diff options
author | 2016-10-11 14:17:28 +0000 | |
---|---|---|
committer | 2016-10-12 08:54:58 +0000 | |
commit | 671045b8fd9cc53d208af6eb38dab5c1fb543545 (patch) | |
tree | bf57d7d69052699184f78951ceceb28cda21f47d /scripts | |
parent | 3d8ae22bcdf42855da3d625465611c33fe257326 (diff) |
Add the public key directly on our website.
And refer it from the various release pages.
Also:
- Adds the sig file to the release candidate page
- Fix a typo
--
MOS_MIGRATED_REVID=135793241
Diffstat (limited to 'scripts')
-rwxr-xr-x | scripts/ci/build.sh | 12 |
1 files changed, 10 insertions, 2 deletions
diff --git a/scripts/ci/build.sh b/scripts/ci/build.sh index ad3fae4a1d..fb2a092f17 100755 --- a/scripts/ci/build.sh +++ b/scripts/ci/build.sh @@ -221,7 +221,11 @@ function release_to_github() { _Notice_: Bazel installers contain binaries licensed under the GPLv2 with Classpath exception. Those installers should always be redistributed along with -the source code." +the source code. + +_Security_: All our binaries are signed with our +[public key](https://bazel.io/bazel-release.pub.gpg). +" if [ ! -x "${release_tool}" ]; then echo "Please set GITHUB_RELEASE to the path to the github-release binary." >&2 @@ -248,9 +252,13 @@ function create_index_md() { echo echo "## Index of files" echo + # Security notice + echo "_Security_: All our binaries are signed with our" + echo "[public key](https://bazel.io/bazel-release.pub.gpg)." + echo for f in $1/*.sha256; do # just list the sha256 ones local filename=$(basename $f .sha256); - echo " - [${filename}](${filename}) [[SHA-256](${filename}.sha256)]" + echo " - [${filename}](${filename}) [[SHA-256](${filename}.sha256)] [[SIG](${filename}.sig)]" done } |