Verify cnspec and cnquery are the correct version and only build pack…

…ages from exact versions Signed-off-by: Ben Rockwood <[email protected]>
mondoohq · May 25, 2023 · 9d7389d · 9d7389d
1 parent 704e600
commit 9d7389d
Show file tree

Hide file tree

Showing 2 changed files with 13 additions and 11 deletions.
diff --git a/.github/workflows/build_pkg.yaml b/.github/workflows/build_pkg.yaml
@@ -48,7 +48,10 @@ jobs:
           fi
           echo "Version: $VERSION"
           echo "version=${VERSION}" >> $GITHUB_OUTPUT
-
+      - name: Ensure version of cnquery and cnspec are available
+        run: |
+          curl -sL --head --fail https://github.com/mondoohq/cnquery/releases/download/v${VERSION}/cnquery_${VERSION}_darwin_amd64.tar.gz
+          curl -sL --head --fail https://github.com/mondoohq/cnspec/releases/download/v${VERSION}/cnspec_${VERSION}_darwin_amd64.tar.gz
       - name: Setup local keychain for signing certificates
         run: |
           KEYCHAIN_PATH=$RUNNER_TEMP/app-signing.keychain-db

diff --git a/scripts/mac/build-pkg.sh b/scripts/mac/build-pkg.sh
@@ -26,38 +26,37 @@ echo "Packaging Release ${VERSION}"
 
 ###############################################################################################################
 # Pull Latest Binaries & Create Universal Binaries
-for DIST in mondoo cnquery cnspec; do
+for DIST in cnquery cnspec; do
   cd $BLDDIR
 
   mkdir -p dist/${DIST}
   for ARCH in amd64 arm64; do
     cd ${BLDDIR}/dist/${DIST}
     echo "Downloading ${DIST} for ${ARCH}"
     mkdir ${ARCH} && cd ${ARCH}
-    curl -sL -o ${DIST}-${ARCH}.tgz https://install.mondoo.com/package/${DIST}/darwin/${ARCH}/tar.gz/latest/download
+    curl -sL -o ${DIST}-${ARCH}.tgz https://github.com/mondoohq/${DIST}/releases/download/v${VERSION}/${DIST}_${VERSION}_darwin_${ARCH}.tar.gz
     tar -xzf ${DIST}-${ARCH}.tgz
     rm ${DIST}-${ARCH}.tgz
   done
 
   cd $BLDDIR/dist/${DIST}
 
   echo "Creating Universal Binary for ${DIST}..."
-  if [ ${DIST} == 'mondoo' ]; then
-    cp amd64/${DIST} ${DIST}
-  else
-    /usr/bin/lipo -create -output ${DIST} amd64/${DIST} arm64/${DIST}
-    if [ ! -f ${DIST} ]; then
-      echo "ERROR: Failed to create universal ${DIST} binary"
-      exit 1
-    fi
+  /usr/bin/lipo -create -output ${DIST} amd64/${DIST} arm64/${DIST}
+  if [ ! -f ${DIST} ]; then
+    echo "ERROR: Failed to create universal ${DIST} binary"
+    exit 1
   fi
 
+
   echo "Code Signing ${DIST}..."
   codesign -s "${APPLE_KEYS_CODESIGN_ID}" -f -v --timestamp --options runtime ${DIST}
   mkdir -p ${BLDDIR}/scripts/mac/packager/application/bin/
   cp ${DIST} ${BLDDIR}/scripts/mac/packager/application/bin/
 done
 
+# Insert mondoo shim (to be removed in v9.x.x)
+curl -sL -o ${BLDDIR}/scripts/mac/packager/application/bin/mondoo https://raw.githubusercontent.com/mondoohq/installer/main/helper/mondoo.sh
 
 ###############################################################################################################
 echo "Building Package...."