chore: Change the format for sha512 sum for releases #25577
Conversation
|
Thanks for this @sebastianliebscher ! I don't understand the original if/else logic, can you explain what is changed by removing this outside of it and placing it at the end? |
|
As someone who tends to validate releases, I appreciate this. That said, it's a convenience more than a necessity, so I haven't been losing sleep over it. What I'm not clear on is the if/else statement, and if skipping that would cause unforeseen issues. I'm very tempted to approve otherwise... |
| else | ||
| # The GPG key name to use | ||
| GPG_LOCAL_USER="${2}" | ||
| gpg --local-user "${GPG_LOCAL_USER}" --armor --output "${NAME}".asc --detach-sig "${NAME}" | ||
| gpg --local-user "${GPG_LOCAL_USER}" --print-md SHA512 "${NAME}" > "${NAME}".sha512 | ||
| fi |
There was a problem hiding this comment.
This checks if a GPG user-id was specified to use gpg with --local-user for signing/decrypting. Generating SHA sums (--print-md SHA512) is not affected by specifying this --local-user option.
So it is the same as
if [ -z "${2}" ]; then
gpg --armor --output "${NAME}".asc --detach-sig "${NAME}"
else
# The GPG key name to use
GPG_LOCAL_USER="${2}"
gpg --local-user "${GPG_LOCAL_USER}" --armor --output "${NAME}".asc --detach-sig "${NAME}"
fi
gpg --print-md SHA512 "${NAME}" > "${NAME}".sha512which I then replaced with shasum:
if [ -z "${2}" ]; then
gpg --armor --output "${NAME}".asc --detach-sig "${NAME}"
else
# The GPG key name to use
GPG_LOCAL_USER="${2}"
gpg --local-user "${GPG_LOCAL_USER}" --armor --output "${NAME}".asc --detach-sig "${NAME}"
fi
shasum -a 512 "${NAME}" > "${NAME}.sha512"
mistercrunch
added
🏷️ bot
SUMMARY
The current
release.tar.gz.sha512file format does not allow an easy comparison of the SHA sum. See #25333Resolves #25333
Mirrors apache/airflow#12867
BEFORE/AFTER SCREENSHOTS OR ANIMATED GIF
TESTING INSTRUCTIONS
ADDITIONAL INFORMATION