Latest Threat Research:SANDWORM_MODE: Shai-Hulud-Style npm Worm Hijacks CI Workflows and Poisons AI Toolchains.Details
Socket
Book a DemoInstallSign in
Socket

mygithub.libinneed.workers.dev/stackitcloud/stackit-cli

Package Overview
Dependencies
Versions
172
Alerts
File Explorer

Advanced tools

Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

mygithub.libinneed.workers.dev/stackitcloud/stackit-cli - npm Package Compare versions

Comparing version
v0.1.0-test-skip-publish.6
to
v0.1.0-test-skip-publish.7
+2
-1
.github/workflows/release.yaml

@@ -66,3 +66,3 @@ # STACKIT CLI release workflow.

with:
args: release --clean --skip=publish
args: release --clean
env:

@@ -72,2 +72,3 @@ GITHUB_TOKEN: ${{ secrets.CLI_RELEASE }}

- name: Publish packages to APT repo
if: contains(github.ref_name, '-') == false
env:

@@ -74,0 +75,0 @@ GPG_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }}

@@ -18,15 +18,15 @@ #!/bin/bash

# # Create a local mirror of the current state of the remote APT repository
# printf ">>> Creating mirror \n"
# curl ${OBJECT_STORAGE_ENDPOINT}/${PUBLIC_KEY_BUCKET_NAME}/${PUBLIC_KEY_FILE} >public.asc
# gpg --no-default-keyring --keyring ./${CUSTOM_KEYRING}.gpg --import public.asc
# aptly mirror create -keyring="${CUSTOM_KEYRING}.gpg" current "${OBJECT_STORAGE_ENDPOINT}/${APT_BUCKET_NAME}" ${DISTRIBUTION}
# Create a local mirror of the current state of the remote APT repository
printf ">>> Creating mirror \n"
curl ${OBJECT_STORAGE_ENDPOINT}/${PUBLIC_KEY_BUCKET_NAME}/${PUBLIC_KEY_FILE} >public.asc
gpg --no-default-keyring --keyring ./${CUSTOM_KEYRING}.gpg --import public.asc
aptly mirror create -keyring="${CUSTOM_KEYRING}.gpg" current "${OBJECT_STORAGE_ENDPOINT}/${APT_BUCKET_NAME}" ${DISTRIBUTION}
# # Update the mirror to the latest state
# printf "\n>>> Updating mirror \n"
# aptly mirror update current
# Update the mirror to the latest state
printf "\n>>> Updating mirror \n"
aptly mirror update current
# # Create a snapshot of the mirror
# printf "\n>>> Creating snapshop from mirror \n"
# aptly snapshot create current-snapshot from mirror current
# Create a snapshot of the mirror
printf "\n>>> Creating snapshop from mirror \n"
aptly snapshot create current-snapshot from mirror current

@@ -45,8 +45,8 @@ # Create a new fresh local APT repo

# # Merge new-snapshot into current-snapshot creating a new snapshot updated-snapshot
# printf "\n>>> Merging snapshots \n"
# aptly snapshot pull -no-remove -architectures="amd64,i386,arm64" current-snapshot new-snapshot updated-snapshot ${DISTRIBUTION}
# Merge new-snapshot into current-snapshot creating a new snapshot updated-snapshot
printf "\n>>> Merging snapshots \n"
aptly snapshot pull -no-remove -architectures="amd64,i386,arm64" current-snapshot new-snapshot updated-snapshot ${DISTRIBUTION}
# Publish the new snapshot to the remote repo
printf "\n>>> Publishing updated snapshot \n"
aptly publish snapshot -gpg-key="${GPG_PRIVATE_KEY_ID}" -passphrase "${GPG_PASSPHRASE}" -config "${APTLY_CONFIG_FILE_PATH}" new-snapshot "s3:${APT_BUCKET_NAME}:"
aptly publish switch -gpg-key="${GPG_PRIVATE_KEY_ID}" -passphrase "${GPG_PASSPHRASE}" -config "${APTLY_CONFIG_FILE_PATH}" ${DISTRIBUTION} "s3:${APT_BUCKET_NAME}:" updated-snapshot