distribution: create sha256sum.txt file when creating binaries to allow validation of checksums.

* update README.md to include instructions on how to verify prebuilt binaries for new releases.
This commit is contained in:
Tanvir Alam 2017-11-20 14:35:59 -05:00
parent b0c1c85177
commit dc65ff800f
2 changed files with 21 additions and 3 deletions

View File

@ -16,6 +16,11 @@ to validate accounts by email, domain or group.
## Installation ## Installation
1. Download [Prebuilt Binary](https://github.com/bitly/oauth2_proxy/releases) (current release is `v2.2`) or build with `$ go get github.com/bitly/oauth2_proxy` which will put the binary in `$GOROOT/bin` 1. Download [Prebuilt Binary](https://github.com/bitly/oauth2_proxy/releases) (current release is `v2.2`) or build with `$ go get github.com/bitly/oauth2_proxy` which will put the binary in `$GOROOT/bin`
Prebuilt binaries can be validated by extracting the file and verifying it against the `sha256sum.txt` checksum file provided for each release starting with version `v2.3`.
```
sha256sum -c sha256sum.txt 2>&1 | grep OK
oauth2_proxy-2.3.linux-amd64: OK
```
2. Select a Provider and Register an OAuth Application with a Provider 2. Select a Provider and Register an OAuth Application with a Provider
3. Configure OAuth2 Proxy using config file, command line options, or environment variables 3. Configure OAuth2 Proxy using config file, command line options, or environment variables
4. Configure SSL or Deploy behind a SSL endpoint (example provided for Nginx) 4. Configure SSL or Deploy behind a SSL endpoint (example provided for Nginx)

19
dist.sh
View File

@ -13,6 +13,7 @@ os=$(go env GOOS)
arch=$(go env GOARCH) arch=$(go env GOARCH)
version=$(cat $DIR/version.go | grep "const VERSION" | awk '{print $NF}' | sed 's/"//g') version=$(cat $DIR/version.go | grep "const VERSION" | awk '{print $NF}' | sed 's/"//g')
goversion=$(go version | awk '{print $3}') goversion=$(go version | awk '{print $3}')
sha256sum=()
echo "... running tests" echo "... running tests"
./test.sh ./test.sh
@ -25,10 +26,22 @@ for os in windows linux darwin; do
fi fi
BUILD=$(mktemp -d ${TMPDIR:-/tmp}/oauth2_proxy.XXXXXX) BUILD=$(mktemp -d ${TMPDIR:-/tmp}/oauth2_proxy.XXXXXX)
TARGET="oauth2_proxy-$version.$os-$arch.$goversion" TARGET="oauth2_proxy-$version.$os-$arch.$goversion"
FILENAME="oauth2_proxy-$version.$os-$arch$EXT"
GOOS=$os GOARCH=$arch CGO_ENABLED=0 \ GOOS=$os GOARCH=$arch CGO_ENABLED=0 \
go build -ldflags="-s -w" -o $BUILD/$TARGET/oauth2_proxy$EXT || exit 1 go build -ldflags="-s -w" -o $BUILD/$TARGET/$FILENAME || exit 1
pushd $BUILD pushd $BUILD/$TARGET
tar czvf $TARGET.tar.gz $TARGET sha256sum+=("$(shasum -a 256 $FILENAME || exit 1)")
cd .. && tar czvf $TARGET.tar.gz $TARGET
mv $TARGET.tar.gz $DIR/dist mv $TARGET.tar.gz $DIR/dist
popd popd
done done
checksum_file="sha256sum.txt"
cd $DIR/dist
if [ -f $checksum_file ]; then
rm $checksum_file
fi
touch $checksum_file
for checksum in "${sha256sum[@]}"; do
echo "$checksum" >> $checksum_file
done