actions/runner-images-sangeeth
1
0
Fork 0
mirror of https://github.com/actions/runner-images-sangeeth.git synced 2025-12-20 06:29:50 +00:00
Code Issues Packages Projects Releases Wiki Activity

[Ubuntu] Add more checksum validations (#8660)

Browse Source
This commit is contained in:
Erik Bershel
2023-11-02 15:40:32 +01:00
committed by GitHub
parent 3146c7010e
commit 53416cd923
9 changed files with 86 additions and 41 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
images/linux/scripts/installers/pulumi.sh
View File

@@ -2,15 +2,20 @@
################################################################################
## File: pulumi.sh
## Desc: Installs Pulumi
## Supply chain security: Pulumi - checksum validation
################################################################################
# Source the helpers for use with the script
source $HELPER_SCRIPTS/install.sh
# Install Pulumi
VERSION=$(curl -fsSL "https://www.pulumi.com/latest-version")
TARBALL_URL="https://get.pulumi.com/releases/sdk/pulumi-v${VERSION}-linux-x64.tar.gz"
download_with_retries ${TARBALL_URL} "/tmp" pulumi-v${VERSION}.tar.gz
tar --strip=1 -xf /tmp/pulumi-v${VERSION}.tar.gz -C /usr/local/bin
# Dowload Pulumi
version=$(curl -fsSL "https://www.pulumi.com/latest-version")
URL="https://get.pulumi.com/releases/sdk/pulumi-v${version}-linux-x64.tar.gz"
download_with_retries "${URL}" "/tmp" "pulumi-v${version}.tar.gz"
# Supply chain security - Pulumi
external_hash=$(get_hash_from_remote_file "https://github.com/pulumi/pulumi/releases/download/v${version}/SHA512SUMS" "linux-x64.tar.gz")
use_checksum_comparison "/tmp/pulumi-v${version}.tar.gz" "${external_hash}" "512"
# Unzipping Pulumi
tar --strip=1 -xf "/tmp/pulumi-v${version}.tar.gz" -C /usr/local/bin
invoke_tests "Tools" "Pulumi"