mirror of
https://github.com/actions/runner-images.git
synced 2025-12-14 22:05:17 +00:00
[windows] pin checksum where avaiable (#9005)
Related: https://github.com/actions/runner-images-internal/issues/5489
This commit is contained in:
ilia-shipitsin
@@ -1,13 +1,14 @@
|
|||||||
################################################################################
|
################################################################################
|
||||||
## File: Install-MysqlCli.ps1
|
## File: Install-MysqlCli.ps1
|
||||||
## Desc: Install Mysql CLI
|
## Desc: Install Mysql CLI
|
||||||
|
## Supply chain security: checksum validation (visual c++ redistributable package)
|
||||||
################################################################################
|
################################################################################
|
||||||
|
|
||||||
# Installing visual c++ redistributable package.
|
# Installing visual c++ redistributable package.
|
||||||
Install-Binary `
|
Install-Binary `
|
||||||
-Url 'https://download.microsoft.com/download/0/5/6/056dcda9-d667-4e27-8001-8a0c6971d6b1/vcredist_x64.exe' `
|
-Url 'https://download.microsoft.com/download/0/5/6/056dcda9-d667-4e27-8001-8a0c6971d6b1/vcredist_x64.exe' `
|
||||||
-InstallArgs @("/install", "/quiet", "/norestart") `
|
-InstallArgs @("/install", "/quiet", "/norestart") `
|
||||||
-ExpectedSignature '3BDA323E552DB1FDE5F4FBEE75D6D5B2B187EEDC'
|
-ExpectedSHA256Sum '20E2645B7CD5873B1FA3462B99A665AC8D6E14AAE83DED9D875FEA35FFDD7D7E'
|
||||||
|
|
||||||
# Downloading mysql
|
# Downloading mysql
|
||||||
[version] $mysqlVersion = (Get-ToolsetContent).mysql.version
|
[version] $mysqlVersion = (Get-ToolsetContent).mysql.version
|
||||||
|
|||||||
@@ -1,12 +1,13 @@
|
|||||||
################################################################################
|
################################################################################
|
||||||
## File: Install-NET48-devpack.ps1
|
## File: Install-NET48-devpack.ps1
|
||||||
## Desc: Install .NET 4.8 devpack
|
## Desc: Install .NET 4.8 devpack
|
||||||
|
## Supply chain security: checksum validation
|
||||||
################################################################################
|
################################################################################
|
||||||
|
|
||||||
# .NET 4.8 Dev pack
|
# .NET 4.8 Dev pack
|
||||||
Install-Binary `
|
Install-Binary `
|
||||||
-Url 'https://download.visualstudio.microsoft.com/download/pr/014120d7-d689-4305-befd-3cb711108212/0307177e14752e359fde5423ab583e43/ndp48-devpack-enu.exe' `
|
-Url 'https://download.visualstudio.microsoft.com/download/pr/014120d7-d689-4305-befd-3cb711108212/0307177e14752e359fde5423ab583e43/ndp48-devpack-enu.exe' `
|
||||||
-InstallArgs @("Setup", "/passive", "/norestart") `
|
-InstallArgs @("Setup", "/passive", "/norestart") `
|
||||||
-ExpectedSignature 'C82273A065EC470FB1EBDE846A91E6FFB29E9C12'
|
-ExpectedSHA256Sum '0A7AC4A9B44CED6BB7A0EBF3AD9BA29F60BD4D3BEB2047E19F4D8749DE61F5AC'
|
||||||
|
|
||||||
Invoke-PesterTests -TestFile "Tools" -TestName "NET48"
|
Invoke-PesterTests -TestFile "Tools" -TestName "NET48"
|
||||||
|
|||||||
@@ -1,10 +1,11 @@
|
|||||||
################################################################################
|
################################################################################
|
||||||
## File: Install-NET48.ps1
|
