feat: sign released binaries
Some checks reported warnings
Cadoles/go-http-peering/pipeline/head This commit is unstable
Some checks reported warnings
Cadoles/go-http-peering/pipeline/head This commit is unstable
This commit is contained in:
parent
891cfa7540
commit
958652ddba
3
.env.dist
Normal file
3
.env.dist
Normal file
@ -0,0 +1,3 @@
|
|||||||
|
GPG_SIGNING_KEY=
|
||||||
|
GPG_SIGNING_PASSPHRASE=
|
||||||
|
ARCH_TARGETS='amd64 arm arm64'
|
5
.gitignore
vendored
5
.gitignore
vendored
@ -3,4 +3,7 @@
|
|||||||
/bin
|
/bin
|
||||||
/testdata
|
/testdata
|
||||||
/release
|
/release
|
||||||
/out
|
/out
|
||||||
|
/.mktools
|
||||||
|
/tools
|
||||||
|
/.env
|
13
Jenkinsfile
vendored
13
Jenkinsfile
vendored
@ -25,19 +25,6 @@ pipeline {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
stage('Release') {
|
|
||||||
steps {
|
|
||||||
script {
|
|
||||||
sh 'make tidy'
|
|
||||||
sh 'ARCH_TARGETS="amd64 arm arm64 mipsle" make release'
|
|
||||||
|
|
||||||
def attachments = sh(returnStdout: true, script: 'find release -maxdepth 1 -type f').split(' ')
|
|
||||||
gitea.release('forge-jenkins', 'Cadoles', 'go-http-peering', [
|
|
||||||
'attachments': attachments
|
|
||||||
])
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
post {
|
post {
|
||||||
|
33
Makefile
33
Makefile
@ -1,3 +1,5 @@
|
|||||||
|
SHELL := /bin/bash
|
||||||
|
|
||||||
test:
|
test:
|
||||||
go clean -testcache
|
go clean -testcache
|
||||||
go test -cover -v ./...
|
go test -cover -v ./...
|
||||||
@ -5,8 +7,11 @@ test:
|
|||||||
watch:
|
watch:
|
||||||
go run -mod=readonly github.com/cortesi/modd/cmd/modd@latest
|
go run -mod=readonly github.com/cortesi/modd/cmd/modd@latest
|
||||||
|
|
||||||
release:
|
release: tidy .env
|
||||||
script/release
|
( set -o allexport && source .env && set +o allexport && script/release )
|
||||||
|
|
||||||
|
.env:
|
||||||
|
cp .env.dist .env
|
||||||
|
|
||||||
tidy:
|
tidy:
|
||||||
go mod tidy
|
go mod tidy
|
||||||
@ -17,4 +22,26 @@ lint:
|
|||||||
bin/keygen:
|
bin/keygen:
|
||||||
CGO_ENABLED=0 go build -o bin/keygen ./cmd/keygen
|
CGO_ENABLED=0 go build -o bin/keygen ./cmd/keygen
|
||||||
|
|
||||||
.PHONY: test lint doc sequence-diagram bin/keygen release
|
.PHONY: test lint doc sequence-diagram bin/keygen release
|
||||||
|
|
||||||
|
gitea-release: .mktools tools/gitea-release/bin/gitea-release.sh release
|
||||||
|
GITEA_RELEASE_PROJECT="go-http-peering" \
|
||||||
|
GITEA_RELEASE_ORG="Cadoles" \
|
||||||
|
GITEA_RELEASE_BASE_URL="https://forge.cadoles.com" \
|
||||||
|
GITEA_RELEASE_VERSION="$(MKT_PROJECT_VERSION)" \
|
||||||
|
GITEA_RELEASE_NAME="$(MKT_PROJECT_VERSION)" \
|
||||||
|
GITEA_RELEASE_COMMITISH_TARGET="$(GIT_VERSION)" \
|
||||||
|
GITEA_RELEASE_IS_DRAFT="false" \
|
||||||
|
GITEA_RELEASE_BODY="" \
|
||||||
|
GITEA_RELEASE_ATTACHMENTS="$$(find release -type f -name '*.tar.gz')" \
|
||||||
|
tools/gitea-release/bin/gitea-release.sh
|
||||||
|
|
||||||
|
.PHONY: mktools
|
||||||
|
mktools:
|
||||||
|
rm -rf .mktools
|
||||||
|
curl -k -q https://forge.cadoles.com/Cadoles/mktools/raw/branch/master/install.sh | $(SHELL)
|
||||||
|
|
||||||
|
.mktools:
|
||||||
|
$(MAKE) mktools
|
||||||
|
|
||||||
|
-include .mktools/*.mk
|
@ -37,6 +37,10 @@ function build {
|
|||||||
upx --best "$destdir/$name"
|
upx --best "$destdir/$name"
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
if [ ! -z "${GPG_SIGNING_KEY}" ]; then
|
||||||
|
echo "signing '$destdir/$name' with gpg key '$GPG_SIGNING_KEY'..."
|
||||||
|
echo $GPG_SIGNING_PASSPHRASE | gpg --pinentry-mode loopback --passphrase-fd 0 --sign --default-key "${GPG_SIGNING_KEY}" --output "$destdir/$name.sig" "$destdir/$name"
|
||||||
|
fi
|
||||||
}
|
}
|
||||||
|
|
||||||
function copy {
|
function copy {
|
||||||
|
Loading…
Reference in New Issue
Block a user