1RBM-TAR(1) RBM-TAR(1)
2
6 rbm-tar - Create a tarball file
7
9 rbm tar <project> [options]
10
12 Create a tarball file for the selected project.
13
15 The output directory can be selected with the output_dir option.
16 The output filename will be :
18 <name>-<version>.tar
20 If the compress_tar, the filename will be :
22 <name>-<version>.tar.<ext>
24 With <name> the project’s name, <version> the version of the software,
26 and <ext> the compression type selected in the compress_tar option.
27 The version of the software used to create the tarball and the packages
29 should be set with the version option.
30
32 The following options are related to tarball creation :
33 git_url
35 The URL of a git repository that will be cloned and used to create
36 the tarball. If this option is set, git_hash should be set to
37 select the commit to use.
38 hg_url
40 The URL of a mercurial repository that will be cloned and used to
41 create the tarball. If this option is set, hg_hash should be set to
42 select the commit to use.
43 git_hash
45 A git hash, branch name or tag. This is what is used to create the
46 tarball.
47 hg_hash
49 A mercurial changeset hash. This is what is used to create the
50 tarball.
51 git_submodule
53 If this option is enabled, git submodules are fetched and included
54 in the tarball. This option is disabled by default.
55 git_depth
57 An integer specifying a depth for shallow Git clone/fetch depth, to
58 decrease network and storage usage. If not set, shallow clone/fetch
59 is disabled.
60 git_branch
62 A Git ref name that will be exclusively cloned/fetched, to decrease
63 network and storage usage. Must be a descendent (inclusive) of
64 git_hash. If not set, all Git refs are cloned/fetched.
65 compress_tar
67 If set, the tarball created will be compressed in the select
68 format. Possible values: xz, gz, bz2. The default is gz but it can
69 stay empty to disable compression.
70 commit_gpg_id
72 If set, the commit selected with git_hash will have its signature
73 checked. The tarball will not be created if there is no valid
74 signature, and if the key used to sign it does not match the key ID
75 from commit_gpg_id. The option can be set to a single gpg ID, or to
76 a list of gpg IDs. The IDs can be short or long IDs, or full
77 fingerprint (with no spaces). For this to work, the GPG keys should
78 be present in the selected keyring (see keyring option). If the
79 option is set to 1 or an array containing 1 then any key from the
80 selected keyring is accepted. On command line, the --commit-gpg-id
81 option can be listed multiple times to define a list of keys.
82 tag_gpg_id
84 If set, the commit selected with git_hash should be a tag and will
85 have its signature checked. The tarball will not be created if the
86 tag doesn’t have a valid signature, and if the key used to sign it
87 does not match the key ID from tag_gpg_id. The option can be set to
88 a single gpg ID, or to a list of gpg IDs. The IDs can be short or
89 long IDs, or full fingerprint (with no spaces). For this to work,
90 the GPG keys should be present in the selected keyring (see keyring
91 option). If the option is set to 1 or an array containing 1 then
92 any key from the selected keyring is accepted. On command line, the
93 --tag-gpg-id option can be listed multiple times to define a list
94 of keys.
95 gpg_wrapper
97 This is a template for a gpg wrapper script. The default wrapper
98 will call gpg with the keyring specified by option gpg_keyring if
99 defined.
100 gpg_keyring
102 The filename of the gpg keyring to use. Path is relative to the
103 keyring directory. This can also be an absolute path.
104 gpg_bin
106 The gpg command to be used. The default is gpg.
107 gpg_args
109 Optional gpg arguments. The default is empty.
110 gpg_allow_expired_keys
112 Allowing expired keys to successfully verify e.g. signed git tags.
113 By default this is not allowed.
114 See rbm_config(7) for all other options.
116
118 The command line options related to tar :
119 --git-hash=<hash>
121 The git hash of the commit / tag to use.
122 --hg-hash=<hash>
124 The mercurial hash of the commit / tag to use.
125 --commit-gpg-id=<GPG ID>
127 Check the commit to be signed by this GPG key ID.
128 --tag-gpg-id=<GPG ID>
130 Check if the selected git hash is a tag and is signed by select GPG
131 key ID.
132 --gpg-keyring=<file>
134 GPG keyring filename.
135 --gpg-keyring-dir=<directory>
137 Directory containing GPG keyring files
138 --gpg-args=<args>
140 Optional gpg arguments.
141 --gpg-bin=<path>
143 Path to gpg binary.
144 See rbm_cli(7) for all other options.
146
148 If you are going to use gpg signed commits, it is recommended to use
149 git >= 1.8.3.
150 • git < 1.7.9 does not support signed commits. It only supports
152 signed tags.
153 • git < 1.8.3 does not use the git-config option gpg.program in git
155 log --show-signature and git show --show-signatures commands used
156 to check commits signatures. This means you won’t be able to use
157 the gpg_keyring option for commits signature verification (but it
158 will work for tag signature verification). This was fixed in git
159 commit 6005dbb9, included in version 1.8.3.
160
162 rbm(1)
163 07/28/2023 RBM-TAR(1)