in lib/omnibus/packagers/deb.rb [419:468]
def sign_deb_file
unless signing_passphrase
log.info(log_key) { "Signing not enabled for .deb file" }
return
end
log.info(log_key) { "Signing enabled for .deb file" }
gpg = nil
if Omnibus.which("gpg2")
gpg = "gpg2"
elsif Omnibus.which("gpg")
gpg = "gpg"
end
if gpg && Omnibus.which("ar")
Dir.mktmpdir do |tmp_dir|
Dir.chdir(tmp_dir) do
shellout!("ar x #{Config.package_dir}/#{package_name}")
shellout!("cat debian-binary control.tar.* data.tar.* > complete")
gpg_command = "#{gpg} --armor --sign --detach-sign"
gpg_command << " --local-user '#{project.maintainer}'"
gpg_command << " --homedir #{ENV["HOME"]}/.gnupg"
gpg_command << " --batch --no-tty"
if shellout("#{gpg} --pinentry-mode loopback </dev/null 2>&1 | grep -q pinentry-mode").exitstatus == 1
gpg_command << " --pinentry-mode loopback"
end
gpg_command << " --passphrase-fd 0"
gpg_command << " -o _gpgorigin complete"
shellout!("fakeroot #{gpg_command}", input: signing_passphrase)
shellout!("fakeroot ar rc #{Config.package_dir}/#{package_name} _gpgorigin")
end
end
else
log.info(log_key) { "Signing not possible. Ensure that GnuPG and GNU AR are available" }
end
end