From 7c64b4bdb3fa87224e15a8082843e3bf5ad595c4 Mon Sep 17 00:00:00 2001 From: Jeremy Stanley <fungi@yuggoth.org> Date: Tue, 16 Jun 2020 14:35:37 +0000 Subject: [PATCH] Record artifact checksums and signatures to stdout In case of later upload failures, record the SHA2-256 checksum and ASCII-armored OpenPGP signature of each signed artifact to the job's output stream so they can later be used for manual uploading. Change-Id: Ifd136b95357d499e088c5509fa57daf76a246cf4 --- roles/sign-artifacts/tasks/main.yaml | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/roles/sign-artifacts/tasks/main.yaml b/roles/sign-artifacts/tasks/main.yaml index 42d52cf6f..b7dbd80ca 100644 --- a/roles/sign-artifacts/tasks/main.yaml +++ b/roles/sign-artifacts/tasks/main.yaml @@ -38,3 +38,17 @@ file: path: "{{ gnupg_tmpdir.path }}" state: absent + +- name: Record checksums + command: "sha256sum {{ zj_artifact.path }}" + with_items: "{{ artifacts.files }}" + loop_control: + loop_var: zj_artifact + when: artifacts.matched > 0 + +- name: Record signatures + command: "cat {{ zj_artifact.path }}.asc" + with_items: "{{ artifacts.files }}" + loop_control: + loop_var: zj_artifact + when: artifacts.matched > 0