How to do shasum checks in Dockerfile

The shasum check is recommended to ensure the binary you are installing and using has not been changed by attackers. Its especially very important in CI/CD tools where automation is used to download tools from public internet.

 1FROM golang:1.16 as builder
 2
 3.
 4.
 5.
 6
 7RUN wget -O /path/to/binary https://url/to/binary.bin
 8RUN echo "sha-sum-for-binary /path/to/binary" | sha256sum --check
 9
10.
11.
12.
13

e.g.

 1FROM golang:1.16 as builder
 2
 3.
 4.
 5.
 6
 7RUN wget -O /usr/local/bin/dumb-init https://github.com/Yelp/dumb-init/releases/download/v1.2.5/dumb-init_1.2.5_x86_64
 8RUN echo "e874b55f3279ca41415d290c512a7ba9d08f98041b28ae7c2acb19a545f1c4df /usr/local/bin/dumb-init" | sha256sum --check
 9
10.
11.
12.
13