Google Git
Sign in
flutter / recipes / 386160bb55a2232ce1e4e6573e9c05cfb8e440da / . / recipes / cipd / cosign.expected / cosign.json
blob: aab3864c3f8d810ed0c4431a79e9ab9ac391029d [file] [log] [blame]
[
{
"cmd": [
"curl",
"https://api.github.com/repos/sigstore/cosign/releases"
],
"name": "Get cosign releases from github"
},
{
"cmd": [
"curl",
"https://api.github.com/releases/1"
],
"name": "Get artifacts from sigstore/cosign for a specific release version"
},
{
"cmd": [
"curl",
"-L",
"cosign-darwin-amd64",
"-o",
"[START_DIR]/cosign/darwin/bin/cosign",
"--create-dirs"
],
"infra_step": true,
"name": "Download darwin cosign binary"
},
{
"cmd": [
"curl",
"-L",
"cosign-darwin-amd64-keyless.pem",
"-o",
"[START_DIR]/cosign/darwin/certificate/cosign-cert.pem",
"--create-dirs"
],
"infra_step": true,
"name": "Download darwin cosign certificate"
},
{
"cmd": [
"curl",
"-L",
"cosign-darwin-amd64-keyless.sig",
"-o",
"[START_DIR]/cosign/darwin/certificate/cosign-sig.sig",
"--create-dirs"
],
"infra_step": true,
"name": "Download darwin cosign signature"
},
{
"cmd": [
"chmod",
"755",
"[START_DIR]/cosign/darwin/bin/cosign"
],
"name": "Make darwin cosign binary executable"
},
{
"cmd": [
"cosign",
"verify-blob",
"--cert",
"[START_DIR]/cosign/darwin/certificate/cosign-cert.pem",
"--signature",
"[START_DIR]/cosign/darwin/certificate/cosign-sig.sig",
"[START_DIR]/cosign/darwin/bin/cosign"
],
"name": "Verify darwin cosign binary is legitimate"
},
{
"cmd": [
"cipd",
"pkg-build",
"-in",
"[START_DIR]/cosign/darwin",
"-name",
"flutter/tools/cosign/mac-amd64",
"-out",
"cosign.zip",
"-hash-algo",
"sha256",
"-json-output",
"/path/to/tmp/json"
],
"name": "build mac-amd64",
"~followup_annotations": [
"@@@STEP_LOG_LINE@json.output@{@@@",
"@@@STEP_LOG_LINE@json.output@ \"result\": {@@@",
"@@@STEP_LOG_LINE@json.output@ \"instance_id\": \"40-chars-fake-of-the-package-instance_id\", @@@",
"@@@STEP_LOG_LINE@json.output@ \"package\": \"flutter/tools/cosign/mac-amd64\"@@@",
"@@@STEP_LOG_LINE@json.output@ }@@@",
"@@@STEP_LOG_LINE@json.output@}@@@",
"@@@STEP_LOG_END@json.output@@@"
]
},
{
"cmd": [
"cipd",
"pkg-register",
"cosign.zip",
"-ref",
"latest",
"-json-output",
"/path/to/tmp/json"
],
"name": "register flutter/tools/cosign/mac-amd64",
"~followup_annotations": [
"@@@STEP_LOG_LINE@json.output@{@@@",
"@@@STEP_LOG_LINE@json.output@ \"result\": {@@@",
"@@@STEP_LOG_LINE@json.output@ \"instance_id\": \"40-chars-fake-of-the-package-instance_id\", @@@",
"@@@STEP_LOG_LINE@json.output@ \"package\": \"flutter/tools/cosign/mac-amd64\"@@@",
"@@@STEP_LOG_LINE@json.output@ }@@@",
"@@@STEP_LOG_LINE@json.output@}@@@",
"@@@STEP_LOG_END@json.output@@@",
"@@@STEP_LINK@flutter/tools/cosign/mac-amd64@https://chrome-infra-packages.appspot.com/p/flutter/tools/cosign/mac-amd64/+/40-chars-fake-of-the-package-instance_id@@@"
]
},
{
"cmd": [
"curl",
"-L",
"cosign-linux-amd64",
"-o",
"[START_DIR]/cosign/linux/bin/cosign",
"--create-dirs"
],
"infra_step": true,
"name": "Download linux cosign binary"
},
{
"cmd": [
"curl",
"-L",
"cosign-linux-amd64-keyless.pem",
"-o",
"[START_DIR]/cosign/linux/certificate/cosign-cert.pem",
"--create-dirs"
],
"infra_step": true,
"name": "Download linux cosign certificate"
},
{
"cmd": [
"curl",
"-L",
"cosign-linux-amd64-keyless.sig",
"-o",
"[START_DIR]/cosign/linux/certificate/cosign-sig.sig",
"--create-dirs"
],
"infra_step": true,
"name": "Download linux cosign signature"
},
{
"cmd": [
"chmod",
"755",
"[START_DIR]/cosign/linux/bin/cosign"
],
"name": "Make linux cosign binary executable"
},
{
"cmd": [
"cosign",
"verify-blob",
"--cert",
"[START_DIR]/cosign/linux/certificate/cosign-cert.pem",
"--signature",
"[START_DIR]/cosign/linux/certificate/cosign-sig.sig",
"[START_DIR]/cosign/linux/bin/cosign"
],
