#!/bin/sh

set -eu

repo=${1:-dist/repo}
rm -rf ${repo}
mkdir -p ${repo}
cp dist/*.rpm ${repo}/
cp dist/*.deb ${repo}/
cd ${repo}

if [ -n "${TUXPKG_RELEASE_KEY:-}" ]; then
    gpg --batch --import ${TUXPKG_RELEASE_KEY}
fi

if [ -z "${TUXPKG_RELEASE_KEYID:-}" ]; then
    if [ -n "${GNUPGID:-}" ]; then
        TUXPKG_RELEASE_KEYID="${GNUPGID}"
    else
        TUXPKG_RELEASE_KEYID=$(gpg --list-secret-keys --with-colons | awk -F: '{if ($1 == "fpr") { print($10); exit } }')
    fi
fi
if [ -z "${TUXPKG_RELEASE_KEYID}" ]; then
    echo "E: GPG key to sign the repositories with not found. Set \${TUXPKG_RELEASE_KEYID}, \${GNUPGID}, or ensure that you have a private key in your gpg keyring."
    exit 1
fi

export GPG_TTY=
gpg="gpg --local-user ${TUXPKG_RELEASE_KEYID} --batch --yes"

# export signing key
$gpg --armor --export --export-options export-minimal --output signing-key.asc ${TUXPKG_RELEASE_KEYID}
$gpg         --export --export-options export-minimal --output signing-key.gpg ${TUXPKG_RELEASE_KEYID}

# rpm
rpmsign --define "__gpg /usr/bin/gpg" --define "_gpg_name ${TUXPKG_RELEASE_KEYID}" --addsign *.rpm
createrepo_c .
$gpg --armor --detach-sign --output repodata/repomd.xml.asc repodata/repomd.xml
ln signing-key.asc  repodata/repomd.xml.key

# deb
dpkg-scanpackages . > Packages
apt-ftparchive -o APT::FTPArchive::Release::Origin=tuxmake release . > Release
$gpg --detach-sign --output Release.gpg Release
$gpg --clearsign --output InRelease Release

