search

aakso / ssh-inscribe

SSH CA Client/Server
Apache License 2.0
56 stars 11 forks source link

build: switch to goreleaser, build .debs, upload to packagecloud.io #35

Closed scop closed 1 year ago

scop commented 1 year ago

This does a few things, see individual commits for details. But in a nutshell, switches build to goreleaser, builds .deb packages, uploads debs and rpms to packagecloud.io for repo access, all in CI (but runnable locally, too).

CI builds packages for all master commits as well as PR changes, but only tagged ones are uploaded to packagecloud.

Releases created by goreleaser look like this: https://github.com/scop/ssh-inscribe/releases/tag/0.0.0

The packagecloud repo from my fork produced by this stuff can be browsed at https://packagecloud.io/scop/ssh-inscribe. Repo config instructions are provided there, but they're somewhat messy, here are TL;DR versions:

yum and friends distros:

cat <<\EOF | sudo tee /etc/yum.repos.d/TEMPORARY-scop-ssh-inscribe.repo >/dev/null
[TEMPORARY-scop-ssh-inscribe]
name=TEMPORARY ssh-inscribe repo
baseurl=https://packagecloud.io/scop/ssh-inscribe/rpm_any/rpm_any/$basearch
gpgcheck=0
repo_gpgcheck=1
gpgkey=https://packagecloud.io/scop/ssh-inscribe/gpgkey
sslverify=1
sslcacert=/etc/pki/tls/certs/ca-bundle.crt
EOF

apt distros:

sudo mkdir -p /etc/apt/keyrings
curl -fSsL https://packagecloud.io/scop/ssh-inscribe/gpgkey | sudo tee /etc/apt/keyrings/TEMPORARY-scop-ssh-inscribe.asc >/dev/null
cat <<\EOF | sudo tee /etc/apt/sources.list.d/TEMPORARY-scop-ssh-inscribe.list >/dev/null
deb [signed-by=/etc/apt/keyrings/TEMPORARY-scop-ssh-inscribe.asc] https://packagecloud.io/scop/ssh-inscribe/any any main
EOF

Client packages are tested only to the extent that they install and output help, on Ubuntu 20 and CentOS 7. Server packages are install-tested only on same distros.