falco/scripts/publish-bin
Luca Guerra b5461e11a7 new(ci): sign .tar.gz packages
Signed-off-by: Luca Guerra <luca@guerra.sh>
2024-05-17 10:17:56 +02:00

54 lines
1.4 KiB
Bash
Executable File

#!/usr/bin/env bash
set -e
usage() {
echo "usage: $0 -f <package.tar.gz> -r <bin|bin-dev> -a <arch>"
exit 1
}
# parse options
while getopts ":f::r::a:" opt; do
case "${opt}" in
f )
file=${OPTARG}
;;
r )
repo="${OPTARG}"
[[ "${repo}" == "bin" || "${repo}" == "bin-dev" ]] || usage
;;
a )
arch=${OPTARG}
;;
: )
echo "invalid option: ${OPTARG} requires an argument" 1>&2
exit 1
;;
\?)
echo "invalid option: ${OPTARG}" 1>&2
exit 1
;;
esac
done
shift $((OPTIND-1))
if [ -z "${file}" ] || [ -z "${repo}" ] || [ -z "${arch}" ]; then
usage
fi
# settings
s3_bucket_repo="s3://falco-distribution/packages/${repo}/${arch}"
cloudfront_path="/packages/${repo}/${arch}"
# sign
gpg --detach-sign --digest-algo SHA256 --armor ${file}
# publish
package=$(basename -- ${file})
echo "Publishing ${package} to ${s3_bucket_repo}..."
aws s3 cp ${file} ${s3_bucket_repo}/${package} --acl public-read
aws s3 cp ${file}.asc ${s3_bucket_repo}/${package}.asc --acl public-read
aws cloudfront create-invalidation --distribution-id ${AWS_CLOUDFRONT_DIST_ID} --paths ${cloudfront_path}/${package}
aws cloudfront create-invalidation --distribution-id ${AWS_CLOUDFRONT_DIST_ID} --paths ${cloudfront_path}/${package}.asc