Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add post about using bundle option #17

Merged
merged 1 commit into from
Mar 26, 2024
Merged

Add post about using bundle option #17

merged 1 commit into from
Mar 26, 2024

Conversation

praveenkumar
Copy link
Member

No description provided.

gbraad
gbraad requested changes Mar 22, 2024
View reviewed changes
Copy link
Contributor

@gbraad gbraad left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

minor suggestions

@praveenkumar praveenkumar force-pushed the bundle_use branch 2 times, most recently from 349ce5c to c31dba0 Compare March 22, 2024 07:48
@cfergeau
Copy link
Contributor

Does this verify the bundle signature?

@praveenkumar
Copy link
Member Author

Does this verify the bundle signature?

By default when use -b option we don't verify bundle signature. Signature only verified for default bundle which is part of specific crc release.

@cfergeau
Copy link
Contributor

Does this verify the bundle signature?

By default when use -b option we don't verify bundle signature. Signature only verified for default bundle which is part of specific crc release.

This in my opinion is very important information to provide in the blog post, plus a way of verifying manually the signature of what was downloaded.

@praveenkumar
Copy link
Member Author

Does this verify the bundle signature?

By default when use -b option we don't verify bundle signature. Signature only verified for default bundle which is part of specific crc release.

This in my opinion is very important information to provide in the blog post, plus a way of verifying manually the signature of what was downloaded.

So you want user to download the bundle first using curl/wget/browser and then verify it with the signature and then use the bundle path instead directly using bundle url?

@cfergeau
Copy link
Contributor

This in my opinion is very important information to provide in the blog post, plus a way of verifying manually the signature of what was downloaded.

So you want user to download the bundle first using curl/wget/browser and then verify it with the signature and then use the bundle path instead directly using bundle url?

This can take the form of

Beware, if you use -b https://// there will be no signature/checksum/... checks
Bundles downloaded from mirror.openshift.com can be verified this way:
...

@praveenkumar
Copy link
Member Author

This in my opinion is very important information to provide in the blog post, plus a way of verifying manually the signature of what was downloaded.

So you want user to download the bundle first using curl/wget/browser and then verify it with the signature and then use the bundle path instead directly using bundle url?

This can take the form of

Beware, if you use -b https://// there will be no signature/checksum/... checks
Bundles downloaded from mirror.openshift.com can be verified this way:
...

Updated.

@praveenkumar praveenkumar merged commit 986c428 into crc-org:main Mar 26, 2024
1 check passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@gbraad gbraad gbraad approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@praveenkumar @cfergeau @gbraad