From 34bf7377b2ccf6bcbe7f5785806ee5ee2b5f70bf Mon Sep 17 00:00:00 2001 From: Deniz Tas Date: Wed, 1 Oct 2025 10:58:04 +0200 Subject: [PATCH] fix for reading sha256 hash instead of sha1 from releases --- .../update-manifest-releases/common/common.go | 4 ++-- .../common/common_test.go | 4 ++-- .../good-release-release/{sha1 => sha256} | 0 .../missing-url-release/{sha1 => sha256} | 0 .../missing-version-release/{sha1 => sha256} | 0 .../extraneous-release/{sha1 => sha256} | 0 .../more-than-1-release/{sha1 => sha256} | 0 .../{sha1 => sha256} | 0 .../no-version-release/{sha1 => sha256} | 0 .../test-release/{sha1 => sha256} | 0 .../release1-release/{sha1 => sha256} | 0 .../release2-release/{sha1 => sha256} | 0 .../release1-release/{sha1 => sha256} | 0 .../release2-release/{sha1 => sha256} | 0 .../release1-release/{sha1 => sha256} | 0 .../release2-release/{sha1 => sha256} | 0 .../build/non-append-release/{sha1 => sha256} | 0 .../build/release1-release/{sha1 => sha256} | 0 .../build/release2-release/{sha1 => sha256} | 0 .../release1-release/{sha1 => sha256} | 0 .../release2-release/{sha1 => sha256} | 0 util/update-manifest-releases/main_test.go | 24 +++++++++---------- .../manifest/manifest_test.go | 4 ++-- .../opsfile/opsfile_test.go | 4 ++-- 24 files changed, 20 insertions(+), 20 deletions(-) rename util/update-manifest-releases/fixtures/broken-build/good-release-release/{sha1 => sha256} (100%) rename util/update-manifest-releases/fixtures/broken-build/missing-url-release/{sha1 => sha256} (100%) rename util/update-manifest-releases/fixtures/broken-build/missing-version-release/{sha1 => sha256} (100%) rename util/update-manifest-releases/fixtures/build-with-compiled-release/extraneous-release/{sha1 => sha256} (100%) rename util/update-manifest-releases/fixtures/build-with-compiled-release/more-than-1-release/{sha1 => sha256} (100%) rename util/update-manifest-releases/fixtures/build-with-compiled-release/no-stemcell-section-release/{sha1 => sha256} (100%) rename util/update-manifest-releases/fixtures/build-with-compiled-release/no-version-release/{sha1 => sha256} (100%) rename util/update-manifest-releases/fixtures/build-with-compiled-release/test-release/{sha1 => sha256} (100%) rename util/update-manifest-releases/fixtures/build-with-updated-sha/release1-release/{sha1 => sha256} (100%) rename util/update-manifest-releases/fixtures/build-with-updated-sha/release2-release/{sha1 => sha256} (100%) rename util/update-manifest-releases/fixtures/build-with-updated-url/release1-release/{sha1 => sha256} (100%) rename util/update-manifest-releases/fixtures/build-with-updated-url/release2-release/{sha1 => sha256} (100%) rename util/update-manifest-releases/fixtures/build-with-updated-version/release1-release/{sha1 => sha256} (100%) rename util/update-manifest-releases/fixtures/build-with-updated-version/release2-release/{sha1 => sha256} (100%) rename util/update-manifest-releases/fixtures/build/non-append-release/{sha1 => sha256} (100%) rename util/update-manifest-releases/fixtures/build/release1-release/{sha1 => sha256} (100%) rename util/update-manifest-releases/fixtures/build/release2-release/{sha1 => sha256} (100%) rename util/update-manifest-releases/fixtures/nochanges-build/release1-release/{sha1 => sha256} (100%) rename util/update-manifest-releases/fixtures/nochanges-build/release2-release/{sha1 => sha256} (100%) diff --git a/util/update-manifest-releases/common/common.go b/util/update-manifest-releases/common/common.go index 1dff69177..09db24c34 100644 --- a/util/update-manifest-releases/common/common.go +++ b/util/update-manifest-releases/common/common.go @@ -53,13 +53,13 @@ func GetReleaseFromFile(buildDir, releaseName string) (Release, error) { if commitShaErr != nil { // Bosh.io release fmt.Println("Missing