Improvements for distribution (#417)

* Don't pack sources (github does it better), sign sources

* Make CircleCI generate the same git archive as Github, return make dist

* Revert make clean too

* Upload signature to Github release

* Read Github token from an env variable

.circleci/config.yml

@@ -65,9 +65,7 @@ jobs:
             rm -rf ./.git
             rm -rf ./dist/*
             # Pack source
-            cd ..
-            tar -czf ${CIRCLE_PROJECT_REPONAME}-${CIRCLE_TAG}.tar.gz ${CIRCLE_PROJECT_REPONAME}
-            cd ${CIRCLE_PROJECT_REPONAME}
+            git archive -o ../${CIRCLE_PROJECT_REPONAME}-${CIRCLE_TAG}.tar.gz --format tar.gz --prefix=${CIRCLE_PROJECT_REPONAME}-${CIRCLE_TAG#v}/ ${CIRCLE_TAG}
             # Use latest installed python3 from pyenv
             export PYENV_VERSION="$(pyenv versions | grep -Po '\b3\.\d+\.\d+' | tail -1)"
             pip install packagecore

Makefile

@@ -92,9 +92,19 @@ dist:
 	gzip nnn-$(VERSION).tar
 	$(RM) -r nnn-$(VERSION)
 
+sign:
+	git archive -o nnn-$(VERSION).tar.gz --format tar.gz --prefix=nnn-$(VERSION)/ v$(VERSION)
+	gpg --detach-sign --yes nnn-$(VERSION).tar.gz
+	rm -f nnn-$(VERSION).tar.gz
+
+	$(eval ID=$(shell curl -s 'https://api.github.com/repos/jarun/nnn/releases/tags/v$(VERSION)' | jq .id))
+	curl -XPOST 'https://uploads.github.com/repos/jarun/nnn/releases/$(ID)/assets?name=nnn-$(VERSION).tar.gz.sig' \
+	    -H 'Authorization: token $(NNN_SIG_UPLOAD_TOKEN)' -H 'Content-Type: application/pgp-signature' \
+	    --upload-file nnn-$(VERSION).tar.gz.sig
+
 clean:
-	$(RM) -f $(BIN) nnn-$(VERSION).tar.gz
+	$(RM) -f $(BIN) nnn-$(VERSION).tar.gz *.sig
 
 skip: ;
 
-.PHONY: all debug install uninstall strip dist clean
+.PHONY: all debug install uninstall strip dist sign clean