-
Notifications
You must be signed in to change notification settings - Fork 0
61 lines (50 loc) · 2.13 KB
/
verify-integrity.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
name: Verify File Integrity
on: [push, pull_request]
jobs:
verify_hashes:
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v2
- name: Download openpgp.min.js from CDN
run: |
curl -o cdn_openpgp.min.js https://unpkg.com/[email protected]/dist/openpgp.min.js
- name: Download tailwind.min.css from CDN
run: |
curl -o cdn_tailwind.min.css https://cdn.jsdelivr.net/npm/[email protected]/dist/tailwind.min.css
- name: Calculate hash for openpgp.min.js from CDN
id: cdn_hash_openpgp
run: |
CDN_HASH_OPENPGP=$(sha256sum cdn_openpgp.min.js | awk '{ print $1 }')
echo "CDN_HASH_OPENPGP=${CDN_HASH_OPENPGP}" >> $GITHUB_ENV
- name: Calculate hash for tailwind.min.css from CDN
id: cdn_hash_tailwind
run: |
CDN_HASH_TAILWIND=$(sha256sum cdn_tailwind.min.css | awk '{ print $1 }')
echo "CDN_HASH_TAILWIND=${CDN_HASH_TAILWIND}" >> $GITHUB_ENV
- name: Calculate hash for local openpgp.min.js
id: local_hash_openpgp
run: |
LOCAL_HASH_OPENPGP=$(sha256sum public/scripts/openpgp.min.js | awk '{ print $1 }')
echo "LOCAL_HASH_OPENPGP=${LOCAL_HASH_OPENPGP}" >> $GITHUB_ENV
- name: Calculate hash for local tailwind.min.css
id: local_hash_tailwind
run: |
LOCAL_HASH_TAILWIND=$(sha256sum public/style/tailwind.min.css | awk '{ print $1 }')
echo "LOCAL_HASH_TAILWIND=${LOCAL_HASH_TAILWIND}" >> $GITHUB_ENV
- name: Verify hash for openpgp.min.js
run: |
if [ "$LOCAL_HASH_OPENPGP" != "$CDN_HASH_OPENPGP" ]; then
echo "Hash mismatch for openpgp.min.js. Expected: $CDN_HASH_OPENPGP, Found: $LOCAL_HASH_OPENPGP"
exit 1
else
echo "Hash for openpgp.min.js is verified successfully."
fi
- name: Verify hash for tailwind.min.css
run: |
if [ "$LOCAL_HASH_TAILWIND" != "$CDN_HASH_TAILWIND" ]; then
echo "Hash mismatch for tailwind.min.css. Expected: $CDN_HASH_TAILWIND, Found: $LOCAL_HASH_TAILWIND"
exit 1
else
echo "Hash for tailwind.min.css is verified successfully."
fi