commit_sha file. Assuming bosh.io release...") - sha1, shaErr := os.ReadFile(filepath.Join(releasePath, "sha1")) + sha256, shaErr := os.ReadFile(filepath.Join(releasePath, "sha256")) if shaErr != nil { return Release{}, shaErr } - newRelease.SHA1 = strings.TrimSpace("sha256:" + string(sha1)) + newRelease.SHA1 = strings.TrimSpace("sha256:" + string(sha256)) newRelease.URL = strings.TrimSpace(string(url)) } else { // Github release diff --git a/util/update-manifest-releases/common/common_test.go b/util/update-manifest-releases/common/common_test.go index 3b203f9ff..524a478ee 100644 --- a/util/update-manifest-releases/common/common_test.go +++ b/util/update-manifest-releases/common/common_test.go @@ -41,11 +41,11 @@ var _ = Describe("Common", func() { }) Context("when release folder is missing files", func() { - It("errors when sha1 is missing", func() { + It("errors when sha256 is missing", func() { _, err := common.GetReleaseFromFile(buildDir, "missing-sha256") Expect(err).To(HaveOccurred()) - Expect(err.Error()).To(Equal("open ../fixtures/broken-build/missing-sha256-release/sha1: no such file or directory")) + Expect(err.Error()).To(Equal("open ../fixtures/broken-build/missing-sha256-release/sha256: no such file or directory")) }) It("errors when url is missing", func() { diff --git a/util/update-manifest-releases/fixtures/broken-build/good-release-release/sha1 b/util/update-manifest-releases/fixtures/broken-build/good-release-release/sha256 similarity index 100% rename from util/update-manifest-releases/fixtures/broken-build/good-release-release/sha1 rename to util/update-manifest-releases/fixtures/broken-build/good-release-release/sha256 diff --git a/util/update-manifest-releases/fixtures/broken-build/missing-url-release/sha1 b/util/update-manifest-releases/fixtures/broken-build/missing-url-release/sha256 similarity index 100% rename from util/update-manifest-releases/fixtures/broken-build/missing-url-release/sha1 rename to util/update-manifest-releases/fixtures/broken-build/missing-url-release/sha256 diff --git a/util/update-manifest-releases/fixtures/broken-build/missing-version-release/sha1 b/util/update-manifest-releases/fixtures/broken-build/missing-version-release/sha256 similarity index 100% rename from util/update-manifest-releases/fixtures/broken-build/missing-version-release/sha1 rename to util/update-manifest-releases/fixtures/broken-build/missing-version-release/sha256 diff --git a/util/update-manifest-releases/fixtures/build-with-compiled-release/extraneous-release/sha1 b/util/update-manifest-releases/fixtures/build-with-compiled-release/extraneous-release/sha256 similarity index 100% rename from util/update-manifest-releases/fixtures/build-with-compiled-release/extraneous-release/sha1 rename to util/update-manifest-releases/fixtures/build-with-compiled-release/extraneous-release/sha256 diff --git a/util/update-manifest-releases/fixtures/build-with-compiled-release/more-than-1-release/sha1 b/util/update-manifest-releases/fixtures/build-with-compiled-release/more-than-1-release/sha256 similarity index 100% rename from util/update-manifest-releases/fixtures/build-with-compiled-release/more-than-1-release/sha1 rename to util/update-manifest-releases/fixtures/build-with-compiled-release/more-than-1-release/sha256 diff --git a/util/update-manifest-releases/fixtures/build-with-compiled-release/no-stemcell-section-release/sha1 b/util/update-manifest-releases/fixtures/build-with-compiled-release/no-stemcell-section-release/sha256 similarity index 100% rename from util/update-manifest-releases/fixtures/build-with-compiled-release/no-stemcell-section-release/sha1 rename to util/update-manifest-releases/fixtures/build-with-compiled-release/no-stemcell-section-release/sha256 diff --git