Skip to content

Commit

Permalink
feat: sign pulumi binaries with cosign
Browse files Browse the repository at this point in the history
  • Loading branch information
@dirien
dirien committed Nov 9, 2022
1 parent ee36f1a commit 9fa8c0a
Showing 1 changed file with 4 additions and 4 deletions.
8 changes: 4 additions & 4 deletions .github/workflows/ci-prepare-release.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -69,23 +69,22 @@ jobs:
- name: Flatten artifact directories
run: |
mkdir -p ./artifacts
mkdir -p ./sums.tmp
mv ./artifacts.tmp/artifacts-*/* ./artifacts
# Each of these commands strips the ./ prefix to match existing (<=3.39) formatting.
- name: Checksums with SHA256
working-directory: artifacts
env:
version: ${{ inputs.version }}
run: sha256sum ./pulumi-*.{tar.gz,zip} | sed 's/.\///' | tee "../sums.tmp/pulumi-${version}-checksums.txt"
run: sha256sum ./pulumi-*.{tar.gz,zip} | sed 's/.\///' | tee "../artifacts/pulumi-${version}-checksums.txt"

- name: Checksums with BLAKE3
working-directory: artifacts
run: b3sum ./* | sed 's/.\///' | tee ../sums.tmp/B3SUMS
run: b3sum ./* | sed 's/.\///' | tee ../artifacts/B3SUMS

- name: Checksums with SHA512
working-directory: artifacts
run: sha512sum ./* | sed 's/.\///' | tee ../sums.tmp/SHA512SUMS
run: sha512sum ./* | sed 's/.\///' | tee ../artifacts/SHA512SUMS

- name: Sign binaries and checksums
working-directory: artifacts
Expand Down Expand Up @@ -150,6 +149,7 @@ jobs:
- name: Flatten artifact directories
run: |
mkdir -p ./artifacts
ls -la ./artifacts.tmp
mv ./artifacts.tmp/artifacts-*/* ./artifacts
mv ./artifacts.tmp/artifacts-signatures/* ./artifacts
- uses: ncipollo/release-action@3d2de22e3d0beab188d8129c27f103d8e91bf13a
Expand Down

0 comments on commit 9fa8c0a

Please sign in to comment.