGPassphrase)
- Files: '*'
- WorkingDirectory: $(Build.BinariesDirectory)
- Condition: succeeded()
-
-steps:
-- task: DownloadSecureFile at 1
- name: gpgkey
- inputs:
- secureFile: ${{ parameters.GPGKeyFile }}
- condition: ${{ parameters.Condition }}
- displayName: 'Download GPG key'
-
-- powershell: |
- git clone https://github.com/python/cpython-bin-deps --branch gpg --single-branch --depth 1 --progress -v "gpg"
- gpg/gpg2.exe --import "$(gpgkey.secureFilePath)"
- (gci -File ${{ parameters.Files }}).FullName | %{
- gpg/gpg2.exe -ba --batch --passphrase ${{ parameters.GPGPassphrase }} $_
- "Made signature for $_"
- }
- condition: ${{ parameters.Condition }}
- displayName: 'Generate GPG signatures'
- workingDirectory: ${{ parameters.WorkingDirectory }}
-
-- powershell: |
- $p = gps "gpg-agent" -EA 0
- if ($p) { $p.Kill() }
- displayName: 'Kill GPG agent'
- condition: true
diff --git a/.azure-pipelines/windows-release/stage-publish-pythonorg.yml b/.azure-pipelines/windows-release/stage-publish-pythonorg.yml
index ee50e4e8aa0db..e8f12b64e5589 100644
--- a/.azure-pipelines/windows-release/stage-publish-pythonorg.yml
+++ b/.azure-pipelines/windows-release/stage-publish-pythonorg.yml
@@ -84,16 +84,32 @@ jobs:
condition: and(succeeded(), ne(variables['PublishARM64'], 'true'))
- - template: ./gpg-sign.yml
- parameters:
- GPGKeyFile: 'python-signing.key'
- Files: 'msi\*\*, embed\*.zip'
-
- - template: ./gpg-sign.yml
- parameters:
- GPGKeyFile: 'python-signing.key'
- Files: 'doc\htmlhelp\*.chm'
- Condition: and(succeeded(), eq(variables['DoCHM'], 'true'))
+ - task: DownloadSecureFile at 1
+ name: gpgkey
+ inputs:
+ secureFile: 'python-signing.key'
+ displayName: 'Download GPG key'
+
+ - powershell: |
+ git clone https://github.com/python/cpython-bin-deps --branch gpg --single-branch --depth 1 --progress -v "gpg"
+ gpg/gpg2.exe --import "$(gpgkey.secureFilePath)"
+ $files = gci -File "msi\*\*", "embed\*.zip"
+ if ("$(DoCHM)" -ieq "true") {
+ $files = $files + (gci -File "doc\htmlhelp\*.chm")
+ }
+ $files.FullName | %{
+ gpg/gpg2.exe -ba --batch --passphrase $(GPGPassphrase) $_
+ "Made signature for $_"
+ }
+ displayName: 'Generate GPG signatures'
+ workingDirectory: $(Build.BinariesDirectory)
+
+ - powershell: |
+ $p = gps "gpg-agent" -EA 0
+ if ($p) { $p.Kill() }
+ displayName: 'Kill GPG agent'
+ condition: true
+
- powershell: >
$(Build.SourcesDirectory)\Tools\msi\uploadrelease.ps1
More information about the Python-checkins
mailing list