Releases: rcmadhankumar/imgpkg
v0.0.34
✨ What's new
- a2bcf24 fix
Full Changelog: v0.0.29...v0.0.34
Installation and signature verification
Installation
By downloading binary from the release
For instance, if you are using Linux on an AMD64 architecture:
# Download the binary
curl -LO https://github.com/rcmadhankumar/imgpkg/releases/download/v0.0.34/imgpkg-linux-amd64
# Move the binary in to your PATH
mv imgpkg-linux-amd64 /usr/local/bin/imgpkg
# Make the binary executable
chmod +x /usr/local/bin/imgpkg
Via Homebrew (macOS or Linux)
$ brew tap carvel-dev/carvel
$ brew install imgpkg
$ imgpkg version
Verify checksums file signature
Install cosign on your system https://docs.sigstore.dev/system_config/installation/
The checksums file provided within the artifacts attached to this release is signed using Cosign with GitHub OIDC. To validate the signature of this file, run the following commands:
# Download the checksums file, certificate and signature
curl -LO https://github.com/rcmadhankumar/imgpkg/releases/download/v0.0.34/checksums.txt
curl -LO https://github.com/rcmadhankumar/imgpkg/releases/download/v0.0.34/checksums.txt.pem
curl -LO https://github.com/rcmadhankumar/imgpkg/releases/download/v0.0.34/checksums.txt.sig
# Verify the checksums file
cosign verify-blob checksums.txt \
--certificate checksums.txt.pem \
--signature checksums.txt.sig \
--certificate-identity-regexp=https://github.com/rcmadhankumar \
--certificate-oidc-issuer=https://token.actions.githubusercontent.com
Verify binary integrity
To verify the integrity of the downloaded binary, you can utilize the checksums file after having validated its signature.
# Verify the binary using the checksums file
sha256sum -c checksums.txt --ignore-missing
📂 Files Checksum
35a8c6ac2509288c2296a1da6057d182b1b277e3bf59ed8b6d01222fa910058d ./imgpkg-darwin-arm64
41ddfa974219cb846fe7ae6fa142e3f1a9a19c28ac63c25ea2ac3cb235b4542f ./imgpkg-darwin-amd64
97762f9e9cc1b7edab7fe464c1eec7635beea64990394a64fb1d17f6ec7b9528 ./imgpkg-windows-amd64.exe
9e3b9c8faabb0b5917191b2e2a571e7d5f7e8851b43887b5978524c35ef31f49 ./imgpkg-linux-amd64
ccdf4aff8cc088f70f6bff28620c6f1c760e2c6188ab8211f9e5444970ad3280 ./imgpkg-linux-arm64
v0.0.21
Verify checksums file signature
The checksums file provided within the artifacts attached to this release is signed using Cosign with GitHub OIDC. To validate the signature of this file, run the following commands:
# Download the checksums file, certificate and signature
curl -LO https://github.com/{{ .Env.GITHUB_REPOSITORY }}/releases/download/{{ .Tag }}/checksums.txt
curl -LO https://github.com/{{ .Env.GITHUB_REPOSITORY }}/releases/download/{{ .Tag }}/checksums.txt.pem
curl -LO https://github.com/{{ .Env.GITHUB_REPOSITORY }}/releases/download/{{ .Tag }}/checksums.txt.sig
# Verify the checksums file
cosign verify-blob checksums.txt --certificate checksums.txt.pem --signature checksums.txt.sig --certificate-identity-regexp=https://github.com/{{ .Env.GITHUB_REPOSITORY_OWNER }} --certificate-oidc-issuer=https://token.actions.githubusercontent.com
Verify checksums file signature
The checksums file provided within the artifacts attached to this release is signed using Cosign with GitHub OIDC. To validate the signature of this file, run the following commands:
# Download the checksums file, certificate and signature
curl -LO https://github.com/rcmadhankumar/imgpkg/releases/download/v0.0.21/checksums.txt
curl -LO https://github.com/rcmadhankumar/imgpkg/releases/download/v0.0.21/checksums.txt.pem
curl -LO https://github.com/rcmadhankumar/imgpkg/releases/download/v0.0.21/checksums.txt.sig
# Verify the checksums file
cosign verify-blob checksums.txt \
--certificate checksums.txt.pem \
--signature checksums.txt.sig \
--certificate-identity-regexp=https://github.com/rcmadhankumar \
--certificate-oidc-issuer=https://token.actions.githubusercontent.com
Verify binary integrity
To verify the integrity of the downloaded binary, you can utilize the checksums file after having validated its signature.
