Skip to content

Commit

Permalink
Verify SHA256 checksum of plugin installation manager tool (#1868)
Browse files Browse the repository at this point in the history
  • Loading branch information
basil authored May 2, 2024
1 parent a1d00d9 commit 01d0ac9
Show file tree
Hide file tree
Showing 15 changed files with 70 additions and 29 deletions.
7 changes: 5 additions & 2 deletions 11/almalinux/almalinux8/hotspot/Dockerfile
Original file line number Diff line number Diff line change
Expand Up @@ -105,9 +105,12 @@ ENV JENKINS_UC_EXPERIMENTAL=https://updates.jenkins.io/experimental
ENV JENKINS_INCREMENTALS_REPO_MIRROR=https://repo.jenkins-ci.org/incrementals
RUN chown -R ${user} "$JENKINS_HOME" "$REF"

ARG PLUGIN_CLI_VERSION=2.12.15
ARG PLUGIN_CLI_VERSION=2.12.17
ARG PLUGIN_CLI_URL=https://github.com/jenkinsci/plugin-installation-manager-tool/releases/download/${PLUGIN_CLI_VERSION}/jenkins-plugin-manager-${PLUGIN_CLI_VERSION}.jar
RUN curl -fsSL ${PLUGIN_CLI_URL} -o /opt/jenkins-plugin-manager.jar
RUN curl -fsSL ${PLUGIN_CLI_URL} -o /opt/jenkins-plugin-manager.jar \
&& echo "$(curl -fsSL "${PLUGIN_CLI_URL}.sha256") /opt/jenkins-plugin-manager.jar" >/tmp/jenkins_sha \
&& sha256sum -c --strict /tmp/jenkins_sha \
&& rm -f /tmp/jenkins_sha

# for main web interface:
EXPOSE ${http_port}
Expand Down
7 changes: 5 additions & 2 deletions 11/alpine/hotspot/Dockerfile
Original file line number Diff line number Diff line change
Expand Up @@ -104,9 +104,12 @@ ENV JENKINS_UC_EXPERIMENTAL=https://updates.jenkins.io/experimental
ENV JENKINS_INCREMENTALS_REPO_MIRROR=https://repo.jenkins-ci.org/incrementals
RUN chown -R ${user} "$JENKINS_HOME" "$REF"

ARG PLUGIN_CLI_VERSION=2.12.15
ARG PLUGIN_CLI_VERSION=2.12.17
ARG PLUGIN_CLI_URL=https://github.com/jenkinsci/plugin-installation-manager-tool/releases/download/${PLUGIN_CLI_VERSION}/jenkins-plugin-manager-${PLUGIN_CLI_VERSION}.jar
RUN curl -fsSL ${PLUGIN_CLI_URL} -o /opt/jenkins-plugin-manager.jar
RUN curl -fsSL ${PLUGIN_CLI_URL} -o /opt/jenkins-plugin-manager.jar \
&& echo "$(curl -fsSL "${PLUGIN_CLI_URL}.sha256") /opt/jenkins-plugin-manager.jar" >/tmp/jenkins_sha \
&& sha256sum -c --strict /tmp/jenkins_sha \
&& rm -f /tmp/jenkins_sha

# for main web interface:
EXPOSE ${http_port}
Expand Down
7 changes: 5 additions & 2 deletions 11/debian/bookworm-slim/hotspot/Dockerfile
Original file line number Diff line number Diff line change
Expand Up @@ -114,9 +114,12 @@ ENV JENKINS_UC_EXPERIMENTAL=https://updates.jenkins.io/experimental
ENV JENKINS_INCREMENTALS_REPO_MIRROR=https://repo.jenkins-ci.org/incrementals
RUN chown -R ${user} "$JENKINS_HOME" "$REF"

ARG PLUGIN_CLI_VERSION=2.12.15
ARG PLUGIN_CLI_VERSION=2.12.17
ARG PLUGIN_CLI_URL=https://github.com/jenkinsci/plugin-installation-manager-tool/releases/download/${PLUGIN_CLI_VERSION}/jenkins-plugin-manager-${PLUGIN_CLI_VERSION}.jar
RUN curl -fsSL ${PLUGIN_CLI_URL} -o /opt/jenkins-plugin-manager.jar
RUN curl -fsSL ${PLUGIN_CLI_URL} -o /opt/jenkins-plugin-manager.jar \
&& echo "$(curl -fsSL "${PLUGIN_CLI_URL}.sha256") /opt/jenkins-plugin-manager.jar" >/tmp/jenkins_sha \
&& sha256sum -c --strict /tmp/jenkins_sha \
&& rm -f /tmp/jenkins_sha

