Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix(CI): add checksum of the added binary for more safety #633

Merged
merged 1 commit into from
Feb 22, 2024
Merged

fix(CI): add checksum of the added binary for more safety #633

merged 1 commit into from
Feb 22, 2024

Conversation

chouetz
Copy link
Member

@chouetz chouetz commented Feb 19, 2024

What does this PR do?

Complement #627 with a security verification

Which scenarios this will impact?

n/a

Motivation

security

Additional Notes

@chouetz chouetz requested a review from a team as a code owner February 19, 2024 10:21
chouquette
chouquette reviewed Feb 19, 2024
View reviewed changes
Dockerfile Outdated
@@ -7,6 +7,7 @@ ENV GO_VERSION=1.21.5
ENV GO_SHA=e2bc0b3e4b64111ec117295c088bde5f00eeed1567999ff77bc859d7df70078e
ENV HELM_VERSION=3.12.3
ENV HELM_SHA=1b2313cd198d45eab00cc37c38f6b1ca0a948ba279c29e322bdf426d406129b5
ENV CI_UPLOADER_SHA=873976f0f8de1073235cf558ea12c7b922b28e1be22dc1553bf56162beebf09d
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Not blocking, but I think this would be better suited to be an ARG, as we don't need the variable to be available while running the container

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I wanted to fit with the above, some of the declared ENV might be ARG as well I guess.
Updated, thanks

@chouetz chouetz force-pushed the nschweitzer/APL-2673/checksum branch from 967b1e6 to 7c5de11 Compare February 19, 2024 13:07
@chouetz chouetz force-pushed the nschweitzer/APL-2673/checksum branch from 7c5de11 to 2d4be5d Compare February 19, 2024 14:58
@chouetz
Copy link
Member Author

chouetz commented Feb 22, 2024

/merge

@dd-devflow
Copy link

dd-devflow bot commented Feb 22, 2024

🚂 MergeQueue

Pull request added to the queue.

This build is going to start soon! (estimated merge in less than 13m)

Use /merge -c to cancel this operation!

@dd-mergequeue dd-mergequeue bot merged commit c21f232 into main Feb 22, 2024
8 checks passed
@dd-mergequeue dd-mergequeue bot deleted the nschweitzer/APL-2673/checksum branch February 22, 2024 13:33
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@KevinFairise2 KevinFairise2 KevinFairise2 approved these changes

@spencergilbert spencergilbert spencergilbert approved these changes

@chouquette chouquette chouquette approved these changes

Assignees
No one assigned
Labels
mergequeue-status: done
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@chouetz @chouquette @spencergilbert @KevinFairise2