Thanks for trying to build!

But you built the wrong branch (version shows as 0.9.99 instead of 0.9.0)
Please build the appropriate 0.9.0rc2 version by specifying a tag, according to the release process ( https://github.com/bitcoin/bitcoin/blob/master/doc/release-process.md )

Welcome! It's great to see new people helping out with gitian builds. In addition to what @laanwj mentioned above about this being for the wrong version, I was unable to find your public key to verify the signature. Is this a new GPG key? Have you pushed it to keyservers? pgp.mit.edu seems not to have it:

C:\Users\Micha\Bitcoin Fork\gitian.sigs\0.9.0rc2\int03h>gpg --verify bitcoin-bui
ld.assert.sig
gpg: Signature made 03/09/14 00:42:41 Jerusalem Standard Time using RSA key ID B
A008A58
gpg: Can't check signature: No public key

C:\Users\Micha\Bitcoin Fork\gitian.sigs\0.9.0rc2\int03h>gpg --keyserver pgp.mit.
edu --recv-keys BA008A58
gpg: requesting key BA008A58 from hkp server pgp.mit.edu
gpg: no valid OpenPGP data found.
gpg: Total number processed: 0

You can remedy this easily enough -- to publish your key to keyservers, simply use this command: gpg --send-keys BA008A58.

If you have a default keyserver configured, as is the case by default on some systems, this will automatically upload the key to it. If not, you'll need to specify a server to upload to. For example: gpg --keyserver pgp.mit.edu --send-keys BA008A58

You generally only need to send your key to one keyserver, as they sync from each other regularly, but if you want, you could send to multiple servers to speed the process up. Some other servers are keyserver.ubuntu.com, keys.gnupg.net, and pool.sks-keyservers.net.

Thanks guys. Forgive my fail - this thing has alot of moving parts and my dev skills are very very very rusty. I'll work on the issues and try again.

For reference (not to excuse my obvious lack of skillz ) .. I did a wget on the rc2 tag ( since I was scared of Git and wanted to make sure I was on absolutely the right codebase ) https://github.com/bitcoin/bitcoin/archive/v0.9.0rc2.zip .. why would that give the wrong version ?

I was not sure what I was doing in terms of ssh-key (for git) and gpg keys and if they meet in the middle somewhere, AND the fact that removing gpg keys from any of the servers is impossible. I did not push it up to any key server and then have to try revoking etc. Now that I have some clue I will publish the keys I have already generated. The next build will be in the public key store. ( it should be permanent from here on out ).

Thanks for you help and kind welcomes. I hope I can add value at some stage ;).

GPG and SSH keys are completely separate. I don't know how it works in terms of tags and Github's tarballs of them, but the best way to get it is:

git clone https://github.com/bitcoin/bitcoin
cd bitcoin
git checkout v0.9.0rc2

I'm sorry, I messed up. Where you get the bitcoin source code from doesn't affect what gets used by the build. The only file used by the build from there is the descriptor file. What affects what you build with is what you pass to the gbuild script. You want to be running the gbuild script with the argument --commit bitcoin=v0.9.0rc2.

roger! I see that now. I think I might have hacked that piece out because I couldn't set the environment variables right .. I realized the release-process doc has brackets which I mistakenly kept. I am using a shell script now that works more reliably. I know it seems obvious but it happened .. :) the errors the build throws out don't give any hint that I set the parms wrong.

export SIGNER=(your gitian key, ie bluematt, sipa, etc) # Became (int03h) instead of just int03h ..
export VERSION=(new version, e.g. 0.8.0) #same .. (0.9.0rc2) instead of 0.9.0rc2
pushd ./bitcoin
git checkout v${VERSION}

Building again now. I'll try again when its done.

Commenting to make sure you guys see it. Please take a look and pull it apart if you don't mind. Keys and such should be as before. the email is not valid (not that I am scared - but still - obfuscated on porpoise).. not sure if that is a problem ?

When I get to a computer I'll take a look. By the way, you may want to squash down your commits, as the older signature files aren't needed. You can do that by running git rebase -i HEAD~2, and changing pick to squash in front of your original commit.

Note that once you've done that, you'll need to use git push --force -- git is wary when you rewrite history. (I wish the mobile interface could edit comments...)

If I'm not mistaken you could also do it with git reset --soft HEAD~1; git add <files>; git commit --amend, if that's easier for you.

I did both now. hopefully that pushes up the right stuff.

Uh, you did both? No, that's bad. It should have been one or the other -- if you did both, you did the operation twice. In other words, you first squashed your two commits down into one, and then you squashed that one commit down into my commit with my sigs. Other than that, though, looks good -- the hashes match, and the GPG signatures verify.

blush. I feel so dumb. let me try again. Sorry.

No problem. What I would do is this: copy your bitcoin-build.assert[.sig] files somewhere safe outside the git directory, then get your repo back in sync with the main one:

git reset --hard HEAD~1 #This will delete my sigs and yours, and the most recent commit will be Gavin's, if I'm not mistaken
git remote add upstream https://github.com/bitcoin/gitian.sigs #add "upstream" as a name for the main repo
git fetch upstream
git merge upstream/master #should bring your copy up to date, with my commit. It should say it's fast-forwarding, if not there's something wrong.

Then, bring your files back in, and commit them as usual (add, commit). Then you should be able to push (gain with --force)

OK .. I think that is it now ? Thanks soo much for your patience and help.

I'm not exactly sure how you got to this state... It looks like there's some weirdness with the history. Github says there's another commit with a message about my sigs, and looking at the history in gitk, there's something odd going on. The history for https://github.com/bitcoin/gitian.sigs looks like this: , while yours looks like this: . I don't know enough about git to know what's going on here or how it could be fixed... Hopefully someone else does.

I tried to fix this ... gave up. Deleted fork and deleted any work on rc2.

RC3 is clean and should be right now. Closing.