# for main web interface:
EXPOSE ${http_port}
Expand Down
7 changes: 5 additions & 2 deletions 11/debian/bookworm/hotspot/Dockerfile
Original file line number Diff line number Diff line change
Expand Up @@ -114,9 +114,12 @@ ENV JENKINS_UC_EXPERIMENTAL=https://updates.jenkins.io/experimental
ENV JENKINS_INCREMENTALS_REPO_MIRROR=https://repo.jenkins-ci.org/incrementals
RUN chown -R ${user} "$JENKINS_HOME" "$REF"

ARG PLUGIN_CLI_VERSION=2.12.15
ARG PLUGIN_CLI_VERSION=2.12.17
ARG PLUGIN_CLI_URL=https://github.com/jenkinsci/plugin-installation-manager-tool/releases/download/${PLUGIN_CLI_VERSION}/jenkins-plugin-manager-${PLUGIN_CLI_VERSION}.jar
RUN curl -fsSL ${PLUGIN_CLI_URL} -o /opt/jenkins-plugin-manager.jar
RUN curl -fsSL ${PLUGIN_CLI_URL} -o /opt/jenkins-plugin-manager.jar \
&& echo "$(curl -fsSL "${PLUGIN_CLI_URL}.sha256") /opt/jenkins-plugin-manager.jar" >/tmp/jenkins_sha \
&& sha256sum -c --strict /tmp/jenkins_sha \
&& rm -f /tmp/jenkins_sha

# for main web interface:
EXPOSE ${http_port}
Expand Down
7 changes: 5 additions & 2 deletions 11/rhel/ubi8/hotspot/Dockerfile
Original file line number Diff line number Diff line change
Expand Up @@ -108,9 +108,12 @@ ENV JENKINS_UC_EXPERIMENTAL=https://updates.jenkins.io/experimental
ENV JENKINS_INCREMENTALS_REPO_MIRROR=https://repo.jenkins-ci.org/incrementals
RUN chown -R ${user} "$JENKINS_HOME" "$REF"

ARG PLUGIN_CLI_VERSION=2.12.15
ARG PLUGIN_CLI_VERSION=2.12.17
ARG PLUGIN_CLI_URL=https://github.com/jenkinsci/plugin-installation-manager-tool/releases/download/${PLUGIN_CLI_VERSION}/jenkins-plugin-manager-${PLUGIN_CLI_VERSION}.jar
RUN curl -fsSL ${PLUGIN_CLI_URL} -o /opt/jenkins-plugin-manager.jar
RUN curl -fsSL ${PLUGIN_CLI_URL} -o /opt/jenkins-plugin-manager.jar \
&& echo "$(curl -fsSL "${PLUGIN_CLI_URL}.sha256") /opt/jenkins-plugin-manager.jar" >/tmp/jenkins_sha \
&& sha256sum -c --strict /tmp/jenkins_sha \
&& rm -f /tmp/jenkins_sha

# for main web interface:
EXPOSE ${http_port}
Expand Down
7 changes: 5 additions & 2 deletions 17/alpine/hotspot/Dockerfile
Original file line number Diff line number Diff line change
Expand Up @@ -105,9 +105,12 @@ ENV JENKINS_UC_EXPERIMENTAL=https://updates.jenkins.io/experimental
ENV JENKINS_INCREMENTALS_REPO_MIRROR=https://repo.jenkins-ci.org/incrementals
RUN chown -R ${user} "$JENKINS_HOME" "$REF"

