RUST-1921 Upload signature files to s3 (#1129)

mongodb · Jun 11, 2024 · 71956b4 · 71956b4
1 parent 895f0c1
commit 71956b4
Show file tree

Hide file tree

Showing 2 changed files with 21 additions and 1 deletion.
diff --git a/.evergreen/release-build-vars.sh b/.evergreen/release-build-vars.sh
@@ -13,8 +13,10 @@ CRATE_VERSION=$(cargo metadata --format-version=1 --no-deps | jq --raw-output '.
 rm secrets-export.sh
 
 PAPERTRAIL_PRODUCT="rust-driver"
+TEST_PREFIX=""
 if [[ "${DRY_RUN:-}" == "yes" ]]; then
   PAPERTRAIL_PRODUCT="rust-driver-testing"
+  TEST_PREFIX="testing-"
 fi
 
 cat <<EOT >release-expansion.yml
@@ -27,4 +29,7 @@ ARTIFACTORY_USERNAME: "${ARTIFACTORY_USERNAME}"
 ARTIFACTORY_PASSWORD: "${ARTIFACTORY_PASSWORD}"
 GARASIGN_USERNAME: "${GARASIGN_USERNAME}"
 GARASIGN_PASSWORD: "${GARASIGN_PASSWORD}"
+S3_UPLOAD_AWS_KEY: "${S3_UPLOAD_AWS_KEY}"
+S3_UPLOAD_AWS_SECRET: "${S3_UPLOAD_AWS_SECRET}"
+TEST_PREFIX: "${TEST_PREFIX}"
 EOT
diff --git a/.evergreen/releases.yml b/.evergreen/releases.yml
@@ -158,8 +158,23 @@ functions:
         args:
           - .evergreen/release-sign.sh
 
+  # Note for debugging: the links generated by Evergreen for these files will
+  # return a "permission denied" error; this is expected and a consequence of
+  # s3 configuration.  The files can be viewed/downloaded by replacing the host
+  # portion of the URL with `downloads.mongodb.org`.
   "save signature":
-    command: s3.push
+    - command: s3.put
+      params:
+        aws_key: ${S3_UPLOAD_AWS_KEY}
+        aws_secret: ${S3_UPLOAD_AWS_SECRET}
+        local_files_include_filter:
+          - src/mongodb-${CRATE_VERSION}.sig
+          - src/mongodb-internal-macros-${CRATE_VERSION}.sig
+        remote_file: rust-driver/${TEST_PREFIX}
+        bucket: cdn-origin-rust-driver
+        permissions: private
+        content_type: text/plain
+        display_name: signature-
 
 tasks:
   - name: "publish-release"