#!/bin/sh
# Generate commands to cut an ntpsec release.
#
# VERSION must contain the correct release number.

KEY=477C7528	# Release manager's GPG key ID
DST=markatwood@service1.ntpsec.org:/usr/local/jail/ftp.ntpsec.org/data/ftp/pub/releases/

# No user-serviceable parts below this line

V=`cat ../VERSION`
UV=`cat ../VERSION | tr '.' '_'`

cat <<EOF
# Pipe this to sh to actually perform a release.

set -e		# Bail out if the tarball build fails
set -x		# Echo commands

./make-tarball	# Build and test the tarball; bail out if that fails
TAR=ntpsec-${V}.tar.gz

# Commit pending modifications to the repository.
git commit -Ssecurity@ntpsec.org -a -s -m 'version ${V}

# Tag the new head version
git tag -u ${K} -m 'version ${V}' NTPsec_${UV}

# Push the repository upstream.
git push  
git push --tags

# Generate GPG detached signature of the release tarball.
gpg -u ${KEY} -a --output ${TAR}.asc --detach-sign ${TAR}

# Generate sha256sum file for the release tarball.
shasum -a 256 -p ${TAR} >${TAR}.sum

# GPG sign that sha256sum file.
gpg -u ${KEY} -a --output ${TAR}.sum.asc --clearsign ${TAR}.sum
  
# Copy the release tarball, GPG detached signature of the release
# tarball, and the signed sha256sum file to the ftp artifact server.
scp ntpsec-${V}.tar* ${DST}

echo "Don't forget to bump the minor version number!"
EOF

# end