ARG PLUGIN_CLI_VERSION=2.12.15
ARG PLUGIN_CLI_VERSION=2.12.17
ARG PLUGIN_CLI_URL=https://github.com/jenkinsci/plugin-installation-manager-tool/releases/download/${PLUGIN_CLI_VERSION}/jenkins-plugin-manager-${PLUGIN_CLI_VERSION}.jar
RUN curl -fsSL ${PLUGIN_CLI_URL} -o /opt/jenkins-plugin-manager.jar
RUN curl -fsSL ${PLUGIN_CLI_URL} -o /opt/jenkins-plugin-manager.jar \
&& echo "$(curl -fsSL "${PLUGIN_CLI_URL}.sha256") /opt/jenkins-plugin-manager.jar" >/tmp/jenkins_sha \
&& sha256sum -c --strict /tmp/jenkins_sha \
&& rm -f /tmp/jenkins_sha

# for main web interface:
EXPOSE ${http_port}
Expand Down
7 changes: 5 additions & 2 deletions 17/debian/bookworm-slim/hotspot/Dockerfile
Original file line number Diff line number Diff line change
Expand Up @@ -114,9 +114,12 @@ ENV JENKINS_UC_EXPERIMENTAL=https://updates.jenkins.io/experimental
ENV JENKINS_INCREMENTALS_REPO_MIRROR=https://repo.jenkins-ci.org/incrementals
RUN chown -R ${user} "$JENKINS_HOME" "$REF"

ARG PLUGIN_CLI_VERSION=2.12.15
ARG PLUGIN_CLI_VERSION=2.12.17
ARG PLUGIN_CLI_URL=https://github.com/jenkinsci/plugin-installation-manager-tool/releases/download/${PLUGIN_CLI_VERSION}/jenkins-plugin-manager-${PLUGIN_CLI_VERSION}.jar
RUN curl -fsSL ${PLUGIN_CLI_URL} -o /opt/jenkins-plugin-manager.jar
RUN curl -fsSL ${PLUGIN_CLI_URL} -o /opt/jenkins-plugin-manager.jar \
&& echo "$(curl -fsSL "${PLUGIN_CLI_URL}.sha256") /opt/jenkins-plugin-manager.jar" >/tmp/jenkins_sha \
&& sha256sum -c --strict /tmp/jenkins_sha \
&& rm -f /tmp/jenkins_sha

# for main web interface:
EXPOSE ${http_port}
Expand Down
7 changes: 5 additions & 2 deletions 17/debian/bookworm/hotspot/Dockerfile
Original file line number Diff line number Diff line change
Expand Up @@ -114,9 +114,12 @@ ENV JENKINS_UC_EXPERIMENTAL=https://updates.jenkins.io/experimental
ENV JENKINS_INCREMENTALS_REPO_MIRROR=https://repo.jenkins-ci.org/incrementals
RUN chown -R ${user} "$JENKINS_HOME" "$REF"

ARG PLUGIN_CLI_VERSION=2.12.15
ARG PLUGIN_CLI_VERSION=2.12.17
ARG PLUGIN_CLI_URL=https://github.com/jenkinsci/plugin-installation-manager-tool/releases/download/${PLUGIN_CLI_VERSION}/jenkins-plugin-manager-${PLUGIN_CLI_VERSION}.jar
RUN curl -fsSL ${PLUGIN_CLI_URL} -o /opt/jenkins-plugin-manager.jar
RUN curl -fsSL ${PLUGIN_CLI_URL} -o /opt/jenkins-plugin-manager.jar \
&& echo "$(curl -fsSL "${PLUGIN_CLI_URL}.sha256") /opt/jenkins-plugin-manager.jar" >/tmp/jenkins_sha \
&& sha256sum -c --strict /tmp/jenkins_sha \
&& rm -f /tmp/jenkins_sha

# for main web interface:
EXPOSE ${http_port}
Expand Down
7 changes: 5 additions & 2 deletions 17/rhel/ubi9/hotspot/Dockerfile
Original file line number Diff line number Diff line change
Expand Up @@ -107,9 +107,12 @@ ENV JENKINS_UC_EXPERIMENTAL=https://updates.jenkins.io/experimental
ENV JENKINS_INCREMENTALS_REPO_MIRROR=https://repo.jenkins-ci.org/incrementals
RUN chown -R ${user} "$JENKINS_HOME" "$REF"

ARG PLUGIN_CLI_VERSION=2.12.15
ARG PLUGIN_CLI_VERSION=2.12.17
ARG PLUGIN_CLI_URL=https://github.com/jenkinsci/plugin-installation-manager-tool/releases/download/${PLUGIN_CLI_VERSION}/jenkins-plugin-manager-${PLUGIN_CLI_VERSION}.jar
RUN curl -fsSL ${PLUGIN_CLI_URL} -o /opt/jenkins-plugin-manager.jar
RUN curl -fsSL ${PLUGIN_CLI_URL} -o /opt/jenkins-plugin-manager.jar \
&& echo "$(curl -fsSL "${PLUGIN_CLI_URL}.sha256") /opt/jenkins-plugin-manager.jar" >/tmp/jenkins_sha \
&& sha256sum -c --strict /tmp/jenkins_sha \
&& rm -f /tmp/jenkins_sha

# for main web interface:
EXPOSE ${http_port}
Expand Down
7 changes: 5 additions & 2 deletions 21/alpine/hotspot/Dockerfile
Original file line number Diff line number Diff line change
Expand Up @@ -104,9 +104,12 @@ ENV JENKINS_UC_EXPERIMENTAL=https://updates.jenkins.io/experimental
ENV JENKINS_INCREMENTALS_REPO_MIRROR=https://repo.jenkins-ci.org/incrementals
RUN chown -R ${user} "$JENKINS_HOME" "$REF"

ARG PLUGIN_CLI_VERSION=2.12.15
ARG PLUGIN_CLI_VERSION=2.12.17
ARG PLUGIN_CLI_URL=https://github.com/jenkinsci/plugin-installation-manager-tool/releases/download/${PLUGIN_CLI_VERSION}/jenkins-plugin-manager-${PLUGIN_CLI_VERSION}.jar
RUN curl -fsSL ${PLUGIN_CLI_URL} -o /opt/jenkins-plugin-manager.jar
RUN curl -fsSL ${PLUGIN_CLI_URL} -o /opt/jenkins-plugin-manager.jar \
&& echo "$(curl -fsSL "${PLUGIN_CLI_URL}.sha256") /opt/jenkins-plugin-manager.jar" >/tmp/jenkins_sha \
&& sha256sum -c --strict /tmp/jenkins_sha \
&& rm -f /tmp/jenkins_sha

# for main web interface:
EXPOSE ${http_port}
Expand Down
7 changes: 5 additions & 2 deletions 21/debian/bookworm-slim/hotspot/Dockerfile
Original file line number Diff line number Diff line change
Expand Up @@ -114,9 +114,12 @@ ENV JENKINS_UC_EXPERIMENTAL=https://updates.jenkins.io/experimental
ENV JENKINS_INCREMENTALS_REPO_MIRROR=https://repo.jenkins-ci.org/incrementals
RUN chown -R ${user} "$JENKINS_HOME" "$REF"

ARG PLUGIN_CLI_VERSION=2.12.15
ARG PLUGIN_CLI_VERSION=2.12.17
ARG PLUGIN_CLI_URL=https://github.com/jenkinsci/plugin-installation-manager-tool/releases/download/${PLUGIN_CLI_VERSION}/jenkins-plugin-manager-${PLUGIN_CLI_VERSION}.jar
RUN curl -fsSL ${PLUGIN_CLI_URL} -o /opt/jenkins-plugin-manager.jar
RUN curl -fsSL ${PLUGIN_CLI_URL} -o /opt/jenkins-plugin-manager.jar \
&& echo "$(curl -fsSL "${PLUGIN_CLI_URL}.sha256") /opt/jenkins-plugin-manager.jar" >/tmp/jenkins_sha \
&& sha256sum -c --strict /tmp/jenkins_sha \
&& rm -f /tmp/jenkins_sha

# for main web interface:
EXPOSE ${http_port}
Expand Down
7 changes: 5 additions & 2 deletions 21/debian/bookworm/hotspot/Dockerfile
Original file line number Diff line number Diff line change
Expand Up @@ -114,9 +114,12 @@ ENV JENKINS_UC_EXPERIMENTAL=https://updates.jenkins.io/experimental
ENV JENKINS_INCREMENTALS_REPO_MIRROR=https://repo.jenkins-ci.org/incrementals
RUN chown -R ${user} "$JENKINS_HOME" "$REF"

