Use new CentOS 7 Docker container for Linux builds

... in order to add SHA-256 payload digests to the official VirtualGL
RPMS, for FIPS compliance.

- Update README.md to reflect that the official Linux binaries now
  require GLIBC 2.17+ across the board.

- Update rpmsign to use the gpg --passphrase option, which eliminates
  the need to use expect.

- Remove the detailed Linux build environment description from
  README.md.  At this point, the Docker recipe is too complex to
  perfectly describe in plain English, and since the recipe is open
  source, such a description is unnecessary.

Author: dcommander

README.md

@@ -2,7 +2,7 @@ DRC's VirtualGL Build Scripts
 =============================
 
 These scripts are used to build the "official" VirtualGL binaries, which work
-on any Linux platform with GLIBC 2.12 and later, as well as Windows XP and
+on any Linux platform with GLIBC 2.17 and later, as well as Windows XP and
 later and OS X/macOS 10.7 and later.
 
 See **BUILDING.md** in the VirtualGL source for basic build requirements.
@@ -12,57 +12,10 @@ Additional build requirements for these scripts are listed below.
 Build Environment: Linux
 ------------------------
 
-Recommended distro:  Red Hat or CentOS Enterprise Linux 6 x86-64
-
-Install all software necessary to build an i386 and an x86-64 version of
-VirtualGL (both i386 and x86-64 libjpeg-turbo SDKs should be installed in their
-default locations.  Refer to **BUILDING.md** for more information.)
-
-Install a compatible x86-64 Linux hosted/AArch64 Linux target toolchain
-(available at
-<https://developer.arm.com/tools-and-software/open-source-software/developer-tools/gnu-toolchain/gnu-a/downloads>)
-under **/opt/gcc.arm64**.  Note that 9.2-2019.12 is the latest toolchain that
-will run on RHEL 6.
-
-Using `rpm2cpio`, install the following packages from Red Hat or CentOS
-Enterprise Linux 7 AArch64 under **/opt/arm64**:
-
-- glibc
-- glibc-devel
-- libglvnd
-- libglvnd-devel
-- libglvnd-egl
-- libglvnd-glx
-- libglvnd-opengl
-- libstdc++
-- libX11
-- libX11-devel
-- libXau
-- libxcb
-- libxcb-devel
-- libXext
-- libXext-devel
-- libXi
-- libXi-devel
-- libXtst
-- libXtst-devel
-- libXv
-- libXv-devel
-- mesa-khr-devel
-- mesa-libEGL
-- mesa-libEGL-devel
-- mesa-libGL
-- mesa-libGL-devel
-- mesa-libGLU
-- mesa-libGLU-devel
-- xcb-util-keysyms
-- xcb-util-keysyms-devel
-- xorg-x11-proto-devel
-
-Using `rpm2cpio`, install the AArch64 libjpeg-turbo RPM under **/opt/arm64**.
-
-For convenience, a Docker recipe is available at
-<https://github.com/VirtualGL/docker>.
+Recommended distro:  Red Hat or CentOS Enterprise Linux 7 x86-64
+
+Complete Linux build environment requirements are best understood by examining
+the official Docker recipe at <https://github.com/VirtualGL/docker>.
 
 
 Build Environment: OS X/macOS

buildvgl

@@ -239,8 +239,7 @@ if [ $NOSRC = 0 ]; then
 		popd
 		mv $DIR/VirtualGL-$VERSION.src.rpm $OUTDIR/files/
 		if [ -f $SCRIPTDIR/gpgsign ]; then
-			. $SCRIPTDIR/gpgsign
-			expect $SCRIPTDIR/rpmsign "$GPG_KEY_PASS" "$GPG_KEY_NAME" $OUTDIR/files/VirtualGL-$VERSION.src.rpm
+			$SCRIPTDIR/rpmsign $OUTDIR/files/VirtualGL-$VERSION.src.rpm
 			rpm --checksig -v $OUTDIR/files/VirtualGL-$VERSION.src.rpm
 		fi
 	fi

buildvgl.linux

@@ -40,10 +40,9 @@ mv rpmbuild/RPMS/x86_64/VirtualGL-[0-9]*.x86_64.rpm $OUTDIR/files/VirtualGL-$VER
 mv rpmbuild/RPMS/x86_64/VirtualGL-debuginfo-[0-9]*.x86_64.rpm $OUTDIR/files/VirtualGL-debuginfo-$VERSION.x86_64.rpm
 
 if [ -f $SCRIPTDIR/gpgsign ]; then
-	. $SCRIPTDIR/gpgsign
-	expect $SCRIPTDIR/rpmsign "$GPG_KEY_PASS" "$GPG_KEY_NAME" $OUTDIR/files/VirtualGL-$VERSION.x86_64.rpm
+	$SCRIPTDIR/rpmsign $OUTDIR/files/VirtualGL-$VERSION.x86_64.rpm
 	rpm --checksig -v $OUTDIR/files/VirtualGL-$VERSION.x86_64.rpm
-	expect $SCRIPTDIR/rpmsign "$GPG_KEY_PASS" "$GPG_KEY_NAME" $OUTDIR/files/VirtualGL-debuginfo-$VERSION.x86_64.rpm
+	$SCRIPTDIR/rpmsign $OUTDIR/files/VirtualGL-debuginfo-$VERSION.x86_64.rpm
 	rpm --checksig -v $OUTDIR/files/VirtualGL-debuginfo-$VERSION.x86_64.rpm
 fi
 