a/util/update-manifest-releases/fixtures/build-with-compiled-release/no-version-release/sha1 b/util/update-manifest-releases/fixtures/build-with-compiled-release/no-version-release/sha256 similarity index 100% rename from util/update-manifest-releases/fixtures/build-with-compiled-release/no-version-release/sha1 rename to util/update-manifest-releases/fixtures/build-with-compiled-release/no-version-release/sha256 diff --git a/util/update-manifest-releases/fixtures/build-with-compiled-release/test-release/sha1 b/util/update-manifest-releases/fixtures/build-with-compiled-release/test-release/sha256 similarity index 100% rename from util/update-manifest-releases/fixtures/build-with-compiled-release/test-release/sha1 rename to util/update-manifest-releases/fixtures/build-with-compiled-release/test-release/sha256 diff --git a/util/update-manifest-releases/fixtures/build-with-updated-sha/release1-release/sha1 b/util/update-manifest-releases/fixtures/build-with-updated-sha/release1-release/sha256 similarity index 100% rename from util/update-manifest-releases/fixtures/build-with-updated-sha/release1-release/sha1 rename to util/update-manifest-releases/fixtures/build-with-updated-sha/release1-release/sha256 diff --git a/util/update-manifest-releases/fixtures/build-with-updated-sha/release2-release/sha1 b/util/update-manifest-releases/fixtures/build-with-updated-sha/release2-release/sha256 similarity index 100% rename from util/update-manifest-releases/fixtures/build-with-updated-sha/release2-release/sha1 rename to util/update-manifest-releases/fixtures/build-with-updated-sha/release2-release/sha256 diff --git a/util/update-manifest-releases/fixtures/build-with-updated-url/release1-release/sha1 b/util/update-manifest-releases/fixtures/build-with-updated-url/release1-release/sha256 similarity index 100% rename from util/update-manifest-releases/fixtures/build-with-updated-url/release1-release/sha1 rename to util/update-manifest-releases/fixtures/build-with-updated-url/release1-release/sha256 diff --git a/util/update-manifest-releases/fixtures/build-with-updated-url/release2-release/sha1 b/util/update-manifest-releases/fixtures/build-with-updated-url/release2-release/sha256 similarity index 100% rename from util/update-manifest-releases/fixtures/build-with-updated-url/release2-release/sha1 rename to util/update-manifest-releases/fixtures/build-with-updated-url/release2-release/sha256 diff --git a/util/update-manifest-releases/fixtures/build-with-updated-version/release1-release/sha1 b/util/update-manifest-releases/fixtures/build-with-updated-version/release1-release/sha256 similarity index 100% rename from util/update-manifest-releases/fixtures/build-with-updated-version/release1-release/sha1 rename to util/update-manifest-releases/fixtures/build-with-updated-version/release1-release/sha256 diff --git a/util/update-manifest-releases/fixtures/build-with-updated-version/release2-release/sha1 b/util/update-manifest-releases/fixtures/build-with-updated-version/release2-release/sha256 similarity index 100% rename from util/update-manifest-releases/fixtures/build-with-updated-version/release2-release/sha1 rename to util/update-manifest-releases/fixtures/build-with-updated-version/release2-release/sha256 diff --git a/util/update-manifest-releases/fixtures/build/non-append-release/sha1 b/util/update-manifest-releases/fixtures/build/non-append-release/sha256 similarity index 100% rename from util/update-manifest-releases/fixtures/build/non-append-release/sha1 rename to util/update-manifest-releases/fixtures/build/non-append-release/sha256 diff --git a/util/update-manifest-releases/fixtures/build/release1-release/sha1 b/util/update-manifest-releases/fixtures/build/release1-release/sha256 similarity index 100% rename from