sign checksum file #95

2024-08-16 12:10:31 +03:00 · 2021-06-20 18:46:09 -05:00 · 2021-06-20 18:46:09 -05:00 · e4385240d4
commit e4385240d4
parent 4fce9c412b
3 changed files with 11 additions and 1 deletions
--- a/.gitignore
+++ b/.gitignore
@ -6,3 +6,4 @@ dist/
 docker-compose-private.yml
 .vscode
 .idea
+*.gpg
--- a/.goreleaser.yml
+++ b/.goreleaser.yml
@ -1,3 +1,6 @@
+signs:
+  - artifacts: checksum
+
 builds:
  - env:
      - CGO_ENABLED=0
--- a/Dockerfile.artifacts
+++ b/Dockerfile.artifacts
@ -3,7 +3,12 @@ FROM goreleaser/goreleaser as build
 WORKDIR /build
 ADD . /build

-RUN goreleaser --snapshot --skip-publish --rm-dist
+RUN apk add -u gnupg
+
+RUN \
+    export GNUPGHOME="$PWD/releaser-gpg" && export GNUPGHOME && mkdir -p "$GNUPGHOME" && chmod 0700 "$GNUPGHOME" && \
+    cat reproxy.signing-key.gpg | gpg --batch --allow-secret-key-import --import && \
+    goreleaser --snapshot --skip-publish --rm-dist

 FROM alpine
 COPY --from=build /build/dist/ /dist/
@ -12,6 +17,7 @@ RUN \
    cp /dist/*.gz /artifacts/ && \
    cp /dist/*.zip /artifacts/ && \
    cp /dist/*.txt /artifacts/ && \
+    cp /dist/*.sig /artifacts/ && \
    cp /dist/*.rpm /artifacts/ && \
    cp /dist/*.deb /artifacts/ && \
    ls -la /artifacts/*