Skip to content

Commit

Permalink
Sign created DEB and RPM packages (#288)
Browse files Browse the repository at this point in the history 
* Sign created DEB and RPM packages

* Generate test key when verifying release

* Fix apt setup

* Maybe like this?
  • Loading branch information
@martin-helmich
martin-helmich authored Oct 14, 2022
1 parent b15ed00 commit c459c4d
Show file tree
Hide file tree
Showing 3 changed files with 33 additions and 4 deletions.
21 changes: 19 additions & 2 deletions .github/workflows/build.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -91,18 +91,35 @@ jobs:
- name: Validate Goreleaser config
uses: goreleaser/goreleaser-action@v2
with:
version: v1.8.3
version: v1.11.5
args: check

- name: Set current date
id: set_date
run: |
echo "BUILD_DATE=$(date)" >> $GITHUB_ENV
- name: Generate temporary dummy key for signing
run: |
sudo apt-get update
sudo apt-get install -y gnupg
export GNUPGHOME=/tmp
gpg --batch --gen-key <<EOF
%no-protection
Key-Type: default
Key-Length: 2048
Subkey-Type: default
Subkey-Length: 2048
Name-Real: Github Action
Name-Email: [email protected]
Expire-Date: seconds=120
EOF
gpg --export-secret-key --armor [email protected] > /tmp/signing-key
- name: Build Goreleaser snapshot release
uses: goreleaser/goreleaser-action@v2
with:
version: v1.8.3
version: v1.11.5
args: release --rm-dist --skip-publish --snapshot
env:
BUILD_USER: ${{ github.actor }} (via Github Actions)
5 changes: 4 additions & 1 deletion .github/workflows/release.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -39,11 +39,14 @@ jobs:
id: set_date
run: |
echo "BUILD_DATE=$(date)" >> $GITHUB_ENV
- name: Export signing key
run: 'echo "${{ secrets.PKG_SIGNING_KEY }}" > /tmp/signing-key'

- name: Run GoReleaser
uses: goreleaser/goreleaser-action@v2
with:
version: v1.8.3
version: v1.11.5
args: release --rm-dist
env:
BUILD_USER: ${{ github.actor }} (via Github Actions)
Expand Down
11 changes: 10 additions & 1 deletion .goreleaser.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -14,10 +14,12 @@ builds:
-s
-w
-X "github.com/prometheus/common/version.Version={{.Version}}"
{{- if index .Env "GITHUB_REF_NAME" }}
-X "github.com/prometheus/common/version.Branch={{.Env.GITHUB_REF_NAME}}"
-X "github.com/prometheus/common/version.Revision={{.Env.GITHUB_SHA}}"
-X "github.com/prometheus/common/version.BuildUser={{ .Env.BUILD_USER }}"
-X "github.com/prometheus/common/version.BuildDate={{.Env.BUILD_DATE}}"
{{- end }}
checksum:
name_template: 'checksums.txt'
snapshot:
Expand Down Expand Up @@ -130,4 +132,11 @@ nfpms:
dst: /etc/prometheus-nginxlog-exporter.hcl
type: config|noreplace
scripts:
postinstall: res/package/scripts/postinstall.sh
postinstall: res/package/scripts/postinstall.sh
rpm:
signature:
key_file: /tmp/signing-key
deb:
signature:
key_file: /tmp/signing-key
type: origin

0 comments on commit c459c4d

Please sign in to comment.