Skip to content
Dmitry Sorokin (@sorydima) edited this page Nov 19, 2024 · 1 revision

Wiki Structure for GrapheneOS Releases

1. Home

  • Introduction to GrapheneOS Releases.
  • Purpose of the repository.
  • Links to related resources and documentation.

2. Getting Started

  • Prerequisites for using the repository.
  • Basic setup instructions for developers and maintainers.

3. Release Workflow

  • How to manage, tag, and publish new releases.
  • Testing protocols before release.
  • Best practices for versioning.

4. Security and Integrity

  • Explanation of security measures in the release process.
  • Verification of releases using signatures and checksums.

5. Development Guidelines

  • Contribution workflow.
  • Repository structure overview.
  • Tools and dependencies.

6. FAQ

  • Answers to common questions.
  • Troubleshooting steps.

7. Changelog

  • Documentation of updates and changes.

8. License

  • Repository licensing details.

9. Acknowledgements

  • Credits for contributors and supporting organizations.

Home.md

# Welcome to the GrapheneOS Releases Wiki

## About GrapheneOS Releases
This repository provides a structured and secure system for managing and distributing GrapheneOS releases. It ensures a reliable and trustworthy release process for users.

## Purpose
- Centralize all GrapheneOS release assets.
- Automate the distribution pipeline for verified builds.
- Ensure integrity with cryptographic signatures and checksums.

### Related Resources
- [GrapheneOS Official Website](https://grapheneos.org)
- [GrapheneOS Documentation](https://grapheneos.org/docs)

Let’s build and maintain a secure future with GrapheneOS!

Getting_Started.md

# Getting Started

## Prerequisites
- **Operating Systems**: macOS, Linux.
- **Required Tools**:
  - Git (>= 2.30)
  - GPG for signing and verifying releases.
  - Python (>= 3.8) for release scripts.

## Setup
1. Clone the repository:
   ```bash
   git clone https://github.com/Katya-Incorporated/releases.grapheneos.org.git
   cd releases.grapheneos.org
  1. Install dependencies:

    pip install -r requirements.txt
  2. Configure GPG:

    • Import your signing key:
      gpg --import /path/to/your-key.asc
  3. Verify the initial setup:

    python scripts/check_environment.py

You’re now ready to manage and contribute to releases!


---

### **Release_Workflow.md**
```markdown
# Release Workflow

## Overview
The release workflow ensures consistent, secure, and traceable updates for GrapheneOS.

### Steps to Publish a Release
1. **Create a New Release Branch**:
   ```bash
   git checkout -b release/vX.X.X
  1. Tag the Release:

    git tag -s vX.X.X -m "Release vX.X.X"
  2. Push Changes to the Remote Repository:

    git push origin release/vX.X.X
    git push origin --tags
  3. Generate Release Assets: Use the provided scripts in scripts/release_tools/ to build, sign, and verify assets.

  4. Verify Checksums: Run the integrity check:

    python scripts/verify_checksums.py
  5. Publish the Release: Upload the assets to the appropriate distribution platform.

Versioning Policy

We follow Semantic Versioning:

  • MAJOR: Breaking changes.
  • MINOR: New features.
  • PATCH: Bug fixes.

---

### **Security_and_Integrity.md**
```markdown
# Security and Integrity

## Cryptographic Signing
All releases are signed using GPG to ensure authenticity. Users are encouraged to verify signatures before installation.

### Verify a Release
1. Download the release file and `.sig` file.
2. Verify the signature:
   ```bash
   gpg --verify file.sig file

Checksums

Releases include SHA256 checksums for integrity verification:

  1. Download the checksum file.
  2. Run:
    sha256sum -c checksums.txt

Trust is at the core of GrapheneOS; always verify before using a release.


---

### **Development_Guidelines.md**
```markdown
# Development Guidelines

## Repository Structure
- `/scripts`: Tools for automation.
- `/releases`: Release assets and metadata.
- `/docs`: Additional documentation.

## Contributing
1. Fork the repository and create a feature branch.
2. Submit a pull request with a clear description.
3. Follow the [Code of Conduct](CODE_OF_CONDUCT.md).

## Tools and Dependencies
- Python (>= 3.8)
- GPG for signing.
- Additional dependencies listed in `requirements.txt`.

FAQ.md

# FAQ

## Common Questions
### Q: How do I verify a release?
- Use GPG to validate the signature and SHA256 for integrity checks. See the [Security and Integrity](./Security_and_Integrity.md) page.

### Q: What happens if a release fails verification?
- Do not use the release. Report the issue immediately on the [GitHub Issues page](https://github.com/Katya-Incorporated/releases.grapheneos.org/issues).

### Q: Can I contribute to this repository?
- Yes! See our [Development Guidelines](./Development_Guidelines.md).

Changelog.md

# Changelog

## v1.0.0
- Initial release of the GrapheneOS Releases system.
- Includes automated signing and verification scripts.
- Initial set of assets and workflows.

License.md

# License

This repository is licensed under the MIT License. See the [LICENSE](https://github.com/Katya-Incorporated/releases.grapheneos.org/blob/main/LICENSE) file for details.

Acknowledgements.md

# Acknowledgements

GrapheneOS Releases would not be possible without:
- The GrapheneOS team for their pioneering work.
- Open-source tools and libraries used in this repository.
- Our contributors and supporters.

Together, we create secure, reliable software for everyone.