Last active
January 24, 2020 21:57
-
-
Save mmastoras/1f141618e80d56218c0a1ae94c842558 to your computer and use it in GitHub Desktop.
Hashicorp verify sigs
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Used by hashicorp | |
FROM debian:buster-slim | |
ARG CONSUL_VERSION=1.6.2 | |
ARG VAULT_VERSION=1.3.2 | |
ENV BIN_DIR=/bin | |
# Install required packages | |
RUN set -eux && \ | |
apt-get update && \ | |
DEBIAN_FRONTEND=noninteractive \ | |
apt-get install -y --no-install-recommends \ | |
ca-certificates \ | |
curl \ | |
dirmngr \ | |
gnupg \ | |
jq \ | |
netcat \ | |
wget \ | |
unzip && \ | |
rm -rf /var/lib/apt/lists/* | |
# import trust | |
COPY hashicorp.asc / | |
COPY hashicorp.trust / | |
RUN gpg --import hashicorp.asc && \ | |
gpg --import-ownertrust hashicorp.trust && \ | |
rm hashicorp.asc && \ | |
rm hashicorp.trust | |
# Download consul cli and verify signatures | |
RUN wget -q https://releases.hashicorp.com/consul/${CONSUL_VERSION}/consul_${CONSUL_VERSION}_linux_amd64.zip && \ | |
curl -Os https://releases.hashicorp.com/consul/${CONSUL_VERSION}/consul_${CONSUL_VERSION}_SHA256SUMS && \ | |
curl -Os https://releases.hashicorp.com/consul/${CONSUL_VERSION}/consul_${CONSUL_VERSION}_SHA256SUMS.sig && \ | |
gpg --verify consul_${CONSUL_VERSION}_SHA256SUMS.sig consul_${CONSUL_VERSION}_SHA256SUMS && \ | |
sha256sum --ignore-missing -c consul_${CONSUL_VERSION}_SHA256SUMS && \ | |
unzip consul_${CONSUL_VERSION}_linux_amd64.zip && \ | |
mv consul $BIN_DIR/. && \ | |
rm -f consul_${CONSUL_VERSION}_linux_amd64.zip | |
# Download vault cli and verify signatures | |
RUN wget -q https://releases.hashicorp.com/vault/${VAULT_VERSION}/vault_${VAULT_VERSION}_linux_amd64.zip && \ | |
curl -Os https://releases.hashicorp.com/vault/${VAULT_VERSION}/vault_${VAULT_VERSION}_SHA256SUMS && \ | |
curl -Os https://releases.hashicorp.com/vault/${VAULT_VERSION}/vault_${VAULT_VERSION}_SHA256SUMS.sig && \ | |
gpg --verify vault_${VAULT_VERSION}_SHA256SUMS.sig vault_${VAULT_VERSION}_SHA256SUMS && \ | |
sha256sum --ignore-missing -c vault_${VAULT_VERSION}_SHA256SUMS && \ | |
unzip vault_${VAULT_VERSION}_linux_amd64.zip && \ | |
mv vault $BIN_DIR/. && \ | |
rm -f vault_${VAULT_VERSION}_linux_amd64.zip && \ | |
rm -f vault_${VERSION}_SHA256SUMS && \ | |
rm -f vault_${VERSION}_SHA256SUMS.sig | |
CMD /bin/bash |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment