md5sum files in Regolith .ISO .ZIP does not contain hash for .ISO file in .ZIP

[sirredbeard]

In the Regolith ISO files, compressed as .ZIP files, there is a *.md5sum file, but it does not contain the hash for the included .ISO, instead it appears to contain hashes for the files at the root level of the ISO itself.

I am not sure if this is intentional, but as a user I think I would expect the .md5sum file in the .ZIP to contain a hash of the contents of the .ZIP, namely the .ISO.

[sirredbeard]

It looks like the md5sum is generated here https://github.com/regolith-linux/regolith-ubuntu-iso-builder/blob/main/scripts/build.sh#L252 and then copied into the build space here: https://github.com/regolith-linux/regolith-ubuntu-iso-builder/blob/main/.github/workflows/build-jammy.yml#L29 and then zipped up here https://github.com/regolith-linux/regolith-ubuntu-iso-builder/blob/main/.github/workflows/build-jammy.yml#L36

I am curious what the thinking is behind providing md5 hashes of the ISO root folder, e.g. EFI files, etc. vs providing a hash to verify the ISO itself.

Perhaps an md5sum hash of the ISO could be generated here https://github.com/regolith-linux/regolith-ubuntu-iso-builder/blob/main/.github/workflows/build-jammy.yml#L34 and published as part of the GH release?

[kgilmer]

I am curious what the thinking is behind providing md5 hashes of the ISO root folder

There was no thinking...I didn't realize this wasn't the ISO md5sum. Will fix.

[kgilmer]

Rolled 2.2.1 to resolve this issue. More info here: https://regolith-desktop.com/docs/reference/Releases/regolith-2.1-release-notes/#211