foster/bitcoin-bitcoin-core
0
0
Fork 0
mirror of https://github.com/bitcoin/bitcoin.git synced 2025-02-10 10:52:31 -05:00
Code Issues Activity

Merge bitcoin/bitcoin#27440: contrib: followups to #27358 (verify-binaries)

Browse source 
ad841608d4 contrib: minor doc improvements in verify-binaries (fanquake)
e2e5683afe contrib: fixup verifybinaries example docs (fanquake)
663a89cfed contrib: move verify scripts to verify-binaries (fanquake)

Pull request description:

  Followup to #27358, fixing up the example command docs and other requests. See https://github.com/bitcoin/bitcoin/pull/27358#issuecomment-1500389847.

ACKs for top commit:
  josibake:
    ACK ad841608d4
  achow101:
    ACK ad841608d4
  theuni:
    ACK ad841608d4. Thanks for doing these.

Tree-SHA512: 14c47b5a1b231d5116a1e5ddc78cb3a32ca1d4e86f7e18a0c63d5caac95a5272b3eddcc531052e130970a694dd1bc721bfcb29092755e306c37abc0b9f6c9dfd
This commit is contained in:
Andrew Chow 2023-04-10 21:18:58 -04:00
commit 9270a56662
No known key found for this signature in database
GPG key ID: 17565732E08E5E41
3 changed files with 14 additions and 14 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

20
contrib/verifybinaries/README.md → contrib/verify-binaries/README.md
View file

@ -42,47 +42,47 @@ See the `Config` object for various options.
Validate releases with default settings: Validate releases with default settings:
```sh ```sh
./contrib/verifybinaries/verify.py pub 22.0 ./contrib/verify-binaries/verify.py pub 22.0
./contrib/verifybinaries/verify.py pub 22.0-rc2 ./contrib/verify-binaries/verify.py pub 22.0-rc3
``` ```
Get JSON output and don't prompt for user input (no auto key import): Get JSON output and don't prompt for user input (no auto key import):
```sh ```sh
./contrib/verifybinaries/verify.py --json pub 22.0-x86 ./contrib/verify-binaries/verify.py --json pub 22.0-x86
``` ```
Rely only on local GPG state and manually specified keys, while requiring a Rely only on local GPG state and manually specified keys, while requiring a
threshold of at least 10 trusted signatures: threshold of at least 10 trusted signatures:
```sh ```sh
./contrib/verifybinaries/verify.py \ ./contrib/verify-binaries/verify.py \
--trusted-keys 74E2DEF5D77260B98BC19438099BAD163C70FBFA,9D3CC86A72F8494342EA5FD10A41BDC3F4FAFF1C \ --trusted-keys 74E2DEF5D77260B98BC19438099BAD163C70FBFA,9D3CC86A72F8494342EA5FD10A41BDC3F4FAFF1C \
--min-good-sigs 10 pub 22.0-x86 --min-good-sigs 10 pub 22.0-x86
``` ```
If you only want to download the binaries of certain platform, add the corresponding suffix, e.g.: If you only want to download the binaries for a certain platform, add the corresponding suffix, e.g.:
```sh ```sh
./contrib/verifybinaries/verify.py pub 22.0-osx ./contrib/verify-binaries/verify.py pub 24.0.1-darwin
./contrib/verifybinaries/verify.py pub 22.0-rc2-win64 ./contrib/verify-binaries/verify.py pub 23.1-rc1-win64
``` ```
If you do not want to keep the downloaded binaries, specify the cleanup option. If you do not want to keep the downloaded binaries, specify the cleanup option.
```sh ```sh
./contrib/verifybinaries/verify.py pub --cleanup 22.0 ./contrib/verify-binaries/verify.py pub --cleanup 22.0
``` ```
Use the bin subcommand to verify all files listed in a local checksum file Use the bin subcommand to verify all files listed in a local checksum file
```sh ```sh
./contrib/verifybinaries/verify.py bin SHA256SUMS ./contrib/verify-binaries/verify.py bin SHA256SUMS
``` ```
Verify only a subset of the files listed in a local checksum file Verify only a subset of the files listed in a local checksum file
```sh ```sh
./contrib/verifybinaries/verify.py bin ~/Downloads/SHA256SUMS \ ./contrib/verify-binaries/verify.py bin ~/Downloads/SHA256SUMS \
~/Downloads/bitcoin-24.0.1-x86_64-linux-gnu.tar.gz \ ~/Downloads/bitcoin-24.0.1-x86_64-linux-gnu.tar.gz \
~/Downloads/bitcoin-24.0.1-arm-linux-gnueabihf.tar.gz ~/Downloads/bitcoin-24.0.1-arm-linux-gnueabihf.tar.gz
``` ```

4
contrib/verifybinaries/test.py → contrib/verify-binaries/test.py
View file

@ -12,7 +12,7 @@ def main():
expect_code(run_verify("", "pub", '0.32.awefa.12f9h'), 11, "Malformed version should fail") expect_code(run_verify("", "pub", '0.32.awefa.12f9h'), 11, "Malformed version should fail")
expect_code(run_verify('--min-good-sigs 20', "pub", "22.0"), 9, "--min-good-sigs 20 should fail") expect_code(run_verify('--min-good-sigs 20', "pub", "22.0"), 9, "--min-good-sigs 20 should fail")
print("- testing multisig verification (22.0)", flush=True) print("- testing verification (22.0)", flush=True)
_220 = run_verify("--json", "pub", "22.0") _220 = run_verify("--json", "pub", "22.0")
try: try:
result = json.loads(_220.stdout.decode()) result = json.loads(_220.stdout.decode())
@ -31,7 +31,7 @@ def main():
def run_verify(global_args: str, command: str, command_args: str) -> subprocess.CompletedProcess: def run_verify(global_args: str, command: str, command_args: str) -> subprocess.CompletedProcess:
maybe_here = Path.cwd() / 'verify.py' maybe_here = Path.cwd() / 'verify.py'
path = maybe_here if maybe_here.exists() else Path.cwd() / 'contrib' / 'verifybinaries' / 'verify.py' path = maybe_here if maybe_here.exists() else Path.cwd() / 'contrib' / 'verify-binaries' / 'verify.py'
if command == "pub": if command == "pub":
command += " --cleanup" command += " --cleanup"

4
contrib/verifybinaries/verify.py → contrib/verify-binaries/verify.py
View file

@ -97,7 +97,7 @@ def bool_from_env(key, default=False) -> bool:
VERSION_FORMAT = "<major>.<minor>[.<patch>][-rc[0-9]][-platform]" VERSION_FORMAT = "<major>.<minor>[.<patch>][-rc[0-9]][-platform]"
VERSION_EXAMPLE = "22.0-x86_64 or 0.21.0-rc2-osx" VERSION_EXAMPLE = "22.0-x86_64 or 23.1-rc1-darwin"
def parse_version_string(version_str): def parse_version_string(version_str):
parts = version_str.split('-') parts = version_str.split('-')
@ -530,7 +530,7 @@ def verify_published_handler(args: argparse.Namespace) -> ReturnCode:
# download binaries # download binaries
for _, binary_filename in hashes_to_verify: for _, binary_filename in hashes_to_verify:
log.info(f"downloading {binary_filename}") log.info(f"downloading {binary_filename} to {WORKINGDIR}")
success, output = download_with_wget( success, output = download_with_wget(
HOST1 + remote_dir + binary_filename, binary_filename) HOST1 + remote_dir + binary_filename, binary_filename)