Sign node exporter darwin binary with rcodesign (#3008)

* Sign node exporter darwin binary with rcodesign

Prevents SIGKILL issues on macs

Signed-off-by: Alper Polat <gitperr@gmail.com>

* Be explicit about checking for the binary

Co-authored-by: Ben Kochie <superq@gmail.com>
Signed-off-by: Alper Polat <101826653+gitperr@users.noreply.github.com>

* Also attempt to sign darwin-amd64

Signed-off-by: Alper Polat <gitperr@gmail.com>

---------

Signed-off-by: Alper Polat <gitperr@gmail.com>
Signed-off-by: Alper Polat <101826653+gitperr@users.noreply.github.com>
Co-authored-by: Ben Kochie <superq@gmail.com>
This commit is contained in:
Alper Polat 2024-05-02 21:13:10 +03:00 committed by GitHub
parent 5a4e691f35
commit 2ecbe97066
No known key found for this signature in database
GPG key ID: B5690EEEBB952194

View file

@ -49,6 +49,16 @@ jobs:
- run: docker run --privileged linuxkit/binfmt:af88a591f9cc896a52ce596b9cf7ca26a061ef97 - run: docker run --privileged linuxkit/binfmt:af88a591f9cc896a52ce596b9cf7ca26a061ef97
- run: promu crossbuild -v --parallelism $CIRCLE_NODE_TOTAL --parallelism-thread $CIRCLE_NODE_INDEX - run: promu crossbuild -v --parallelism $CIRCLE_NODE_TOTAL --parallelism-thread $CIRCLE_NODE_INDEX
- run: promu --config .promu-cgo.yml crossbuild -v --parallelism $CIRCLE_NODE_TOTAL --parallelism-thread $CIRCLE_NODE_INDEX - run: promu --config .promu-cgo.yml crossbuild -v --parallelism $CIRCLE_NODE_TOTAL --parallelism-thread $CIRCLE_NODE_INDEX
# sign the darwin build so it doesn't get SIGKILLed on start, see: https://github.com/prometheus/node_exporter/issues/2539
- run:
command: |
if [[ -f "$(pwd)/.build/darwin-arm64/node_exporter" ]]; then
promu codesign "$(pwd)/.build/darwin-arm64/node_exporter"
fi
if [[ -f "$(pwd)/.build/darwin-amd64/node_exporter" ]]; then
promu codesign "$(pwd)/.build/darwin-amd64/node_exporter"
fi
- persist_to_workspace: - persist_to_workspace:
root: . root: .
paths: paths: