Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
#! /usr/bin/env nix-shell
#! nix-shell -i bash -p git gnupg curl
set -euo pipefail
TMPDIR="$(mktemp -d -p /tmp)"
trap "rm -rf $TMPDIR" EXIT
cd $TMPDIR
echo "Fetching latest release"
git clone https://github.com/elementsproject/elements 2> /dev/null
cd elements
latest=$(git describe --tags `git rev-list --tags --max-count=1`)
echo "Latest release is ${latest}"
# GPG verification
export GNUPGHOME=$TMPDIR
echo "Fetching Andrew's Key"
curl https://www.wpsoftware.net/andrew/andrew.gpg > andrew.gpg
gpg --import andrew.gpg
echo "Verifying latest release"
git verify-tag ${latest}
echo "tag: ${latest}"
# The prefix option is necessary because GitHub prefixes the archive contents in this format
sha=$(git archive --format tar.gz --prefix=elements-${latest}/ ${latest} | sha256sum | cut -d\ -f1)
echo "sha256: $sha"
echo "in base32: $(nix hash to-base32 --type sha256 $sha)"
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment