Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Verify checksum of downloaded utilities during CI #1322

Merged
merged 4 commits into from
Jan 15, 2022
Merged

Verify checksum of downloaded utilities during CI #1322

merged 4 commits into from
Jan 15, 2022

Conversation

bobcallaway
Copy link
Member

@bobcallaway bobcallaway commented Jan 15, 2022
edited
Loading

Switches to go install for kind and verifying checksum of reviewdog instead of curl | sh.

Fixes #1323

@dlorenc dlorenc merged commit 475c99d into sigstore:main Jan 15, 2022
@github-actions github-actions bot added this to the v1.5.0 milestone Jan 15, 2022
mlieberman85 pushed a commit to mlieberman85/cosign that referenced this pull request May 6, 2022
@bobcallaway @mlieberman85
Verify checksum of downloaded utilities during CI (sigstore#1322)
2e02d26 
* remove installs without verifying checksum

Signed-off-by: Bob Callaway <[email protected]>

* set path for extracted binary

Signed-off-by: Bob Callaway <[email protected]>

* add additional messages during install

Signed-off-by: Bob Callaway <[email protected]>

* install kind version from matrix set instead of hardcoding

Signed-off-by: Bob Callaway <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@dlorenc dlorenc dlorenc approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
v1.5.0
Development

Successfully merging this pull request may close these issues.

Fix code scanning alert - Pinned-Dependencies
2 participants
@bobcallaway @dlorenc