Skip to content

Instantly share code, notes, and snippets.

@cryptozeny

cryptozeny/SUGAR-gitian-v0.16.3.x.md Secret

Last active February 9, 2020 14:54
Show Gist options
  • Star 3 You must be signed in to star a gist
  • Fork 2 You must be signed in to fork a gist
  • Save cryptozeny/3501c77750541208b9dd1a9e9719fc53 to your computer and use it in GitHub Desktop.
Save cryptozeny/3501c77750541208b9dd1a9e9719fc53 to your computer and use it in GitHub Desktop.
Download ZIP
SUGAR gitian cross compilation for Sugarchain v0.16.3.x
Raw
SUGAR-gitian-v0.16.3.x.md

GITIAN BUILD for Sugarchain (SUGAR) 0.16.3.10rc61

Prepare VM

Setup VM

Install DEP

sudo apt-get install -y \
git ruby apt-cacher-ng qemu-utils debootstrap lxc python-cheetah parted kpartx bridge-utils make ubuntu-archive-keyring curl firewalld

LXC && UTF-8 && Timezone

$ sudo -s
  • LXC
echo "%sudo ALL=NOPASSWD: /usr/bin/lxc-start" > /etc/sudoers.d/gitian-lxc && \
echo "%sudo ALL=NOPASSWD: /usr/bin/lxc-execute" >> /etc/sudoers.d/gitian-lxc && \
echo '#!/bin/sh -e' > /etc/rc.local && \
echo 'brctl addbr br0' >> /etc/rc.local && \
echo 'ip addr add 10.0.3.1/24 broadcast 10.0.3.255 dev br0' >> /etc/rc.local && \
echo 'ip link set br0 up' >> /etc/rc.local && \
echo 'firewall-cmd --zone=trusted --add-interface=br0' >> /etc/rc.local && \
echo 'exit 0' >> /etc/rc.local && \
chmod +x /etc/rc.local && \
echo 'export USE_LXC=1' >> /home/gitianuser/.profile && \
echo 'export GITIAN_HOST_IP=10.0.3.1' >> /home/gitianuser/.profile && \
echo 'export LXC_GUEST_IP=10.0.3.5' >> /home/gitianuser/.profile
  • UTF-8 en_US.UTF-8
export LANGUAGE="en_US.UTF-8" && \
echo 'LANGUAGE="en_US.UTF-8"' >> /etc/default/locale && \
echo 'LC_ALL="en_US.UTF-8"' >> /etc/default/locale
  • Set Timezone Asia/Seoul
timedatectl set-timezone Asia/Seoul
  • Reboot
sudo reboot now # WARNING!! SYSTEM NOW REBOOTING!!
  • Check (after reboot)
cat /etc/default/locale && \
locale && \
cat /etc/timezone
  • Check Output
#  File generated by update-locale
LANG="en_US.UTF-8"
LANGUAGE="en_US.UTF-8"
LC_ALL="en_US.UTF-8"
LANG=en_US.UTF-8
LANGUAGE=en_US.UTF-8
LC_CTYPE="en_US.UTF-8"
LC_NUMERIC="en_US.UTF-8"
LC_TIME="en_US.UTF-8"
LC_COLLATE="en_US.UTF-8"
LC_MONETARY="en_US.UTF-8"
LC_MESSAGES="en_US.UTF-8"
LC_PAPER="en_US.UTF-8"
LC_NAME="en_US.UTF-8"
LC_ADDRESS="en_US.UTF-8"
LC_TELEPHONE="en_US.UTF-8"
LC_MEASUREMENT="en_US.UTF-8"
LC_IDENTIFICATION="en_US.UTF-8"
LC_ALL=en_US.UTF-8
Asia/Seoul

Gitian Setup

Installing Gitian

  • build from source : python-vm-builder (since no python-vm-builder package in Debian)
cd && \
wget http://archive.ubuntu.com/ubuntu/pool/universe/v/vm-builder/vm-builder_0.12.4+bzr494.orig.tar.gz && \
echo "76cbf8c52c391160b2641e7120dbade5afded713afaa6032f733a261f13e6a8e  vm-builder_0.12.4+bzr494.orig.tar.gz" | sha256sum -c && \
tar -zxvf vm-builder_0.12.4+bzr494.orig.tar.gz && \
cd vm-builder-0.12.4+bzr494 && \
sudo python setup.py install && \
cd ..

