build: sign tarball instead of sha256sum

Adam Majer pointed out in [1] the way were signing releases was unusual. Neither Carl nor I could think of a good reason for explicitely signing the checksum (internally of course that's what GPG is going anyway). [1] mid:b3fd556d-c346-7af9-a7a2-13b0f3235071@suse.de
author: David Bremner <david@tethera.net> 2019-02-12 22:17:03 -0400
committer: David Bremner <david@tethera.net> 2019-03-11 22:28:11 -0300
commit: b8a8dbed91d16299a8768646fb6f18181f31ec40 (patch)
tree: 2fa8b456b684dd26708dd42960f323def3b9e403 /Makefile.local
parent: 152b6cac5d496aaad816d20d7b2286e9ac73207d (diff)
1 files changed, 2 insertions, 2 deletions
diff --git a/Makefile.local b/Makefile.local
index 82145e1b..01ba49cc 100644
--- a/Makefile.local
+++ b/Makefile.local
@@ -42,8 +42,8 @@ $(TAR_FILE):
 $(SHA256_FILE): $(TAR_FILE)
 	sha256sum $^ > $@
 
-$(GPG_FILE): $(SHA256_FILE)
-	gpg --armor --sign $^
+$(GPG_FILE): $(TAR_FILE)
+	gpg --armor --detach-sign $^
 
 .PHONY: dist
 dist: $(TAR_FILE)
author	David Bremner <david@tethera.net>	2019-02-12 22:17:03 -0400
committer	David Bremner <david@tethera.net>	2019-03-11 22:28:11 -0300
commit	b8a8dbed91d16299a8768646fb6f18181f31ec40 (patch)
tree	2fa8b456b684dd26708dd42960f323def3b9e403 /Makefile.local
parent	152b6cac5d496aaad816d20d7b2286e9ac73207d (diff)