[Ubuntu] Add checksum validation for Aliyun CLI, CMake, Docker Compose v2 (#8612)

* Add checksums for Aliyun, CMake, Docker Compose v2

* After review changes

* Download Aliyun CLI from github release

images/linux/scripts/installers/docker.sh

@@ -2,6 +2,7 @@
 ################################################################################
 ##  File:  docker.sh
 ##  Desc:  Installs docker onto the image
+##  Supply chain security: Docker Compose v2 - checksum validation
 ################################################################################
 
 # Source the helpers for use with the script
@@ -19,8 +20,13 @@ apt-get install --no-install-recommends docker-ce docker-ce-cli containerd.io do
 
 # Install docker compose v2 from releases
 URL=$(get_github_package_download_url "docker/compose" "contains(\"compose-linux-x86_64\")")
-curl -fsSL $URL -o /usr/libexec/docker/cli-plugins/docker-compose
-chmod +x /usr/libexec/docker/cli-plugins/docker-compose
+curl -fsSL "${URL}" -o /tmp/docker-compose
+# Supply chain security - CMake
+hash_url=$(get_github_package_download_url "docker/compose" "contains(\"checksums.txt\")")
+external_hash=$(get_hash_from_remote_file "$hash_url" "compose-linux-x86_64")
+use_checksum_comparison "/tmp/docker-compose" "$external_hash"
+install /tmp/docker-compose /usr/libexec/docker/cli-plugins/docker-compose
+
 
 # docker from official repo introduced different GID generation: https://github.com/actions/runner-images/issues/8157
 gid=$(cut -d ":" -f 3 /etc/group | grep "^1..$" | sort -n | tail -n 1 | awk '{ print $1+1 }')