webnet/tailscale
1
0
Fork 0
Code Issues Pull Requests 1 Packages Projects Releases Wiki Activity

release/dist/qnap: preserve .codesigning files as build artifacts

Browse Source 
Stop deleting .qpkg.codesigning files in build-qpkg.sh and include
them in the returned artifact list from buildQPKG.

These files contain the last 32 characters of the base64-encoded CMS
signature produced by QDK code signing. They are consumed by pkgserve
to populate <signature> entries in the QNAP repository XML, matching
the format used by myqnap.org and qnapclub.eu.

Updates corp#33203

Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com>
This commit is contained in:
Kristoffer Dalby
2026-04-01 12:10:37 +00:00
committed by Kristoffer Dalby
parent 2d85f37f39
commit 384b7fb561
2 changed files with 14 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files
release/dist/qnap/files/scripts/build-qpkg.sh
Vendored
+4 -12
View File
@@ -4,17 +4,9 @@ set -eu
# Clean up folders and files created during build. # Clean up folders and files created during build.
function cleanup() { function cleanup() {
rm -rf /Tailscale/$ARCH rm -rf /Tailscale/$ARCH
rm -f /Tailscale/sed* rm -f /Tailscale/sed*
rm -f /Tailscale/qpkg.cfg rm -f /Tailscale/qpkg.cfg
# If this build was signed, a .qpkg.codesigning file will be created as an
# artifact of the build
# (see https://github.com/qnap-dev/qdk2/blob/93ac75c76941b90ee668557f7ce01e4b23881054/QDK_2.x/bin/qbuild#L992).
#
# go/client-release doesn't seem to need these, so we delete them here to
# avoid uploading them to pkgs.tailscale.com.
rm -f /out/*.qpkg.codesigning
} }
trap cleanup EXIT trap cleanup EXIT
@@ -22,6 +14,6 @@ mkdir -p /Tailscale/$ARCH
cp /tailscaled /Tailscale/$ARCH/tailscaled cp /tailscaled /Tailscale/$ARCH/tailscaled
cp /tailscale /Tailscale/$ARCH/tailscale cp /tailscale /Tailscale/$ARCH/tailscale
sed "s/\$QPKG_VER/$TSTAG-$QNAPTAG/g" /Tailscale/qpkg.cfg.in > /Tailscale/qpkg.cfg sed "s/\$QPKG_VER/$TSTAG-$QNAPTAG/g" /Tailscale/qpkg.cfg.in >/Tailscale/qpkg.cfg
qbuild --root /Tailscale --build-arch $ARCH --build-dir /out qbuild --root /Tailscale --build-arch $ARCH --build-dir /out
release/dist/qnap/pkgs.go
Vendored
+10 -1
View File
@@ -118,7 +118,16 @@ func (t *target) buildQPKG(b *dist.Build, qnapBuilds *qnapBuilds, inner *innerPk
return nil, fmt.Errorf("docker run %v: %s", err, out) return nil, fmt.Errorf("docker run %v: %s", err, out)
} }
return []string{filePath, filePath + ".md5"}, nil ret := []string{filePath, filePath + ".md5"}
// If the build was signed, a .codesigning file is produced containing
// the last 32 characters of the base64-encoded CMS signature. This is
// used by pkgserve to populate <signature> entries in the QNAP
// repository XML.
codesigning := filePath + ".codesigning"
if _, err := os.Stat(codesigning); err == nil {
ret = append(ret, codesigning)
}
return ret, nil
} }
type qnapBuildsMemoizeKey struct{} type qnapBuildsMemoizeKey struct{}