Fix conditionals

Only consider signing for windows
pulumi · Dec 11, 2024 · 6f0ba36 · 6f0ba36
1 parent 2cfcded
commit 6f0ba36
Showing 1 changed file with 20 additions and 18 deletions.
diff --git a/Makefile b/Makefile
@@ -257,24 +257,26 @@ bin/%/$(PROVIDER) bin/%/$(PROVIDER).exe: .make/provider_mod_download .make/prebu
 		CGO_ENABLED=0 go build -o ${WORKING_DIR}/$@ $(VERSION_FLAGS) $(PROJECT)/v2/provider/cmd/$(PROVIDER)
 	@# Only sign if configured. Test variables set by joining with | between and looking for || showing at least one variable is empty
 	set -e; \
-	if [[ "${TARGET}" = "windows-amd64" && "|${AZURE_SIGNING_CLIENT_ID}|${AZURE_SIGNING_CLIENT_SECRET}|${AZURE_SIGNING_TENANT_ID}|${AZURE_SIGNING_KEY_VAULT_URI}|" == *"||"* ]]; then \
-		echo "Skipping signing as required configuration not set: AZURE_SIGNING_CLIENT_ID, AZURE_SIGNING_CLIENT_SECRET, AZURE_SIGNING_TENANT_ID, AZURE_SIGNING_KEY_VAULT_URI"; \
-		echo "To rebuild with signing delete the unsigned $@ and re-run with the fixed configuration"; \
-	else \
-		az login --service-principal \
-			--username "${AZURE_SIGNING_CLIENT_ID}" \
-			--password "${AZURE_SIGNING_CLIENT_SECRET}" \
-			--tenant "${AZURE_SIGNING_TENANT_ID}" \
-			--output none; \
-		ACCESS_TOKEN=$$(az account get-access-token --resource "https://vault.azure.net" | jq -r .accessToken); \
-		wget https://github.com/ebourg/jsign/releases/download/6.0/jsign-6.0.jar --output-document=bin/jsign-6.0.jar; \
-		java -jar bin/jsign-6.0.jar \
-			--storetype AZUREKEYVAULT \
-			--keystore "PulumiCodeSigning" \
-			--url "${AZURE_SIGNING_KEY_VAULT_URI}" \
-			--storepass "$${ACCESS_TOKEN}" \
-			$@; \
-		az logout; \
+	if [[ "${TARGET}" = "windows-amd64" ]]; then \
+		if [[ "|${AZURE_SIGNING_CLIENT_ID}|${AZURE_SIGNING_CLIENT_SECRET}|${AZURE_SIGNING_TENANT_ID}|${AZURE_SIGNING_KEY_VAULT_URI}|" == *"||"* ]]; then \
+			echo "Skipping signing as required configuration not set: AZURE_SIGNING_CLIENT_ID, AZURE_SIGNING_CLIENT_SECRET, AZURE_SIGNING_TENANT_ID, AZURE_SIGNING_KEY_VAULT_URI"; \
+			echo "To rebuild with signing delete the unsigned $@ and re-run with the fixed configuration"; \
+		else \
+			az login --service-principal \
+				--username "${AZURE_SIGNING_CLIENT_ID}" \
+				--password "${AZURE_SIGNING_CLIENT_SECRET}" \
+				--tenant "${AZURE_SIGNING_TENANT_ID}" \
+				--output none; \
+			ACCESS_TOKEN=$$(az account get-access-token --resource "https://vault.azure.net" | jq -r .accessToken); \
+			wget https://github.com/ebourg/jsign/releases/download/6.0/jsign-6.0.jar --output-document=bin/jsign-6.0.jar; \
+			java -jar bin/jsign-6.0.jar \
+				--storetype AZUREKEYVAULT \
+				--keystore "PulumiCodeSigning" \
+				--url "${AZURE_SIGNING_KEY_VAULT_URI}" \
+				--storepass "$${ACCESS_TOKEN}" \
+				$@; \
+			az logout; \
+		fi; \
 	fi
 
 dist/$(PROVIDER)-v$(PROVIDER_VERSION)-linux-amd64.tar.gz: bin/linux-amd64/$(PROVIDER)