github/troubleshoot
1
0
Fork 0
mirror of https://github.com/replicatedhq/troubleshoot.git synced 2026-02-14 18:29:53 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
support-bundle-diffs
troubleshoot/scripts/initialize-sbom-build.sh
Tom Wieczorek 49fe355086 chore: Don't hardcode /bin/bash (#1011) 
Bash is not always installed in /bin/bash. Mitigate that by relying on
bash being in PATH.
2023-02-10 17:25:57 +00:00

28 lines
950 B
Bash
Executable File
Raw Permalink Blame History

#!/usr/bin/env bash
set -euo pipefail
if [ -n "${COSIGN_KEY}" ]
then
echo "Writing cosign key to file"
echo "${COSIGN_KEY}" | base64 -d > ./cosign.key
else
echo "ERROR: Missing COSIGN_KEY!"
fi
if ! command -v spdx-sbom-generator &> /dev/null
then
echo "Installing spdx-sbom-generator"
curl -L https://github.com/spdx/spdx-sbom-generator/releases/download/v0.0.13/spdx-sbom-generator-v0.0.13-linux-amd64.tar.gz -o ./sbom/spdx-sbom-generator.tar.gz
curl -L https://github.com/spdx/spdx-sbom-generator/releases/download/v0.0.13/spdx-sbom-generator-v0.0.13-linux-amd64.tar.gz.md5 -o ./sbom/spdx-sbom-generator.tar.gz.md5
md5sum ./sbom/spdx-sbom-generator.tar.gz | cut --bytes=1-32 > ./sbom/checksum
if ! cmp ./sbom/checksum ./sbom/spdx-sbom-generator.tar.gz.md5
then
echo "ERROR: spdx-sbom-generator.tar.gz md5 sum does not match!"
exit 1
fi
tar -xzvf ./sbom/spdx-sbom-generator.tar.gz -C sbom
fi
Reference in New Issue View Git Blame Copy Permalink