actions/runner-images
1
0
Fork 0
mirror of https://github.com/actions/runner-images.git synced 2026-01-03 08:37:57 +08:00
Code Issues Packages Projects Releases Wiki Activity

[Windows] Refactor helpers that verify hashsum and signature (#8886)

Browse Source
This commit is contained in:
Vasilii Polikarpov
2023-11-30 09:22:14 +01:00
committed by GitHub
parent abb81511d4
commit 92e22bd8c6
17 changed files with 151 additions and 109 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
images/windows/scripts/build/Install-AliyunCli.ps1
View File

@@ -12,10 +12,9 @@ $downloadUrl = ($assets.browser_download_url -ilike "*aliyun-cli-windows-*-amd64
$packagePath = Invoke-DownloadWithRetry $downloadUrl
#region Supply chain security - Alibaba Cloud CLI
$fileHash = (Get-FileHash -Path $packagePath -Algorithm SHA256).Hash
$hashUrl = ($assets.browser_download_url -ilike "*SHASUMS256.txt*") | Select-Object -First 1
$externalHash = (Invoke-RestMethod -Uri $hashURL).ToString().Split("`n").Where({ $_ -ilike "*$installerFileName*" }).Split(' ')[0]
Use-ChecksumComparison $fileHash $externalHash
Test-FileChecksum $packagePath -ExpectedSHA256Sum $externalHash
#endregion
Write-Host "Expand aliyun-cli archive"