@@ -57,9 +56,9 @@ mv rpmbuild/RPMS/i386/VirtualGL-[0-9]*.i386.rpm $OUTDIR/files/VirtualGL-$VERSION
 mv rpmbuild/RPMS/i386/VirtualGL-debuginfo-[0-9]*.i386.rpm $OUTDIR/files/VirtualGL-debuginfo-$VERSION.i386.rpm
 
 if [ -f $SCRIPTDIR/gpgsign ]; then
-	expect $SCRIPTDIR/rpmsign "$GPG_KEY_PASS" "$GPG_KEY_NAME" $OUTDIR/files/VirtualGL-$VERSION.i386.rpm
+	$SCRIPTDIR/rpmsign $OUTDIR/files/VirtualGL-$VERSION.i386.rpm
 	rpm --checksig -v $OUTDIR/files/VirtualGL-$VERSION.i386.rpm
-	expect $SCRIPTDIR/rpmsign "$GPG_KEY_PASS" "$GPG_KEY_NAME" $OUTDIR/files/VirtualGL-debuginfo-$VERSION.i386.rpm
+	$SCRIPTDIR/rpmsign $OUTDIR/files/VirtualGL-debuginfo-$VERSION.i386.rpm
 	rpm --checksig -v $OUTDIR/files/VirtualGL-debuginfo-$VERSION.i386.rpm
 fi
 
@@ -79,6 +78,7 @@ make -j$NUMCPUS --load-average=$NUMCPUS
 make deb
 mv virtualgl_[0-9]*_amd64.deb $OUTDIR/files/
 if [ -f $SCRIPTDIR/gpgsign ]; then
+	. $SCRIPTDIR/gpgsign
 	expect $SCRIPTDIR/debsign "$GPG_KEY_PASS" "$GPG_KEY_ID" $OUTDIR/files/virtualgl_[0-9]*_amd64.deb
 fi
 popd
@@ -105,7 +105,7 @@ STRIP=/opt/gcc.arm64/bin/aarch64-none-linux-gnu-strip make rpm
 VERSION=`rpm -q -p VirtualGL-[0-9]*.aarch64.rpm | cut -f2 -d-`
 mv VirtualGL-[0-9]*.aarch64.rpm $OUTDIR/files/VirtualGL-$VERSION.aarch64.rpm
 if [ -f $SCRIPTDIR/gpgsign ]; then
-	expect $SCRIPTDIR/rpmsign "$GPG_KEY_PASS" "$GPG_KEY_NAME" $OUTDIR/files/VirtualGL-$VERSION.aarch64.rpm
+	$SCRIPTDIR/rpmsign $OUTDIR/files/VirtualGL-$VERSION.aarch64.rpm
 	rpm --checksig -v $OUTDIR/files/VirtualGL-$VERSION.aarch64.rpm
 fi
 make deb

rpmsign

@@ -1,16 +1,10 @@
-#!/usr/bin/expect -f
+set -u
+set -e
 
-set password [lindex $argv 0]
-set key [lindex $argv 1]
-set files [lrange $argv 2 2 ]
+SCRIPTDIR=`dirname $0`
 
-spawn rpm --define "%_gpg_name $key" \
-    --define "%__gpg_sign_cmd %{__gpg} gpg --digest-algo sha256 --batch --no-verbose --no-armor --passphrase-fd 3 --no-secmem-warning -u \"%{_gpg_name}\" -sbo %{__signature_filename} %{__plaintext_filename}" \
-    --addsign $files
-expect "Enter pass phrase:"
-send -- "$password\r"
+. $SCRIPTDIR/gpgsign
 
-expect {
-    "Pass phrase check failed"  { exit 1 }
-    eof
-}
+rpm --define "%_gpg_name $GPG_KEY_NAME" \
+    --define "%__gpg_sign_cmd %{__gpg} gpg --digest-algo sha256 --batch --no-verbose --no-armor --passphrase $GPG_KEY_PASS --no-secmem-warning -u \"%{_gpg_name}\" -sbo %{__signature_filename} %{__plaintext_filename}" \
+    --addsign ${1+"$@"}