add `make sign` and `make fetch-dist` (#5329)

Signed-off-by: Matthew Fisher <matt.fisher@microsoft.com> (cherry picked from commit ead111dd4f)
6 years ago · 79d07943b0
parent b0d4c9eb82
commit 79d07943b0
2 changed files with 28 additions and 8 deletions
--- a/15
+++ b/15
@ -4,6 +4,7 @@ DEV_IMAGE         ?= golang:1.11
 SHORT_NAME        ?= tiller
 SHORT_NAME_RUDDER ?= rudder
 TARGETS           ?= darwin/amd64 linux/amd64 linux/386 linux/arm linux/arm64 linux/ppc64le linux/s390x windows/amd64
 TARGET_OBJS       ?= darwin-amd64.tar.gz darwin-amd64.tar.gz.sha256 linux-amd64.tar.gz linux-amd64.tar.gz.sha256 linux-386.tar.gz linux-386.tar.gz.sha256 linux-arm.tar.gz linux-arm.tar.gz.sha256 linux-arm64.tar.gz linux-arm64.tar.gz.sha256 linux-ppc64le.tar.gz linux-ppc64le.tar.gz.sha256 linux-s390x.tar.gz linux-s390x.tar.gz.sha256 windows-amd64.zip windows-amd64.zip.sha256
 DIST_DIRS         = find * -type d -exec
 # go option
@ -44,6 +45,20 @@ dist:
 		$(DIST_DIRS) zip -r helm-${VERSION}-{}.zip {} \; \
 	)
 .PHONY: fetch-dist
 fetch-dist:
 	mkdir -p _dist
 	cd _dist && \
 	for obj in ${TARGET_OBJS} ; do \
 		curl -sSL -o helm-${VERSION}-$${obj} https://storage.googleapis.com/kubernetes-helm/helm-${VERSION}-$${obj} ; \
 	done
 .PHONY: sign
 sign:
 	for f in _dist/*.{gz,zip,sha256} ; do \
 		gpg --armor --detach-sign $${f} ; \
 	done
 .PHONY: checksum
 checksum:
 	for f in _dist/*.{gz,zip} ; do \
--- a/docs/release_checklist.md
+++ b/docs/release_checklist.md
@ -256,13 +256,17 @@ While hashes provide a signature that the content of the downloads is what it
 was generated, signed packages provide traceability of where the package came
 from.
-To do this follow the following steps:
+To do this, run the following `make` commands:
-1. Download each of the release bundles generated by the CI system
+```shell
-2. Sign each of them using GnuPG using the command `gpg --armor --detach-sign [FILE NAME]`.
+make clean
-   This will generate a file name `[FILE NAME].asc` with an ascii armored signature.
+make fetch-dist
 make sign
 ```
-Each of the signature files needs to be uploaded to the release on GitHub.
+This will generate ascii armored signature files for each of the files pushed by CI.
 All of the signature files need to be uploaded to the release on GitHub.
 ## 8. Write the Release Notes
@ -322,7 +326,7 @@ The [Quickstart Guide](https://docs.helm.sh/using_helm/#quickstart-guide) will g
 ### Features
 - ref(*): kubernetes v1.11 support efadbd88035654b2951f3958167afed014c46bc6 (Adam Reese)
- feat(helm): add $HELM_KEY_PASSPHRASE environment variable for signing helm charts (#4778) 1e26b5300b5166fabb90002535aacd2f9cc7d787 
+- feat(helm): add $HELM_KEY_PASSPHRASE environment variable for signing helm charts (#4778) 1e26b5300b5166fabb90002535aacd2f9cc7d787
 ### Bug fixes
 - fix circle not building tags f4f932fabd197f7e6d608c8672b33a483b4b76fa (Matthew Fisher)
@ -346,8 +350,9 @@ git log --no-merges --pretty=format:'- %s %H (%aN)' $PREVIOUS_RELEASE..$RELEASE_
 After generating the changelog, you will need to categorize the changes as shown
 in the example above.
-Once finished, go into GitHub and edit the release notes for the tagged release
+Once finished, go into GitHub and edit the release notes for the tagged release with the notes written here.
-with the notes written here.
+
 Remember to attach the ascii armored signatures generated in the previous step to the release notes.
 ## 9. Evangelize