-
Notifications
You must be signed in to change notification settings - Fork 1
/
build-sign-deploy.sh
executable file
·40 lines (30 loc) · 1.58 KB
/
build-sign-deploy.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
#!/usr/bin/env bash
set -x -e
# download gpg keys to use for signing
#runny aws s3 cp s3://$KEY_BUCKET/secret.key ./
#runny gpg --import secret.key
# Create the binary with a filename "bootstrap" as required by the provided.al2 runtime
GOOS=linux CGO_ENABLED=0 go build -ldflags="-s -w" -o bootstrap main.go
zip idp-id-broker-search.zip bootstrap
# Create base64 encoded sha256 checksum for terraform to use to detect changes
openssl dgst -binary -sha256 idp-id-broker-search.zip | base64 --wrap=0 > idp-id-broker-search.zip.sum
#runny gpg --yes -a -o "idp-id-broker-search.zip.sig" --detach-sig idp-id-broker-search.zip
# Push zip and checksum to S3 under folder for GITHUB_REF_NAME (ex: develop or 1.2.3)
GITHUB_REF_NAME=${GITHUB_REF_NAME:="unknown"}
bucket=$DOWNLOAD_BUCKET-${AWS_REGION}
aws s3 cp --acl public-read idp-id-broker-search.zip s3://$bucket/$GITHUB_REF_NAME/
aws s3 cp --acl public-read --content-type text/plain idp-id-broker-search.zip.sum s3://$bucket/$GITHUB_REF_NAME/
if [ -z $AWS_REGION2 ]; then
exit 0
fi
export AWS_REGION=${AWS_REGION2}
bucket=$DOWNLOAD_BUCKET-${AWS_REGION}
aws s3 cp --acl public-read idp-id-broker-search.zip s3://$bucket/$GITHUB_REF_NAME/
aws s3 cp --acl public-read --content-type text/plain idp-id-broker-search.zip.sum s3://$bucket/$GITHUB_REF_NAME/
if [ -z $AWS_REGION3 ]; then
exit 0
fi
export AWS_REGION=${AWS_REGION3}
bucket=$DOWNLOAD_BUCKET-${AWS_REGION}
aws s3 cp --acl public-read idp-id-broker-search.zip s3://$bucket/$GITHUB_REF_NAME/
aws s3 cp --acl public-read --content-type text/plain idp-id-broker-search.zip.sum s3://$bucket/$GITHUB_REF_NAME/