abuild-sign: use mktemp for temp files. add -q option for quiet

abuild-sign.in

@@ -22,11 +22,11 @@ die() {
 
 usage() {
 	echo "abuild-sign $abuild_ver"
-	echo "usage: abuild-sign [-h] [-k PRIVKEY] [-p PUBKEY] INDEXFILE..."
+	echo "usage: abuild-sign [-hq] [-k PRIVKEY] [-p PUBKEY] INDEXFILE..."
 	echo "options:"
-	echo " -h Show this help"
+	echo " -h  Show this help"
-	echo " -k The private key to use for signing"
+	echo " -k  The private key to use for signing"
-	echo " -p The name of public key. apk add will look for /etc/apk/keys/PUBKEY"
+	echo " -p  The name of public key. apk add will look for /etc/apk/keys/PUBKEY"
 	exit 1
 }
 
@@ -38,11 +38,12 @@ usage() {
 
 privkey="$PACKAGER_PRIVKEY"
 
-while getopts "hk:p:" opt; do
+while getopts "hk:p:q" opt; do
 	case $opt in
 	h) usage;;
 	k) privkey=$OPTARG;;
 	p) pubkey=$OPTARG;;
+	q) quiet=yes;;
 	esac
 done
 shift $(( $OPTIND - 1))
@@ -51,6 +52,7 @@ if [ -z "$privkey" ]; then
 	echo "No private key found. Use 'abuild-keygen' to generate the keys"
 	echo "Then you can either:"
 	echo " 1. set the PACKAGER_PRIVKEY in $abuild_userconf"
+	echo "    (Note that 'abuild-keygen -a' does this for you)"
 	echo " 2. set the PACKAGER_PRIVKEY in $abuild_conf"
 	echo " 3. specify the key with the -k option"
 	echo ""
@@ -72,9 +74,15 @@ for f in "$@"; do
 	sig=".SIGN.RSA.$keyname"
 	openssl dgst -sha1 -sign "$privkey" -out "$sig" "$i" || die "Failed to sign $i"
 	cd "$repo"
-	tar -c "$sig" | abuild-tar --cut | gzip -9 > signature.tar.gz
+	tmptargz=$(mktemp)
-	cat signature.tar.gz "$i" > "$i.new"
+	tar -c "$sig" | abuild-tar --cut | gzip -9 > "$tmptargz"
-	mv "$i.new" "$i"
+	tmpsigned=$(mktemp)
-	echo "Signed $i"
+	cat "$tmptargz" "$i" > "$tmpsigned"
+	rm -f "$tmptargz"
+	mv "$tmpsigned" "$i"
+	if [ -z "$quiet" ]; then
+		echo "Signed $i"
+	fi
 done
 
+exit 0