util/update-manifest-releases/fixtures/build/release1-release/sha1 rename to util/update-manifest-releases/fixtures/build/release1-release/sha256 diff --git a/util/update-manifest-releases/fixtures/build/release2-release/sha1 b/util/update-manifest-releases/fixtures/build/release2-release/sha256 similarity index 100% rename from util/update-manifest-releases/fixtures/build/release2-release/sha1 rename to util/update-manifest-releases/fixtures/build/release2-release/sha256 diff --git a/util/update-manifest-releases/fixtures/nochanges-build/release1-release/sha1 b/util/update-manifest-releases/fixtures/nochanges-build/release1-release/sha256 similarity index 100% rename from util/update-manifest-releases/fixtures/nochanges-build/release1-release/sha1 rename to util/update-manifest-releases/fixtures/nochanges-build/release1-release/sha256 diff --git a/util/update-manifest-releases/fixtures/nochanges-build/release2-release/sha1 b/util/update-manifest-releases/fixtures/nochanges-build/release2-release/sha256 similarity index 100% rename from util/update-manifest-releases/fixtures/nochanges-build/release2-release/sha1 rename to util/update-manifest-releases/fixtures/nochanges-build/release2-release/sha256 diff --git a/util/update-manifest-releases/main_test.go b/util/update-manifest-releases/main_test.go index f863fa162..17c014fc8 100644 --- a/util/update-manifest-releases/main_test.go +++ b/util/update-manifest-releases/main_test.go @@ -146,14 +146,14 @@ var _ = Describe("main", func() { Expect(err).NotTo(HaveOccurred()) for _, release := range []map[string]string{ - {"name": "release1", "version": "original-release1-version", "url": "original-release1-url", "sha1": "original-release1-sha"}, - {"name": "release4", "version": "new-release4-version", "url": "new-release4-url", "sha1": "new-release4-sha"}, + {"name": "release1", "version": "original-release1-version", "url": "original-release1-url", "sha256": "original-release1-sha"}, + {"name": "release4", "version": "new-release4-version", "url": "new-release4-url", "sha256": "new-release4-sha"}, } { releaseDir := filepath.Join(buildDir, fmt.Sprintf("%s-release", release["name"])) err = os.Mkdir(releaseDir, os.ModePerm) Expect(err).NotTo(HaveOccurred()) - for _, value := range []string{"version", "url", "sha1"} { + for _, value := range []string{"version", "url", "sha256"} { err = os.WriteFile(filepath.Join(releaseDir, value), []byte(release[value]), os.ModePerm) Expect(err).NotTo(HaveOccurred()) } @@ -186,14 +186,14 @@ var _ = Describe("main", func() { Expect(err).NotTo(HaveOccurred()) for _, release := range []map[string]string{ - {"name": "release2", "version": "original-release2-version", "url": "original-release2-url", "sha1": "original-release2-sha"}, - {"name": "release5", "version": "original-release5-version", "url": "original-release5-url", "sha1": "original-release5-sha"}, + {"name": "release2", "version": "original-release2-version", "url": "original-release2-url", "sha256": "original-release2-sha"}, + {"name": "release5", "version": "original-release5-version", "url": "original-release5-url", "sha256": "original-release5-sha"}, } { releaseDir := filepath.Join(buildDir, fmt.Sprintf("%s-release", release["name"])) err = os.Mkdir(releaseDir, os.ModePerm) Expect(err).NotTo(HaveOccurred()) - for _, value := range []string{"version", "url", "sha1"} { + for _, value := range []string{"version", "url", "sha256"} { err = os.WriteFile(filepath.Join(releaseDir, value), []byte(release[value]), os.ModePerm) Expect(err).NotTo(HaveOccurred()) } @@ -470,16 +470,16 @@ stemcells: Expect(err).NotTo(HaveOccurred()) for _, release := range []map[string]string{ - {"name": "release1", "version": "original-release1-version", "url": "original-release1-url", "sha1": "original-release1-sha"}, - {"name": "release2", "version": "original-release2-version", "url": "original-release2-url", "sha1": "original-release2-sha"}, - {"name": "release3", "version": "new-release3-version", "url": "new-release3-url", "sha1": "new-release3-sha"}, - {"name": "release4", "version": "new-release4-version", "url": "new-release4-url", "sha1": "new-release4-sha"}, + {"name": "release1", "version": "original-release1-version", "url": "original-release1-url", "sha256": "original-release1-sha"}, + {"name": "release2", "version": "original-release2-version", "url": "original-release2-url", "sha256": "original-release2-sha"}, + {"name": "release3", "version": "new-release3-version", "url": "new-release3-url", "sha256": "new-release3-sha"}, + {"name": "release4", "version": "new-release4-version", "url": "new-release4-url", "sha256": "new-release4-sha"}, } { releaseDir := filepath.Join(buildDir, fmt.Sprintf("%s-release", release["name"])) err = os.Mkdir(releaseDir, os.ModePerm) Expect(err).NotTo(HaveOccurred()) - for _, value := range []string{"version", "url", "sha1"} { + for _, value := range []string{"version", "url", "sha256"} { err = os.WriteFile(filepath.Join(releaseDir, value), []byte(release[value]), os.ModePerm) Expect(err).NotTo(HaveOccurred()) } @@ -846,7 +846,7 @@ stemcells: err = os.Mkdir(releaseDir, os.ModePerm) Expect(err).NotTo(HaveOccurred()) - for _, value := range []string{"version", "url", "sha1"} { + for _, value := range []string{"version", "url", "sha256"} { err = os.WriteFile(filepath.Join(releaseDir, value), []byte(release[value]), os.ModePerm) Expect(err).NotTo(HaveOccurred()) } diff --git a/util/update-manifest-releases/manifest/manifest_test.go b/util/update-manifest-releases/manifest/manifest_test.go index ef59f8508..6ddc2b8bf 100644 --- a/util/update-manifest-releases/manifest/manifest_test.go +++ b/util/update-manifest-releases/manifest/manifest_test.go @@ -198,12 +198,12 @@ other_key: Expect(err).To(MatchError("open ../fixtures/broken-build/missing-version-release/version: no such file or directory")) }) - It("returns errors instead of panicking when sha1 is missing", func() { + It("returns errors instead of panicking when sha256 is missing", func() { releases := []string{"missing-sha256"} _, _, err := manifest.UpdateReleases(releases, brokenBuildDir, cfDeploymentManifest, yaml.Marshal, yaml.Unmarshal) - Expect(err).To(MatchError("open ../fixtures/broken-build/missing-sha256-release/sha1: no such file or directory")) + Expect(err).To(MatchError("open ../fixtures/broken-build/missing-sha256-release/sha256: no such file or directory")) }) It("returns an error when the manifest is not valid yaml", func() { diff --git a/util/update-manifest-releases/opsfile/opsfile_test.go b/util/update-manifest-releases/opsfile/opsfile_test.go index c17f2cfb0..ca8dbda36 100644 --- a/util/update-manifest-releases/opsfile/opsfile_test.go +++ b/util/update-manifest-releases/opsfile/opsfile_test.go @@ -128,12 +128,12 @@ var _ = Describe("UpdateReleases", func() { Expect(err).To(MatchError("open ../fixtures/broken-build/missing-version-release/version: no such file or directory")) }) - It("returns errors instead of panicking when sha1 is missing", func() { + It("returns errors instead of panicking when sha256 is missing", func() { releases := []string{"missing-sha256"} _, _, err := opsfile.UpdateReleases(releases, brokenBuildDir, originalOpsFile, yaml.Marshal, yaml.Unmarshal) - Expect(err).To(MatchError("open ../fixtures/broken-build/missing-sha256-release/sha1: no such file or directory")) + Expect(err).To(MatchError("open ../fixtures/broken-build/missing-sha256-release/sha256: no such file or directory")) }) It("returns an error when the manifest is not valid yaml", func() {