summaryrefslogtreecommitdiff
path: root/scripts/confirm_release.sh
diff options
context:
space:
mode:
authorNatalia <124304+nessita@users.noreply.github.com>2026-03-09 10:50:44 -0300
committernessita <124304+nessita@users.noreply.github.com>2026-03-16 22:08:17 -0300
commit3abf89887993140d28676f26420ee0d46a617f51 (patch)
tree3b028144cfd4112731c89b2d14969b296f7d0a1b /scripts/confirm_release.sh
parent142659133a501a1685902cf654b233e54b641a23 (diff)
Combined scripts confirm_release.sh and test_new_version.sh into verify_release.sh.
This reuses the same download for both artifacts and checks both GPG signature and minimal correctness in the same script. Docs and script do_django_release.py were updated.
Diffstat (limited to 'scripts/confirm_release.sh')
-rwxr-xr-xscripts/confirm_release.sh57
1 files changed, 0 insertions, 57 deletions
diff --git a/scripts/confirm_release.sh b/scripts/confirm_release.sh
deleted file mode 100755
index c3b4d12c5a..0000000000
--- a/scripts/confirm_release.sh
+++ /dev/null
@@ -1,57 +0,0 @@
-#! /bin/bash
-
-set -xue
-
-CHECKSUM_FILE="Django-${VERSION}.checksum.txt"
-MEDIA_URL_PREFIX="https://media.djangoproject.com"
-RELEASE_URL_PREFIX="https://www.djangoproject.com/m/releases/"
-DOWNLOAD_PREFIX="https://www.djangoproject.com/download"
-
-if [[ ! "${VERSION}" =~ ^[0-9]+\.[0-9]+(\.[0-9]+|a[0-9]+|b[0-9]+|rc[0-9]+)?$ ]] ; then
- echo "Not a valid version"
-fi
-
-rm -rf "${VERSION}"
-mkdir "${VERSION}"
-cd "${VERSION}"
-
-function cleanup {
- cd ..
- rm -rf "${VERSION}"
-}
-trap cleanup EXIT
-
-echo "Download checksum file ..."
-curl --fail --output "$CHECKSUM_FILE" "${MEDIA_URL_PREFIX}/pgp/${CHECKSUM_FILE}"
-
-echo "Verify checksum file ..."
-if [ -n "${GPG_KEY:-}" ] ; then
- gpg --recv-keys "${GPG_KEY}"
-fi
-gpg --verify "${CHECKSUM_FILE}"
-
-echo "Finding release artifacts ..."
-mapfile -t RELEASE_ARTIFACTS < <(grep "${DOWNLOAD_PREFIX}" "${CHECKSUM_FILE}")
-
-echo "Found these release artifacts: "
-for ARTIFACT_URL in "${RELEASE_ARTIFACTS[@]}" ; do
- echo "- $ARTIFACT_URL"
-done
-
-echo "Downloading artifacts ..."
-for ARTIFACT_URL in "${RELEASE_ARTIFACTS[@]}" ; do
- ARTIFACT_ACTUAL_URL=$(curl --head --write-out '%{redirect_url}' --output /dev/null --silent "${ARTIFACT_URL}")
- curl --location --fail --output "$(basename "${ARTIFACT_ACTUAL_URL}")" "${ARTIFACT_ACTUAL_URL}"
-
-done
-
-echo "Verifying artifact hashes ..."
-# The `2> /dev/null` moves notes like "sha256sum: WARNING: 60 lines are improperly formatted"
-# to /dev/null. That's fine because the return code of the script is still set on error and a
-# wrong checksum will still show up as `FAILED`
-echo "- MD5 checksums"
-md5sum --check "${CHECKSUM_FILE}" 2> /dev/null
-echo "- SHA1 checksums"
-sha1sum --check "${CHECKSUM_FILE}" 2> /dev/null
-echo "- SHA256 checksums"
-sha256sum --check "${CHECKSUM_FILE}" 2> /dev/null
generated by cgit v1.3 (git 2.53.0) at 2026-05-01 23:40:37 +0000