diff options
| author | Natalia <124304+nessita@users.noreply.github.com> | 2026-03-09 10:50:44 -0300 |
|---|---|---|
| committer | Natalia <124304+nessita@users.noreply.github.com> | 2026-03-16 22:16:24 -0300 |
| commit | b1d9ea4ff3c8e8597a5ff6c686a681bbaf7240be (patch) | |
| tree | 02898bd8c1e5ca0cfa0a29f447bb61ce33d456f3 /scripts/confirm_release.sh | |
| parent | 385678e529a6740a339d54a7a21ec623c826c22c (diff) | |
[4.2.x] Combined scripts confirm_release.sh and test_new_version.sh into verify_release.sh.
This reuses the same download for both artifacts and checks both GPG
signature and minimal correctness in the same script. Docs and script
do_django_release.py were updated.
Backport of 3abf89887993140d28676f26420ee0d46a617f51 from main.
Diffstat (limited to 'scripts/confirm_release.sh')
| -rwxr-xr-x | scripts/confirm_release.sh | 57 |
1 files changed, 0 insertions, 57 deletions
diff --git a/scripts/confirm_release.sh b/scripts/confirm_release.sh deleted file mode 100755 index c3b4d12c5a..0000000000 --- a/scripts/confirm_release.sh +++ /dev/null @@ -1,57 +0,0 @@ -#! /bin/bash - -set -xue - -CHECKSUM_FILE="Django-${VERSION}.checksum.txt" -MEDIA_URL_PREFIX="https://media.djangoproject.com" -RELEASE_URL_PREFIX="https://www.djangoproject.com/m/releases/" -DOWNLOAD_PREFIX="https://www.djangoproject.com/download" - -if [[ ! "${VERSION}" =~ ^[0-9]+\.[0-9]+(\.[0-9]+|a[0-9]+|b[0-9]+|rc[0-9]+)?$ ]] ; then - echo "Not a valid version" -fi - -rm -rf "${VERSION}" -mkdir "${VERSION}" -cd "${VERSION}" - -function cleanup { - cd .. - rm -rf "${VERSION}" -} -trap cleanup EXIT - -echo "Download checksum file ..." -curl --fail --output "$CHECKSUM_FILE" "${MEDIA_URL_PREFIX}/pgp/${CHECKSUM_FILE}" - -echo "Verify checksum file ..." -if [ -n "${GPG_KEY:-}" ] ; then - gpg --recv-keys "${GPG_KEY}" -fi -gpg --verify "${CHECKSUM_FILE}" - -echo "Finding release artifacts ..." -mapfile -t RELEASE_ARTIFACTS < <(grep "${DOWNLOAD_PREFIX}" "${CHECKSUM_FILE}") - -echo "Found these release artifacts: " -for ARTIFACT_URL in "${RELEASE_ARTIFACTS[@]}" ; do - echo "- $ARTIFACT_URL" -done - -echo "Downloading artifacts ..." -for ARTIFACT_URL in "${RELEASE_ARTIFACTS[@]}" ; do - ARTIFACT_ACTUAL_URL=$(curl --head --write-out '%{redirect_url}' --output /dev/null --silent "${ARTIFACT_URL}") - curl --location --fail --output "$(basename "${ARTIFACT_ACTUAL_URL}")" "${ARTIFACT_ACTUAL_URL}" - -done - -echo "Verifying artifact hashes ..." -# The `2> /dev/null` moves notes like "sha256sum: WARNING: 60 lines are improperly formatted" -# to /dev/null. That's fine because the return code of the script is still set on error and a -# wrong checksum will still show up as `FAILED` -echo "- MD5 checksums" -md5sum --check "${CHECKSUM_FILE}" 2> /dev/null -echo "- SHA1 checksums" -sha1sum --check "${CHECKSUM_FILE}" 2> /dev/null -echo "- SHA256 checksums" -sha256sum --check "${CHECKSUM_FILE}" 2> /dev/null |