2 # SPDX-License-Identifier: EPL-1.0
3 ##############################################################################
4 # Copyright (c) 2022 The Linux Foundation and others.
6 # All rights reserved. This program and the accompanying materials
7 # are made available under the terms of the Eclipse Public License v1.0
8 # which accompanies this distribution, and is available at
9 # http://www.eclipse.org/legal/epl-v10.html
10 ##############################################################################
11 # Script to run the sigul signing from within a CentOS7 docker container
13 echo "Sign files in: $SIGN_DIR"
15 set -e # Fail immediately if any if signing fails
16 find "${SIGN_DIR}" -type f ! -name "*.asc" \
19 ! -name "_maven.repositories" \
20 ! -name "_remote.repositories" \
21 ! -name "*.lastUpdated" \
22 ! -name "maven-metadata-local.xml" \
23 ! -name "maven-metadata.xml" > "${WORKSPACE}/sign.lst"
25 if [ -s "${WORKSPACE}/sign.lst" ]; then
26 echo "Sign list is not empty"
30 while IFS= read -rd $'\n' line; do
31 files_to_sign+=("$line")
32 sigul --batch -c "${SIGUL_CONFIG}" sign-data -a -o "${line}.asc" "${SIGUL_KEY}" "${line}" < "${SIGUL_PASSWORD}"
33 done < "${WORKSPACE}/sign.lst"
35 if [ "${#files_to_sign[@]}" -eq 0 ]; then
36 echo "ERROR: No files to sign. Quitting..."