SUGAR clone (SUGAR tags/v0.16.3.10rc25) dir sugarchain-v0.16.3 branch master-v0.16.3

cd && \
git clone https://github.com/devrandom/gitian-builder.git && \
git clone https://github.com/sugarchain-project/gitian.sigs.sugar.git && \
git clone https://github.com/sugarchain-project/sugarchain-detached-sigs.git && \
git clone git@github.com:cryptozeny/sugarchain-v0.16.3.git && \
mv sugarchain-v0.16.3 sugarchain && \
cd sugarchain && \
git checkout tags/v0.16.3.10rc25 && \
cd

Make Your Own PGP Key

gpg --allow-secret-key-import --import cryptozeny-secret-key.pgp

Gitain Build

Initial Gitian Setup (SUGAR tags/v0.16.3.10rc25)

  • download osslsigncode-1.7.1 and Patch (check sha256sum OK)
cd && \
git clone https://github.com/cryptozeny/osslsigncode-1.7.1.tar.gz.git && \
cd osslsigncode-1.7.1.tar.gz/ && \
echo 'a8c4e9cafba922f89de0df1f2152e7be286aba73f78505169bc351a7938dd911 osslsigncode-Backports-to-1.7.1.patch' | sha256sum -c && \
echo 'f9a8cdb38b9c309326764ebc937cba1523a3a751a7ab05df3ecc99d18ae466c9 osslsigncode-1.7.1.tar.gz' | sha256sum -c && \
mkdir -p ~/gitian-builder/inputs && \
cp osslsigncode-Backports-to-1.7.1.patch ~/gitian-builder/inputs/ && \
cp osslsigncode-1.7.1.tar.gz ~/gitian-builder/inputs/ && \
cd
  • download Xcode SDK for macOS build (check sha256sum OK)
cd && \
git clone https://github.com/cryptozeny/MacOSX10.11.sdk.tar.gz.git && \
cd MacOSX10.11.sdk.tar.gz/ && \
echo "fc65dd34a3665a549cf2dc005c1d13fcead9ba17cadac6dfd0ebc46435729898" MacOSX10.11.sdk.tar.gz | sha256sum -c && \
mkdir -p ~/gitian-builder/inputs && \
cp MacOSX10.11.sdk.tar.gz ~/gitian-builder/inputs/MacOSX10.11.sdk.tar.gz && \
cd
cd && \
cd gitian-builder && \
bin/make-base-vm --lxc --arch amd64 --suite trusty && \
cd
  • Init Gitian cryptozeny and check branch master-v0.16.3
cd && \
cd sugarchain && \
git checkout master-v0.16.3 && \
git pull && \
cd && \
cp ./sugarchain/contrib/gitian-build.sh . && \
cd && \
./gitian-build.sh --setup cryptozeny 0.16.3.10rc25 && \
cd

Build Binaries (SUGAR tags/v0.16.3.10rc25)

  • OS Selection
    --os lwx : Linux + Windows + OSX
    --os l : Linux
    --os w : Windows
    --os x : OSX (macOS)

  • Options : Build Speed (Cores +1)
    2 CPU Cores : -j 3(2+1) or --num-make 3(2+1) (Default 2)
    3 GB Ram : -m 3000 or --memory 3000 (Default 2000)

  • Signer (Github ID) cryptozeny

  • All of them --os lwx

cd && \
./gitian-build.sh -j 3 -m 3000 --os lwx --detach-sign --no-commit -b cryptozeny 0.16.3.10rc25
  • Linux --os l
cd && \
./gitian-build.sh -j 3 -m 3000 --os l --detach-sign --no-commit -b cryptozeny 0.16.3.10rc25
  • Windows --os w
cd && \
./gitian-build.sh -j 3 -m 3000 --os w --detach-sign --no-commit -b cryptozeny 0.16.3.10rc25
  • OSX (macOS) --os x
cd && \
./gitian-build.sh -j 3 -m 3000 --os x --detach-sign --no-commit -b cryptozeny 0.16.3.10rc25
  • Check Building Process
tail -f ~/gitian-builder/var/build.log
  • Binary Location
ls ~/sugarchain-binaries/0.16.3.10rc25/
  • Signing PGP to Binaries (Windows and OSX: --os wx) TODO
cd && \
./gitian-build.sh -j 3 -m 3000 --os wx --detach-sign --no-commit -s cryptozeny 0.16.3.10rc25
  • Remove *-debug* && *-unsigned*
cd ~/sugarchain-binaries/0.16.3.10rc25/ && \
rm *-debug* ;

rm -unsigned

  • Create SHA256SUMS.asc and PGP-sign
cd ~/sugarchain-binaries/0.16.3.10rc25/ && \
sha256sum * > SHA256SUMS && \
gpg --digest-algo sha256 --clearsign SHA256SUMS # outputs SHA256SUMS.asc # input password
rm SHA256SUMS && \
cat SHA256SUMS.asc
  • SHA256SUM.asc result (SUGAR tags/v0.16.3.10rc25)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

