stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 3 Releases Wiki Activity
Files
75de089ee8db33cf7d7451b53036b5d05067fb4b
git.stella-ops.org/devops/tools/signals-verify-evidence-tar.sh
StellaOps Bot c786faae84 CD/CD consolidation
2025-12-26 18:11:06 +02:00

25 lines
728 B
Bash
Raw Blame History

#!/usr/bin/env bash
set -euo pipefail
TAR_PATH=${1:-evidence-locker/signals/2025-12-05/signals-evidence.tar}
EXPECTED_SHA=${EXPECTED_SHA:-a17910b8e90aaf44d4546057db22cdc791105dd41feb14f0c9b7c8bac5392e0d}
if [[ ! -f "$TAR_PATH" ]]; then
echo "missing tar: $TAR_PATH" >&2
exit 1
fi
sha=$(sha256sum "$TAR_PATH" | awk '{print $1}')
if [[ -n "$EXPECTED_SHA" && "$sha" != "$EXPECTED_SHA" ]]; then
echo "sha mismatch: got $sha expected $EXPECTED_SHA" >&2
exit 2
fi
tmpdir=$(mktemp -d)
trap 'rm -rf "$tmpdir"' EXIT
tar -xf "$TAR_PATH" -C "$tmpdir"
(cd "$tmpdir/evidence-locker/signals/2025-12-05" && sha256sum --check SHA256SUMS)
echo "OK: tar hash=${sha} (expected=${EXPECTED_SHA:-<not set>}); inner SHA256SUMS verified"
Reference in New Issue View Git Blame Copy Permalink