March 05, 2021

Convenience client verification and installation script

When using a precompiled binary, it is highly recommended to ensure the file has not been corrupted in transit or tampered with. For this, our build pipeline generates a hashfile to be used to cryptographically verify its integrity via GPG signature and the corresponding binary via checksum hash.

The process can be a little involved when performed manually, so we’ve scripted the process and made it available for the client via get.wireleap.com.

curl -fsSL https://get.wireleap.com -o get-wireleap.sh
sh get-wireleap.sh $HOME/wireleap --symlink=$HOME/.local/bin/wireleap

The above will verify your environment’s compatibility, download the latest client binary as well as the associated hash file (in a quarantine folder), cryptographically verify the hashfile’s integrity via GPG signature (in a temporary keyring), and subsequently the signed checksum hash of the binary.

If all checks pass, it will release the binary from quarantine, initialize the client in the specified directory, and create a symlink.