step-security/harden-runner
1
0
Fork 0
mirror of https://github.com/step-security/harden-runner.git synced 2026-06-07 22:47:12 +00:00
Code Issues Projects Releases Packages Wiki Activity

Merge pull request #138 from step-security/rel-v1.4.3

Browse source 
Release v1.4.3
This commit is contained in:
Varun Sharma 2022-05-01 18:10:31 -07:00 committed by GitHub
commit 82d7a423d9
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
5 changed files with 6 additions and 6 deletions
Download patch file Download diff file Expand all files Collapse all files

4
dist/pre/index.js vendored
View file

@ -6274,7 +6274,7 @@ function verifyChecksum(downloadPath) {
const checksum = external_crypto_.createHash("sha256")
.update(fileBuffer)
.digest("hex"); // checksum of downloaded file
const expectedChecksum = "c9fa91c602954155391c9da6318560d7fb5998155660e4948175c9ab8690716c"; // checksum for v0.9.3
const expectedChecksum = "c1286b469a2ad8657d69cf96dfaa5b9166ee6fa46d46fcb9d454d5851aa964bd"; // checksum for v0.9.4
if (checksum !== expectedChecksum) {
core.setFailed(`Checksum verification failed, expected ${expectedChecksum} instead got ${checksum}`);
}
@ -6383,7 +6383,7 @@ var __awaiter = (undefined && undefined.__awaiter) || function (thisArg, _argume
// Note: to avoid github rate limiting
let token = core.getInput("token");
let auth = `token ${token}`;
const downloadPath = yield tool_cache.downloadTool("https://github.com/step-security/agent/releases/download/v0.9.3/agent_0.9.3_linux_amd64.tar.gz", undefined, auth);
const downloadPath = yield tool_cache.downloadTool("https://github.com/step-security/agent/releases/download/v0.9.4/agent_0.9.4_linux_amd64.tar.gz", undefined, auth);
verifyChecksum(downloadPath); // NOTE: verifying agent's checksum, before extracting
const extractPath = yield tool_cache.extractTar(downloadPath);
console.log(`Step Security Job Correlation ID: ${correlation_id}`);

2
dist/pre/index.js.map vendored
View file

File diff suppressed because one or more lines are too long

2
package.json
View file

@ -1,6 +1,6 @@
{
"name": "step-security-harden-runner",
"version": "1.4.2",
"version": "1.4.3",
"description": "Security agent for GitHub-hosted runner to monitor the build process",
"main": "index.js",
"scripts": {

2
src/checksum.ts
View file

@ -10,7 +10,7 @@ export function verifyChecksum(downloadPath: string) {
.digest("hex"); // checksum of downloaded file
const expectedChecksum: string =
"c9fa91c602954155391c9da6318560d7fb5998155660e4948175c9ab8690716c"; // checksum for v0.9.3
"c1286b469a2ad8657d69cf96dfaa5b9166ee6fa46d46fcb9d454d5851aa964bd"; // checksum for v0.9.4
if (checksum !== expectedChecksum) {
core.setFailed(

2
src/setup.ts
View file

@ -71,7 +71,7 @@ import isDocker from "is-docker";
let auth = `token ${token}`;
const downloadPath: string = await tc.downloadTool(
"https://github.com/step-security/agent/releases/download/v0.9.3/agent_0.9.3_linux_amd64.tar.gz",
"https://github.com/step-security/agent/releases/download/v0.9.4/agent_0.9.4_linux_amd64.tar.gz",
undefined,
auth
);