diff --git a/src/bootstrap/builder.rs b/src/bootstrap/builder.rs index dc4243a76d5da..3a8b243349c6b 100644 --- a/src/bootstrap/builder.rs +++ b/src/bootstrap/builder.rs @@ -469,7 +469,6 @@ impl<'a> Builder<'a> { dist::RustDev, dist::Extended, dist::BuildManifest, - dist::HashSign ), Kind::Install => describe!( install::Docs, diff --git a/src/bootstrap/dist.rs b/src/bootstrap/dist.rs index 5e3bfd9e9e272..bdab12db43502 100644 --- a/src/bootstrap/dist.rs +++ b/src/bootstrap/dist.rs @@ -10,9 +10,8 @@ use std::env; use std::fs; -use std::io::Write; use std::path::{Path, PathBuf}; -use std::process::{Command, Stdio}; +use std::process::Command; use build_helper::{output, t}; @@ -2323,61 +2322,6 @@ fn add_env(builder: &Builder<'_>, cmd: &mut Command, target: TargetSelection) { } } -#[derive(Debug, PartialOrd, Ord, Copy, Clone, Hash, PartialEq, Eq)] -pub struct HashSign; - -impl Step for HashSign { - type Output = (); - const ONLY_HOSTS: bool = true; - - fn should_run(run: ShouldRun<'_>) -> ShouldRun<'_> { - run.path("hash-and-sign") - } - - fn make_run(run: RunConfig<'_>) { - run.builder.ensure(HashSign); - } - - fn run(self, builder: &Builder<'_>) { - // This gets called by `promote-release` - // (https://github.com/rust-lang/rust-central-station/tree/master/promote-release). - let mut cmd = builder.tool_cmd(Tool::BuildManifest); - if builder.config.dry_run { - return; - } - let sign = builder.config.dist_sign_folder.as_ref().unwrap_or_else(|| { - panic!("\n\nfailed to specify `dist.sign-folder` in `config.toml`\n\n") - }); - let addr = builder.config.dist_upload_addr.as_ref().unwrap_or_else(|| { - panic!("\n\nfailed to specify `dist.upload-addr` in `config.toml`\n\n") - }); - let pass = if env::var("BUILD_MANIFEST_DISABLE_SIGNING").is_err() { - let file = builder.config.dist_gpg_password_file.as_ref().unwrap_or_else(|| { - panic!("\n\nfailed to specify `dist.gpg-password-file` in `config.toml`\n\n") - }); - t!(fs::read_to_string(&file)) - } else { - String::new() - }; - - let today = output(Command::new("date").arg("+%Y-%m-%d")); - - cmd.arg(sign); - cmd.arg(distdir(builder)); - cmd.arg(today.trim()); - cmd.arg(addr); - cmd.arg(&builder.config.channel); - cmd.env("BUILD_MANIFEST_LEGACY", "1"); - - builder.create_dir(&distdir(builder)); - - let mut child = t!(cmd.stdin(Stdio::piped()).spawn()); - t!(child.stdin.take().unwrap().write_all(pass.as_bytes())); - let status = t!(child.wait()); - assert!(status.success()); - } -} - /// Maybe add libLLVM.so to the given destination lib-dir. It will only have /// been built if LLVM tools are linked dynamically. /// diff --git a/src/tools/build-manifest/src/main.rs b/src/tools/build-manifest/src/main.rs index 8c33754852605..9a8f2404e4a1a 100644 --- a/src/tools/build-manifest/src/main.rs +++ b/src/tools/build-manifest/src/main.rs @@ -14,9 +14,7 @@ use crate::versions::{PkgType, Versions}; use std::collections::{BTreeMap, HashMap, HashSet}; use std::env; use std::fs::{self, File}; -use std::io::{self, Read, Write}; use std::path::{Path, PathBuf}; -use std::process::{Command, Stdio}; static HOSTS: &[&str] = &[ "aarch64-apple-darwin", @@ -200,29 +198,10 @@ struct Builder { output: PathBuf, s3_address: String, date: String, - - legacy: bool, - legacy_gpg_passphrase: String, } fn main() { - // Up until Rust 1.48 the release process relied on build-manifest to create the SHA256 - // checksums of released files and to sign the tarballs. That was moved over to promote-release - // in time for the branching of Rust 1.48, but the old release process still had to work the - // old way. - // - // When running build-manifest through the old ./x.py dist hash-and-sign the environment - // variable will be set, enabling the legacy behavior of generating the .sha256 files and - // signing the tarballs. - // - // Once the old release process is fully decommissioned, the environment variable, all the - // related code in this tool and ./x.py dist hash-and-sign can be removed. - let legacy = env::var_os("BUILD_MANIFEST_LEGACY").is_some(); - - let num_threads = if legacy { - // Avoid overloading the old server in legacy mode. - 1 - } else if let Some(num) = env::var_os("BUILD_MANIFEST_NUM_THREADS") { + let num_threads = if let Some(num) = env::var_os("BUILD_MANIFEST_NUM_THREADS") { num.to_str().unwrap().parse().expect("invalid number for BUILD_MANIFEST_NUM_THREADS") } else { num_cpus::get() @@ -239,13 +218,6 @@ fn main() { let s3_address = args.next().unwrap(); let channel = args.next().unwrap(); - // Do not ask for a passphrase while manually testing - let mut passphrase = String::new(); - if legacy { - // `x.py` passes the passphrase via stdin. - t!(io::stdin().read_to_string(&mut passphrase)); - } - Builder { versions: Versions::new(&channel, &input).unwrap(), checksums: t!(Checksums::new()), @@ -255,9 +227,6 @@ fn main() { output, s3_address, date, - - legacy, - legacy_gpg_passphrase: passphrase, } .build(); } @@ -265,9 +234,6 @@ fn main() { impl Builder { fn build(&mut self) { self.check_toolstate(); - if self.legacy { - self.digest_and_sign(); - } let manifest = self.build_manifest(); let channel = self.versions.channel().to_string(); @@ -310,15 +276,6 @@ impl Builder { } } - /// Hash all files, compute their signatures, and collect the hashes in `self.digests`. - fn digest_and_sign(&mut self) { - for file in t!(self.input.read_dir()).map(|e| t!(e).path()) { - file.file_name().unwrap().to_str().unwrap(); - self.hash(&file); - self.sign(&file); - } - } - fn build_manifest(&mut self) -> Manifest { let mut manifest = Manifest { manifest_version: "2".to_string(), @@ -584,51 +541,6 @@ impl Builder { format!("{}/{}/{}", self.s3_address, self.date, file_name) } - fn hash(&self, path: &Path) -> String { - let sha = t!(Command::new("shasum") - .arg("-a") - .arg("256") - .arg(path.file_name().unwrap()) - .current_dir(path.parent().unwrap()) - .output()); - assert!(sha.status.success()); - - let filename = path.file_name().unwrap().to_str().unwrap(); - let sha256 = self.output.join(format!("{}.sha256", filename)); - t!(fs::write(&sha256, &sha.stdout)); - - let stdout = String::from_utf8_lossy(&sha.stdout); - stdout.split_whitespace().next().unwrap().to_string() - } - - fn sign(&self, path: &Path) { - if !self.legacy { - return; - } - - let filename = path.file_name().unwrap().to_str().unwrap(); - let asc = self.output.join(format!("{}.asc", filename)); - println!("signing: {:?}", path); - let mut cmd = Command::new("gpg"); - cmd.arg("--pinentry-mode=loopback") - .arg("--no-tty") - .arg("--yes") - .arg("--batch") - .arg("--passphrase-fd") - .arg("0") - .arg("--personal-digest-preferences") - .arg("SHA512") - .arg("--armor") - .arg("--output") - .arg(&asc) - .arg("--detach-sign") - .arg(path) - .stdin(Stdio::piped()); - let mut child = t!(cmd.spawn()); - t!(child.stdin.take().unwrap().write_all(self.legacy_gpg_passphrase.as_bytes())); - assert!(t!(child.wait()).success()); - } - fn write_channel_files(&mut self, channel_name: &str, manifest: &Manifest) { self.write(&toml::to_string(&manifest).unwrap(), channel_name, ".toml"); self.write(&manifest.date, channel_name, "-date.txt"); @@ -645,10 +557,6 @@ impl Builder { let dst = self.output.join(name); t!(fs::write(&dst, contents)); - if self.legacy { - self.hash(&dst); - self.sign(&dst); - } } fn write_shipped_files(&self, path: &Path) {