diff options
| author | superherointj <5861043+superherointj@users.noreply.github.com> | 2024-04-15 14:03:42 -0300 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2024-04-15 14:03:42 -0300 |
| commit | 7d7fedcedea7b082f566e75bfed7aed7950f07e3 (patch) | |
| tree | 2a56141e31a9a4f2845ddb743d9caed794355599 /pkgs | |
| parent | 8c874a0735e71c30fdfc4438dd42481c877a1df2 (diff) | |
| parent | 7801483ab9e2587bdeef6cc5d7da7e7e499851e1 (diff) | |
Merge pull request #304318 from superherointj/fluxcd-update-script-use-sri-hash
fluxcd: use SRI hash in update script
Diffstat (limited to 'pkgs')
| -rw-r--r-- | pkgs/applications/networking/cluster/fluxcd/default.nix | 4 | ||||
| -rwxr-xr-x | pkgs/applications/networking/cluster/fluxcd/update.sh | 2 |
2 files changed, 4 insertions, 2 deletions
diff --git a/pkgs/applications/networking/cluster/fluxcd/default.nix b/pkgs/applications/networking/cluster/fluxcd/default.nix index 709ab087d26af..3f3b08f398143 100644 --- a/pkgs/applications/networking/cluster/fluxcd/default.nix +++ b/pkgs/applications/networking/cluster/fluxcd/default.nix @@ -8,8 +8,8 @@ let version = "2.2.3"; - sha256 = "12rrai56hl86213lsi8i4qrah0v7a36nks38g5373imyl9g497ym"; - manifestsSha256 = "1hmzmzijpx49hh2ykv7vw3jp02dxr4qn3r1dma56g7b4nbk7aa8x"; + sha256 = "sha256-1Z9EXqK+xnFGeWjoac1QZwOoMiYRRU1HEAZRaEpUOYs="; + manifestsSha256 = "sha256-HSl15rJknWeKqi3kYTHJvQlw5eD77OkFhIn0K+Ovv8I="; manifests = fetchzip { url = diff --git a/pkgs/applications/networking/cluster/fluxcd/update.sh b/pkgs/applications/networking/cluster/fluxcd/update.sh index f252d587daaf3..1763b37d33285 100755 --- a/pkgs/applications/networking/cluster/fluxcd/update.sh +++ b/pkgs/applications/networking/cluster/fluxcd/update.sh @@ -12,7 +12,9 @@ LATEST_VERSION=$(echo ${LATEST_TAG} | sed 's/^v//') if [ ! "$OLD_VERSION" = "$LATEST_VERSION" ]; then SHA256=$(nix-prefetch-url --quiet --unpack https://github.com/fluxcd/flux2/archive/refs/tags/${LATEST_TAG}.tar.gz) + SHA256=$(nix hash to-sri --type sha256 $SHA256) SPEC_SHA256=$(nix-prefetch-url --quiet --unpack https://github.com/fluxcd/flux2/releases/download/${LATEST_TAG}/manifests.tar.gz) + SPEC_SHA256=$(nix hash to-sri --type sha256 $SPEC_SHA256) setKV () { sed -i "s|$1 = \".*\"|$1 = \"${2:-}\"|" "${FLUXCD_PATH}/default.nix" |