From 0a1d0a0062f1f51f8e600dcdc964193f65384a55 Mon Sep 17 00:00:00 2001
From: Siim Kallas <skallas@splunk.com>
Date: Wed, 8 Jan 2025 14:10:43 +0200
Subject: [PATCH] add checksum signing

---
 .gitlab-ci.yml | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index 5cf84d95..178f727e 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -15,6 +15,13 @@ stages:
   - npm run prepare-release-artifact
   - shasum -a 256 dist/* > dist/checksums.txt
 
+.checksums-sign: &checksums-sign
+  stage: checksum-sign
+  extends: .submit-signing-request
+  variables:
+    ARTIFACT: dist/checksums.txt
+    SIGN_TYPE: GPG
+
 oss-scan:
   stage: scan
   extends: .oss-scan
@@ -28,6 +35,7 @@ release:
     - if: $CI_COMMIT_TAG =~ /^v[0-9]+\.[0-9]+\.[0-9]+.*/
   script:
     - *prepare_dist
+    - *checksums_sign
     - npm run release:github
     - echo "//registry.npmjs.org/:_authToken=$NPM_TOKEN" > ~/.npmrc
     - npm publish ./dist/splunk-otel-${CI_COMMIT_REF_NAME:1}.tgz