Daniel Holth  committed 957ed03

automatically sign wheel files if WHEEL_TOOL environment variable is present

  • Participants
  • Parent commits 161f6a1

Comments (0)

Files changed (3)

File docs/index.rst

 py33, py32. Second, choose the multi-wheel with the smallest arity. If
 all else fails, rebuild from source.
+Automatically sign wheel files
+`bdist_wheel` will automatically sign wheel files if the environment variable
+`WHEEL_TOOL` is set to the path of the `wheel` command line tool::
+	# Install the wheel tool and its dependencies
+	$ pip install wheel[tool]
+	# Generate a signing key (only once)
+	$ wheel keygen
+	$ export WHEEL_TOOL=/path/to/wheel	
+	$ python bdist_wheel
+Signing is done in a subprocess because it is not convenient for 
+the build environment to contain bindings to the keyring and 
+cryptography libraries.
 Signed wheel files
 CHANGES =, 'CHANGES.txt'), encoding='utf8').read()
-      version='0.9.1',
+      version='0.9.2',
       description='A built-package format for Python.',
       long_description=README + '\n\n' +  CHANGES,
       packages=['wheel', 'wheel.test', 'wheel.tool'],
       install_requires=['distribute>=0.6.28', 'markerlib'],
       extras_require={'signatures': ['ed25519ll'], 
-                      'tool': ['baker', 'keyring', 'dirspec']},
+                      'tool': ['baker', 'keyring', 'dirspec', 'ed25519ll']},
       test_suite = 'nose.collector',

File wheel/

 import hashlib
 import os
 import sys
+import subprocess
     import sysconfig
         if not os.path.exists(self.dist_dir):
         wheel_name = archive_wheelfile(pseudoinstall_root, archive_root)
+        # Sign the archive
+        if 'WHEEL_TOOL' in os.environ:
+  [os.environ['WHEEL_TOOL'], 'sign', wheel_name])
         # Add to 'Distribution.dist_files' so that the "upload" command works
         getattr(self.distribution, 'dist_files', []).append(