cmd/dist,release/dist: expose RPM signing hook (#8789)

Plumb a signing callback function to `unixpkgs.rpmTarget` to allow signing RPMs. This callback is optional and RPMs will build unsigned if not set, just as before. Updates https://github.com/tailscale/tailscale/issues/1882 Signed-off-by: Andrew Lytvynov <awly@tailscale.com>
2025-08-11 21:27:31 +00:00 · 2023-08-03 15:27:06 -07:00
parent eb6883bb5a
commit 371e1ebf07
4 changed files with 44 additions and 31 deletions
--- a/release/dist/cli/cli.go
+++ b/release/dist/cli/cli.go
@@ -19,6 +19,7 @@ import (

 	"github.com/peterbourgon/ff/v3/ffcli"
 	"tailscale.com/release/dist"
+	"tailscale.com/release/dist/unixpkgs"
 )

 // CLI returns a CLI root command to build release packages.
@@ -26,7 +27,7 @@ import (
 // getTargets is a function that gets run in the Exec function of commands that
 // need to know the target list. Its execution is deferred in this way to allow
 // customization of command FlagSets with flags that influence the target list.
-func CLI(getTargets func(tgzSigner crypto.Signer) ([]dist.Target, error)) *ffcli.Command {
+func CLI(getTargets func(unixpkgs.Signers) ([]dist.Target, error)) *ffcli.Command {
 	return &ffcli.Command{
 		Name:       "dist",
 		ShortUsage: "dist [flags] <command> [command flags]",
@@ -36,7 +37,7 @@ func CLI(getTargets func(tgzSigner crypto.Signer) ([]dist.Target, error)) *ffcli
 			{
 				Name: "list",
 				Exec: func(ctx context.Context, args []string) error {
-					targets, err := getTargets(nil)
+					targets, err := getTargets(unixpkgs.Signers{})
 					if err != nil {
 						return err
 					}
@@ -56,7 +57,7 @@ func CLI(getTargets func(tgzSigner crypto.Signer) ([]dist.Target, error)) *ffcli
 					if err != nil {
 						return err
 					}
-					targets, err := getTargets(tgzSigner)
+					targets, err := getTargets(unixpkgs.Signers{Tarball: tgzSigner})
 					if err != nil {
 						return err
 					}