For instance, if you are using Linux on an AMD64 architecture:
# Download the binary
curl -LO https://github.com/{{ .Env.GITHUB_REPOSITORY }}/releases/download/{{ .Tag }}/{{ .ProjectName }}-linux-amd64
# Move the binary in to your PATH
mv vendir-linux-amd64 /usr/local/bin/vendir
# Make the binary executable
chmod +x /usr/local/bin/vendir
Via Homebrew (macOS or Linux)
$ brew tap carvel-dev/carvel
$ brew install vendir
$ vendir version
The checksums file provided within the artifacts attached to this release is signed using Cosign with GitHub OIDC. To validate the signature of this file, run the following commands:
With this change release notes will look like:
:sparkles: What's new
New Contributors
@kumaritanushree made their first contribution in https://github.com/kumaritanushree/vendir/pull/1
Installation and signature verification
Installation
By downloading binary from the release
For instance, if you are using Linux on an AMD64 architecture:
Via Homebrew (macOS or Linux)
Verify checksums file signature
Need to install cosign on your system https://docs.sigstore.dev/system_config/installation/
The checksums file provided within the artifacts attached to this release is signed using Cosign with GitHub OIDC. To validate the signature of this file, run the following commands:
Verify binary integrity
To verify the integrity of the downloaded binary, you can utilize the checksums file after having validated its signature.
Full Changelog: https://github.com/kumaritanushree/vendir/compare/v0.0.28...v0.0.29
:open_file_folder: Files Checksum