mirror of
https://github.com/JanDeDobbeleer/oh-my-posh.git
synced 2024-09-19 13:07:31 -07:00
chore(build): sign checksums with openssl
This commit is contained in:
parent
df4a81e2f6
commit
ad9a598edd
15
.github/workflows/release.yml
vendored
15
.github/workflows/release.yml
vendored
|
@ -34,7 +34,7 @@ jobs:
|
|||
if: ${{ needs.changelog.outputs.skipped == 'false' }}
|
||||
runs-on: ubuntu-latest
|
||||
env:
|
||||
COSIGN_KEY_LOCATION: "/tmp/cosign.key"
|
||||
SIGNING_KEY_LOCATION: "/tmp/private_key.pem"
|
||||
defaults:
|
||||
run:
|
||||
shell: pwsh
|
||||
|
@ -49,25 +49,19 @@ jobs:
|
|||
git config --global user.name "GitHub Actions"
|
||||
git config --global user.email "41898282+github-actions[bot]@users.noreply.github.com"
|
||||
git tag ${{ needs.changelog.outputs.tag }}
|
||||
- name: Install cosign 🔑
|
||||
uses: sigstore/cosign-installer@59acb6260d9c0ba8f4a2f9d9b48431a222b68e20
|
||||
with:
|
||||
cosign-release: 'v1.4.0'
|
||||
- name: Private Key 🔐
|
||||
run: |
|
||||
$PSDefaultParameterValues['Out-File:Encoding']='UTF8'
|
||||
$env:COSIGN_KEY > $env:COSIGN_KEY_LOCATION
|
||||
$env:SIGNING_KEY > $env:SIGNING_KEY_LOCATION
|
||||
env:
|
||||
COSIGN_KEY: ${{secrets.COSIGN_KEY}}
|
||||
SIGNING_KEY: ${{secrets.SIGNING_KEY}}
|
||||
- name: Run GoReleaser 🚀
|
||||
uses: goreleaser/goreleaser-action@286f3b13b1b49da4ac219696163fb8c1c93e1200
|
||||
with:
|
||||
distribution: goreleaser
|
||||
version: latest
|
||||
args: build --clean
|
||||
args: release --clean --skip publish
|
||||
workdir: src
|
||||
env:
|
||||
COSIGN_PASSWORD: ${{ secrets.COSIGN_PASSWORD }}
|
||||
- name: Zip theme files 🤐
|
||||
run: |
|
||||
$compress = @{
|
||||
|
@ -94,3 +88,4 @@ jobs:
|
|||
files: |
|
||||
src/dist/posh-*
|
||||
src/dist/themes.*
|
||||
src/dist/checksums.txt
|
||||
|
|
1
.gitignore
vendored
1
.gitignore
vendored
|
@ -2,6 +2,7 @@
|
|||
|
||||
.fleet/
|
||||
src/test/umbraco/obj/
|
||||
src/keys
|
||||
|
||||
# Created by https://www.toptal.com/developers/gitignore/api/node,go,visualstudiocode
|
||||
# Edit at https://www.toptal.com/developers/gitignore?templates=node,go,visualstudiocode
|
||||
|
|
|
@ -1,4 +0,0 @@
|
|||
-----BEGIN PUBLIC KEY-----
|
||||
MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEnLQ9sj71/ignxPXEa072vezEZf5D
|
||||
X1fO3KuoFCtzYTLc/c3rwVGtIdzc02qUoXABysJ0Ok8lsmWvwKvC7yWblg==
|
||||
-----END PUBLIC KEY-----
|
|
@ -37,14 +37,15 @@ builds:
|
|||
goarch: arm
|
||||
- goos: windows
|
||||
goarch: arm
|
||||
hooks:
|
||||
post:
|
||||
- sh -c "cosign sign-blob --key $COSIGN_KEY_LOCATION {{ .Path }} > dist/{{ .Name }}.sig"
|
||||
archives:
|
||||
- id: oh-my-posh
|
||||
format: binary
|
||||
name_template: "posh-{{ .Os }}-{{ .Arch }}"
|
||||
checksum:
|
||||
name_template: 'checksums.txt'
|
||||
signs:
|
||||
- cmd: openssl
|
||||
args: [ "dgst", "-sha256", "-sign", "{{ .Env.SIGNING_KEY_LOCATION }}", "-out", "${artifact}.sig", "${artifact}" ]
|
||||
artifacts: checksum
|
||||
changelog:
|
||||
disable: true
|
||||
|
|
Loading…
Reference in a new issue