furtka/scripts/build-release-tarball.sh

#!/usr/bin/env bash
# Build a Furtka release tarball + sha256 sidecar + release.json metadata.
#
# Usage: ./scripts/build-release-tarball.sh <version>
#
# Produces (in ./dist/):
#   furtka-<version>.tar.gz           contents extract to /opt/furtka/versions/<version>/
#   furtka-<version>.tar.gz.sha256    single-line sha256 (<hash>  <name>)
#   release.json                      {"version","sha256","size","created_at"}
#
# The tarball shape matches what iso/build.sh ships in the live ISO: a
# VERSION file at the root, plus furtka/ and apps/ trees. Self-update on a
# running box downloads this tarball, verifies the sha256, stages to
# /opt/furtka/versions/<version>/, and flips /opt/furtka/current to it.
set -euo pipefail

VERSION="${1:?usage: $0 <version>}"
REPO_ROOT="$(cd "$(dirname "${BASH_SOURCE[0]}")/.." && pwd)"
DIST_DIR="$REPO_ROOT/dist"

STAGE="$(mktemp -d)"
trap 'rm -rf "$STAGE"' EXIT

cp -a "$REPO_ROOT/furtka" "$STAGE/"
cp -a "$REPO_ROOT/apps" "$STAGE/"
find "$STAGE" -type d -name __pycache__ -exec rm -rf {} +
echo "$VERSION" > "$STAGE/VERSION"

mkdir -p "$DIST_DIR"
TARBALL="$DIST_DIR/furtka-$VERSION.tar.gz"
tar -czf "$TARBALL" -C "$STAGE" .

SHA=$(sha256sum "$TARBALL" | awk '{print $1}')
SIZE=$(stat -c%s "$TARBALL")

printf '%s  %s\n' "$SHA" "$(basename "$TARBALL")" > "$TARBALL.sha256"

cat > "$DIST_DIR/release.json" <<EOF
{
  "version": "$VERSION",
  "sha256": "$SHA",
  "size": $SIZE,
  "created_at": "$(date -Iseconds)"
}
EOF

echo "Built $TARBALL"
echo "  sha256: $SHA"
echo "  size:   $SIZE bytes"