Skip to content

Commit

Permalink
feat: validate attestation on update if gh available
Browse files Browse the repository at this point in the history
  • Loading branch information
@jaredallard
jaredallard committed Jan 12, 2025
1 parent 9951427 commit af6713e
Showing 1 changed file with 8 additions and 2 deletions.
10 changes: 8 additions & 2 deletions pdsadmin/update.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -23,9 +23,15 @@ fi

echo "* Updating PDS"
mv "${COMPOSE_TEMP_FILE}" "${COMPOSE_FILE}"
pushd "$PDS_DATADIR" >/dev/null || exit 1
pushd "$PDS_DATADIR" >/dev/null
docker compose pull
popd >/dev/null || exit 1

if gh auth status &>/dev/null; then
echo "* Verifying image attestation"
gh attestation verify oci://ghcr.io/rgst-io/pds \
--owner rgst-io --deny-self-hosted-runners
fi
popd >/dev/null

echo "* Restarting PDS"
systemctl restart pds
Expand Down

0 comments on commit af6713e

Please sign in to comment.