TianMa431/ssh-action
10
0
Fork 0
mirror of https://github.com/appleboy/ssh-action.git synced 2026-05-25 12:55:18 +08:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity

Verify drone-ssh binary checksum after download

Browse Source 
Download checksums.txt from the drone-ssh release alongside the binary and verify it. Protects against tampered or corrupted release artifacts.
This commit is contained in:
Andrea Lorenzetti 2026-05-02 15:07:25 +02:00
parent 1530429296
commit 3f19ce98ab
No known key found for this signature in database
GPG Key ID: 11C26012331FA2EC
1 changed files with 11 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
entrypoint.sh
View File

@ -62,6 +62,17 @@ else
log_error "Downloaded file is missing or empty: ${TARGET}" "${ERR_INVALID_BINARY}" log_error "Downloaded file is missing or empty: ${TARGET}" "${ERR_INVALID_BINARY}"
fi fi
# Download checksum file
if ! curl -fsSL --retry 5 --keepalive-time 2 --location ${INSECURE_OPTION} \
"${DOWNLOAD_URL_PREFIX}/checksums.txt" -o "${GITHUB_ACTION_PATH}/checksums.txt"; then
log_error "Failed to download checksums.txt from ${DOWNLOAD_URL_PREFIX}." "${ERR_DOWNLOAD_FAILED}"
fi
# Verify checksum
if ! (cd "${GITHUB_ACTION_PATH}" && shasum -c checksums.txt --ignore-missing); then
log_error "Checksum verification failed for ${CLIENT_BINARY}." "${ERR_INVALID_BINARY}"
fi
chmod +x "${TARGET}" chmod +x "${TARGET}"
fi fi