build: release.mk: move soft guard for no GPG key up the supply chain

It also means the missing key specification is now a hard error when ASCII armored files are to be created (directly or by other rules). Leveraging the previous commit, it is now unnecessary to guard against release mode not being requested, so this guard is dropped completely in the transition, allowing for the full-fledged (incl. GPG signing) release delivery testing without mangling with in-tree tags. To allow "sign" target to (possibly eventually) become the implicit goal even if "gpgsignkey" variable is explicitly unspecified, make it depend on "tarballs". Signed-off-by: Jan Pokorný <jpokorny@redhat.com>
2025-12-26 14:41:15 +00:00 · 2017-06-09 20:31:13 +02:00 · 2017-06-09 20:31:13 +02:00 · d20e48a0b2
commit d20e48a0b2
parent ae5138d3e0
1 changed files with 7 additions and 11 deletions
--- a/build-aux/release.mk
+++ b/build-aux/release.mk
@ -51,23 +51,19 @@ $(project)-$(version).sha256:
 	# checksum anything from deliverables except for in-prep checksums file
 	sha256sum $(deliverables:$@=) | sort -k2 > $@

-sign: $(deliverables:=.asc)
-
-# NOTE: cannot sign multiple files at once like this
-$(project)-$(version).%.asc: $(project)-$(version).%
 ifeq (,$(gpgsignkey))
+sign: tarballs
 	@echo No GPG signing key defined
 else
-ifeq (,$(release))
-	@echo Building test release $(version), no sign
-else
-	gpg --default-key $(gpgsignkey) \
+sign: $(deliverables:=.asc)
+endif
+
+# NOTE: cannot sign multiple files at once
+$(project)-$(version).%.asc: $(project)-$(version).%
+	gpg --default-key "$(gpgsignkey)" \
 		--detach-sign \
 		--armor \
 		$<
-endif
-endif
-

 publish:
 ifeq (,$(release))