extern/hishtory
1
0
Fork 0
mirror of https://github.com/ddworken/hishtory.git synced 2025-02-23 05:51:08 +01:00
Code Issues Packages Projects Releases Wiki Activity

Add untested update operation that works with the new releases

Browse Source
This commit is contained in:
David Dworken 2022-04-17 12:30:46 -07:00
parent 1ab68a804c
commit be6ccbbcc6
2 changed files with 30 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
Makefile
View File

@ -32,6 +32,8 @@ release:
rm .slsa-goreleaser.yml
git add .slsa-goreleaser.yml
git commit -m "Release: finish releasing v0.`cat VERSION`" --no-verify
# Tag the release
gh release create v0.`cat VERSION` --generate-notes
# Push to trigger the releases
git push
git push --tags

34
client/lib/lib.go
View File

@ -441,17 +441,13 @@ func Update() error {
fmt.Printf("Latest version (v0.%s) is already installed\n", Version)
return nil
}
err = downloadFile("/tmp/hishtory-client", downloadData.LinuxAmd64Url)
if err != nil {
return err
}
err = downloadFile("/tmp/hishtory-client.intoto.jsonl", downloadData.LinuxAmd64AttestationUrl)
err = downloadFiles(downloadData)
if err != nil {
return err
}
// Verify the SLSA attestation
err = verifyBinary("/tmp/hishtory-client", "/tmp/hishtory-client.intoto.jsonl", downloadData.Version)
err = verifyBinary("/tmp/hishtory-client", "/tmp/hishtory-client.intoto.jsonl", downloadData.Version+"-"+runtime.GOOS+"-"+runtime.GOARCH)
if err != nil {
return fmt.Errorf("failed to verify SLSA provenance of the updated binary, aborting update: %v", err)
}
@ -481,6 +477,32 @@ func Update() error {
return nil
}
func downloadFiles(updateInfo shared.UpdateInfo) error {
clientUrl := ""
clientProvenanceUrl := ""
if runtime.GOOS == "linux" && runtime.GOARCH == "amd64" {
clientUrl = updateInfo.LinuxAmd64Url
clientProvenanceUrl = updateInfo.LinuxAmd64AttestationUrl
} else if runtime.GOOS == "darwin" && runtime.GOARCH == "amd64" {
clientUrl = updateInfo.DarwinAmd64Url
clientProvenanceUrl = updateInfo.DarwinAmd64AttestationUrl
} else if runtime.GOOS == "darwin" && runtime.GOARCH == "arm64" {
clientUrl = updateInfo.DarwinArm64Url
clientProvenanceUrl = updateInfo.DarwinArm64AttestationUrl
} else {
return fmt.Errorf("no update info found for GOOS=%s, GOARCH=%s", runtime.GOOS, runtime.GOARCH)
}
err := downloadFile("/tmp/hishtory-client", clientUrl)
if err != nil {
return err
}
err = downloadFile("/tmp/hishtory-client.intoto.jsonl", clientProvenanceUrl)
if err != nil {
return err
}
return nil
}
func downloadFile(filename, url string) error {
resp, err := http.Get(url)
if err != nil {