File path in *.sha512 should not be absolute path

[suzuki-shunsuke]

Checklist

• This is a bug report, not a question. Ask questions on discuss.ipfs.io.
• I have searched on the issue tracker for my bug.
• I am running the latest kubo version or have an issue updating.

Installation method

third-party binary

Version

No response

Config

No response

Description

The content of kubo_v0.16.0_darwin-arm64.tar.gz.sha512 is wrong.

Expected content

62f84350d3c3ccbb29f9cb0b21d437c1d21be6ad8127343bd7920fabb219779d9d3c961b64c879608ad9485aca116e8f9884d252a340c702d58686764195582a  kubo_v0.16.0_darwin-arm64.tar.gz

Actual content

62f84350d3c3ccbb29f9cb0b21d437c1d21be6ad8127343bd7920fabb219779d9d3c961b64c879608ad9485aca116e8f9884d252a340c702d58686764195582a  /Users/runner/work/distributions/distributions/releases/kubo/v0.16.0/kubo_v0.16.0_darwin-arm64.tar.gz

I guess this is the absolute path in GitHub Actions, but I think this should be only a file name.

ref.

kubo/.github/workflows/sync-release-assets.yml

Lines 24 to 128 in 199fa47

	- name: Sync the latest 5 github releases
	uses: actions/github-script@v4
	with:
	script: |
	const fs = require('fs').promises
	const max_synced = 5
	// fetch github releases
	resp = await github.repos.listReleases({
	owner: context.repo.owner,
	repo: context.repo.repo,
	page: 1,
	per_page: max_synced
	})
	const release_assets = [];
	num_synced = 0;
	for (const release of resp.data) {
	console.log("checking release tagged", release.tag_name)
	if (num_synced > max_synced) {
	console.log("done: synced", max_synced, "latest releases")
	break;
	}
	num_synced += 1
	const github_assets = new Set()
	for (const asset of release.assets) {
	github_assets.add(asset.name)
	}
	// fetch asset info from dist.ipfs.tech
	p = '/ipns/dist.ipfs.tech/kubo/' + release.tag_name
	let stdout = ''
	const options = {}
	options.listeners = {
	stdout: (data) => {
	stdout += data.toString();
	}
	}
	await exec.exec('ipfs', ['ls', p], options)
	const dist_assets = new Set()
	const missing_files = []
	for (const raw_line of stdout.split("\n")) {
	line = raw_line.trim();
	if (line.length != 0) {
	file = line.split(/(\s+)/).filter( function(e) { return e.trim().length > 0; } )[2]
	dist_assets.add(file)
	if (!github_assets.has(file)) {
	missing_files.push(file)
	}
	}
	}
	// if dist.ipfs.tech has files not found in github, copy them over
	for (const file of missing_files) {
	file_sha = file + ".sha512"
	file_cid = file + ".cid"
	// skip files that don't have .cid and .sha512 checksum files
	if (!dist_assets.has(file_sha) || !dist_assets.has(file_cid)) {
	if (!file.endsWith('.cid') && !file.endsWith('.sha512')) { // silent skip of .sha512.sha512 :)
	console.log(`skipping "${file}" as dist.ipfs.tech does not provide .cid and .sha512 checksum files for it`)
	}
	continue
	}
	console.log("fetching", file, "from dist.ipfs.tech")
	await exec.exec('ipfs', ['get', p + '/' + file])
	await exec.exec('ipfs', ['get', p + '/' + file_sha])
	await exec.exec('ipfs', ['get', p + '/' + file_cid])
	console.log("verifying contents of", file)
	// compute sha512 output for file
	let sha_stdout = ''
	const sha_options = {}
	sha_options.listeners = {
	stdout: (data) => {
	sha_stdout += data.toString();
	}
	}
	await exec.exec('sha512sum', [file], sha_options)
	// read expected sha512 output
	const sha_data = await fs.readFile(file_sha, "utf8")
	const digest = (s) => s.split(' ').shift()
	if (digest(sha_data) != digest(sha_stdout)) {
	console.log(`${file}.sha512: ${sha_data}`)
	console.log(`sha512sum ${file}: ${sha_stdout}`)
	throw "checksum verification failed for " + file
	}
	console.log("uploading", file, "to github release", release.tag_name)
	const uploadReleaseAsset = async (file) => github.repos.uploadReleaseAsset({
	owner: context.repo.owner,
	repo: context.repo.repo,
	release_id: release.id,
	headers: {
	"content-type": "application/octet-stream",
	"content-length": `${(await fs.stat(file)).size}`
	},
	name: file,
	data: await fs.readFile(file)
	})
	await uploadReleaseAsset(file)
	await uploadReleaseAsset(file_sha)
	await uploadReleaseAsset(file_cid)

[welcome]

Thank you for submitting your first issue to this repository! A maintainer will be here shortly to triage and review.
In the meantime, please double-check that you have provided all the necessary information to make this process easy! Any information that can help save additional round trips is useful! We currently aim to give initial feedback within two business days. If this does not happen, feel free to leave a comment.
Please keep an eye on how this issue will be labeled, as labels give an overview of priorities, assignments and additional actions requested by the maintainers:

• "Priority" labels will show how urgent this is for the team.
• "Status" labels will show if this is ready to be worked on, blocked, or in progress.
• "Need" labels will indicate if additional input or analysis is required.

Finally, remember to use https://discuss.ipfs.io if you just need general support.

[hsanjuan]

Possible fix here: ipfs/distributions#1108

[lidel]

Confirmed the fix works.

Reopening here as this will be applied to Kubo 0.32 so we need to wait until #10547 is closed.