-
Notifications
You must be signed in to change notification settings - Fork 38
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Use checksum from Hook release: #66
Conversation
Hook now provides a checksum file. Use it to verify downloads of Hook. Signed-off-by: Jacob Weinstock <jakobweinstock@gmail.com>
wget "$f" | ||
done | ||
sha512sum -c checksum.txt | ||
for f in *.tar.gz; do tar --no-same-permissions --overwrite -ozxvf "$f" && rm -f "$f"; done |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Are we confident files aren't going to overwrite each other from the double untar? What about future changes? Would it be safer to use a subdirectory?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
by double tar, do you mean the 2 iterations in the for loop? If so, there shouldnt be a concern. The vmlinuz and initramfs for each arch (x86_64 and arm) are named differently.
Sorry, i dont know if i follow what a subdirectory provides us?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
are you saying download to a temp dir and extract to the final location instead of downloading to the final dir?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
hmm...regardless. I'll download to a tmp directory.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
done
Signed-off-by: Jacob Weinstock <jakobweinstock@gmail.com>
Description
Hook now provides a checksum file. Use it to verify downloads of Hook.
Why is this needed
Fixes: #
How Has This Been Tested?
Manually tested.
How are existing users impacted? What migration steps/scripts do we need?
Checklist:
I have: