CL-Softwares
/
telegraf
8
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

fix: update release workflow (#13141) 

* fix: correct spelling of "fingerprints".

* chore: generate DIGESTS files and ignore hidden dmg files
This commit is contained in:
Brandon Pfeifer 2023-04-25 11:30:43 -04:00 committed by GitHub
parent 74ea83925c
commit 9895f467d4
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 38 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

48
.circleci/config.yml
View File

@ -388,11 +388,15 @@ jobs:
command: | command: |
aws s3 sync /build/dist s3://dl.influxdata.com/telegraf/releases/ \ aws s3 sync /build/dist s3://dl.influxdata.com/telegraf/releases/ \
--exclude "*" \ --exclude "*" \
--include "*.deb" \ --include "telegraf*.DIGESTS" \
--include "*.rpm" \ --include "telegraf*.digests" \
--include "*.tar.gz" \ --include "telegraf*.asc" \
--include "*.zip" \ --include "telegraf*.deb" \
--include "*.asc" \ --include "telegraf*.dmg" \
--include "telegraf*.rpm" \
--include "telegraf*.tar.gz" \
--include "telegraf*.zip" \
--dryrun \
--acl public-read --acl public-read
docker-nightly: docker-nightly:
machine: machine:
@ -496,7 +500,7 @@ jobs:
PR=${CIRCLE_PULL_REQUEST##*/} PR=${CIRCLE_PULL_REQUEST##*/}
printf -v payload '{ "pullRequestNumber": "%s" }' "$PR" printf -v payload '{ "pullRequestNumber": "%s" }' "$PR"
curl -X POST "https://182c7jdgog.execute-api.us-east-1.amazonaws.com/prod/shareArtifacts" --data "$payload" curl -X POST "https://182c7jdgog.execute-api.us-east-1.amazonaws.com/prod/shareArtifacts" --data "$payload"
package-sign-linux: package-sign:
circleci_ip_ranges: true circleci_ip_ranges: true
docker: docker:
- image: quay.io/influxdb/rsign:latest - image: quay.io/influxdb/rsign:latest
@ -510,18 +514,40 @@ jobs:
- attach_workspace: - attach_workspace:
at: . at: .
- run: | - run: |
for target in ./dist/* cd dist
# Generate the *.DIGESTS files. This must be done before the signing
# step so that the *.DIGEST files are also signed.
for target in *
do
sha256sum "${target}" > "${target}.DIGESTS"
done
for target in *
do do
case "${target}" case "${target}"
in in
# rsign is shipped on Alpine Linux which uses "busybox ash" instead # rsign is shipped on Alpine Linux which uses "busybox ash" instead
# of bash. ash is somewhat more posix compliant and is missing some # of bash. ash is somewhat more posix compliant and is missing some
# extensions and niceties from bash. # extensions and niceties from bash.
*.deb|*.rpm|*.tar.gz|*.zip) *.deb|*.dmg|*.rpm|*.tar.gz|*.zip|*.DIGESTS)
rsign "${target}" rsign "${target}"
;; ;;
esac esac
done done
for target in *
do
case "${target}"
in
*.deb|*.dmg|*.rpm|*.tar.gz|*.zip)
# Combine the metadata from the *.DIGESTS and *.asc files into one
# listing. Since the gpg signature contains multiple lines which
# must be preserved, it is base64 encoded.
printf '%s %s %s\n' "${target}" "$(awk '{ print $1 }' "${target}.DIGESTS")" "$(base64 -w 0 <"${target}.asc")" >>"telegraf-${CIRCLE_TAG}-digests"
;;
esac
done
- persist_to_workspace: - persist_to_workspace:
root: ./ root: ./
paths: paths:
@ -703,7 +729,7 @@ workflows:
only: /.*/ only: /.*/
branches: branches:
ignore: /.*/ ignore: /.*/
- 'package-sign-linux': - 'package-sign':
requires: requires:
- 'i386-package' - 'i386-package'
- 'ppc64le-package' - 'ppc64le-package'
@ -715,6 +741,8 @@ workflows:
- 'mips-package' - 'mips-package'
- 'arm64-package' - 'arm64-package'
- 'armhf-package' - 'armhf-package'
- 'package-sign-mac'
- 'package-sign-windows'
filters: filters:
tags: tags:
only: /.*/ only: /.*/
@ -734,7 +762,7 @@ workflows:
- 'riscv64-package' - 'riscv64-package'
- 'package-sign-mac' - 'package-sign-mac'
- 'package-sign-windows' - 'package-sign-windows'
- 'package-sign-linux' - 'package-sign'
filters: filters:
tags: tags:
only: /.*/ only: /.*/