rad:z3XVUs9hFSow3vBk8s3BZPQyaPaiw
https://radicle.network/nodes/rad.basenordic.org/rad:z3XVUs9hFSow3vBk8s3BZPQyaPaiw
|
David Sommerseth
1e37fed50e
Signed-off-by: David Sommerseth <dazo@eurephia.org> |
||
|---|---|---|
| LICENSES | Initial import | |
| build-srcpkg.sh | Add support for verifying PGP signed git tags | |
| Containerfile | Add support for verifying PGP signed git tags | |
| README.md | Add support for verifying PGP signed git tags | |
meson-mksourcepkg
This is a simple helper tool to quickly generate a source package
for projects using Meson. It makes use of the meson dist to
create the source package.
Packages are built inside a small podman/docker container, using the latest Alpine image. This images created are expected to be ephemeral to ensure the built source package is as clean as possible.
Quick Setup
A buildroot directory need to be created where a build-setup.sh
must be present. The content of this file must have these variables
defined:
# URL to the git repository to clone
repo_url=""
# The directory where the clone operation should be cloned into
clone_dir=""
# The git branch or tag to checkout for this build
checkout="master"
# Which dependencies need to be installed to complete 'meson setup'
dependencies=""
There are two additional functions which can be declared:
prepare_build() {
echo "Build directory: ${BUILDDIR}"
# steps to run to make the git checkout ready to run 'meson setup'
}
pre_dist() {
echo "Build directory: ${BUILDDIR}"
# steps to run before 'meson dist' is being run
}
The generated source tarball will appear at the root inside of the buildroot directory.
PGP git tag verification
This tool can also verify the git tag it will create the source tarball package from. This is enabled by settings these variables:
# The filename of the PGP public key to use for verification.
# This file must be placed in the buildroot directory, together with
# the `build-setup.sh` file.
verify_key='key.pub'
# The full PGP fingerprint ID of the public PGP key
verify_keyid="...."
# The full name and e-mail address of the owner of the PGP key
verify_userid="John Doe <john.doe@example.com>"
This script uses Sequoia-PGP to handle the PGP operations. The
${verify_keyid} and ${verify_userid} is used when calling the
sq pki link add command to make the key and the user identity
of the public key a trusted key (aka Authenticating the certificate).
For more information: https://book.sequoia-pgp.org/auth_certs.html
Creating the source tarball
To generate a source tarball, run this command after preparing the
buildroot directory and the build-setup.sh.
$ mkdir my-buildroot
# Edit my-buildroot/build-setup.sh
$ build-srcpkg.sh build my-buildroot
To debug a few of the steps, build-srcpkg.sh has these operations:
-
build-srcpkg.sh prepare ${BUILDROOT}This prepares the Podman images but will not run the build.
-
build-srcpkg.sh just_build ${BUILDROOT}This will expect images to be ready and it will only run the final build step.
-
build-srcpkg.sh cleanup ${BUILDROOT}This will remove the work images for the build process.
-
build-srcpkg.sh full-cleanup [${BUILDROOT}]This will also cleanup the base image which the worker images depends on.
-
build-srcpkg.sh build ${BUILDROOT}Quick way of running theprepare,just_buildandcleanupsteps in a single command.
Contribution
This project uses Radicle and Codeberg as the main development repositores. To use Radcile (preferred), see inststructions on https://radicle.dev/guides/quick-start to get started. Then run this command:
$ rad clone rad:z3XVUs9hFSow3vBk8s3BZPQyaPaiw
Collaborating via Codeberg.org is also possible, via https://codeberg.org/OpenVPN/meson-mksourcepkg
$ git clone https://codeberg.org/OpenVPN/meson-mksourcepkg
License
Copyright (C) 2026- OpenVPN Inc sales@openvpn.net Copyright (C) 2026- David Sommerseth dazo@eurephia.org
This program is free software: you can redistribute it and/or modify it under the terms of the GNU Affero General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Affero General Public License for more details.
You should have received a copy of the GNU Affero General Public License along with this program. If not, see https://www.gnu.org/licenses/.