search

gruntwork-io / health-checker

A simple HTTP server that will return 200 OK if all configured health checks pass.
MIT License
103 stars 36 forks source link

Add checksums to release files #14

Closed conn closed 5 years ago

conn commented 5 years ago

This is to address an unopened issue similar to: https://github.com/gruntwork-io/terragrunt/issues/610

The checksums of all binaries within bin/ will be saved within SHA256SUMS. The integrity of binaries can now be verified with this command: sha256sum --check --ignore-missing SHA256SUMS.

In the future, Gruntwork should consider using a PGP key to cryptographically sign this checksums file and to distribute the signature along with the rest of the release files. Doing so will likely require using private CI/CD infrastructure instead of CircleCI so that Gruntwork may have full control over their private signing key.

brikis98 commented 5 years ago

Looks like that worked perfectly, thank you!

https://github.com/gruntwork-io/health-checker/releases/tag/v0.0.4

conn commented 5 years ago

You're welcome!