2022-07-11 12:49:13 +00:00
## fleetdm/fleetctl
This docker image allows to run `fleetctl` in a Linux environment that has all
the necessary dependencies to package `msi` , `pkg` , `deb` and `rpm` packages.
### Usage
```
docker run fleetdm/fleetctl command [flags]
```
Build artifacts are generated at `/build` . To get a package using this image:
```
docker run -v "$(pwd):/build" fleetdm/fleetctl package --type=msi
```
### Building
This image needs to be built from the root of the repo in order for the build
context to have access to the `fleetctl` binary. To build the image, run:
```
make fleetctl-docker
```
2022-07-11 13:32:40 +00:00
2022-07-25 23:06:10 +00:00
#### macOS signing + notarization
To sign and notarize a generated `pkg` you must have:
1. A Developer ID certificate in PEM format
2. An Apple Store Connect API key
> Note: the Developer ID certificate must be in PEM format because this image
> can be run in automated enviroments where secrets are passed via environment
> variables, and thus they must be in plain text.
>
> To convert a PKCS 12 certificate to PEM, you can run the following command:
>
> ```
> openssl pkcs12 -in /path/to/cert.p12 -out signing-keypair.pem -nodes
> ```
Once you are set, you can build and notarize/staple your package with:
```
docker run -v "$(pwd):/build" fleetdm/fleetctl package --type=pkg \
--macos-devid-pem-content="$(cat /path/to/signing-keypair.pem)" \
--notarize \
--app-store-connect-api-key-id="A6DX865SKS" \
--app-store-connect-api-key-issuer="68911d4c-110c-4172-b9f7-b7efa30f9680 " \
--app-store-connect-api-key-content="$(cat /path/to/AuthKey_A6DX865SKS.p8)"
```
2022-07-11 13:32:40 +00:00
### Publishing
There's a GitHub workflow to build and publish this image to Docker Hub, currently it has to be triggered [manually ](https://docs.github.com/en/actions/managing-workflow-runs/manually-running-a-workflow ).
