aws-delivlib 14.8.0 → 14.9.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/lib/signing/nuget/sign.sh +2 -2
- package/lib/signing.d.ts +9 -3
- package/lib/signing.js +7 -1
- package/package.json +1 -1
|
@@ -33,13 +33,13 @@ for nuget_package_path in $(find dotnet -name *.nupkg -not -iname *.symbols.nupk
|
|
|
33
33
|
version_id=$(aws s3api put-object \
|
|
34
34
|
--bucket ${SIGNING_BUCKET_NAME:-} \
|
|
35
35
|
--key unsigned/${file} \
|
|
36
|
-
--body ${file} | jq -r '.VersionId')
|
|
36
|
+
--body ${tmp}/${file} | jq -r '.VersionId')
|
|
37
37
|
# invoke signer lambda
|
|
38
38
|
aws lambda invoke \
|
|
39
39
|
--function-name ${SIGNING_LAMBDA_ARN:-} \
|
|
40
40
|
--invocation-type RequestResponse \
|
|
41
41
|
--cli-binary-format raw-in-base64-out \
|
|
42
|
-
--payload '{ "artifactKey": "'"unsigned/${file}"'", "artifactVersion": "'"${version_id}"'" }' \
|
|
42
|
+
--payload '{ "artifactKey": "'"unsigned/${file}"'", "artifactVersion": "'"${version_id}"'", "profileName": "'"${SIGNER_PROFILE_NAME:-}"'", "profileOwner": "'"${SIGNER_PROFILE_OWNER:-}"'" }' \
|
|
43
43
|
${tmp}/response.json >/dev/null
|
|
44
44
|
signed_artifact_key=$(cat ${tmp}/response.json | jq -r '.signedArtifactKey')
|
|
45
45
|
# download signed dll from signer bucket
|
package/lib/signing.d.ts
CHANGED
|
@@ -36,11 +36,17 @@ export interface SignNuGetWithSignerProps {
|
|
|
36
36
|
*/
|
|
37
37
|
readonly accessRole: IRole;
|
|
38
38
|
/**
|
|
39
|
-
* The
|
|
40
|
-
* on your behalf.
|
|
39
|
+
* The name of the signer profile to use for signing
|
|
41
40
|
*
|
|
42
|
-
* @default
|
|
41
|
+
* @default no signing profile name
|
|
43
42
|
*/
|
|
43
|
+
readonly signerProfileName?: string;
|
|
44
|
+
/**
|
|
45
|
+
* The owner of the signer profile to use for signing
|
|
46
|
+
*
|
|
47
|
+
* @default no signing profile owner
|
|
48
|
+
*/
|
|
49
|
+
readonly signerProfileOwner?: string;
|
|
44
50
|
readonly serviceRole?: IRole;
|
|
45
51
|
/**
|
|
46
52
|
* The build image to do the signing in
|
package/lib/signing.js
CHANGED
|
@@ -40,6 +40,12 @@ class SignNuGetWithSigner extends constructs_1.Construct {
|
|
|
40
40
|
SIGNING_LAMBDA_ARN: props.signingLambda.functionArn,
|
|
41
41
|
ACCESS_ROLE_ARN: props.accessRole.roleArn,
|
|
42
42
|
};
|
|
43
|
+
if (props.signerProfileName) {
|
|
44
|
+
environment.SIGNER_PROFILE_NAME = props.signerProfileName;
|
|
45
|
+
}
|
|
46
|
+
if (props.signerProfileOwner) {
|
|
47
|
+
environment.SIGNER_PROFILE_OWNER = props.signerProfileOwner;
|
|
48
|
+
}
|
|
43
49
|
const shellable = new shellable_1.Shellable(this, 'Default', {
|
|
44
50
|
platform: new shellable_1.LinuxPlatform((_a = props.buildImage) !== null && _a !== void 0 ? _a : aws_codebuild_1.LinuxBuildImage.fromDockerRegistry('public.ecr.aws/jsii/superchain:1-buster-slim-node18')),
|
|
45
51
|
scriptDirectory: path.join(__dirname, 'signing', 'nuget'),
|
|
@@ -71,4 +77,4 @@ class SignNuGetWithSigner extends constructs_1.Construct {
|
|
|
71
77
|
}
|
|
72
78
|
}
|
|
73
79
|
exports.SignNuGetWithSigner = SignNuGetWithSigner;
|
|
74
|
-
//# sourceMappingURL=data:application/json;base64,
|
|
80
|
+
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoic2lnbmluZy5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbInNpZ25pbmcudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7QUFBQSwyQ0FBNkI7QUFDN0IsNkRBQWtGO0FBQ2xGLG1FQUFnRTtBQUNoRSxtRkFBdUU7QUFJdkUsMkNBQW1EO0FBQ25ELDZDQUF5QztBQUV6QywyQ0FBdUQ7QUFzRXZELE1BQWEsbUJBQW9CLFNBQVEsc0JBQVM7SUFJaEQsWUFBbUIsS0FBZ0IsRUFBRSxFQUFVLEVBQUUsS0FBK0I7O1FBQzlFLEtBQUssQ0FBQyxLQUFLLEVBQUUsRUFBRSxDQUFDLENBQUM7UUFFakIsTUFBTSxXQUFXLEdBQThCO1lBQzdDLG1CQUFtQixFQUFFLEtBQUssQ0FBQyxhQUFhLENBQUMsVUFBVTtZQUNuRCxrQkFBa0IsRUFBRSxLQUFLLENBQUMsYUFBYSxDQUFDLFdBQVc7WUFDbkQsZUFBZSxFQUFFLEtBQUssQ0FBQyxVQUFVLENBQUMsT0FBTztTQUMxQyxDQUFDO1FBRUYsSUFBSSxLQUFLLENBQUMsaUJBQWlCLEVBQUU7WUFDM0IsV0FBVyxDQUFDLG1CQUFtQixHQUFHLEtBQUssQ0FBQyxpQkFBaUIsQ0FBQztTQUMzRDtRQUVELElBQUksS0FBSyxDQUFDLGtCQUFrQixFQUFFO1lBQzVCLFdBQVcsQ0FBQyxvQkFBb0IsR0FBRyxLQUFLLENBQUMsa0JBQWtCLENBQUM7U0FDN0Q7UUFFRCxNQUFNLFNBQVMsR0FBRyxJQUFJLHFCQUFTLENBQUMsSUFBSSxFQUFFLFNBQVMsRUFBRTtZQUMvQyxRQUFRLEVBQUUsSUFBSSx5QkFBYSxDQUFDLE1BQUEsS0FBSyxDQUFDLFVBQVUsbUNBQUksK0JBQWUsQ0FBQyxrQkFBa0IsQ0FBQyxxREFBcUQsQ0FBQyxDQUFDO1lBQzFJLGVBQWUsRUFBRSxJQUFJLENBQUMsSUFBSSxDQUFDLFNBQVMsRUFBRSxTQUFTLEVBQUUsT0FBTyxDQUFDO1lBQ3pELFVBQVUsRUFBRSxTQUFTO1lBQ3JCLFdBQVcsRUFBRSxLQUFLLENBQUMsV0FBVztZQUM5QixTQUFTLEVBQUUsc0JBQVMsQ0FBQyxPQUFPLENBQUM7Z0JBQzNCLE9BQU8sRUFBRSxLQUFLO2dCQUNkLFNBQVMsRUFBRTtvQkFDVCxLQUFLLEVBQUUsQ0FBQyxNQUFNLENBQUM7b0JBQ2YsQ0FBQyxnQkFBZ0IsQ0FBQyxFQUFFLEdBQUc7aUJBQ3hCO2FBQ0YsQ0FBQztZQUNGLFdBQVc7U0FDWixDQUFDLENBQUM7UUFFSCxJQUFJLENBQUMsSUFBSSxHQUFHLFNBQVMsQ0FBQyxJQUFJLENBQUM7UUFDM0IsSUFBSSxDQUFDLE9BQU8sR0FBRyxTQUFTLENBQUMsT0FBTyxDQUFDO0lBQ25DLENBQUM7SUFFTSxhQUFhLENBQUMsS0FBYSxFQUFFLEVBQVUsRUFBRSxPQUE2QjtRQUMzRSxNQUFNLFlBQVksR0FBRyxPQUFPLENBQUMsYUFBYSxJQUFJLElBQUksMkJBQVEsRUFBRSxDQUFDO1FBQzdELE1BQU0sYUFBYSxHQUFHLElBQUksMkJBQVEsRUFBRSxDQUFDO1FBRXJDLEtBQUssQ0FBQyxTQUFTLENBQUMsSUFBSSwwQ0FBZSxDQUFDO1lBQ2xDLFVBQVUsRUFBRSxFQUFFO1lBQ2QsS0FBSyxFQUFFLFlBQVk7WUFDbkIsUUFBUSxFQUFFLE9BQU8sQ0FBQyxRQUFRO1lBQzFCLE9BQU8sRUFBRSxJQUFJLENBQUMsT0FBTztZQUNyQixPQUFPLEVBQUUsQ0FBQyxhQUFhLENBQUM7U0FDekIsQ0FBQyxDQUFDLENBQUM7UUFFSixPQUFPLGFBQWEsQ0FBQztJQUN2QixDQUFDO0NBQ0Y7QUF0REQsa0RBc0RDIiwic291cmNlc0NvbnRlbnQiOlsiaW1wb3J0ICogYXMgcGF0aCBmcm9tICdwYXRoJztcbmltcG9ydCB7IElCdWlsZEltYWdlLCBMaW51eEJ1aWxkSW1hZ2UsIFByb2plY3QgfSBmcm9tICdhd3MtY2RrLWxpYi9hd3MtY29kZWJ1aWxkJztcbmltcG9ydCB7IEFydGlmYWN0LCBJU3RhZ2UgfSBmcm9tICdhd3MtY2RrLWxpYi9hd3MtY29kZXBpcGVsaW5lJztcbmltcG9ydCB7IENvZGVCdWlsZEFjdGlvbiB9IGZyb20gJ2F3cy1jZGstbGliL2F3cy1jb2RlcGlwZWxpbmUtYWN0aW9ucyc7XG5pbXBvcnQgeyBJUm9sZSB9IGZyb20gJ2F3cy1jZGstbGliL2F3cy1pYW0nO1xuaW1wb3J0IHsgSUZ1bmN0aW9uIH0gZnJvbSAnYXdzLWNkay1saWIvYXdzLWxhbWJkYSc7XG5pbXBvcnQgeyBJQnVja2V0IH0gZnJvbSAnYXdzLWNkay1saWIvYXdzLXMzJztcbmltcG9ydCB7IENvbnN0cnVjdCwgSUNvbnN0cnVjdCB9IGZyb20gJ2NvbnN0cnVjdHMnO1xuaW1wb3J0IHsgQnVpbGRTcGVjIH0gZnJvbSAnLi9idWlsZC1zcGVjJztcbmltcG9ydCB7IEFkZFRvUGlwZWxpbmVPcHRpb25zIH0gZnJvbSAnLi9waXBlbGluZSc7XG5pbXBvcnQgeyBMaW51eFBsYXRmb3JtLCBTaGVsbGFibGUgfSBmcm9tICcuL3NoZWxsYWJsZSc7XG5cbmV4cG9ydCBpbnRlcmZhY2UgSVNpZ25lciBleHRlbmRzIElDb25zdHJ1Y3Qge1xuICBhZGRUb1BpcGVsaW5lKHN0YWdlOiBJU3RhZ2UsIGlkOiBzdHJpbmcsIG9wdGlvbnM6IEFkZFRvUGlwZWxpbmVPcHRpb25zKTogQXJ0aWZhY3Q7XG59XG5cbmV4cG9ydCBpbnRlcmZhY2UgQWRkU2lnbmluZ09wdGlvbnMge1xuICAvKipcbiAgICogVGhlIGlucHV0IGFydGlmYWN0IHRvIHVzZVxuICAgKlxuICAgKiBAZGVmYXVsdCBCdWlsZCBvdXRwdXQgYXJ0aWZhY3RcbiAgICovXG4gIHJlYWRvbmx5IGlucHV0QXJ0aWZhY3Q/OiBBcnRpZmFjdDtcblxuICAvKipcbiAgICogU3RhZ2UgbmFtZSB0byBhZGQgc2lnbmluZyBqb2IgdG9cbiAgICpcbiAgICogQGRlZmF1bHQgXCJTaWduXCJcbiAgICovXG4gIHJlYWRvbmx5IHN0YWdlTmFtZT86IHN0cmluZztcbn1cblxuZXhwb3J0IGludGVyZmFjZSBTaWduTnVHZXRXaXRoU2lnbmVyUHJvcHMge1xuICAvKipcbiAgICogQW4gUzMgYnVja2V0IHVzZWQgdG8gc3RvcmUgc2lnbmVkIGFuZCB1bnNpZ25lZCBETEwgZmlsZXNcbiAgICovXG4gIHJlYWRvbmx5IHNpZ25pbmdCdWNrZXQ6IElCdWNrZXQ7XG5cbiAgLyoqXG4gICAqIEEgTGFtYmRhIGZ1bmN0aW9uIHVzZWQgdG8gcGVyZm9ybSBzaWduaW5nIG9wZXJhdGlvbnMgd2l0aCBBV1MgU2lnbmVyXG4gICAqL1xuICByZWFkb25seSBzaWduaW5nTGFtYmRhOiBJRnVuY3Rpb247XG5cbiAgLyoqXG4gICAqIEEgcm9sZSB1c2VkIHByb3ZpZGUgYWNjZXNzIHRvIHRoZSBzaWduaW5nIGJ1Y2tldCBhbmQgc2lnbmluZyBsYW1iZGFcbiAgICovXG4gIHJlYWRvbmx5IGFjY2Vzc1JvbGU6IElSb2xlO1xuXG4gIC8qKlxuICAgKiBUaGUgbmFtZSBvZiB0aGUgc2lnbmVyIHByb2ZpbGUgdG8gdXNlIGZvciBzaWduaW5nXG4gICAqXG4gICAqIEBkZWZhdWx0IG5vIHNpZ25pbmcgcHJvZmlsZSBuYW1lXG4gICAqL1xuICByZWFkb25seSBzaWduZXJQcm9maWxlTmFtZT86IHN0cmluZztcblxuICAvKipcbiAgICogVGhlIG93bmVyIG9mIHRoZSBzaWduZXIgcHJvZmlsZSB0byB1c2UgZm9yIHNpZ25pbmdcbiAgICpcbiAgICogQGRlZmF1bHQgbm8gc2lnbmluZyBwcm9maWxlIG93bmVyXG4gICAqL1xuICByZWFkb25seSBzaWduZXJQcm9maWxlT3duZXI/OiBzdHJpbmc7XG5cbiAgLypcbiAgICogVGhlIHNlcnZpY2Ugcm9sZSB0aGF0IHdpbGwgYmUgdXNlZCB0byBhbGxvdyBDb2RlQnVpbGQgdG8gcGVyZm9ybSBvcGVyYXRpb25zXG4gICAqIG9uIHlvdXIgYmVoYWxmLlxuICAgKlxuICAgKiBAZGVmYXVsdCBBIHJvbGUgd2lsbCBiZSBjcmVhdGVkXG4gICAqL1xuICByZWFkb25seSBzZXJ2aWNlUm9sZT86IElSb2xlO1xuXG4gIC8qKlxuICAgKiBUaGUgYnVpbGQgaW1hZ2UgdG8gZG8gdGhlIHNpZ25pbmcgaW5cbiAgICpcbiAgICogTmVlZHMgdG8gaGF2ZSBOdUdldCBwcmVpbnN0YWxsZWQuXG4gICAqXG4gICAqIEBkZWZhdWx0IExhdGVzdCBzdXBlcmNoYWluXG4gICAqL1xuICByZWFkb25seSBidWlsZEltYWdlPzogSUJ1aWxkSW1hZ2U7XG59XG5cbmV4cG9ydCBjbGFzcyBTaWduTnVHZXRXaXRoU2lnbmVyIGV4dGVuZHMgQ29uc3RydWN0IGltcGxlbWVudHMgSVNpZ25lciB7XG4gIHB1YmxpYyByZWFkb25seSByb2xlOiBJUm9sZTtcbiAgcHVibGljIHJlYWRvbmx5IHByb2plY3Q6IFByb2plY3Q7XG5cbiAgcHVibGljIGNvbnN0cnVjdG9yKHNjb3BlOiBDb25zdHJ1Y3QsIGlkOiBzdHJpbmcsIHByb3BzOiBTaWduTnVHZXRXaXRoU2lnbmVyUHJvcHMpIHtcbiAgICBzdXBlcihzY29wZSwgaWQpO1xuXG4gICAgY29uc3QgZW52aXJvbm1lbnQ6IHsgW2tleTogc3RyaW5nXTogc3RyaW5nIH0gPSB7XG4gICAgICBTSUdOSU5HX0JVQ0tFVF9OQU1FOiBwcm9wcy5zaWduaW5nQnVja2V0LmJ1Y2tldE5hbWUsXG4gICAgICBTSUdOSU5HX0xBTUJEQV9BUk46IHByb3BzLnNpZ25pbmdMYW1iZGEuZnVuY3Rpb25Bcm4sXG4gICAgICBBQ0NFU1NfUk9MRV9BUk46IHByb3BzLmFjY2Vzc1JvbGUucm9sZUFybixcbiAgICB9O1xuXG4gICAgaWYgKHByb3BzLnNpZ25lclByb2ZpbGVOYW1lKSB7XG4gICAgICBlbnZpcm9ubWVudC5TSUdORVJfUFJPRklMRV9OQU1FID0gcHJvcHMuc2lnbmVyUHJvZmlsZU5hbWU7XG4gICAgfVxuXG4gICAgaWYgKHByb3BzLnNpZ25lclByb2ZpbGVPd25lcikge1xuICAgICAgZW52aXJvbm1lbnQuU0lHTkVSX1BST0ZJTEVfT1dORVIgPSBwcm9wcy5zaWduZXJQcm9maWxlT3duZXI7XG4gICAgfVxuXG4gICAgY29uc3Qgc2hlbGxhYmxlID0gbmV3IFNoZWxsYWJsZSh0aGlzLCAnRGVmYXVsdCcsIHtcbiAgICAgIHBsYXRmb3JtOiBuZXcgTGludXhQbGF0Zm9ybShwcm9wcy5idWlsZEltYWdlID8/IExpbnV4QnVpbGRJbWFnZS5mcm9tRG9ja2VyUmVnaXN0cnkoJ3B1YmxpYy5lY3IuYXdzL2pzaWkvc3VwZXJjaGFpbjoxLWJ1c3Rlci1zbGltLW5vZGUxOCcpKSxcbiAgICAgIHNjcmlwdERpcmVjdG9yeTogcGF0aC5qb2luKF9fZGlybmFtZSwgJ3NpZ25pbmcnLCAnbnVnZXQnKSxcbiAgICAgIGVudHJ5cG9pbnQ6ICdzaWduLnNoJyxcbiAgICAgIHNlcnZpY2VSb2xlOiBwcm9wcy5zZXJ2aWNlUm9sZSxcbiAgICAgIGJ1aWxkU3BlYzogQnVpbGRTcGVjLmxpdGVyYWwoe1xuICAgICAgICB2ZXJzaW9uOiAnMC4yJyxcbiAgICAgICAgYXJ0aWZhY3RzOiB7XG4gICAgICAgICAgZmlsZXM6IFsnKiovKiddLFxuICAgICAgICAgIFsnYmFzZS1kaXJlY3RvcnknXTogJy4nLFxuICAgICAgICB9LFxuICAgICAgfSksXG4gICAgICBlbnZpcm9ubWVudCxcbiAgICB9KTtcblxuICAgIHRoaXMucm9sZSA9IHNoZWxsYWJsZS5yb2xlO1xuICAgIHRoaXMucHJvamVjdCA9IHNoZWxsYWJsZS5wcm9qZWN0O1xuICB9XG5cbiAgcHVibGljIGFkZFRvUGlwZWxpbmUoc3RhZ2U6IElTdGFnZSwgaWQ6IHN0cmluZywgb3B0aW9uczogQWRkVG9QaXBlbGluZU9wdGlvbnMpIHtcbiAgICBjb25zdCBzaWduaW5nSW5wdXQgPSBvcHRpb25zLmlucHV0QXJ0aWZhY3QgfHwgbmV3IEFydGlmYWN0KCk7XG4gICAgY29uc3Qgc2lnbmluZ091dHB1dCA9IG5ldyBBcnRpZmFjdCgpO1xuXG4gICAgc3RhZ2UuYWRkQWN0aW9uKG5ldyBDb2RlQnVpbGRBY3Rpb24oe1xuICAgICAgYWN0aW9uTmFtZTogaWQsXG4gICAgICBpbnB1dDogc2lnbmluZ0lucHV0LFxuICAgICAgcnVuT3JkZXI6IG9wdGlvbnMucnVuT3JkZXIsXG4gICAgICBwcm9qZWN0OiB0aGlzLnByb2plY3QsXG4gICAgICBvdXRwdXRzOiBbc2lnbmluZ091dHB1dF0sXG4gICAgfSkpO1xuXG4gICAgcmV0dXJuIHNpZ25pbmdPdXRwdXQ7XG4gIH1cbn0iXX0=
|