-
Notifications
You must be signed in to change notification settings - Fork 61
get_garage_sign.py: Point at new AWS bucket. #1619
Conversation
There is also a size field, we could at least check it. And because it goes through TLS it's maybe good enough for integrity (detects partial downloads). |
Signed-off-by: Patrick Vacek <[email protected]>
Signed-off-by: Patrick Vacek <[email protected]>
5e0128a
to
411e8f1
Compare
Codecov Report
@@ Coverage Diff @@
## master #1619 +/- ##
==========================================
+ Coverage 82.49% 82.56% +0.06%
==========================================
Files 189 189
Lines 12004 12004
==========================================
+ Hits 9903 9911 +8
+ Misses 2101 2093 -8
Continue to review full report at Codecov.
|
md5sum offered no security, since it was read from the same place as the archive, and since it is no longer available, use the size instead for a modicum of integrity. You can still provide a sha256sum if desired. Signed-off-by: Patrick Vacek <[email protected]>
411e8f1
to
a95bf11
Compare
New bucket is ready, I think this can be safely merged now if we want. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The changes looks fine to me (N. B: have not tested if it actually works) compared to what was before: the md5 offers no security nowadays even if it was downloaded out-of-band.
I've got few questions however:
- why hardcode it at all, why not add another command-line option with default value of hardcoded URL?
- why bother with "LastModified" checks - can we ask to add fixed tuf-cli-latest.tgz which would always link to the newest tuf-cli-v1.2.3.tgz every time the new version is uploaded?
Also, the rename commit seems to be entirely orthogonal and can be sent as a separate PR, but that's just minor nitpicking from my side.
On a related note, is there a place where we document the URL? Some stable page like docs.ota.connect or smth like that which we can refer to in the help message so users can manually check and fix things (provided we expose hardcoded value as command line option) if things go south again? |
We prefer not to open too many small PRs if not necessary. Typically, for a related trivial change like this one, having it in a separate commit is enough for our purpose. We would split if there were some big contentious changes and a smaller commit that is more urgent and would need to be fast-tracked for example. In this case, having two PRs would also create unnecessary headaches with merge conflicts and rebasing. |
It's an option, but I never considered it'd be necessary before. I'll consider that.
Yes, that could also be an option, but that's outside of aktualizr. :)
Nope. Merging for now, happy to think about how to further future-proof this. |
@zabbal BTW not the same as what you suggested, but there's already support for downloading the archive yourself and providing the path to the script/CMake. |
Cool, where can I read more about it? |
No description provided.