"name": "Verify linux cosign binary is legitimate"
},
{
"cmd": [
"cipd",
"pkg-build",
"-in",
"[START_DIR]/cosign/linux",
"-name",
"flutter/tools/cosign/linux-amd64",
"-out",
"cosign.zip",
"-hash-algo",
"sha256",
"-json-output",
"/path/to/tmp/json"
],
"name": "build linux-amd64",
"~followup_annotations": [
"@@@STEP_LOG_LINE@json.output@{@@@",
"@@@STEP_LOG_LINE@json.output@ \"result\": {@@@",
"@@@STEP_LOG_LINE@json.output@ \"instance_id\": \"40-chars-fake-of-the-package-instance_id\", @@@",
"@@@STEP_LOG_LINE@json.output@ \"package\": \"flutter/tools/cosign/linux-amd64\"@@@",
"@@@STEP_LOG_LINE@json.output@ }@@@",
"@@@STEP_LOG_LINE@json.output@}@@@",
"@@@STEP_LOG_END@json.output@@@"
]
},
{
"cmd": [
"cipd",
"pkg-register",
"cosign.zip",
"-ref",
"latest",
"-json-output",
"/path/to/tmp/json"
],
"name": "register flutter/tools/cosign/linux-amd64",
"~followup_annotations": [
"@@@STEP_LOG_LINE@json.output@{@@@",
"@@@STEP_LOG_LINE@json.output@ \"result\": {@@@",
"@@@STEP_LOG_LINE@json.output@ \"instance_id\": \"40-chars-fake-of-the-package-instance_id\", @@@",
"@@@STEP_LOG_LINE@json.output@ \"package\": \"flutter/tools/cosign/linux-amd64\"@@@",
"@@@STEP_LOG_LINE@json.output@ }@@@",
"@@@STEP_LOG_LINE@json.output@}@@@",
"@@@STEP_LOG_END@json.output@@@",
"@@@STEP_LINK@flutter/tools/cosign/linux-amd64@https://chrome-infra-packages.appspot.com/p/flutter/tools/cosign/linux-amd64/+/40-chars-fake-of-the-package-instance_id@@@"
]
},
{
"cmd": [
"curl",
"-L",
"cosign-windows-amd64.exe",
"-o",
"[START_DIR]/cosign/windows/bin/cosign.exe",
"--create-dirs"
],
"infra_step": true,
"name": "Download windows cosign binary"
},
{
"cmd": [
"curl",
"-L",
"cosign-windows-amd64.exe-keyless.pem",
"-o",
"[START_DIR]/cosign/windows/certificate/cosign-cert.exe.pem",
"--create-dirs"
],
"infra_step": true,
"name": "Download windows cosign certificate"
},
{
"cmd": [
"curl",
"-L",
"cosign-windows-amd64.exe-keyless.sig",
"-o",
"[START_DIR]/cosign/windows/certificate/cosign-sig.exe.sig",
"--create-dirs"
],
"infra_step": true,
"name": "Download windows cosign signature"
},
{
"cmd": [
"cosign",
"verify-blob",
"--cert",
"[START_DIR]/cosign/windows/certificate/cosign-cert.exe.pem",
"--signature",
"[START_DIR]/cosign/windows/certificate/cosign-sig.exe.sig",
"[START_DIR]/cosign/windows/bin/cosign.exe"
],
"name": "Verify windows cosign binary is legitimate"
},
{
"cmd": [
"cipd",
"pkg-build",
"-in",
"[START_DIR]/cosign/windows",
"-name",
"flutter/tools/cosign/windows-amd64",
"-out",
"cosign.zip",
"-hash-algo",
"sha256",
"-json-output",
"/path/to/tmp/json"
],
"name": "build windows-amd64",
"~followup_annotations": [
"@@@STEP_LOG_LINE@json.output@{@@@",
"@@@STEP_LOG_LINE@json.output@ \"result\": {@@@",
"@@@STEP_LOG_LINE@json.output@ \"instance_id\": \"40-chars-fake-of-the-package-instance_id\", @@@",
"@@@STEP_LOG_LINE@json.output@ \"package\": \"flutter/tools/cosign/windows-amd64\"@@@",
"@@@STEP_LOG_LINE@json.output@ }@@@",
"@@@STEP_LOG_LINE@json.output@}@@@",
"@@@STEP_LOG_END@json.output@@@"
]
},
{
"cmd": [
"cipd",
"pkg-register",
"cosign.zip",
"-ref",
"latest",
"-json-output",
"/path/to/tmp/json"
],
"name": "register flutter/tools/cosign/windows-amd64",
"~followup_annotations": [
"@@@STEP_LOG_LINE@json.output@{@@@",
"@@@STEP_LOG_LINE@json.output@ \"result\": {@@@",
"@@@STEP_LOG_LINE@json.output@ \"instance_id\": \"40-chars-fake-of-the-package-instance_id\", @@@",
"@@@STEP_LOG_LINE@json.output@ \"package\": \"flutter/tools/cosign/windows-amd64\"@@@",
"@@@STEP_LOG_LINE@json.output@ }@@@",
"@@@STEP_LOG_LINE@json.output@}@@@",
"@@@STEP_LOG_END@json.output@@@",
"@@@STEP_LINK@flutter/tools/cosign/windows-amd64@https://chrome-infra-packages.appspot.com/p/flutter/tools/cosign/windows-amd64/+/40-chars-fake-of-the-package-instance_id@@@"
]
},
{
"name": "$result"
}
]