For instance, if you are using Linux on an AMD64 architecture:
# Download the binary
curl -LO https://github.com/rcmadhankumar/imgpkg/releases/download/v0.0.21/imgpkg-linux-amd64
# Verify the binary using the checksums file
sha256sum -c checksums.txt --ignore-missing
Changelog
- bf59a74 way to update release notes
v0.0.9
Verify checksums file signature
The checksums file provided within the artifacts attached to this release is signed using Cosign with GitHub OIDC. To validate the signature of this file, run the following commands:
# Download the checksums file, certificate and signature
curl -LO https://github.com/rcmadhankumar/imgpkg/releases/download/v0.0.9/checksums.txt
curl -LO https://github.com/rcmadhankumar/imgpkg/releases/download/v0.0.9/checksums.txt.pem
curl -LO https://github.com/rcmadhankumar/imgpkg/releases/download/v0.0.9/checksums.txt.sig
# Verify the checksums file
cosign verify-blob checksums.txt \
--certificate checksums.txt.pem \
--signature checksums.txt.sig \
--certificate-identity-regexp=https://github.com/rcmadhankumar \
--certificate-oidc-issuer=https://token.actions.githubusercontent.com
Verify binary integrity
To verify the integrity of the downloaded binary, you can utilize the checksums file after having validated its signature.
For instance, if you are using Linux on an AMD64 architecture:
# Download the binary
curl -LO https://github.com/rcmadhankumar/imgpkg/releases/download/v0.0.9/imgpkg-linux-amd64
# Verify the binary using the checksums file
sha256sum -c checksums.txt --ignore-missing
Changelog
- e01fa58 Release notes template updated
v0.0.7
Installation
To install imgpkg
, download one of the pre-built binaries provided for your platform from the artifacts attached to this release.
For instance, if you are using Linux on an AMD64 architecture:
# Download the binary
curl -LO https://github.com/rcmadhankumar/imgpkg/releases/download/v0.0.7/imgpkg-linux-amd64
# Move the binary in to your PATH
mv imgpkg-linux-amd64 /usr/local/bin/imgpkg
# Make the binary executable
chmod +x /usr/local/bin/imgpkg
Verify checksums file signature
The checksums file provided within the artifacts attached to this release is signed using Cosign with GitHub OIDC. To validate the signature of this file, run the following commands:
# Download the checksums file, certificate and signature
curl -LO https://github.com/rcmadhankumar/imgpkg/releases/download/v0.0.7/checksums.txt
curl -LO https://github.com/rcmadhankumar/imgpkg/releases/download/v0.0.7/checksums.txt.pem
curl -LO https://github.com/rcmadhankumar/imgpkg/releases/download/v0.0.7/checksums.txt.sig
# Verify the checksums file
cosign verify-blob checksums.txt \
--certificate checksums.txt.pem \
--signature checksums.txt.sig \
--certificate-identity-regexp=https://github.com/rcmadhankumar \
--certificate-oidc-issuer=https://token.actions.githubusercontent.com
Verify binary integrity
To verify the integrity of the downloaded binary, you can utilize the checksums file after having validated its signature:
# Verify the binary using the checksums file
sha256sum -c checksums.txt --ignore-missing
Changelog
- 5510c4f Dynamic owner on verify artifact
v0.0.6
Installation
To install imgpkg
, download one of the pre-built binaries provided for your platform from the artifacts attached to this release.
For instance, if you are using Linux on an AMD64 architecture:
# Download the binary
curl -LO https://github.com/rcmadhankumar/imgpkg/releases/download/v0.0.6/imgpkg-linux-amd64
# Move the binary in to your PATH
mv imgpkg-linux-amd64 /usr/local/bin/imgpkg
# Make the binary executable
chmod +x /usr/local/bin/imgpkg
Verify checksums file signature
The checksums file provided within the artifacts attached to this release is signed using Cosign with GitHub OIDC. To validate the signature of this file, run the following commands:
# Download the checksums file, certificate and signature
curl -LO https://github.com/rcmadhankumar/imgpkg/releases/download/v0.0.6/checksums.txt
curl -LO https://github.com/rcmadhankumar/imgpkg/releases/download/v0.0.6/checksums.txt.pem
curl -LO https://github.com/rcmadhankumar/imgpkg/releases/download/v0.0.6/checksums.txt.sig
# Verify the checksums file
cosign verify-blob checksums.txt \
--certificate checksums.txt.pem \
--signature checksums.txt.sig \
--certificate-identity-regexp=https://github.com/rcmadhankumar \
--certificate-oidc-issuer=https://token.actions.githubusercontent.com
Verify binary integrity
To verify the integrity of the downloaded binary, you can utilize the checksums file after having validated its signature:
# Verify the binary using the checksums file
sha256sum -c checksums.txt --ignore-missing
Changelog
- a5444f2 test-release: