From 04acda6a7cc5d2191df40f1fbf389974fad80c1e Mon Sep 17 00:00:00 2001
From: transcaffeine <transcaffeine@finally.coffee>
Date: Sat, 29 Mar 2025 18:26:01 +0100
Subject: [PATCH] meta: add release script

---
 bin/nextcloud-app-release.sh | 61 ++++++++++++++++++++++++++++++++++++
 1 file changed, 61 insertions(+)
 create mode 100755 bin/nextcloud-app-release.sh

diff --git a/bin/nextcloud-app-release.sh b/bin/nextcloud-app-release.sh
new file mode 100755
index 0000000..c890d77
--- /dev/null
+++ b/bin/nextcloud-app-release.sh
@@ -0,0 +1,61 @@
+#!/usr/bin/env bash
+set -euo pipefail -o errtrace
+
+APP_NAME="${1:-pride_flags}"
+VERSION="${2:-1.1.3-rc.1}"
+REPO=`pwd`
+CERT_DIR="$HOME/.nextcloud/certificates"
+TARBALL="$APP_NAME-$VERSION.tar.gz"
+TARBALL_SIG="$TARBALL.sig"f
+CONTAINER_NAME="nextcloud-app-signing-container"
+CONTAINER_IMAGE="${3:-docker.io/library/nextcloud:31.0.2}"
+CONTAINER_APP_LOC="/var/www/html/custom_apps/$APP_NAME"
+
+_SLEEP="45"
+
+traperr() {
+    echo "ERROR: ${BASH_SOURCE[1]} at about ${BASH_LINENO[0]}"
+    mv ../nextcloud-pride-flags-git .git
+    sudo docker stop "${CONTAINER_NAME}"
+    sudo docker rm "${CONTAINER_NAME}"
+}
+trap traperr ERR
+
+mv .git ../nextcloud-pride-flags-git
+
+sudo docker run --hostname nc31.local \
+    -e NEXTCLOUD_ADMIN_USER=admin \
+    -e NEXTCLOUD_ADMIN_PASSWORD=admin \
+    --name "${CONTAINER_NAME}" --detach \
+    -v "${CERT_DIR}/:/privkey/:ro" \
+    -v "${REPO}/:${CONTAINER_APP_LOC}/:rw" \
+    "${CONTAINER_IMAGE}"
+
+echo "Sleep ${_SLEEP}s for container startup"
+sleep "$_SLEEP"
+sudo docker exec -it ${CONTAINER_NAME} php occ integrity:sign-app \
+    --path="${CONTAINER_APP_LOC}" \
+    --privateKey="/privkey/${APP_NAME}.key" \
+    --certificate="/privkey/${APP_NAME}.crt"
+
+sudo docker stop "${CONTAINER_NAME}"
+sudo docker rm "${CONTAINER_NAME}"
+
+mv ../nextcloud-pride-flags-git .git
+
+echo "App $APP_NAME signed @ ${VERSION}. Commit the appinfo/signatures.json now and press enter."
+read -p "Press Enter to continue" < /dev/tty
+
+tar --exclude-vcs -czvf "${TARBALL}" "$REPO"
+
+# verify content
+echo "Tarball '${TARBALL}' content:"
+tar -tf ${TARBALL}
+
+echo "Tarball signature:"
+# sign tarball
+openssl dgst -sha512 -sign "${CERT_DIR}/${APP_NAME}.key" $TARBALL \
+	| openssl base64 \
+	| tee "${TARBALL_SIG}"
+
+