diff --git a/base/ubi10/Dockerfile b/base/ubi10/Dockerfile index 827ce782..6a965d1a 100644 --- a/base/ubi10/Dockerfile +++ b/base/ubi10/Dockerfile @@ -66,9 +66,13 @@ RUN \ esac && \ GH_TGZ="gh_${GH_VERSION}_${GH_ARCH}.tar.gz" && \ GH_TGZ_URL="https://github.com/cli/cli/releases/download/v${GH_VERSION}/${GH_TGZ}" && \ + GH_CHECKSUMS="gh_${GH_VERSION}_checksums.txt" && \ + GH_CHECKSUMS_URL="https://github.com/cli/cli/releases/download/v${GH_VERSION}/${GH_CHECKSUMS}" && \ echo "Downloading ${GH_TGZ_URL}..." && \ if curl -fsSL "${GH_TGZ_URL}" -o "${GH_TGZ}"; then \ - if file "${GH_TGZ}" | grep -q 'gzip compressed'; then \ + curl -fsSL "${GH_CHECKSUMS_URL}" -o "${GH_CHECKSUMS}" && \ + grep -F -e " ${GH_TGZ}" "${GH_CHECKSUMS}" > "${GH_TGZ}.sha256" && \ + if sha256sum -c "${GH_TGZ}.sha256"; then \ tar -zxv --no-same-owner -f "${GH_TGZ}" && \ mv "gh_${GH_VERSION}_${GH_ARCH}"/bin/gh /usr/local/bin/ && \ mv "gh_${GH_VERSION}_${GH_ARCH}"/share/man/man1/* /usr/local/share/man/man1; \ diff --git a/base/ubi9/Dockerfile b/base/ubi9/Dockerfile index 077c35b5..265d98ae 100644 --- a/base/ubi9/Dockerfile +++ b/base/ubi9/Dockerfile @@ -49,9 +49,13 @@ RUN \ esac && \ GH_TGZ="gh_${GH_VERSION}_${GH_ARCH}.tar.gz" && \ GH_TGZ_URL="https://github.com/cli/cli/releases/download/v${GH_VERSION}/${GH_TGZ}" && \ + GH_CHECKSUMS="gh_${GH_VERSION}_checksums.txt" && \ + GH_CHECKSUMS_URL="https://github.com/cli/cli/releases/download/v${GH_VERSION}/${GH_CHECKSUMS}" && \ echo "Downloading ${GH_TGZ_URL}..." && \ if curl -fsSL "${GH_TGZ_URL}" -o "${GH_TGZ}"; then \ - if file "${GH_TGZ}" | grep -q 'gzip compressed'; then \ + curl -fsSL "${GH_CHECKSUMS_URL}" -o "${GH_CHECKSUMS}" && \ + grep -F -e " ${GH_TGZ}" "${GH_CHECKSUMS}" > "${GH_TGZ}.sha256" && \ + if sha256sum -c "${GH_TGZ}.sha256"; then \ tar -zxv --no-same-owner -f "${GH_TGZ}" && \ mv "gh_${GH_VERSION}_${GH_ARCH}"/bin/gh /usr/local/bin/ && \ mv "gh_${GH_VERSION}_${GH_ARCH}"/share/man/man1/* /usr/local/share/man/man1; \