forked from GrapheneOS/releases.grapheneos.org
-
Notifications
You must be signed in to change notification settings - Fork 0
Home
Dmitry Sorokin (@sorydima) edited this page Nov 19, 2024
·
1 revision
- Introduction to GrapheneOS Releases.
- Purpose of the repository.
- Links to related resources and documentation.
- Prerequisites for using the repository.
- Basic setup instructions for developers and maintainers.
- How to manage, tag, and publish new releases.
- Testing protocols before release.
- Best practices for versioning.
- Explanation of security measures in the release process.
- Verification of releases using signatures and checksums.
- Contribution workflow.
- Repository structure overview.
- Tools and dependencies.
- Answers to common questions.
- Troubleshooting steps.
- Documentation of updates and changes.
- Repository licensing details.
- Credits for contributors and supporting organizations.
# Welcome to the GrapheneOS Releases Wiki
## About GrapheneOS Releases
This repository provides a structured and secure system for managing and distributing GrapheneOS releases. It ensures a reliable and trustworthy release process for users.
## Purpose
- Centralize all GrapheneOS release assets.
- Automate the distribution pipeline for verified builds.
- Ensure integrity with cryptographic signatures and checksums.
### Related Resources
- [GrapheneOS Official Website](https://grapheneos.org)
- [GrapheneOS Documentation](https://grapheneos.org/docs)
Let’s build and maintain a secure future with GrapheneOS!
# Getting Started
## Prerequisites
- **Operating Systems**: macOS, Linux.
- **Required Tools**:
- Git (>= 2.30)
- GPG for signing and verifying releases.
- Python (>= 3.8) for release scripts.
## Setup
1. Clone the repository:
```bash
git clone https://github.com/Katya-Incorporated/releases.grapheneos.org.git
cd releases.grapheneos.org
-
Install dependencies:
pip install -r requirements.txt
-
Configure GPG:
- Import your signing key:
gpg --import /path/to/your-key.asc
- Import your signing key:
-
Verify the initial setup:
python scripts/check_environment.py
You’re now ready to manage and contribute to releases!
---
### **Release_Workflow.md**
```markdown
# Release Workflow
## Overview
The release workflow ensures consistent, secure, and traceable updates for GrapheneOS.
### Steps to Publish a Release
1. **Create a New Release Branch**:
```bash
git checkout -b release/vX.X.X
-
Tag the Release:
git tag -s vX.X.X -m "Release vX.X.X"
-
Push Changes to the Remote Repository:
git push origin release/vX.X.X git push origin --tags
-
Generate Release Assets: Use the provided scripts in
scripts/release_tools/
to build, sign, and verify assets. -
Verify Checksums: Run the integrity check:
python scripts/verify_checksums.py
-
Publish the Release: Upload the assets to the appropriate distribution platform.
We follow Semantic Versioning:
- MAJOR: Breaking changes.
- MINOR: New features.
- PATCH: Bug fixes.
---
### **Security_and_Integrity.md**
```markdown
# Security and Integrity
## Cryptographic Signing
All releases are signed using GPG to ensure authenticity. Users are encouraged to verify signatures before installation.
### Verify a Release
1. Download the release file and `.sig` file.
2. Verify the signature:
```bash
gpg --verify file.sig file
Releases include SHA256 checksums for integrity verification:
- Download the checksum file.
- Run:
sha256sum -c checksums.txt
Trust is at the core of GrapheneOS; always verify before using a release.
---
### **Development_Guidelines.md**
```markdown
# Development Guidelines
## Repository Structure
- `/scripts`: Tools for automation.
- `/releases`: Release assets and metadata.
- `/docs`: Additional documentation.
## Contributing
1. Fork the repository and create a feature branch.
2. Submit a pull request with a clear description.
3. Follow the [Code of Conduct](CODE_OF_CONDUCT.md).
## Tools and Dependencies
- Python (>= 3.8)
- GPG for signing.
- Additional dependencies listed in `requirements.txt`.
# FAQ
## Common Questions
### Q: How do I verify a release?
- Use GPG to validate the signature and SHA256 for integrity checks. See the [Security and Integrity](./Security_and_Integrity.md) page.
### Q: What happens if a release fails verification?
- Do not use the release. Report the issue immediately on the [GitHub Issues page](https://github.com/Katya-Incorporated/releases.grapheneos.org/issues).
### Q: Can I contribute to this repository?
- Yes! See our [Development Guidelines](./Development_Guidelines.md).
# Changelog
## v1.0.0
- Initial release of the GrapheneOS Releases system.
- Includes automated signing and verification scripts.
- Initial set of assets and workflows.
# License
This repository is licensed under the MIT License. See the [LICENSE](https://github.com/Katya-Incorporated/releases.grapheneos.org/blob/main/LICENSE) file for details.
# Acknowledgements
GrapheneOS Releases would not be possible without:
- The GrapheneOS team for their pioneering work.
- Open-source tools and libraries used in this repository.
- Our contributors and supporters.
Together, we create secure, reliable software for everyone.