Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix(ci): sign arm64 rpm packages. #2069

Merged
merged 3 commits into from
Jun 17, 2022
Merged

fix(ci): sign arm64 rpm packages. #2069

merged 3 commits into from
Jun 17, 2022

Conversation

FedeDP
Copy link
Contributor

@FedeDP FedeDP commented Jun 16, 2022

What type of PR is this?

Uncomment one (or more) /kind <> lines:

/kind bug

/kind cleanup

/kind design

/kind documentation

/kind failing-test

/kind feature

If contributing rules or changes to rules, please make sure to also uncomment one of the following line:

/kind rule-update

/kind rule-create

Any specific area of the project related to this PR?

Uncomment one (or more) /area <> lines:

/area build

/area engine

/area rules

/area tests

/area proposals

What this PR does / why we need it:

Which issue(s) this PR fixes:

Fixes #2064

Special notes for your reviewer:

Does this PR introduce a user-facing change?:

NONE

@poiana poiana requested review from jonahjon and leodido June 16, 2022 08:22
@FedeDP
fix(ci): sign arm64 rpm packages.
ef48179 
Signed-off-by: Federico Di Pierro <nierro92@gmail.com>
@FedeDP FedeDP force-pushed the fix/sign_aarch64_rpms branch from 8ff152d to ef48179 Compare June 16, 2022 08:23
@vjjmiras
Copy link
Contributor

Despite the change directory statement, the execution of the sign script, and the verification of the signature, wouldn't it make more sense to add the rest to Prepare like:

  • Create a ~/sign script instead of ./sign, and grant it permissions
  • Import the GPG_KEY only once (I believe the GPG ring will be the same in both run: sections and the second time it'll complain it was already imported)

And on the signing run: sections:

  • Execution would be ~/sign *.rpm

This way there'd be less duplicity of code but still 2 independent stages.

@FedeDP @vjjmiras
chore(ci): small refactor.
c54811a 
Signed-off-by: Federico Di Pierro <nierro92@gmail.com>

Co-authored-by: Vicente J. Jiménez Miras <vjjmiras@gmail.com>
@FedeDP
Copy link
Contributor Author

FedeDP commented Jun 16, 2022

@vjjmiras should be ok now, right?
Thanks for the suggestion!!

@vjjmiras
Copy link
Contributor

LGTM

@FedeDP
Copy link
Contributor Author

FedeDP commented Jun 16, 2022

/hold

@FedeDP @vjjmiras
chore(ci): improved rpm command to check for SHA256 sign.
30eb1e4 
Signed-off-by: Federico Di Pierro <nierro92@gmail.com>

Co-authored-by: Vicente J. Jiménez Miras <vjjmiras@gmail.com>
@FedeDP
Copy link
Contributor Author

FedeDP commented Jun 16, 2022

/unhold

leogr
leogr approved these changes Jun 17, 2022
View reviewed changes
Copy link
Member

@leogr leogr left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

/milestone 0.32.1

/approve

@poiana poiana added this to the 0.32.1 milestone Jun 17, 2022
@poiana poiana added the lgtm label Jun 17, 2022
@poiana
Copy link
Contributor

poiana commented Jun 17, 2022

LGTM label has been added.

Git tree hash: 82dd4c78c548cf74ab56456acf675ffaa481db05

@leogr leogr mentioned this pull request Jun 17, 2022
Closed
15 tasks
jasondellaluce
jasondellaluce approved these changes Jun 17, 2022
View reviewed changes
Copy link
Contributor

@jasondellaluce jasondellaluce left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

/approve

@poiana
Copy link
Contributor

poiana commented Jun 17, 2022

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: FedeDP, jasondellaluce, leogr

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@poiana poiana merged commit 9231fe3 into falcosecurity:master Jun 17, 2022
@vjjmiras
Copy link
Contributor

We forgot to change the location of the ~/sign file when creating it.
I opened a new PR to fix it (and I hope it also cleans up the code a bit).

@FedeDP FedeDP deleted the fix/sign_aarch64_rpms branch June 20, 2022 07:07
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jasondellaluce jasondellaluce jasondellaluce approved these changes

@leogr leogr leogr approved these changes

@jonahjon jonahjon Awaiting requested review from jonahjon

@leodido leodido Awaiting requested review from leodido

Assignees

@leogr leogr

@jasondellaluce jasondellaluce

Labels
approved area/build dco-signoff: yes kind/bug lgtm release-note-none size/S
Projects
None yet
Milestone
0.32.1
Development

Successfully merging this pull request may close these issues.

CircleCI: Add SHA256 signature to aarch64 rpm packages
5 participants
@FedeDP @vjjmiras @poiana @leogr @jasondellaluce