From 095ccfe96cfacea7678e7ac470c077ca9f967dd7 Mon Sep 17 00:00:00 2001
From: Praveen <praveen_koilraj@sil.org>
Date: Wed, 12 Mar 2025 16:28:24 +0530
Subject: [PATCH 1/2] Added Checksum for backup process

---
 application/backup.sh | 30 +++++++++++++++++++++++++++++-
 1 file changed, 29 insertions(+), 1 deletion(-)

diff --git a/application/backup.sh b/application/backup.sh
index 04136d9..6d084d1 100755
--- a/application/backup.sh
+++ b/application/backup.sh
@@ -58,6 +58,22 @@ else
     log "INFO" "${MYNAME}: Backup of ${DB_NAME} completed in $(expr ${end} - ${start}) seconds, ($(stat -c %s /tmp/${DB_NAME}.sql) bytes).";
 fi
 
+log "INFO" "Generating checksum for backup file"
+cd /tmp || {
+    error_message="${MYNAME}: FATAL: Failed to change directory to /tmp";
+    log "ERROR" "${error_message}";
+    error_to_sentry "${error_message}" "${DB_NAME}" "1";
+    exit 1;
+}
+
+# Create checksum file format
+sha256sum "${DB_NAME}.sql" > "${DB_NAME}.sql.sha256" || {
+    error_message="${MYNAME}: FATAL: Failed to generate checksum for backup of ${DB_NAME}";
+    log "ERROR" "${error_message}";
+    error_to_sentry "${error_message}" "${DB_NAME}" "1";
+    exit 1;
+}
+
 # Compression
 start=$(date +%s);
 gzip -f /tmp/${DB_NAME}.sql || STATUS=$?;
@@ -72,6 +88,18 @@ else
     log "INFO" "${MYNAME}: Compressing backup of ${DB_NAME} completed in $(expr ${end} - ${start}) seconds.";
 fi
 
+# Validate checksum
+log "INFO" "Validating backup checksum"
+# Optional: Added this line for debug
+log "DEBUG" "Checksum file contents: $(cat "${DB_NAME}.sql.sha256")"
+
+sha256sum -c "${DB_NAME}.sql.sha256" || {
+    error_message="${MYNAME}: FATAL: Checksum validation failed for backup of ${DB_NAME}";
+    log "ERROR" "${error_message}";
+    error_to_sentry "${error_message}" "${DB_NAME}" "1";
+    exit 1;
+}
+
 # S3 Upload
 start=$(date +%s);
 s3cmd put /tmp/${DB_NAME}.sql.gz ${S3_BUCKET} || STATUS=$?;
@@ -110,4 +138,4 @@ echo "postgresql-backup-restore: backup: Completed";
 
 log "INFO" "${MYNAME}: backup: Completed";
 
-exit $STATUS;
+exit $STATUS;
\ No newline at end of file

From fa1dd2e75b4a24b4077ab7826e252d3b71a52e67 Mon Sep 17 00:00:00 2001
From: briskt <3172830+briskt@users.noreply.github.com>
Date: Wed, 12 Mar 2025 20:28:17 +0800
Subject: [PATCH 2/2] add terminating newline

---
 application/backup.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/application/backup.sh b/application/backup.sh
index 6d084d1..113db27 100755
--- a/application/backup.sh
+++ b/application/backup.sh
@@ -138,4 +138,4 @@ echo "postgresql-backup-restore: backup: Completed";
 
 log "INFO" "${MYNAME}: backup: Completed";
 
-exit $STATUS;
\ No newline at end of file
+exit $STATUS;