## File: Install-NET48.ps1
|
||||||
## Desc: Install .NET 4.8
|
## Desc: Install .NET 4.8
|
||||||
|
## Supply chain security: checksum validation
|
||||||
################################################################################
|
################################################################################
|
||||||
|
|
||||||
# .NET 4.8 Dev pack
|
# .NET 4.8 Dev pack
|
||||||
Install-Binary `
|
Install-Binary `
|
||||||
-Url 'https://download.visualstudio.microsoft.com/download/pr/2d6bb6b2-226a-4baa-bdec-798822606ff1/8494001c276a4b96804cde7829c04d7f/ndp48-x86-x64-allos-enu.exe' `
|
-Url 'https://download.visualstudio.microsoft.com/download/pr/2d6bb6b2-226a-4baa-bdec-798822606ff1/8494001c276a4b96804cde7829c04d7f/ndp48-x86-x64-allos-enu.exe' `
|
||||||
-InstallArgs @("Setup", "/passive", "/norestart") `
|
-InstallArgs @("Setup", "/passive", "/norestart") `
|
||||||
-ExpectedSignature 'ABDCA79AF9DD48A0EA702AD45260B3C03093FB4B'
|
-ExpectedSHA256Sum '68C9986A8DCC0214D909AA1F31BEE9FB5461BB839EDCA996A75B08DDFFC1483F'
|
||||||
|
|||||||
@@ -2,6 +2,7 @@
|
|||||||
## File: Install-ServiceFabricSDK.ps1
|
## File: Install-ServiceFabricSDK.ps1
|
||||||
## Desc: Install webpicmd and then the service fabric sdk
|
## Desc: Install webpicmd and then the service fabric sdk
|
||||||
## must be install after Visual Studio
|
## must be install after Visual Studio
|
||||||
|
## Supply chain security: checksum validation
|
||||||
################################################################################
|
################################################################################
|
||||||
|
|
||||||
# Creating 'Installer' cache folder if it doesn't exist
|
# Creating 'Installer' cache folder if it doesn't exist
|
||||||
@@ -10,17 +11,19 @@ New-Item -Path 'C:\Windows\Installer' -ItemType Directory -Force
|
|||||||
# Get Service Fabric components versions
|
# Get Service Fabric components versions
|
||||||
$runtimeVersion = (Get-ToolsetContent).serviceFabric.runtime.version
|
$runtimeVersion = (Get-ToolsetContent).serviceFabric.runtime.version
|
||||||
$sdkVersion = (Get-ToolsetContent).serviceFabric.sdk.version
|
$sdkVersion = (Get-ToolsetContent).serviceFabric.sdk.version
|
||||||
|
|
||||||
$urlBase = "https://download.microsoft.com/download/b/8/a/b8a2fb98-0ec1-41e5-be98-9d8b5abf7856"
|
$urlBase = "https://download.microsoft.com/download/b/8/a/b8a2fb98-0ec1-41e5-be98-9d8b5abf7856"
|
||||||
|
|
||||||
# Install Service Fabric Runtime for Windows
|
# Install Service Fabric Runtime for Windows
|
||||||
Install-Binary `
|
Install-Binary `
|
||||||
-Url "${urlBase}/MicrosoftServiceFabric.${runtimeVersion}.exe" `
|
-Url "${urlBase}/MicrosoftServiceFabric.${runtimeVersion}.exe" `
|
||||||
-InstallArgs @("/accepteula ", "/quiet", "/force") `
|
-InstallArgs @("/accepteula ", "/quiet", "/force") `
|
||||||
-ExpectedSignature (Get-ToolsetContent).serviceFabric.runtime.signature
|
-ExpectedSHA256Sum (Get-ToolsetContent).serviceFabric.runtime.checksum
|
||||||
|
|
||||||
|
|
||||||
# Install Service Fabric SDK
|
# Install Service Fabric SDK
|
||||||
Install-Binary `
|
Install-Binary `
|
||||||
-Url "${urlBase}/MicrosoftServiceFabricSDK.${sdkVersion}.msi" `
|
-Url "${urlBase}/MicrosoftServiceFabricSDK.${sdkVersion}.msi" `
|
||||||
-ExpectedSignature (Get-ToolsetContent).serviceFabric.sdk.signature
|
-ExpectedSHA256Sum (Get-ToolsetContent).serviceFabric.sdk.checksum
