Skip to content

v0.44.0

Latest
Latest
Compare
Choose a tag to compare
@github-actions github-actions released this 13 May 12:25
v0.44.0
7326502
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Installation and signature verification

Installation

By downloading binary from the release

For instance, if you are using Linux on an AMD64 architecture:

# Download the binary
curl -LO https://github.com/carvel-dev/vendir/releases/download/v0.44.0/vendir-linux-amd64

# Move the binary in to your PATH
mv vendir-linux-amd64 /usr/local/bin/vendir

# Make the binary executable
chmod +x /usr/local/bin/vendir

Via Homebrew (macOS or Linux)

$ brew tap carvel-dev/carvel
$ brew install vendir
$ vendir version

Verify checksums file signature

Install cosign on your system https://docs.sigstore.dev/system_config/installation/

The checksums file provided within the artifacts attached to this release is signed using Cosign with GitHub OIDC. To validate the signature of this file, run the following commands:

# Download the checksums file, certificate and signature
curl -LO https://github.com/carvel-dev/vendir/releases/download/v0.44.0/checksums.txt
curl -LO https://github.com/carvel-dev/vendir/releases/download/v0.44.0/checksums.txt.pem
curl -LO https://github.com/carvel-dev/vendir/releases/download/v0.44.0/checksums.txt.sig

# Verify the checksums file
cosign verify-blob checksums.txt \
  --certificate checksums.txt.pem \
  --signature checksums.txt.sig \
  --certificate-identity-regexp=https://github.com/carvel-dev \
  --certificate-oidc-issuer=https://token.actions.githubusercontent.com

Verify binary integrity

To verify the integrity of the downloaded binary, you can utilize the checksums file after having validated its signature.

# Verify the binary using the checksums file
sha256sum -c checksums.txt --ignore-missing

✨ What's new

Full Changelog: v0.43.0...v0.44.0

📂 Files Checksum

2a3c5b65a1ae399034b1c0e87d210cd7da828f1d855cbda4590e1a3f93406c77  ./vendir-darwin-arm64
5d203cc3877de691553ecb99af8e3836c8543f01d55680ca97a46897ff692f42  ./vendir-windows-amd64.exe
957b7ed5abc73a6a9948901a9d5cb6cf33e1d20b0400ab7016177519a339293e  ./vendir-darwin-amd64
a2befbb9dd4f174aac7a34fe0bd50b1e5dc356dadaed0183a24b817f2fd1d094  ./vendir-linux-amd64
db33e705d818f4fa1fb3c19bd97167219188650b96e307a8e72620329aec9a91  ./vendir-linux-arm64

Contributors

mohitsharma-in and devanshuVmware
Assets 10
Loading