actions/runner-images
1
0
Fork 0
mirror of https://github.com/actions/runner-images.git synced 2025-12-20 06:35:47 +00:00
Code Issues Packages Projects Releases Wiki Activity

[Ubuntu] Add checksum validation for Aliyun CLI, CMake, Docker Compose v2 (#8612)

Browse Source 
* Add checksums for Aliyun, CMake, Docker Compose v2

* After review changes

* Download Aliyun CLI from github release
This commit is contained in:
Erik Bershel
2023-10-22 15:47:36 +02:00
committed by GitHub
parent 62cd627ce7
commit 6a98903627
4 changed files with 68 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
images/linux/scripts/installers/aliyun-cli.sh
View File

@@ -2,6 +2,7 @@
################################################################################
## File: aliyun-cli.sh
## Desc: Installs Alibaba Cloud CLI
## Supply chain security: Alibaba Cloud CLI - checksum validation
################################################################################
# Source the helpers for use with the script
@@ -11,14 +12,22 @@ source $HELPER_SCRIPTS/install.sh
# Install Alibaba Cloud CLI
# Pin tool version on ubuntu20 due to issues with GLIBC_2.32 not available
if isUbuntu20; then
toolsetVersion=$(get_toolset_value '.aliyunCli.version')
downloadUrl="https://github.com/aliyun/aliyun-cli/releases/download/v$toolsetVersion/aliyun-cli-linux-$toolsetVersion-amd64.tgz"
toolset_version=$(get_toolset_value '.aliyunCli.version')
download_url="https://github.com/aliyun/aliyun-cli/releases/download/v$toolset_version/aliyun-cli-linux-$toolset_version-amd64.tgz"
hash_url="https://github.com/aliyun/aliyun-cli/releases/download/v$toolset_version/SHASUMS256.txt"
else
downloadUrl="https://aliyuncli.alicdn.com/aliyun-cli-linux-latest-amd64.tgz"
download_url=$(get_github_package_download_url "aliyun/aliyun-cli" "contains(\"aliyun-cli-linux\") and endswith(\"amd64.tgz\")")
hash_url="https://github.com/aliyun/aliyun-cli/releases/latest/download/SHASUMS256.txt"
fi
download_with_retries $downloadUrl "/tmp"
tar xzf /tmp/aliyun-cli-linux-*-amd64.tgz
package_name="aliyun-cli-linux-amd64.tgz"
download_with_retries "$download_url" "/tmp" "$package_name"
# Supply chain security - Alibaba Cloud CLI
external_hash=$(get_hash_from_remote_file "$hash_url" "aliyun-cli-linux" "amd64.tgz")
use_checksum_comparison "/tmp/$package_name" "$external_hash"
tar xzf "/tmp/$package_name"
mv aliyun /usr/local/bin
invoke_tests "CLI.Tools" "Aliyun CLI"