update env var scripts (#174)

Co-authored-by: JasonPowr <[email protected]>
securesign · Jan 31, 2024 · b035669 · b035669
1 parent d170c9a
commit b035669
Show file tree

Hide file tree

Showing 2 changed files with 29 additions and 10 deletions.
diff --git a/tas-easy-install.sh b/tas-easy-install.sh
@@ -72,12 +72,12 @@ export COSIGN_CERTIFICATE_OIDC_ISSUER=\$COSIGN_OIDC_ISSUER
 export COSIGN_YES="true"
 
 # Gitsign/Sigstore Variables
-export SIGSTORE_FULCIO_URL=\$FULCIO_URL
-export SIGSTORE_OIDC_ISSUER=\$OIDC_ISSUER_URL
-export SIGSTORE_REKOR_URL=\$REKOR_URL
+export SIGSTORE_FULCIO_URL=\$COSIGN_FULCIO_URL
+export SIGSTORE_OIDC_ISSUER=\$COSIGN_OIDC_ISSUER
+export SIGSTORE_REKOR_URL=\$COSIGN_REKOR_URL
 
 # Rekor CLI Variables
-export REKOR_REKOR_SERVER=\$REKOR_URL
+export REKOR_REKOR_SERVER=\$COSIGN_REKOR_URL
 EOL
 
     # Make the generated script executable

diff --git a/tas-installer/cmd/envgen.go b/tas-installer/cmd/envgen.go
@@ -32,13 +32,32 @@ func init() {
 func generateEnvVars() error {
 	baseHostname := kc.ClusterCommonName
 
-	scriptContent := `#!/bin/bash
-	export BASE_HOSTNAME=` + baseHostname + `
-	echo "Base hostname = $BASE_HOSTNAME"
-	export FULCIO_URL=https://fulcio.` + baseHostname + `
-	export REKOR_URL=https://rekor.` + baseHostname + `
-	export TUF_URL=https://tuf.` + baseHostname
+	scriptContent :=
+		`
+		#!/bin/bash
+		export BASE_HOSTNAME=` + baseHostname + `
+		echo "Base hostname = $BASE_HOSTNAME"
+		
+		export KEYCLOAK_REALM=sigstore
+		export KEYCLOAK_URL=https://keycloak-keycloak-system.\` + baseHostname + `
+		export TUF_URL=https://tuf.\` + baseHostname + `
+		export COSIGN_FULCIO_URL=https://fulcio.\` + baseHostname + `
+		export COSIGN_REKOR_URL=https://rekor.\` + baseHostname + `
+		export COSIGN_MIRROR=\https://tuf.\` + baseHostname + `
+		export COSIGN_ROOT=\https://tuf.\` + baseHostname + `/root.json
+		export COSIGN_OIDC_ISSUER=\https://keycloak-keycloak-system.\` + baseHostname + `/auth/realms/\sigstore
+		export COSIGN_CERTIFICATE_OIDC_ISSUER=\https://keycloak-keycloak-system.\` + baseHostname + `/auth/realms/\sigstore
+		export COSIGN_YES="true"
 
+		# Gitsign/Sigstore Variables
+		export SIGSTORE_FULCIO_URL=\https://fulcio.\` + baseHostname + `
+		export SIGSTORE_OIDC_ISSUER=\https://keycloak-keycloak-system.\` + baseHostname + `/auth/realms/\sigstore
+		export SIGSTORE_REKOR_URL=\https://rekor.\` + baseHostname + `
+
+		# Rekor CLI Variables
+		export REKOR_REKOR_SERVER=\https://rekor.\` + baseHostname + `
+		`
+
 	fileName := "tas-env-variables.sh"
 	file, err := os.Create(fileName)
 	if err != nil {