How can I verify a downloaded .pkg op-cli-install file on a mac terminal?
We're using the op cli for mac in Github action runners and I'd like to verify the downloaded installer before handing it over the keys to the castle.
I'm looking for something like on linux/windows:
gpg --receive-keys 3FEF9748469ADBE15DA7CA80AC2D62742012EA22 gpg --verify op.sig op
The docs only describe how to verify it with the macOS UI (not an option for CI) see https://developer.1password.com/docs/cli/verify
I'm installing it manually as described here https://developer.1password.com/docs/cli/get-started/#install (brew is too slow (~47sec) for CI and not sure if I'd trust that either)
1Password Version: CLI 2.13.1
Extension Version: Not Provided
OS Version: macOS 12.6
Browser:_ Not Provided
Referrer: forum-search:verify mac
pkgutil --check-signature <path-to-package.pkg>should get you down the right path.
:D Awesome, thanks!
On behalf of Jack, you're welcome.