mirror of
https://github.com/cargo-bins/cargo-binstall.git
synced 2025-04-22 05:28:42 +00:00
5d4333d5c8
* Fix build again * Recommend (r)age over minisign password * Dry-run the entire release process * Reorg a bit so dry-run works * Fix secret name * Add check on age key * Pass secrets down * Use a cross-platform "date" * Delete signing key artifact to be extra safe * Last little bits
21 lines
539 B
Bash
Executable file
21 lines
539 B
Bash
Executable file
#!/usr/bin/env bash
|
|
|
|
set -euo pipefail
|
|
|
|
[[ -z "$AGE_KEY_SECRET" ]] && { echo "!!! Empty age key secret !!!"; exit 1; }
|
|
cat >> age.key <<< "$AGE_KEY_SECRET"
|
|
|
|
set -x
|
|
|
|
cargo binstall -y rsign2 rage
|
|
rage --decrypt --identity age.key --output minisign.key minisign.key.age
|
|
|
|
ts=$(node -e 'console.log((new Date).toISOString())')
|
|
git=$(git rev-parse HEAD)
|
|
comment="gh=$GITHUB_REPOSITORY git=$git ts=$ts run=$GITHUB_RUN_ID"
|
|
|
|
for file in "$@"; do
|
|
rsign sign -W -s minisign.key -x "$file.sig" -t "$comment" "$file"
|
|
done
|
|
|
|
rm age.key minisign.key
|