diff --git a/.goreleaser.yml b/.goreleaser.yml index 41c3f687a..18ee69847 100644 --- a/.goreleaser.yml +++ b/.goreleaser.yml @@ -79,7 +79,7 @@ scoop: license: Apache-2.0 signs: - id: all - artifacts: all + artifacts: checksum cmd: tools/sign.sh args: ["${artifact}", "${signature}"] changelog: diff --git a/tools/sign.sh b/tools/sign.sh index 8bf264a4f..03251655f 100755 --- a/tools/sign.sh +++ b/tools/sign.sh @@ -1,16 +1,12 @@ #!/bin/bash set -e -input=$1 -signature=$2 -# add signature to RPMs -if [ ${input: -4} == ".rpm" ]; then - rpm --define "%_gpg_name Kopia Builder" --addsign $input -fi +for f in dist/*rpm; do + # add signature to RPMs + rpm --define "%_gpg_name Kopia Builder" --addsign $f +done -if [ $input == "dist/checksums.txt" ]; then - # before signing checksums.txt, regenerate it since we've just signed some RPMs. - filenames=$(cut -f 2- -d " " dist/checksums.txt) - (cd dist && sha256sum $filenames > checksums.txt) - gpg --output dist/checksums.txt.sig --detach-sig dist/checksums.txt -fi +# before signing checksums.txt, regenerate it since we've just signed some RPMs. +filenames=$(cut -f 2- -d " " dist/checksums.txt) +(cd dist && sha256sum $filenames > checksums.txt) +gpg --output dist/checksums.txt.sig --detach-sig dist/checksums.txt