actions/runner-images
1
0
Fork 0
mirror of https://github.com/actions/runner-images.git synced 2025-12-15 22:26:56 +00:00
Code Issues Packages Projects Releases Wiki Activity

[Ubuntu] Pin sha256 for docker-compose and Alibaba Cloud CLI (#8790)

Browse Source 
* pin sha256 for docker-compose and Alibaba Cloud CLI

* fix syntax in condition
This commit is contained in:
sergei-pyshnoi
2023-11-17 16:31:49 +01:00
committed by GitHub
parent 07e8da79f8
commit 50ae10289a
3 changed files with 9 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
images/ubuntu/scripts/build/aliyun-cli.sh
View File

@@ -14,7 +14,6 @@ source $HELPER_SCRIPTS/install.sh
if isUbuntu20; then
toolset_version=$(get_toolset_value '.aliyunCli.version')
download_url="https://github.com/aliyun/aliyun-cli/releases/download/v$toolset_version/aliyun-cli-linux-$toolset_version-amd64.tgz"
hash_url="https://github.com/aliyun/aliyun-cli/releases/download/v$toolset_version/SHASUMS256.txt"
else
download_url=$(get_github_package_download_url "aliyun/aliyun-cli" "contains(\"aliyun-cli-linux\") and endswith(\"amd64.tgz\")")
hash_url="https://github.com/aliyun/aliyun-cli/releases/latest/download/SHASUMS256.txt"
@@ -24,7 +23,12 @@ package_name="aliyun-cli-linux-amd64.tgz"
download_with_retries "$download_url" "/tmp" "$package_name"
# Supply chain security - Alibaba Cloud CLI
external_hash=$(get_hash_from_remote_file "$hash_url" "aliyun-cli-linux" "amd64.tgz")
if isUbuntu20; then
external_hash=$(get_toolset_value '.aliyunCli.sha256')
else
external_hash=$(get_hash_from_remote_file "$hash_url" "aliyun-cli-linux" "amd64.tgz")
fi
use_checksum_comparison "/tmp/$package_name" "$external_hash"
tar xzf "/tmp/$package_name"

2
images/ubuntu/scripts/build/docker-compose.sh
View File

@@ -13,7 +13,7 @@ URL="https://github.com/docker/compose/releases/download/1.29.2/docker-compose-L
curl -fsSL "${URL}" -o /tmp/docker-compose-v1
# Supply chain security - Docker Compose v1
external_hash=$(get_hash_from_remote_file "${URL}.sha256" "compose-Linux-x86_64")
external_hash="f3f10cf3dbb8107e9ba2ea5f23c1d2159ff7321d16f0a23051d68d8e2547b323"
use_checksum_comparison "/tmp/docker-compose-v1" "${external_hash}"
install /tmp/docker-compose-v1 /usr/local/bin/docker-compose

3
images/ubuntu/toolsets/toolset-2004.json
View File

@@ -369,6 +369,7 @@
"version": "7.2"
},
"aliyunCli": {
"version": "3.0.174"
"version": "3.0.174",
"sha256": "0c51028a7a32fc02c8de855f73e273556f957115eb5624565738f9b9f83a50ba"
}
}