Skip to content

N
nexpie-grafana-theme
Commit 06146b80 by bergquist
Options

build: replace sha1 files with sha256 

due to security reasons.
https://security.googleblog.com/2017/02/announcing-first-sha1-collision.html
parent 6b1dd1c7
Showing with 12 additions and 12 deletions
appveyor.yml
......@@ -30,7 +30,7 @@ install:
build_script:
- go run build.go build
- grunt release
- go run build.go sha1-dist
- go run build.go sha-dist
- cp dist/* .
artifacts:
......
build.go
......@@ -5,7 +5,7 @@ package main
import (
"bytes"
"crypto/md5"
"crypto/sha1"
"crypto/sha256"
"encoding/json"
"flag"
"fmt"
......@@ -105,8 +105,8 @@ func main() {
grunt(gruntBuildArg("release")...)
createDebPackages()
case "sha1-dist":
sha1FilesInDist()
case "sha-dist":
shaFilesInDist()
case "latest":
makeLatestDistCopies()
......@@ -522,14 +522,14 @@ func md5File(file string) error {
return out.Close()
}
func sha1FilesInDist() {
func shaFilesInDist() {
filepath.Walk("./dist", func(path string, f os.FileInfo, err error) error {
if path == "./dist" {
return nil
}
if strings.Contains(path, ".sha1") == false {
err := sha1File(path)
if strings.Contains(path, ".sha256") == false {
err := shaFile(path)
if err != nil {
log.Printf("Failed to create sha file. error: %v\n", err)
}
......@@ -538,20 +538,20 @@ func sha1FilesInDist() {
})
}
func sha1File(file string) error {
func shaFile(file string) error {
fd, err := os.Open(file)
if err != nil {
return err
}
defer fd.Close()
h := sha1.New()
h := sha256.New()
_, err = io.Copy(h, fd)
if err != nil {
return err
}
out, err := os.Create(file + ".sha1")
out, err := os.Create(file + ".sha256")
if err != nil {
return err
}
......
circle.yml
......@@ -41,7 +41,7 @@ deployment:
commands:
- ./scripts/build/deploy.sh
- ./scripts/build/sign_packages.sh
- go run build.go sha1-dist
- go run build.go sha-dist
- aws s3 sync ./dist s3://$BUCKET_NAME/master
- ./scripts/trigger_windows_build.sh ${APPVEYOR_TOKEN} ${CIRCLE_SHA1} master
- ./scripts/trigger_docker_build.sh ${TRIGGER_GRAFANA_PACKER_CIRCLECI_TOKEN}
......@@ -50,7 +50,7 @@ deployment:
commands:
- ./scripts/build/deploy.sh
- ./scripts/build/sign_packages.sh
- go run build.go sha1-dist
- go run build.go sha-dist
- aws s3 sync ./dist s3://$BUCKET_NAME/release
- ./scripts/trigger_windows_build.sh ${APPVEYOR_TOKEN} ${CIRCLE_SHA1} release
- ./scripts/trigger_docker_build.sh ${TRIGGER_GRAFANA_PACKER_CIRCLECI_TOKEN} ${CIRCLE_TAG}
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment