forked from docker/docker-credential-helpers
-
-
Notifications
You must be signed in to change notification settings - Fork 0
/
release
executable file
·59 lines (50 loc) · 1.37 KB
/
release
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
#!/usr/bin/env bash
set -e
: "${BUILDX_CMD=docker buildx}"
: "${DESTDIR=./bin/release}"
: "${CACHE_FROM=}"
: "${CACHE_TO=}"
: "${SIGN=}"
: "${PFX=}"
: "${PFXPASSWORD=}"
if [ -n "$CACHE_FROM" ]; then
for cfrom in $CACHE_FROM; do
cacheFlags+=(--set "*.cache-from=$cfrom")
done
fi
if [ -n "$CACHE_TO" ]; then
for cto in $CACHE_TO; do
cacheFlags+=(--set "*.cache-to=$cto")
done
fi
dockerpfx=$(mktemp -t dockercredhelper-pfx.XXXXXXXXXX)
function clean {
rm -f "$dockerpfx"
}
trap clean EXIT
# release
(
set -x
${BUILDX_CMD} bake "${cacheFlags[@]}" --set "*.output=$DESTDIR" release
)
# wrap binaries
mv -f ./${DESTDIR}/**/* ./${DESTDIR}/
find ./${DESTDIR} -type d -empty -delete
# sign binaries
if [ -n "$SIGN" ]; then
for f in "${DESTDIR}"/*".darwin-"*; do
SIGNINGHASH=$(security find-identity -v -p codesigning | grep "Developer ID Application: Docker Inc" | cut -d ' ' -f 4)
xcrun -log codesign -s "$SIGNINGHASH" --force --verbose "$f"
xcrun codesign --verify --deep --strict --verbose=2 --display "$f"
done
for f in "${DESTDIR}"/*".windows-"*; do
echo ${PFX} | base64 -d > "$dockerpfx"
signtool sign /fd SHA256 /a /f pfx /p ${PFXPASSWORD} /d Docker /du https://www.docker.com /t http://timestamp.verisign.com/scripts/timestamp.dll "$f"
done
fi
# checksums
(
cd ${DESTDIR}
sha256sum -b docker-credential-* > ./checksums.txt
sha256sum -c --strict checksums.txt
)