Skip to content

Commit 8b6554c

Browse files
devakoneclaude
devakone
and
claude
committed
fix(ci): verify trufflehog archive path
Co-Authored-By: Claude <noreply@anthropic.com>
1 parent 4b3f84e commit 8b6554c

1 file changed

Lines changed: 4 additions & 3 deletions

File tree

.github/workflows/security.yml

Lines changed: 4 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -51,13 +51,14 @@ jobs:
5151
run: |
5252
set -euo pipefail
5353
curl -fsSL --retry 3 --retry-delay 2 \
54-
-o /tmp/trufflehog.tgz \
54+
-o "/tmp/${TRUFFLEHOG_ARCHIVE}" \
5555
"https://github.com/trufflesecurity/trufflehog/releases/download/${TRUFFLEHOG_VERSION}/${TRUFFLEHOG_ARCHIVE}"
5656
curl -fsSL --retry 3 --retry-delay 2 \
5757
-o /tmp/trufflehog_checksums.txt \
5858
"https://github.com/trufflesecurity/trufflehog/releases/download/${TRUFFLEHOG_VERSION}/trufflehog_${TRUFFLEHOG_VERSION#v}_checksums.txt"
59-
grep " ${TRUFFLEHOG_ARCHIVE}\$" /tmp/trufflehog_checksums.txt | sha256sum --check -
60-
tar -xzf /tmp/trufflehog.tgz -C /tmp trufflehog
59+
cd /tmp
60+
grep " ${TRUFFLEHOG_ARCHIVE}\$" trufflehog_checksums.txt | sha256sum --check -
61+
tar -xzf "${TRUFFLEHOG_ARCHIVE}" trufflehog
6162
sudo install /tmp/trufflehog /usr/local/bin/trufflehog
6263
trufflehog --version
6364

0 commit comments

Comments
 (0)