Skip to content

Commit

Permalink
feat(CLDX-79): add sign-mac-binaries step to sign-binaries task
Browse files Browse the repository at this point in the history 
This commit adds sign-mac-binaries step to the sign-binaries task.

Signed-off-by: Parthey Khanderia <[email protected]>
  • Loading branch information
@pkhander
pkhander committed Oct 16, 2024
1 parent c19c745 commit 486e4e8
Show file tree
Hide file tree
Showing 11 changed files with 471 additions and 78 deletions.
4 changes: 4 additions & 0 deletions tasks/publish-to-cgw/README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -16,6 +16,10 @@ Tekton task to publish content to Red Hat's Developer portal using pubtools-cont
| cgwHostname | The hostname of the content-gateway to publish the metadata to | yes | https://developers.redhat.com/content-gateway/rest/admin |
| cgwSecret | The kubernetes secret to use to authenticate to content-gateway | yes | publish-to-cgw-secret |

## Changes in 0.2.3
* Added logic to handle checksum files
* Fix bug in computing shortUrl

## Changes in 0.2.2
* Update the base image used in this task to provide jsonschema module

Expand Down
34 changes: 30 additions & 4 deletions tasks/publish-to-cgw/publish-to-cgw.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@ kind: Task
metadata:
name: publish-to-cgw
labels:
app.kubernetes.io/version: "0.2.2"
app.kubernetes.io/version: "0.2.3"
annotations:
tekton.dev/pipelines.minVersion: "0.12.1"
tekton.dev/tags: release
Expand Down Expand Up @@ -92,7 +92,6 @@ spec:
# values from DATA_FILE takes presedence over these
default_values_per_component = {
'type': "FILE",
'shortURL': f"/cgw/{productCode}",
"hidden": False,
"invisible": False
}
Expand Down Expand Up @@ -131,17 +130,44 @@ spec:
'productCode': productCode,
'productVersionName': productVersionName,
'downloadURL': generate_download_url(file),
'shortURL': f"/cgw/{productCode}/{file}",
'label': file,
})
del component['name']
default_values_per_component['shortURL'] += f"/{file}"
metadata.append({
'type': 'file',
'action': 'create',
'metadata': {**default_values_per_component, **component}
})
else:
print(f"Skipping file: {file} as it does not start with any component name")
if file.startswith('sha256'):
if file.endswith(".gpg"):
label = "Checksum - GPG"
elif file.endswith(".sig"):
label = "Checksum - Signature"
elif file.endswith(".txt"):
label = "Checksum"
metadata.append({
'type': 'file',
'action': 'create',
'metadata': {
'productName': productName,
'productCode': productCode,
'productVersionName': productVersionName,
'downloadURL': generate_download_url(file),
'shortURL': f"/cgw/{productCode}/{file}",
'label': label,
**default_values_per_component
}
})
else:
# Skip files that do not start with any component name or
# sha256
print(f"Skipping file: {file} as it does not start with any \
component name")
continue
return metadata
Expand Down
2 changes: 1 addition & 1 deletion tasks/publish-to-cgw/tests/test-publish-to-cgw.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -78,7 +78,7 @@ spec:
- name: dataPath
value: "data.json"
- name: contentDir
value: "contentDir"
value: "$(workspaces.data.path)/contentDir"
- name: cgwSecret
value: "test-publish-to-cgw-secret"
workspaces:
Expand Down
6 changes: 6 additions & 0 deletions tasks/sign-binaries/README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -23,6 +23,12 @@ Tekton task to sign windows and mac binaries before they are pushed to the Red H
| pipelineRunUid | Unique ID of the pipelineRun | No | |


## Changes in 2.1.0
* Added sign-mac-binaries step
* Added push-unsigned-using-oras step
* Added a new task result named 'binaries_path' that can be utilized by subsequent tasks.
* Fix sign-windows-binaries step

## Changes in 2.0.0
* Add checksum signing step

Expand Down
Loading

0 comments on commit 486e4e8

Please sign in to comment.