Creating a signed release file with setup.py
I recently created https://launchpad.net/lp-release-manager-tools for some videos I am making about how to use Launchpad. One aspect of creating a release is to upload the source tarball and a detached gpg signature verifying it. This is somewhat ironic, since lp-release-manager-tools exists to automate repetitive tasks that release managers do in Launchpad. I really do not like creating the signature. I cannot remember how to do it. I need to read the instruction on the form to upload the tarball each time. So I added a feature to my example project that any project hat uses python distutils can copy to make the signature with the source tarball.
I subclassed the sdist command and added an extra step to create the detached signature of the tarball. I then register the new command as signed_dist. This is the content of my setup.py:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 | #!/usr/bin/python
import subprocess
from distutils.core import setup
from distutils.command.sdist import sdist
class SignedSDistCommand(sdist):
"""Sign the source archive with a detached signature."""
description = "Sign the source archive after it is generated."
def run(self):
sdist.run(self)
gpg_args = [
'gpg', '--armor', '--sign', '--detach-sig', self.archive_files[0]]
gpg = subprocess.Popen(
gpg_args, stdout=subprocess.PIPE, stderr=subprocess.PIPE)
gpg.communicate()
setup(
name="lp-release-manager-tools",
description="Launchpad release manager API scripts.",
version="0.0.2",
license="MIT",
maintainer="Curtis C. Hovey",
maintainer_email="sinzui.is@verizon.net",
scripts=['close_released_bugs.py'],
cmdclass={
'signed_sdist': SignedSDistCommand,
}
)
|