#
# Handle signing and verifying of release artefacts.
#
# make
#  - equivalent of make verify
#
# make verify
#  - verify all signatures in the directory
#
# make sign
#  - sign all release artefacts. 
#
# Use
#       GPG2FLAGS='-u uid@redwax.eu' gmake sign
# to force a specific UID to be used for signing.
#
#

all: verify

verify:
	find . -name '*.asc' -exec bash -c "basename {}; gpg2 ${GPG2FLAGS} --armor --verify '{}'" \;

#	test -s "$?" && gpg2 --armor --verify $? || true

sign: sign-tar.gz sign-tar.bz2

sign-%:
	find . -name '*.$*' -exec bash -c "gpg2 ${GPG2FLAGS} --armor --output - --detach-sign {} >> {}.asc" \;