Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix(ci): edit checksum artifact paths to allow automatic check #295

Merged
merged 9 commits into from Feb 29, 2024
Merged

fix(ci): edit checksum artifact paths to allow automatic check #295

merged 9 commits into from Feb 29, 2024

Conversation

jxdv
Copy link
Contributor

@jxdv jxdv commented Feb 25, 2024
edited

Closes #270.

All checksums (except windows) can now be verified using standard way with sha256sum utility:

  1. sha256sum <binary>
  2. sha256sum --check <binary>-checksum
  3. <binary>: OK

@jxdv jxdv marked this pull request as draft February 25, 2024 17:43
@jxdv jxdv marked this pull request as ready for review February 26, 2024 15:35
@jxdv jxdv changed the title [WIP] ci: edit checksum artifact paths to allow automatic check ci: edit checksum artifact paths to allow automatic check Feb 26, 2024
@jxdv
Copy link
Contributor Author

jxdv commented Feb 26, 2024

I realized that windows has different line ending from unix systems and that's why I couldn't automatically check it with the instructions from the description. Anyways it doesn't make sense trying to check for windows checksum with the standard ubuntu way.

It would be great if someone with windows system could download windows artifacts from my local branch action run and check if it works.

@AnonymousWP AnonymousWP requested a review from a team February 26, 2024 17:13
@AnonymousWP
Copy link
Member

What do you exactly want me to check? I downloaded the release binary and this is in the textfile as checksum:

image

@jxdv
Copy link
Contributor Author

jxdv commented Feb 27, 2024

What do you exactly want me to check? I downloaded the release binary and this is in the textfile as checksum:

I thought windows had a similar way to check the checksums such as in UNIX with the commands listed in the description, but I didn't find anything online, and since the checksums match everything is okay.

Is there any way to do a test release to see if everything works correctly? I am 99.99% sure that this is going to work, but just to be safe :)

@Frigyes06
Copy link
Member

What do you exactly want me to check? I downloaded the release binary and this is in the textfile as checksum:

I thought windows had a similar way to check the checksums such as in UNIX with the commands listed in the description, but I didn't find anything online, and since the checksums match everything is okay.

Is there any way to do a test release to see if everything works correctly? I am 99.99% sure that this is going to work, but just to be safe :)

Not that I know of

Frigyes06
Frigyes06 approved these changes Feb 29, 2024
View reviewed changes
Copy link
Member

@Frigyes06 Frigyes06 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

These changes make sense to me. I don't have a way to test them before we release again though.

@jxdv
Copy link
Contributor Author

jxdv commented Feb 29, 2024

These changes make sense to me. I don't have a way to test them before we release again though.

I don't think there's a way to test this besides merging this and creating a new release with these changes applied. This should work flawlessly IMO

@Frigyes06 Frigyes06 merged commit 372a889 into Universal-Debloater-Alliance:main Feb 29, 2024
@jxdv jxdv deleted the ci-checksum branch February 29, 2024 15:08
@Frigyes06 Frigyes06 changed the title ci: edit checksum artifact paths to allow automatic check fix(ci): edit checksum artifact paths to allow automatic check Feb 29, 2024
@AnonymousWP
Copy link
Member

What do you exactly want me to check? I downloaded the release binary and this is in the textfile as checksum:

I thought windows had a similar way to check the checksums such as in UNIX with the commands listed in the description, but I didn't find anything online, and since the checksums match everything is okay.

Is there any way to do a test release to see if everything works correctly? I am 99.99% sure that this is going to work, but just to be safe :)

You can calculate hashes with Windows using PowerShell commands. Is that what you're looking for?

Get-FileHash uad-ng-windows.exe

@jxdv
Copy link
Contributor Author

jxdv commented Mar 1, 2024

What do you exactly want me to check? I downloaded the release binary and this is in the textfile as checksum:

I thought windows had a similar way to check the checksums such as in UNIX with the commands listed in the description, but I didn't find anything online, and since the checksums match everything is okay.
Is there any way to do a test release to see if everything works correctly? I am 99.99% sure that this is going to work, but just to be safe :)

You can calculate hashes with Windows using PowerShell commands. Is that what you're looking for?

Get-FileHash uad-ng-windows.exe

Nope, I am aware of the fact that you can calculate checksums on windows. We could compare that command to: (on debian-based systems)

sha256sum uad-ng-windows.exe

I was mostly curious if windows has something similar such as:

sha256sum --check uad-ng-windows.exe

Which gives you the OK response if the hashes match (and if the commands are follow by each other).

@lavafroth
Copy link
Contributor

lavafroth commented Mar 2, 2024 via email

@adhirajsinghchauhan
Copy link
Contributor

I was mostly curious if windows has something similar such as:

sha256sum --check uad-ng-windows.exe

Which gives you the OK response if the hashes match (and if the commands are follow by each other).

Nope. You'd need to be far more verbose:

(Get-FileHash <file>).Hash -eq (Get-Content <checksum-file>)

Which would return True or False. Note that unlike *nix where the checksum(s) file would have a format of <hash> *file, <checksum-file>'s contents would need to be the hash and only that. This makes it more complicated to check for multiple files at once.

@jxdv
Copy link
Contributor Author

jxdv commented Mar 2, 2024

Nope. You'd need to be far more verbose:

(Get-FileHash <file>).Hash -eq (Get-Content <checksum-file>)

Which would return True or False. Note that unlike *nix where the checksum(s) file would have a format of <hash> *file, <checksum-file>'s contents would need to be the hash and only that. This makes it more complicated to check for multiple files at once.

Well, than from my understanding it seems that windows doesn't really have one standardized way to do this, therefore there are X ways to verify the checksum, and we can have N ways to format <checksum-file> for windows. In the end if the windows user wants to verify the checksum he'll get it done.

I also like an approach of having just binary artifacts and one <checksums> file where each line has the following structure: <binary-name> <binary-checksum>, but again than we lose the standard way for *nix systems to do the verification.

From my POV there isn't 1 best way to do this - it all depends on which approach the project maintainers like the most.

@AnonymousWP
Copy link
Member

At this point we might as well use cargo cross which can be used on a single linux machine to cross compile to multiple platforms. Profit: we have to do the checksum business only once.

Isn't this the best solution then? We need to automate it as much as possible, but why including a tool with the release? Why not just something like what Microsoft does (automatically calculating the hash and users can then compare it the calculation they can perform themselves):

I think users who want to verify the hash can perfectly do that themselves. 🙂

@AnonymousWP AnonymousWP added the bug Something isn't working label Mar 24, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Frigyes06 Frigyes06 Frigyes06 approved these changes

Assignees
No one assigned
Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

checking sha256 won't work automatically because of file path
5 participants
@jxdv @AnonymousWP @Frigyes06 @lavafroth @adhirajsinghchauhan