[PLAT-15580][PLAT-15581] fixed release artifact sha256 handling

Summary: Formatted sha should return null instead of "sha256:" if the value is an empty string. In addition, we do a best effort to get the shasum file if its a url download. Test Plan: validated format and best effort to get sha file from url Reviewers: anijhawan, muthu Reviewed By: muthu Subscribers: yugaware Differential Revision: https://phorge.dev.yugabyte.com/D38683
yugabyte · Oct 8, 2024 · 90fe082 · 90fe082
1 parent 7c5c12c
commit 90fe082
Show file tree

Hide file tree

Showing 3 changed files with 22 additions and 4 deletions.
diff --git a/managed/src/main/java/com/yugabyte/yw/common/ReleaseManager.java b/managed/src/main/java/com/yugabyte/yw/common/ReleaseManager.java
@@ -973,7 +973,7 @@ private synchronized void addHttpsRelease(
       }
       if (release.getArtifactForArchitecture(arch) == null) {
         ReleaseArtifact artifact =
-            ReleaseArtifact.create("", ReleaseArtifact.Platform.LINUX, arch, url);
+            ReleaseArtifact.create(em.sha256, ReleaseArtifact.Platform.LINUX, arch, url);
         release.addArtifact(artifact);
       }
     }

diff --git a/managed/src/main/java/com/yugabyte/yw/common/ReleasesUtils.java b/managed/src/main/java/com/yugabyte/yw/common/ReleasesUtils.java
@@ -36,6 +36,7 @@
 import java.util.HashMap;
 import java.util.List;
 import java.util.Map;
+import java.util.Scanner;
 import java.util.UUID;
 import java.util.regex.Matcher;
 import java.util.regex.Pattern;
@@ -140,20 +141,36 @@ public ExtractedMetadata metadataFromPath(Path releaseFilePath) {
   }
 
   public ExtractedMetadata versionMetadataFromURL(URL url) {
+    // Best effort to get sha256 from url
+    String sha256 = null;
+    try {
+      URL shaUrl = new URL(url.toString() + ".sha");
+      Scanner sc = new Scanner(shaUrl.openStream());
+      sha256 = sc.hasNext() ? sc.next() : null;
+      log.debug("found sha256 {} from url {}", sha256, shaUrl.toString());
+    } catch (Exception e) {
+      log.warn("failed to open sha url ", e);
+    }
+    ExtractedMetadata em = new ExtractedMetadata();
     try {
       if (isHelmChart(url.getFile())) {
         try (BufferedInputStream stream = new BufferedInputStream(url.openStream())) {
-          return metadataFromHelmChart(stream);
+          em = metadataFromHelmChart(stream);
+          em.sha256 = sha256;
+          return em;
         }
       }
       try (BufferedInputStream stream = new BufferedInputStream(url.openStream())) {
-        return versionMetadataFromInputStream(stream);
+        em = versionMetadataFromInputStream(stream);
+        em.sha256 = sha256;
+        return em;
       }
     } catch (MetadataParseException e) {
       // Fallback to file name validation
       log.warn("falling back to file name metadata parsing for url " + url.toString(), e);
-      ExtractedMetadata em = metadataFromName(url.getFile());
+      em = metadataFromName(url.getFile());
       em.releaseTag = tagFromName(url.toString());
+      em.sha256 = sha256;
       return em;
     } catch (IOException e) {
       log.error("failed to open url " + url.toString());

diff --git a/managed/src/main/java/com/yugabyte/yw/models/ReleaseArtifact.java b/managed/src/main/java/com/yugabyte/yw/models/ReleaseArtifact.java
@@ -320,6 +320,7 @@ public String getFormattedSha256() {
     // Because both md5 and sha1 are not good for checking the validity of the file, we will just
     // return null instead
     if (sha256 == null
+        || sha256.isEmpty()
         || sha256.toLowerCase().startsWith("md5:")
         || sha256.toLowerCase().startsWith("sha1:")) {
       return null;