terraform

Commit Graph

Author	SHA1	Message	Date
James Bardin	415d562d36	add signature verification Fetch the SHA256SUMS file and verify it's signature before downloading any plugins. This embeds the hashicorp public key in the binary. If the publickey is replaced, new releases will need to be cut anyway. A --verify-plugin=false flag will be added to skip signature verification in these cases.	2017-06-20 13:14:30 -04:00

Author

SHA1

Message

Date

James Bardin

415d562d36

add signature verification

Fetch the SHA256SUMS file and verify it's signature before downloading
any plugins.

This embeds the hashicorp public key in the binary. If the publickey is
replaced, new releases will need to be cut anyway. A
--verify-plugin=false flag will be added to skip signature verification
in these cases.

2017-06-20 13:14:30 -04:00

1 Commits