214a3c82e73fb6defcb5aab4a49ca0881e2d3cf4f0aa29af109a570e4ec85fd9  sugarchain-0.16.3-aarch64-linux-gnu.tar.gz
ee5852814ca5ff08962bfb936955a4f81cf6f82aa8127d8f73e308600d5515a2  sugarchain-0.16.3-arm-linux-gnueabihf.tar.gz
788b0a3df07f41e73acb22ba2c7cda8f664417f88d56ee3dafb2d79146d03479  sugarchain-0.16.3-i686-pc-linux-gnu.tar.gz
d67b457c7e6e82a487d8687810b1bf409311a4c2abe4126ee79f6ca80535bbdc  sugarchain-0.16.3-osx64.tar.gz
d50548c86c5dbb3a6b5f930a8533024a5f52f3a92e7677908f6ae7eea71bc9c6  sugarchain-0.16.3-osx-unsigned.dmg
f39919ff2f3680fdbc1cd8bad543aa77eb5a659f9b43d121a3e0b86993156339  sugarchain-0.16.3.tar.gz
e789b56227bb99ddb78ec9deb3a65cca28bb271f91dd26f415fb87375a547147  sugarchain-0.16.3-win32-setup-unsigned.exe
1975ff5aff8cfd5b27b37c66adb85ab0c91b357d2bf20c1455bd2606bd8dce62  sugarchain-0.16.3-win32.zip
3241579bb9b825a452b6f6d64d343842a677bbfc41e212b50ece992616b36412  sugarchain-0.16.3-win64-setup-unsigned.exe
57dfb9fa0ff860dd4ed8cd748608046432b26e07ebd56cbdf394ebde6cdfdc26  sugarchain-0.16.3-win64.zip
64b6505cdd5cb9d755dc61717dc93a1b65e214b383a781c9f36e5dbe5a6b37a1  sugarchain-0.16.3-x86_64-linux-gnu.tar.gz
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCAAGBQJcfYr5AAoJELndveKqrcQhiDMQAL1HWm3lCr1D+Cl+c4LDhFrl
hjx9p3iXrAHtRrEmme98ww1dgwnUPgGNprD4AZEwu57OBdoLOLxwH2zUEotMZymZ
9+A/cJjKOEuRGlNg/xvqDJyB8ibda9iCYRm4g/B+f1qn7w7s8he7BW3nBbRaTi/8
2MwthvZfE4wACGtJoHd/UTR5HNXhJI2xB+0UPCb0IalzTTG4q6HyA/UdNPpIBrgj
ZmpkshGnX4giMxBONDtEH7uYnDTDVh3D7/tNkJ+XPPbuh/UbLarFF6PuSBWY9pqI
aR0ioVPH4HGCmcclJl/n3Gs6xhr1AxSLYtW2WWGRr7u+c3m7Xve93ZD7cCVvFuFy
hTlDZ2Sxtk34hDFAwOoKQJs/Ay8wWYWsbT3uEc/eQrEY+RymBhz+rM4xv63Syscs
sncBLeJ6ufjgD2wz0mTM0hQkAdShXl6syZQ98jOqZU5lks0wNBtstnUFoWSa3Zpg
/euCP1irSdqAPxhuTqRxcjiSuxlwCzZjz9/Ct25NkfrcdouFImltFmimSPe06rx8
Qa6XKa9W1Jwh9eHfAbOBWoqCxDMZ9i37fh5dGkBXEsUxKyaSZfSF3siP1e92rf20
mngb2HuUux6CoaGcyFtt09AikRHUDKYoazKAvmTzlulz4JFO2gOiLays5N8I5f+u
Blc9ztBB3tiiHKArgzEg
=qH7G
-----END PGP SIGNATURE-----

gpg --verify SHA256SUMS.asc

gpg: Signature made Sun 03 Mar 2019 01:03:44 AM KST using RSA key ID AAADC421
gpg: Good signature from "cryptozeny (sugarchain developer) <cryptozeny@gmail.com>"
Primary key fingerprint: BB27 9FE1 59A0 E40E D02B  3365 B9DD BDE2 AAAD C421
  • FINAL RELEASE - Copy Binaries to Host (192.168.1.111 is Host's IP)
scp -r /home/gitianuser/sugarchain-binaries/0.16.3.10rc25/ USERNAME@192.168.1.111:~/Desktop/

TODO:

@cryptozeny
Copy link
Author

ref: BTC version
https://gist.github.com/cryptozeny/0d31e89e6be5631dd0379aa424affcf3

@cryptozeny
Copy link
Author

cryptozeny commented Mar 5, 2019
edited

Update REMOTE

  • rc26
REMOTE=origin ; BRANCH=master-v0.16.3 ; RC=v0.16.3.12rc1 && git tag $RC && git push $REMOTE $BRANCH && git push origin $RC
  • output - new tag
Everything up-to-date
Total 0 (delta 0), reused 0 (delta 0)
To git@github.com:cryptozeny/sugarchain-v0.16.3.git
 * [new tag]         v0.16.3.12rc1 -> v0.16.3.12rc1

@cryptozeny
Copy link
Author

cryptozeny commented Mar 10, 2019
edited

update GITIAN new tag (at gitianuser VM)

cd && cd sugarchain && git fetch && git checkout master-v0.16.3 && git pull && cd && cp ./sugarchain/contrib/gitian-build.sh . && cd && ./gitian-build.sh --setup cryptozeny 0.16.3.25rc1-6048eba && cd

REMOTE=origin && \
BRANCH=master-v0.16.3 && \
RC=0.16.3.25rc1-6048eba && \
cd && \
cd sugarchain && \
git fetch $REMOTE $BRANCH && \
git checkout $BRANCH && \
git pull $REMOTE $BRANCH && \
cd && cp ./sugarchain/contrib/gitian-build.sh . && \
cd && \
./gitian-build.sh --setup cryptozeny $RC && \
cd

@cryptozeny
Copy link
Author

cryptozeny commented Mar 10, 2019
edited

-O2 duplicated

HOST_CFLAGS='-O2 -g -I/home/ubuntu/build/sugarchain/src/crypto/yespower-1.0.0 -fPIE -Wall -O2 -fomit-frame-pointer'

@cryptozeny
Copy link
Author

Win

HOST_CFLAGS='-O2 -g -I/home/ubuntu/build/sugarchain/src/crypto/yespower-1.0.0 -fPIE -Wall -O2 -fomit-frame-pointer'

@cryptozeny
Copy link
Author

OSX

HOST_CFLAGS='-I/home/ubuntu/build/sugarchain/src/crypto/yespower-1.0.0 -fPIE -Wall -O2 -fomit-frame-pointer'

@cryptozeny
Copy link
Author

cryptozeny commented Jun 30, 2019
edited

change file name for version

RC=0.16.3.25rc1-6048eba && rename 's#0.16.3#'$RC'#g' *.*

@cryptozeny
Copy link
Author

cryptozeny commented Aug 16, 2019
edited

IDK but it fails at first time. However from second try, it will go. Please do twice.

mv: cannot stat ‘build/out/sugarchain-*.tar.gz’: No such file or directory
mv: cannot stat ‘build/out/src/sugarchain-*.tar.gz’: No such file or directory

@decryp2kanon
Copy link

--default-key ABCD1234 for switch your PGP

@decryp2kanon
Copy link

decryp2kanon commented Feb 5, 2020
edited

strange, in some case, sugarchain-0.16.3-win32-setup-unsigned.exe sha256hash is only changed. (the others OK) need verify.

1st

84633a80534732c73a2011e0783554d5ac0ba8b6ceed65c79c17b3f3dafd252b sugarchain-0.16.3-win32-setup-unsigned.exe

2nd

5c499f90f84fbac8768d74d1bd8d59a670420f9d5ea7a356b39972bce3afd704 sugarchain-0.16.3-win32-setup-unsigned.exe

3rd

a432640eb9247dca98a107350f4e9d741b4da84a3be8359fcba417d44755bc31 sugarchain-0.16.3-win32-setup-unsigned.exe

@decryp2kanon
Copy link

decryp2kanon commented Feb 5, 2020
edited

26rc2

cd && cd sugarchain && git fetch && git checkout master-v0.16.3 && git pull && cd && cp ./sugarchain/contrib/gitian-build.sh . && cd && ./gitian-build.sh --setup decryp2kanon 0.16.3.26rc2-36d633c && cd

cd && \
cd sugarchain && \
git checkout master-v0.16.3 && \
git pull && \
cd && \
cp ./sugarchain/contrib/gitian-build.sh . && \
cd && \
./gitian-build.sh --setup decryp2kanon 0.16.3.26rc2-36d633c && \
cd

cd && ./gitian-build.sh -j 12 -m 12000 --os lwx --detach-sign --no-commit -b decryp2kanon 0.16.3.26rc2-36d633c

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment