From 96a14340272356b6013de5f0568aa5e85e571795 Mon Sep 17 00:00:00 2001 From: Thilak Somasundaram Date: Fri, 20 Dec 2019 00:17:07 -0800 Subject: [PATCH 1/6] feat(checksum): Generate shasum/sha256sum -c compatible sha256 file Commands shasum -a 256 -c (or) sha256sum -c can read the SHA sum and validate the TAR/ZIP archive Example: Download helm-v3.0.2-darwin-amd64.tar.gz.sha256 and helm-v3.0.2-darwin-amd64.tar.gz and running below will resule in shasum -a 256 -c helm-v3.0.2-darwin-amd64.tar.gz.sha256 helm-v3.0.2-darwin-amd64.tar.gz: OK Closes #4968 Signed-off-by: Thilak Somasundaram --- Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Makefile b/Makefile index 611222e28..a7cd88863 100644 --- a/Makefile +++ b/Makefile @@ -156,7 +156,7 @@ sign: .PHONY: checksum checksum: for f in _dist/*.{gz,zip} ; do \ - shasum -a 256 "$${f}" | awk '{print $$1}' > "$${f}.sha256" ; \ + shasum -a 256 "$${f}" > "$${f}.sha256" ; \ done # ------------------------------------------------------------------------------ From 5680f4d50644de2f4d3fd6c890b7153b533410ed Mon Sep 17 00:00:00 2001 From: Thilak Somasundaram Date: Fri, 20 Dec 2019 00:56:34 -0800 Subject: [PATCH 2/6] feat(checksum): update to get/get-helm-3 to match shasum fix Noticed get/get-helm-3 needed update to match shasum fix. Making least change to work with shasum fix. Signed-off-by: Thilak Somasundaram --- scripts/get | 2 +- scripts/get-helm-3 | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/scripts/get b/scripts/get index 711635ee3..615121b65 100755 --- a/scripts/get +++ b/scripts/get @@ -137,7 +137,7 @@ downloadFile() { installFile() { HELM_TMP="$HELM_TMP_ROOT/$PROJECT_NAME" local sum=$(openssl sha1 -sha256 ${HELM_TMP_FILE} | awk '{print $2}') - local expected_sum=$(cat ${HELM_SUM_FILE}) + local expected_sum=$(cat ${HELM_SUM_FILE} | awk '{print $1}') if [ "$sum" != "$expected_sum" ]; then echo "SHA sum of ${HELM_TMP_FILE} does not match. Aborting." exit 1 diff --git a/scripts/get-helm-3 b/scripts/get-helm-3 index c1655a68e..54ae9439a 100755 --- a/scripts/get-helm-3 +++ b/scripts/get-helm-3 @@ -133,7 +133,7 @@ downloadFile() { installFile() { HELM_TMP="$HELM_TMP_ROOT/$PROJECT_NAME" local sum=$(openssl sha1 -sha256 ${HELM_TMP_FILE} | awk '{print $2}') - local expected_sum=$(cat ${HELM_SUM_FILE}) + local expected_sum=$(cat ${HELM_SUM_FILE} | awk '{print $1}') if [ "$sum" != "$expected_sum" ]; then echo "SHA sum of ${HELM_TMP_FILE} does not match. Aborting." exit 1 From 560d6cdb3f59c739b6cefc1ecd0648390b40d39f Mon Sep 17 00:00:00 2001 From: Thilak Somasundaram Date: Fri, 20 Dec 2019 11:36:49 -0800 Subject: [PATCH 3/6] Updated make to create two files sha256/sha256sum Please link sha256sum as checksum file in GIT releases page for future release Signed-off-by: Thilak Somasundaram --- Makefile | 2 +- scripts/get | 2 +- scripts/get-helm-3 | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/Makefile b/Makefile index a7cd88863..583f525f0 100644 --- a/Makefile +++ b/Makefile @@ -156,7 +156,7 @@ sign: .PHONY: checksum checksum: for f in _dist/*.{gz,zip} ; do \ - shasum -a 256 "$${f}" > "$${f}.sha256" ; \ + shasum -a 256 "$${f}" | tee "$${f}.sha256sum" | awk '{print $$1}' > "$${f}.sha256" ; \ done # ------------------------------------------------------------------------------ diff --git a/scripts/get b/scripts/get index 615121b65..711635ee3 100755 --- a/scripts/get +++ b/scripts/get @@ -137,7 +137,7 @@ downloadFile() { installFile() { HELM_TMP="$HELM_TMP_ROOT/$PROJECT_NAME" local sum=$(openssl sha1 -sha256 ${HELM_TMP_FILE} | awk '{print $2}') - local expected_sum=$(cat ${HELM_SUM_FILE} | awk '{print $1}') + local expected_sum=$(cat ${HELM_SUM_FILE}) if [ "$sum" != "$expected_sum" ]; then echo "SHA sum of ${HELM_TMP_FILE} does not match. Aborting." exit 1 diff --git a/scripts/get-helm-3 b/scripts/get-helm-3 index 54ae9439a..c1655a68e 100755 --- a/scripts/get-helm-3 +++ b/scripts/get-helm-3 @@ -133,7 +133,7 @@ downloadFile() { installFile() { HELM_TMP="$HELM_TMP_ROOT/$PROJECT_NAME" local sum=$(openssl sha1 -sha256 ${HELM_TMP_FILE} | awk '{print $2}') - local expected_sum=$(cat ${HELM_SUM_FILE} | awk '{print $1}') + local expected_sum=$(cat ${HELM_SUM_FILE}) if [ "$sum" != "$expected_sum" ]; then echo "SHA sum of ${HELM_TMP_FILE} does not match. Aborting." exit 1 From 97347ebced49717433bafde9018955bf99f8ce19 Mon Sep 17 00:00:00 2001 From: Thilak Somasundaram Date: Fri, 20 Dec 2019 11:41:58 -0800 Subject: [PATCH 4/6] fixup! Updated make to create two files sha256/sha256sum Please link sha256sum as checksum file in GIT releases page for future release Signed-off-by: Thilak Somasundaram --- Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Makefile b/Makefile index 583f525f0..d228c5525 100644 --- a/Makefile +++ b/Makefile @@ -156,7 +156,7 @@ sign: .PHONY: checksum checksum: for f in _dist/*.{gz,zip} ; do \ - shasum -a 256 "$${f}" | tee "$${f}.sha256sum" | awk '{print $$1}' > "$${f}.sha256" ; \ + shasum -a 256 "$${f}" | sed 's/_dist\///' | tee "$${f}.sha256sum" | awk '{print $$1}' > "$${f}.sha256" ; \ done # ------------------------------------------------------------------------------ From a9171fe2caef41acd945120202920db4f8a6b59f Mon Sep 17 00:00:00 2001 From: Thilak Somasundaram Date: Tue, 4 Feb 2020 22:24:57 -0800 Subject: [PATCH 5/6] Create a single shasums.txt Signed-off-by: Thilak Somasundaram --- Makefile | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/Makefile b/Makefile index ec4911fb7..a063c388a 100644 --- a/Makefile +++ b/Makefile @@ -163,8 +163,9 @@ sign: .PHONY: checksum checksum: + if [ -f "_dist/shasums.txt" ]; then >_dist/shasums.txt; fi for f in _dist/*.{gz,zip} ; do \ - shasum -a 256 "$${f}" | sed 's/_dist\///' | tee "$${f}.sha256sum" | awk '{print $$1}' > "$${f}.sha256" ; \ + shasum -a 256 "$${f}" | sed 's/_dist\///' | tee -a "_dist/shasums.txt" | awk '{print $$1}' > "$${f}.sha256" ; \ done # ------------------------------------------------------------------------------ From 691eff46dc729f512629dfe141e37ea3cc24cf78 Mon Sep 17 00:00:00 2001 From: Thilak Somasundaram Date: Tue, 4 Feb 2020 22:34:10 -0800 Subject: [PATCH 6/6] Create a single shasums.txt Signed-off-by: Thilak Somasundaram --- Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Makefile b/Makefile index a063c388a..379a7486b 100644 --- a/Makefile +++ b/Makefile @@ -163,7 +163,7 @@ sign: .PHONY: checksum checksum: - if [ -f "_dist/shasums.txt" ]; then >_dist/shasums.txt; fi + @if [ -f "_dist/shasums.txt" ]; then >_dist/shasums.txt; fi for f in _dist/*.{gz,zip} ; do \ shasum -a 256 "$${f}" | sed 's/_dist\///' | tee -a "_dist/shasums.txt" | awk '{print $$1}' > "$${f}.sha256" ; \ done