|
||||||
|
|
||||||
Invoke-PesterTests -TestFile "Tools" -TestName "ServiceFabricSDK"
|
Invoke-PesterTests -TestFile "Tools" -TestName "ServiceFabricSDK"
|
||||||
|
|||||||
@@ -1,20 +1,20 @@
|
|||||||
################################################################################
|
################################################################################
|
||||||
## File: Install-VCRedist.ps1
|
## File: Install-VCRedist.ps1
|
||||||
## Desc: Install Visual C++ Redistributable
|
## Desc: Install Visual C++ Redistributable
|
||||||
|
## Supply chain security: checksum validation
|
||||||
################################################################################
|
################################################################################
|
||||||
|
|
||||||
$baseUrl = "https://download.microsoft.com/download/1/6/5/165255E7-1014-4D0A-B094-B6A430A6BFFC"
|
$baseUrl = "https://download.microsoft.com/download/1/6/5/165255E7-1014-4D0A-B094-B6A430A6BFFC"
|
||||||
$argumentList = ("/install", "/quiet", "/norestart")
|
$argumentList = ("/install", "/quiet", "/norestart")
|
||||||
$signatureThumbrint = "ABDCA79AF9DD48A0EA702AD45260B3C03093FB4B"
|
|
||||||
|
|
||||||
Install-Binary `
|
Install-Binary `
|
||||||
-Url "${baseUrl}/vcredist_x86.exe" `
|
-Url "${baseUrl}/vcredist_x86.exe" `
|
||||||
-InstallArgs $argumentList `
|
-InstallArgs $argumentList `
|
||||||
-ExpectedSignature $signatureThumbrint
|
-ExpectedSHA256Sum '99DCE3C841CC6028560830F7866C9CE2928C98CF3256892EF8E6CF755147B0D8'
|
||||||
|
|
||||||
Install-Binary `
|
Install-Binary `
|
||||||
-Url "${baseUrl}/vcredist_x64.exe" `
|
-Url "${baseUrl}/vcredist_x64.exe" `
|
||||||
-InstallArgs $argumentList `
|
-InstallArgs $argumentList `
|
||||||
-ExpectedSignature $signatureThumbrint
|
-ExpectedSHA256Sum 'F3B7A76D84D23F91957AA18456A14B4E90609E4CE8194C5653384ED38DADA6F3'
|
||||||
|
|
||||||
Invoke-PesterTests -TestFile "Tools" -TestName "VCRedist"
|
Invoke-PesterTests -TestFile "Tools" -TestName "VCRedist"
|
||||||
|
|||||||
@@ -412,11 +412,11 @@
|
|||||||
"serviceFabric": {
|
"serviceFabric": {
|
||||||
"runtime": {
|
"runtime": {
|
||||||
"version": "9.1.1436.9590",
|
"version": "9.1.1436.9590",
|
||||||
"signature": "AFBF0B8B6A18F7E23CCA1DDCD0AC1A55B4035173"
|
"checksum": "089F9BE6A63AF66C337E507B52082575C8ED330DF765259C6F2F13F900DA96D5"
|
||||||
},
|
},
|
||||||
"sdk": {
|
"sdk": {
|
||||||
"version": "6.1.1436",
|
"version": "6.1.1436",
|
||||||
"signature": "AFBF0B8B6A18F7E23CCA1DDCD0AC1A55B4035173"
|
"checksum": "D2A6B58315D08B6E46C2D25E91DFA1163136F70A5FA8CEF9DB147F07EE001AD1"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"dotnet": {
|
"dotnet": {
|
||||||
|
|||||||
@@ -353,11 +353,11 @@
|
|||||||
"serviceFabric": {
|
"serviceFabric": {
|
||||||
"runtime": {
|
"runtime": {
|
||||||
"version": "9.1.1436.9590",
|
"version": "9.1.1436.9590",
|
||||||
"signature": "AFBF0B8B6A18F7E23CCA1DDCD0AC1A55B4035173"
|
"checksum": "089F9BE6A63AF66C337E507B52082575C8ED330DF765259C6F2F13F900DA96D5"
|
||||||
},
|
},
|
||||||
"sdk": {
|
"sdk": {
|
||||||
"version": "6.1.1436",
|
"version": "6.1.1436",
|
||||||
"signature": "AFBF0B8B6A18F7E23CCA1DDCD0AC1A55B4035173"
|
"checksum": "D2A6B58315D08B6E46C2D25E91DFA1163136F70A5FA8CEF9DB147F07EE001AD1"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"dotnet": {
|
"dotnet": {
|
||||||
|
|||||||
Reference in New Issue
Block a user