lima icon indicating copy to clipboard operation
lima copied to clipboard

Published 20 hours ago verified publisher icon lima-vm

Add ability for verifiable download of binary artefacts for use in provision scripts

Open iilyak opened this issue 3 years ago • 0 comments

Description

Currently if a certain tool is needed in provision script and integrity protection is required the only option is to:

  1. detect machine architecture to construct correct url
  2. use curl to download the tool
  3. use sha256 to verify the integrity of downloaded binary
  4. chmod +x

It would be extremely useful if lima could do this job for us. It could be implemented similarly as it is done for images and containerd.arhives

provision:
# `system` is executed with the root privilege
  - mode: system
    artifacts:
    - location: "https://github.com/twpayne/chezmoi/releases/download/v2.15.1/chezmoi-linux-amd64.tar.gz"
       arch: "x86_64"
       digest: "sha256:de5e632e17b8965f2baf4ea6d2b824788e154d9a65df4fd419ec4019898e15cd"
       install_cmd: "tar -zxf {}"

iilyak avatar Apr 26 '22 21:04 iilyak