restore update functionality
siad
and siac
can now be automatically updated (again).
GitHub is used as the update channel. Later, we may add some fallback channels.
Binaries are signed using the developerKey
provided in daemon.go
. All future releases must include signatures for the siad
and siac
binaries. In addition, I will be signing all my commits from now on, and other core devs should as well. I will also be signing the release tags. Since a tag references all the code at a given commit hash, signing it amounts to signing the entire codebase at that time. This provides verification for users who prefer to build from source.
Only .zip releases are supported. We can restore .tar.gz support later, but I don't view it as a high priority.
Releases must be tagged with a "clean" semver, e.g. v1.2.3
. Suffixes such as -beta
will confuse the update code.
siac
is assumed to be located in the same folder as siad
. If siac
is not present, an error will be returned. (This is a limitation of go-update
, which we can subvert if necessary.)
This PR is missing documentation for the update routes.