Closed jpalomaki closed 3 years ago
@brikis98 :wave: Would it possible to retroactively add SHA256SUMS
release assets for older terragrunt
releases (I for one would feel better installing w/integrity check, rather than just emitting a warning about skipped checksum check)? On a related note: are there plans to PGP sign terragrunt releases (like terraform does it)?
Possible? Yes. But from a time perspective, I don't think it's something we'll be able to get to any time soon. We do plan to sign all our releases too, but again, time constraints are going to be the issue, and I'm not sure when we'll get to it.
Possible? Yes. But from a time perspective, I don't think it's something we'll be able to get to any time soon. We do plan to sign all our releases too, but again, time constraints are going to be the issue, and I'm not sure when we'll get to it.
Understood. Logging a warning for older releases is then probably the best course of action here. Thanks for the quick reply. :+1:
Install emits: