mirror of
https://github.com/edgelesssys/constellation.git
synced 2024-10-01 01:36:09 -04:00
misc: replace sha256sum with shasum -a 256 (#1681)
This commit is contained in:
parent
53d8a2d67e
commit
ec1d5e9fb5
@ -19,6 +19,6 @@ runs:
|
||||
curl -fsSLO ${OPERATOR_SDK_DL_URL}/checksums.txt
|
||||
curl -fsSLO ${OPERATOR_SDK_DL_URL}/checksums.txt.asc
|
||||
gpg -u "Operator SDK (release) <cncf-operator-sdk@cncf.io>" --verify checksums.txt.asc
|
||||
grep operator-sdk_${OS}_${ARCH} checksums.txt | sha256sum -c -
|
||||
grep operator-sdk_${OS}_${ARCH} checksums.txt | shasum -a 256 -c -
|
||||
chmod +x operator-sdk_${OS}_${ARCH} && sudo mv operator-sdk_${OS}_${ARCH} /usr/local/bin/operator-sdk
|
||||
rm checksums.txt checksums.txt.asc
|
||||
|
24
.github/workflows/build-os-image.yml
vendored
24
.github/workflows/build-os-image.yml
vendored
@ -117,10 +117,10 @@ jobs:
|
||||
working-directory: ${{ github.workspace }}/build
|
||||
run: |
|
||||
{
|
||||
echo "bootstrapper-sha256=$(sha256sum bootstrapper | head -c 64)"
|
||||
echo "disk-mapper-sha256=$(sha256sum disk-mapper | head -c 64)"
|
||||
echo "upgrade-agent-sha256=$(sha256sum upgrade-agent | head -c 64)"
|
||||
echo "measurement-reader-sha256=$(sha256sum measurement-reader | head -c 64)"
|
||||
echo "bootstrapper-sha256=$(shasum -a 256 bootstrapper | head -c 64)"
|
||||
echo "disk-mapper-sha256=$(shasum -a 256 disk-mapper | head -c 64)"
|
||||
echo "upgrade-agent-sha256=$(shasum -a 256 upgrade-agent | head -c 64)"
|
||||
echo "measurement-reader-sha256=$(shasum -a 256 measurement-reader | head -c 64)"
|
||||
} | tee -a "$GITHUB_OUTPUT"
|
||||
|
||||
build-settings:
|
||||
@ -322,14 +322,14 @@ jobs:
|
||||
working-directory: ${{ github.workspace }}/image/mkosi.output.${{ matrix.csp }}/fedora~37
|
||||
run: |
|
||||
{
|
||||
echo "image-raw-${{ matrix.csp }}-sha256=$(sha256sum image.raw | head -c 64)"
|
||||
echo "image-efi-${{ matrix.csp }}-sha256=$(sha256sum image.efi | head -c 64)"
|
||||
echo "image-initrd-${{ matrix.csp }}-sha256=$(sha256sum image.esp.raw | head -c 64)"
|
||||
echo "image-root-raw-${{ matrix.csp }}-sha256=$(sha256sum image.root-x86-64.raw | head -c 64)"
|
||||
echo "image-root-verity-${{ matrix.csp }}-sha256=$(sha256sum image.root-x86-64-verity.raw | head -c 64)"
|
||||
echo "image-vmlinuz-${{ matrix.csp }}-sha256=$(sha256sum image.vmlinuz | head -c 64)"
|
||||
echo "image-raw-changelog-${{ matrix.csp }}-sha256=$(sha256sum image.changelog | head -c 64)"
|
||||
echo "image-raw-manifest-${{ matrix.csp }}-sha256=$(sha256sum image.manifest | head -c 64)"
|
||||
echo "image-raw-${{ matrix.csp }}-sha256=$(shasum -a 256 image.raw | head -c 64)"
|
||||
echo "image-efi-${{ matrix.csp }}-sha256=$(shasum -a 256 image.efi | head -c 64)"
|
||||
echo "image-initrd-${{ matrix.csp }}-sha256=$(shasum -a 256 image.esp.raw | head -c 64)"
|
||||
echo "image-root-raw-${{ matrix.csp }}-sha256=$(shasum -a 256 image.root-x86-64.raw | head -c 64)"
|
||||
echo "image-root-verity-${{ matrix.csp }}-sha256=$(shasum -a 256 image.root-x86-64-verity.raw | head -c 64)"
|
||||
echo "image-vmlinuz-${{ matrix.csp }}-sha256=$(shasum -a 256 image.vmlinuz | head -c 64)"
|
||||
echo "image-raw-changelog-${{ matrix.csp }}-sha256=$(shasum -a 256 image.raw.changelog | head -c 64)"
|
||||
echo "image-raw-manifest-${{ matrix.csp }}-sha256=$(shasum -a 256 image.raw.manifest | head -c 64)"
|
||||
} | tee -a "$GITHUB_OUTPUT"
|
||||
|
||||
- name: Upload raw OS image as artifact
|
||||
|
2
.github/workflows/release-cli.yml
vendored
2
.github/workflows/release-cli.yml
vendored
@ -135,7 +135,7 @@ jobs:
|
||||
- name: Generate provenance subjects
|
||||
id: provenance-subjects
|
||||
run: |
|
||||
HASHES=$(sha256sum \
|
||||
HASHES=$(shasum -a 256 \
|
||||
constellation-darwin-amd64 \
|
||||
constellation-darwin-arm64 \
|
||||
constellation-linux-amd64 \
|
||||
|
4
.github/workflows/test-tidy.yml
vendored
4
.github/workflows/test-tidy.yml
vendored
@ -70,7 +70,7 @@ jobs:
|
||||
fi
|
||||
echo "Detected changes after tidy"
|
||||
echo "untidy=true" | tee -a "$GITHUB_OUTPUT"
|
||||
diffsum=$(echo "$diff" | sha256sum | cut -d' ' -f1)
|
||||
diffsum=$(echo "$diff" | shasum -a 256 | cut -d' ' -f1)
|
||||
echo "diffsum=${diffsum}" | tee -a "$GITHUB_OUTPUT"
|
||||
|
||||
- name: Run Bazel generate
|
||||
@ -82,7 +82,7 @@ jobs:
|
||||
shell: bash
|
||||
run: |
|
||||
diff=$(git diff)
|
||||
diffsum=$(echo "$diff" | sha256sum| cut -d' ' -f1)
|
||||
diffsum=$(echo "$diff" | shasum -a 256| cut -d' ' -f1)
|
||||
if [[ "${{ steps.untidy.outputs.diffsum }}" == "${diffsum}" ]]; then
|
||||
echo "Everything is tidy."
|
||||
echo "ungenerated=false" | tee -a "$GITHUB_OUTPUT"
|
||||
|
@ -11,7 +11,7 @@ debug_info() {
|
||||
|
||||
echo "Getting debug info"
|
||||
|
||||
sha256sum ./*.raw
|
||||
shasum -a 256 ./*.raw
|
||||
|
||||
ls -lisah
|
||||
|
||||
|
@ -39,7 +39,7 @@ for arch in "amd64" "arm64"; do
|
||||
for os in "linux" "darwin"; do
|
||||
echo "Building and uploading talos-docgen-${os}-${arch}"
|
||||
CGO_ENABLED="0" GOWORK="" GOOS="${os}" GOARCH="${arch}" go build -trimpath -ldflags="-buildid=" -o "talos-docgen-${os}-${arch}" .
|
||||
sum=$(sha256sum "talos-docgen-${os}-${arch}" | cut -d ' ' -f1) && echo "Binary sha256sum: ${sum}"
|
||||
sum=$(shasum -a 256 "talos-docgen-${os}-${arch}" | cut -d ' ' -f1) && echo "Binary sha256: ${sum}"
|
||||
file "talos-docgen-${os}-${arch}"
|
||||
aws s3 "${awsFlags[@]}" cp "./talos-docgen-${os}-${arch}" "${s3CASPath}/${sum}"
|
||||
echo
|
||||
|
@ -31,7 +31,7 @@ platforms=(
|
||||
)
|
||||
|
||||
for platform in "${platforms[@]}"; do
|
||||
computed_hash=$(sha256sum "${pseudo_version_tools[$platform]}" | cut -d' ' -f1)
|
||||
computed_hash=$(shasum -a 256 "${pseudo_version_tools[$platform]}" | cut -d' ' -f1)
|
||||
# compare hash to saved hash in ${BUILD_WORKSPACE_DIRECTORY}/tools/pseudo_version_${platform}.sha256
|
||||
saved_hash=$(cat "${BUILD_WORKSPACE_DIRECTORY}/tools/pseudo_version_${platform}.sha256")
|
||||
if [[ ${computed_hash} != "${saved_hash}" ]]; then
|
||||
|
@ -26,7 +26,7 @@ cmdline_measure() {
|
||||
# convert to utf-16le and add a null terminator
|
||||
iconv -f utf-8 -t utf-16le "${path}" -o "${tmp}"
|
||||
truncate -s +2 "${tmp}"
|
||||
sha256sum "${tmp}" | cut -d " " -f 1
|
||||
shasum -a 256 "${tmp}" | cut -d " " -f 1
|
||||
rm "${tmp}"
|
||||
}
|
||||
|
||||
@ -62,11 +62,11 @@ cmdline_hash=$(cmdline_measure "${DIR}/cmdline")
|
||||
cleanup "${DIR}"
|
||||
|
||||
expected_pcr_12=0000000000000000000000000000000000000000000000000000000000000000
|
||||
expected_pcr_12=$(pcr_extend "${expected_pcr_12}" "${cmdline_hash}" "sha256sum")
|
||||
expected_pcr_12=$(pcr_extend "${expected_pcr_12}" "${cmdline_hash}" "shasum -a 256")
|
||||
if [[ ${CSP} == "azure" ]]; then
|
||||
# Azure displays the boot menu
|
||||
# triggering an extra measurement of the kernel command line.
|
||||
expected_pcr_12=$(pcr_extend "${expected_pcr_12}" "${cmdline_hash}" "sha256sum")
|
||||
expected_pcr_12=$(pcr_extend "${expected_pcr_12}" "${cmdline_hash}" "shasum -a 256")
|
||||
fi
|
||||
|
||||
echo "Kernel commandline: ${cmdline}"
|
||||
|
@ -20,7 +20,7 @@ get_initrd_from_uki() {
|
||||
|
||||
initrd_measure() {
|
||||
local path="$1"
|
||||
sha256sum "${path}" | cut -d " " -f 1
|
||||
shasum -a 256 "${path}" | cut -d " " -f 1
|
||||
}
|
||||
|
||||
write_output() {
|
||||
|
@ -21,7 +21,7 @@ for platform in "${platforms[@]}"; do
|
||||
echo "Building for ${platform}..."
|
||||
target="//hack/pseudo-version:pseudo_version_${platform}"
|
||||
cp "$(bazel cquery --config nostamp --output=files "${target}")" "${dir}/pseudo_version_${platform}"
|
||||
sha256="$(sha256sum "${dir}/pseudo_version_${platform}" | cut -d ' ' -f 1)"
|
||||
sha256="$(shasum -a 256 "${dir}/pseudo_version_${platform}" | cut -d ' ' -f 1)"
|
||||
echo "${platform} ${sha256}" | tee -a "${dir}/checksums.txt"
|
||||
aws s3 cp "${dir}/pseudo_version_${platform}" "s3://${bucket}/constellation/cas/sha256/${sha256}"
|
||||
echo "${sha256}" > "${workspace_dir}/tools/pseudo_version_${platform}.sha256"
|
||||
|
Loading…
Reference in New Issue
Block a user