andrewrothstein / ansible-trivy

MIT License
3 stars 2 forks source link

Bad checksum for Trivy 0.12? #2

Open ibrf opened 4 years ago

ibrf commented 4 years ago

I'm getting the following error in packer for Amazon Linux 2, Ubuntu 18.04, and Ubuntu 20.04:

amazon-ebs: "msg": "The checksum for /tmp/trivy_0.12.0_Linux-64bit.tar.gz did not match 4003d993d4b6b5673d4ef6e216578e8ac2bf6b439201a8e748a75fc68430c3f5; it was a8a3c381512bc76f449ad4c26b2a41b6ee70fdd2c57ac51d07153723a87110b7."

andrewrothstein commented 4 years ago

looks like AquaSec has been naughtily restating releases binaries. The role hold the shasums from when I committed the change to the role, on 19-OCT-2020 in this CI job: https://travis-ci.org/github/andrewrothstein/ansible-trivy/jobs/736953152#L309. Was there an announcement of a re-release of 0.12.0 that I definitely missed?