Skip to content
This repository has been archived by the owner on Oct 22, 2023. It is now read-only.

GitHub Action to validate integrity of Batect wrapper scripts

License

Notifications You must be signed in to change notification settings

batect/batect-wrapper-validation-action

Use this GitHub action with your project
Add this Action to an existing workflow or create a new one
View on Marketplace

Repository files navigation

batect-wrapper-validation-action

Build Status License Chat

A GitHub Action to automatically validate the integrity of the Batect wrapper scripts (batect and batect.cmd) in your project.

Usage

Add the following to a workflow:

jobs:
  validate-batect-wrapper:
    name: Validate Batect wrapper scripts
    runs-on: ubuntu-20.04

    steps:
      - name: Check out code
        uses: actions/checkout@v4.1.1

      - name: Validate Batect wrapper scripts
        uses: batect/batect-wrapper-validation-action@v0.4.0

You can also use the action in an existing workflow or existing job.

⚠️ This action must run before any invocations of Batect. If the action runs after an invocation of Batect and the wrapper script has been modified maliciously, the malicious version may be able to modify itself to appear genuine.

Requirements

Batect 0.79.0 or later.

Why isn't this built into Batect?

This action exists primarily to detect malicious changes to the wrapper scripts.

If this integrity check was built in to Batect, a maliciously modified wrapper script could incorrectly report that the wrapper was genuine.

Contributing

This project uses Yarn.

Run yarn test to run the unit tests.

Run yarn pre-commit to run the tests, check formatting and run linting.