ARG PLUGIN_CLI_VERSION=2.12.15
ARG PLUGIN_CLI_VERSION=2.12.17
ARG PLUGIN_CLI_URL=https://github.com/jenkinsci/plugin-installation-manager-tool/releases/download/${PLUGIN_CLI_VERSION}/jenkins-plugin-manager-${PLUGIN_CLI_VERSION}.jar
RUN curl -fsSL ${PLUGIN_CLI_URL} -o /opt/jenkins-plugin-manager.jar
RUN curl -fsSL ${PLUGIN_CLI_URL} -o /opt/jenkins-plugin-manager.jar \
&& echo "$(curl -fsSL "${PLUGIN_CLI_URL}.sha256") /opt/jenkins-plugin-manager.jar" >/tmp/jenkins_sha \
&& sha256sum -c --strict /tmp/jenkins_sha \
&& rm -f /tmp/jenkins_sha

# for main web interface:
EXPOSE ${http_port}
Expand Down
7 changes: 5 additions & 2 deletions 21/rhel/ubi9/hotspot/Dockerfile
Original file line number Diff line number Diff line change
Expand Up @@ -107,9 +107,12 @@ ENV JENKINS_UC_EXPERIMENTAL=https://updates.jenkins.io/experimental
ENV JENKINS_INCREMENTALS_REPO_MIRROR=https://repo.jenkins-ci.org/incrementals
RUN chown -R ${user} "$JENKINS_HOME" "$REF"

ARG PLUGIN_CLI_VERSION=2.12.15
ARG PLUGIN_CLI_VERSION=2.12.17
ARG PLUGIN_CLI_URL=https://github.com/jenkinsci/plugin-installation-manager-tool/releases/download/${PLUGIN_CLI_VERSION}/jenkins-plugin-manager-${PLUGIN_CLI_VERSION}.jar
RUN curl -fsSL ${PLUGIN_CLI_URL} -o /opt/jenkins-plugin-manager.jar
RUN curl -fsSL ${PLUGIN_CLI_URL} -o /opt/jenkins-plugin-manager.jar \
&& echo "$(curl -fsSL "${PLUGIN_CLI_URL}.sha256") /opt/jenkins-plugin-manager.jar" >/tmp/jenkins_sha \
&& sha256sum -c --strict /tmp/jenkins_sha \
&& rm -f /tmp/jenkins_sha

# for main web interface:
EXPOSE ${http_port}
Expand Down
2 changes: 1 addition & 1 deletion docker-bake.hcl
Original file line number Diff line number Diff line change
Expand Up @@ -77,7 +77,7 @@ variable "LATEST_LTS" {
}

variable "PLUGIN_CLI_VERSION" {
default = "2.12.15"
default = "2.12.17"
}

variable "COMMIT_SHA" {
Expand Down
6 changes: 4 additions & 2 deletions windows/windowsservercore/hotspot/Dockerfile
Original file line number Diff line number Diff line change
Expand Up @@ -111,9 +111,11 @@ ENV JENKINS_UC https://updates.jenkins.io
ENV JENKINS_UC_EXPERIMENTAL=https://updates.jenkins.io/experimental
ENV JENKINS_INCREMENTALS_REPO_MIRROR=https://repo.jenkins-ci.org/incrementals

ARG PLUGIN_CLI_VERSION=2.12.15
ARG PLUGIN_CLI_VERSION=2.12.17
ARG PLUGIN_CLI_URL=https://github.com/jenkinsci/plugin-installation-manager-tool/releases/download/${PLUGIN_CLI_VERSION}/jenkins-plugin-manager-${PLUGIN_CLI_VERSION}.jar
RUN Invoke-WebRequest -Uri "$env:PLUGIN_CLI_URL" -OutFile C:/ProgramData/Jenkins/jenkins-plugin-manager.jar
RUN $sha256sum = [System.Text.Encoding]::UTF8.GetString((Invoke-WebRequest -Uri ($env:PLUGIN_CLI_URL + '.sha256') -UseBasicParsing).Content); `
Invoke-WebRequest -Uri "$env:PLUGIN_CLI_URL" -OutFile C:/ProgramData/Jenkins/jenkins-plugin-manager.jar; `
if ((Get-FileHash -Path C:/ProgramData/Jenkins/jenkins-plugin-manager.jar -Algorithm SHA256).Hash -ne $sha256sum) {exit 1}

# for main web interface:
EXPOSE ${http_port}
Expand Down

0 comments on commit 01d0ac9

Please sign in to comment.