mirrors/flatcar-scripts
1
0
Fork 0
mirror of https://github.com/flatcar/scripts.git synced 2025-08-13 07:56:57 +02:00
Code Issues Packages Projects Releases Wiki Activity

updates: minor fixes for offline signing wrapper script

Browse Source 
- Fedora provides gpg2 by default, not gpg.
- The zip file's root must be the current directory.
This commit is contained in:
Michael Marineau 2014-06-25 22:20:56 -07:00
parent fd88195d58
commit f1c81df7f3
1 changed files with 9 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
offline_signing/sign.sh
View File

@ -1,17 +1,19 @@
#!/bin/bash
set -ex
DATA_DIR="$1"
DATA_DIR="$(readlink -f "$1")"
KEYS_DIR="$(readlink -f "$(dirname "$0")")"
gpg --verify "${DATA_DIR}/coreos_production_update.bin.bz2.sig"
gpg --verify "${DATA_DIR}/coreos_production_update.zip.sig"
gpg2 --verify "${DATA_DIR}/coreos_production_update.bin.bz2.sig"
gpg2 --verify "${DATA_DIR}/coreos_production_update.zip.sig"
bunzip2 --keep "${DATA_DIR}/coreos_production_update.bin.bz2"
unzip "${DATA_DIR}/coreos_production_update.zip" -d "${DATA_DIR}"
export PATH="${DATA_DIR}:${PATH}"
core_sign_update \
cd "${DATA_DIR}"
./core_sign_update \
--image "${DATA_DIR}/coreos_production_update.bin" \
--output "${DATA_DIR}/update.gz" \
--private_keys "devel.key.pem:prod-2.key.pem" \
--public_keys "devel.pub.pem:prod-2.pub.pem"
--output "${DATA_DIR}/coreos_production_update.gz" \
--private_keys "${KEYS_DIR}/devel.key.pem:${KEYS_DIR}/prod-2.key.pem" \
--public_keys "${KEYS_DIR}/devel.pub.pem:${KEYS_DIR}/prod-2.pub.pem"