extern/hishtory
1
0
Fork 0
mirror of https://github.com/ddworken/hishtory.git synced 2025-06-03 00:45:47 +02:00
Code Issues Packages Projects Releases Wiki Activity

Add untested update operation that works with the new releases

Browse Source
This commit is contained in:
David Dworken 2022-04-17 12:30:46 -07:00
parent 1ab68a804c
commit be6ccbbcc6
2 changed files with 30 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
Makefile
View File

@ -32,6 +32,8 @@ release:
rm .slsa-goreleaser.yml rm .slsa-goreleaser.yml
git add .slsa-goreleaser.yml git add .slsa-goreleaser.yml
git commit -m "Release: finish releasing v0.`cat VERSION`" --no-verify git commit -m "Release: finish releasing v0.`cat VERSION`" --no-verify
# Tag the release
gh release create v0.`cat VERSION` --generate-notes
# Push to trigger the releases # Push to trigger the releases
git push git push
git push --tags git push --tags

34
client/lib/lib.go
View File

@ -441,17 +441,13 @@ func Update() error {
fmt.Printf("Latest version (v0.%s) is already installed\n", Version) fmt.Printf("Latest version (v0.%s) is already installed\n", Version)
return nil return nil
} }
err = downloadFile("/tmp/hishtory-client", downloadData.LinuxAmd64Url) err = downloadFiles(downloadData)
if err != nil {
return err
}
err = downloadFile("/tmp/hishtory-client.intoto.jsonl", downloadData.LinuxAmd64AttestationUrl)
if err != nil { if err != nil {
return err return err
} }
// Verify the SLSA attestation // Verify the SLSA attestation
err = verifyBinary("/tmp/hishtory-client", "/tmp/hishtory-client.intoto.jsonl", downloadData.Version) err = verifyBinary("/tmp/hishtory-client", "/tmp/hishtory-client.intoto.jsonl", downloadData.Version+"-"+runtime.GOOS+"-"+runtime.GOARCH)
if err != nil { if err != nil {
return fmt.Errorf("failed to verify SLSA provenance of the updated binary, aborting update: %v", err) return fmt.Errorf("failed to verify SLSA provenance of the updated binary, aborting update: %v", err)
} }
@ -481,6 +477,32 @@ func Update() error {
return nil return nil
} }
func downloadFiles(updateInfo shared.UpdateInfo) error {
clientUrl := ""
clientProvenanceUrl := ""
if runtime.GOOS == "linux" && runtime.GOARCH == "amd64" {
clientUrl = updateInfo.LinuxAmd64Url
clientProvenanceUrl = updateInfo.LinuxAmd64AttestationUrl
} else if runtime.GOOS == "darwin" && runtime.GOARCH == "amd64" {
clientUrl = updateInfo.DarwinAmd64Url
clientProvenanceUrl = updateInfo.DarwinAmd64AttestationUrl
} else if runtime.GOOS == "darwin" && runtime.GOARCH == "arm64" {
clientUrl = updateInfo.DarwinArm64Url
clientProvenanceUrl = updateInfo.DarwinArm64AttestationUrl
} else {
return fmt.Errorf("no update info found for GOOS=%s, GOARCH=%s", runtime.GOOS, runtime.GOARCH)
}
err := downloadFile("/tmp/hishtory-client", clientUrl)
if err != nil {
return err
}
err = downloadFile("/tmp/hishtory-client.intoto.jsonl", clientProvenanceUrl)
if err != nil {
return err
}
return nil
}
func downloadFile(filename, url string) error { func downloadFile(filename, url string) error {
resp, err := http.Get(url) resp, err := http.Get(url)
if err != nil { if err != nil {