Add sha256 sum of release artifacts to release text

2026-05-17 10:11:27 +00:00 · 2021-08-31 16:02:46 +02:00
parent bca920c75e
commit 3a2420dd91
1 changed files with 17 additions and 0 deletions
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -491,6 +491,10 @@ jobs:
    runs-on: ubuntu-latest
    needs: [metadata,linux-appimage,mac-dmg,win-msi]
    if: startsWith(github.ref, 'refs/tags/') && github.repository == 'cryptomator/cryptomator'
+    env:
+      APPIMAGE_SHA256_MSG: undefined
+      DMG_SHA256_MSG: undefined
+      MSI_SHA256_MSG: undefined
    steps:
      - uses: actions/checkout@v2
      - name: Create tarball
@@ -516,6 +520,14 @@ jobs:
        env:
          GPG_PRIVATE_KEY: ${{ secrets.RELEASES_GPG_PRIVATE_KEY }}
          GPG_PASSPHRASE: ${{ secrets.RELEASES_GPG_PASSPHRASE }}
+      - name: Compute SHA256 checksums of release artifacts # sha256sum is split on the whitespace with sed and reorderd. env keys are file name extensions in uppercase
+        run: |
+          for FILE in `find . -name "*.AppImage" -o -name "*.dmg" -o -name "*.msi" -o -name "*.zsync" -o -name "*.tar.gz"`; do
+            CHECKSUM_MSG=$(sha256sum ${FILE})
+            VALUE=$(echo ${CHECKSUM} | sed 's/\([0-9,a-f]\{64\}\)[[:blank:]]\([Cc]ryptomator-.*$\)/\2: `\1`/' )
+            KEY=$(echo ${CHECKSUM} | sed 's/.*[[:blank:]].*\.\(.*$\)/\1/')
+            echo "{${KEY^^}_SHA256_MSG}={${VALUE}} >> $GITHUB_ENV
+          done
      - name: Create release draft
        uses: softprops/action-gh-release@v1
        with:
@@ -536,3 +548,8 @@ jobs:
            ## Misc
            ---
            :scroll: A complete list of closed issues is available [here](LINK)
+            ---
+            Checksums of release artifacts:
+            * ${{ env.APPIMAGE_SHA256_MSG}}
+            * ${{ env.DMG_SHA256_MSG}}
+            * ${{ env.MSI_SHA_256_MSG}}