diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index d927883a9de0e..145e9e44a7c40 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -762,3 +762,71 @@ jobs: release: "any-version" republish: "true" file: "target/artifacts/vector-${{ env.VECTOR_VERSION }}-1.armv7hl.rpm" + + generate-sha256sum: + name: Generate SHA256 checksums + runs-on: ubuntu-20.04 + needs: + - generate-publish-metadata + - build-x86_64-unknown-linux-gnu-packages + - build-x86_64-unknown-linux-musl-packages + - build-aarch64-unknown-linux-musl-packages + - build-aarch64-unknown-linux-gnu-packages + - build-x86_64-apple-darwin-packages + - build-x86_64-pc-windows-msvc-packages + - build-armv7-unknown-linux-gnueabihf-packages + - build-armv7-unknown-linux-musleabihf-packages + env: + VECTOR_VERSION: ${{ needs.generate-publish-metadata.outputs.vector_version }} + steps: + - name: Checkout Vector + uses: actions/checkout@v3 + with: + ref: ${{ inputs.git_ref }} + - name: Download staged package artifacts (aarch64-unknown-linux-gnu) + uses: actions/download-artifact@v3 + with: + name: vector-${{ env.VECTOR_VERSION }}-aarch64-unknown-linux-gnu + path: target/artifacts + - name: Download staged package artifacts (aarch64-unknown-linux-musl) + uses: actions/download-artifact@v3 + with: + name: vector-${{ env.VECTOR_VERSION }}-aarch64-unknown-linux-musl + path: target/artifacts + - name: Download staged package artifacts (x86_64-unknown-linux-gnu) + uses: actions/download-artifact@v3 + with: + name: vector-${{ env.VECTOR_VERSION }}-x86_64-unknown-linux-gnu + path: target/artifacts + - name: Download staged package artifacts (x86_64-unknown-linux-musl) + uses: actions/download-artifact@v3 + with: + name: vector-${{ env.VECTOR_VERSION }}-x86_64-unknown-linux-musl + path: target/artifacts + - name: Download staged package artifacts (x86_64-apple-darwin) + uses: actions/download-artifact@v3 + with: + name: vector-${{ env.VECTOR_VERSION }}-x86_64-apple-darwin + path: target/artifacts + - name: Download staged package artifacts (x86_64-pc-windows-msvc) + uses: actions/download-artifact@v3 + with: + name: vector-${{ env.VECTOR_VERSION }}-x86_64-pc-windows-msvc + path: target/artifacts + - name: Download staged package artifacts (armv7-unknown-linux-gnueabihf) + uses: actions/download-artifact@v3 + with: + name: vector-${{ env.VECTOR_VERSION }}-armv7-unknown-linux-gnueabihf + path: target/artifacts + - name: Download staged package artifacts (armv7-unknown-linux-musleabihf) + uses: actions/download-artifact@v3 + with: + name: vector-${{ env.VECTOR_VERSION }}-armv7-unknown-linux-musleabihf + path: target/artifacts + - name: Generate SHA256 checksums for artifacts + run: make sha256sum + - name: Stage checksum for publish + uses: actions/upload-artifact@v3 + with: + name: vector-${{ env.VECTOR_VERSION }}-SHA256SUMS + path: target/artifacts/vector-${{ env.VECTOR_VERSION }}-SHA256SUMS \ No newline at end of file diff --git a/Makefile b/Makefile index 4e71f9b21e49c..7b9c33a22c5dc 100644 --- a/Makefile +++ b/Makefile @@ -624,6 +624,10 @@ release-s3: ## Release artifacts to S3 sync-install: ## Sync the install.sh script for access via sh.vector.dev @aws s3 cp distribution/install.sh s3://sh.vector.dev --sse --acl public-read +.PHONY: sha256sum +sha256sum: ## Generate SHA256 checksums of CI artifacts + scripts/checksum.sh + ##@ Vector Remap Language .PHONY: test-vrl diff --git a/scripts/checksum.sh b/scripts/checksum.sh new file mode 100755 index 0000000000000..07931822e134a --- /dev/null +++ b/scripts/checksum.sh @@ -0,0 +1,19 @@ +#!/usr/bin/env bash +set -euo pipefail + +# checksum.sh +# +# SUMMARY +# +# Creates a SHA256 checksum of all artifacts created during CI + +ROOT=$(git rev-parse --show-toplevel) +VECTOR_VERSION=${VECTOR_VERSION:-nightly} + +pushd "${ROOT}/target/artifacts" + +ARTIFACTS=$(ls | grep -v SHA256SUMS) + +sha256sum $ARTIFACTS > vector-$VECTOR_VERSION-SHA256SUMS + +popd