Skip to content

v0.43.1

Latest
Compare
Choose a tag to compare
@github-actions github-actions released this 03 Sep 06:44
· 37 commits to develop since this release
61a0574

Installation and signature verification

Installation

By downloading binary from the release

For instance, if you are using Linux on an AMD64 architecture:

# Download the binary
curl -LO https://github.com/carvel-dev/imgpkg/releases/download/v0.43.1/imgpkg-linux-amd64

# Move the binary in to your PATH
mv imgpkg-linux-amd64 /usr/local/bin/imgpkg

# Make the binary executable
chmod +x /usr/local/bin/imgpkg

Via Homebrew (macOS or Linux)

$ brew tap carvel-dev/carvel
$ brew install imgpkg
$ imgpkg version

Verify checksums file signature

Install cosign on your system https://docs.sigstore.dev/system_config/installation/

The checksums file provided within the artifacts attached to this release is signed using Cosign with GitHub OIDC. To validate the signature of this file, run the following commands:

# Download the checksums file, certificate and signature
curl -LO https://github.com/carvel-dev/imgpkg/releases/download/v0.43.1/checksums.txt
curl -LO https://github.com/carvel-dev/imgpkg/releases/download/v0.43.1/checksums.txt.pem
curl -LO https://github.com/carvel-dev/imgpkg/releases/download/v0.43.1/checksums.txt.sig

# Verify the checksums file
cosign verify-blob checksums.txt \
  --certificate checksums.txt.pem \
  --signature checksums.txt.sig \
  --certificate-identity-regexp=https://github.com/carvel-dev \
  --certificate-oidc-issuer=https://token.actions.githubusercontent.com

Verify binary integrity

To verify the integrity of the downloaded binary, you can utilize the checksums file after having validated its signature.

# Verify the binary using the checksums file
sha256sum -c checksums.txt --ignore-missing

What's Changed

Full Changelog: v0.43.0...v0.43.1

📂 Files Checksum

578b81cedbba68057fbd5b917a337fb34c8ed7406931839efc01608668aa9bd0  ./imgpkg-darwin-amd64
649eda706a172b520307c2189ee04bdc0d2b255b9b076482873ddaa2120afc18  ./imgpkg-windows-amd64.exe
7cd1ecf4b394770ccfedc38f3b4f97a1a3d49447fa0bfe1e28a4f99751597ddf  ./imgpkg-linux-arm64
9cfd34a67048dd71498d2075969592f7db181e639848239c47a47426ebbb03be  ./imgpkg-darwin-arm64
d36ccfcc54143d2475cf09b0247c88bccf24a7aeb062bd9bb8cab7cb58135fcf  ./imgpkg-linux-amd64