1
0
mirror of https://github.com/oauth2-proxy/oauth2-proxy.git synced 2024-11-28 09:08:44 +02:00

distribution: create sha256sum.txt file when creating binaries to allow validation of checksums.

* update README.md to include instructions on how to verify prebuilt binaries for new releases.
This commit is contained in:
Tanvir Alam 2017-11-20 14:35:59 -05:00
parent b0c1c85177
commit dc65ff800f
2 changed files with 21 additions and 3 deletions

View File

@ -16,6 +16,11 @@ to validate accounts by email, domain or group.
## Installation
1. Download [Prebuilt Binary](https://github.com/bitly/oauth2_proxy/releases) (current release is `v2.2`) or build with `$ go get github.com/bitly/oauth2_proxy` which will put the binary in `$GOROOT/bin`
Prebuilt binaries can be validated by extracting the file and verifying it against the `sha256sum.txt` checksum file provided for each release starting with version `v2.3`.
```
sha256sum -c sha256sum.txt 2>&1 | grep OK
oauth2_proxy-2.3.linux-amd64: OK
```
2. Select a Provider and Register an OAuth Application with a Provider
3. Configure OAuth2 Proxy using config file, command line options, or environment variables
4. Configure SSL or Deploy behind a SSL endpoint (example provided for Nginx)

19
dist.sh
View File

@ -13,6 +13,7 @@ os=$(go env GOOS)
arch=$(go env GOARCH)
version=$(cat $DIR/version.go | grep "const VERSION" | awk '{print $NF}' | sed 's/"//g')
goversion=$(go version | awk '{print $3}')
sha256sum=()
echo "... running tests"
./test.sh
@ -25,10 +26,22 @@ for os in windows linux darwin; do
fi
BUILD=$(mktemp -d ${TMPDIR:-/tmp}/oauth2_proxy.XXXXXX)
TARGET="oauth2_proxy-$version.$os-$arch.$goversion"
FILENAME="oauth2_proxy-$version.$os-$arch$EXT"
GOOS=$os GOARCH=$arch CGO_ENABLED=0 \
go build -ldflags="-s -w" -o $BUILD/$TARGET/oauth2_proxy$EXT || exit 1
pushd $BUILD
tar czvf $TARGET.tar.gz $TARGET
go build -ldflags="-s -w" -o $BUILD/$TARGET/$FILENAME || exit 1
pushd $BUILD/$TARGET
sha256sum+=("$(shasum -a 256 $FILENAME || exit 1)")
cd .. && tar czvf $TARGET.tar.gz $TARGET
mv $TARGET.tar.gz $DIR/dist
popd
done
checksum_file="sha256sum.txt"
cd $DIR/dist
if [ -f $checksum_file ]; then
rm $checksum_file
fi
touch $checksum_file
for checksum in "${sha256sum[@]}"; do
echo "$checksum" >> $checksum_file
done