Skip to content

Commit

Permalink
update scripts
Browse files Browse the repository at this point in the history
  • Loading branch information
kameshsampath committed Jan 17, 2023
1 parent 9fe8ee8 commit a671153
Show file tree
Hide file tree
Showing 6 changed files with 60 additions and 1 deletion.
3 changes: 2 additions & 1 deletion .gitignore
Original file line number Diff line number Diff line change
Expand Up @@ -3,4 +3,5 @@ dist
.env*
!.env.example
cosign*
image-refs.txt
image-refs.txt
!/bin/*.sh
1 change: 1 addition & 0 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -89,6 +89,7 @@ Deploy `policy-controller`,
```shell
helm upgrade --install policy-controller \
-n cosign-system \
--wait \
sigstore/policy-controller
```

Expand Down
16 changes: 16 additions & 0 deletions bin/build.sh
Original file line number Diff line number Diff line change
@@ -0,0 +1,16 @@
#!/usr/bin/env bash

set -euxo pipefail

SCRIPT_DIR=$( cd -- "$( dirname -- "${BASH_SOURCE[0]}" )" &> /dev/null && pwd )
export IMAGE_DIGESTS_FILE="$SCRIPT_DIR/../image-refs.txt"
export KUBECONFIG="$SCRIPT_DIR/../.kube/config.internal"
k3d kubeconfig get "$K3D_CLUSTER_NAME" > "$KUBECONFIG"

k3d kubeconfig get "${K3D_CLUSTER_NAME}" > "${KUBECONFIG}"
echo "" > "$IMAGE_DIGESTS_FILE"

echo "$IMAGE_REGISTRY_PASSWORD" | ko login $IMAGE_REGISTRY -u "$IMAGE_REGISTRY_USERNAME" --password-stdin
ko build --bare --tags="$IMAGE_TAG" --platform=linux/amd64 --platform=linux/arm64 --image-refs="$IMAGE_DIGESTS_FILE"

while read -r img_ref; do cosign sign --key="$COSIGN_PRIVATE_KEY" "$img_ref" | jq .; done < "$IMAGE_DIGESTS_FILE"
8 changes: 8 additions & 0 deletions bin/cleanup.sh
Original file line number Diff line number Diff line change
@@ -0,0 +1,8 @@
#!/usr/bin/env bash

set -euxo pipefail

SCRIPT_DIR=$( cd -- "$( dirname -- "${BASH_SOURCE[0]}" )" &> /dev/null && pwd )

drone exec --trusted --env-file="$SCRIPT_DIR/../.env" --pipeline=delete-cluster

16 changes: 16 additions & 0 deletions bin/setup.sh
Original file line number Diff line number Diff line change
@@ -0,0 +1,16 @@
#!/usr/bin/env bash

set -euxo pipefail

SCRIPT_DIR=$( cd -- "$( dirname -- "${BASH_SOURCE[0]}" )" &> /dev/null && pwd )

docker network create --opt "com.docker.network.driver.mtu=1450"\
"${K3D_CLUSTER_NAME}" || true

drone exec --trusted --env-file="${SCRIPT_DIR}/../.env" --network="${K3D_CLUSTER_NAME}" --pipeline=setup

KUBECONFIG="${SCRIPT_DIR}/../.kube/config"
mkdir -p "$(dirname "$KUBECONFIG")"

k3d kubeconfig get "${K3D_CLUSTER_NAME}" > "${KUBECONFIG}"
sed -i 's|host.docker.internal|127.0.0.1|' "${KUBECONFIG}"
17 changes: 17 additions & 0 deletions bin/verify.sh
Original file line number Diff line number Diff line change
@@ -0,0 +1,17 @@
#!/usr/bin/env bash

set -euo pipefail

SCRIPT_DIR=$( cd -- "$( dirname -- "${BASH_SOURCE[0]}" )" &> /dev/null && pwd )
export IMAGE_DIGESTS_FILE="$SCRIPT_DIR/../image-refs.txt"
export KUBECONFIG="$SCRIPT_DIR/../.kube/config.internal"

if [ ! -f "$KUBECONFIG" ];
then
k3d kubeconfig get "$K3D_CLUSTER_NAME" > "$KUBECONFIG"
fi

echo "$IMAGE_REGISTRY_PASSWORD" | ko login "$IMAGE_REGISTRY" -u "$IMAGE_REGISTRY_USERNAME" --password-stdin

while read -r img_ref; do cosign verify --key="$COSIGN_PUBLIC_KEY" "$img_ref" | jq .; done < "$IMAGE_DIGESTS_FILE"

0 comments on commit a671153

Please sign in to comment.