Skip to content

Compare Artifact Digests #1975

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 5 commits into from
Mar 7, 2025
Merged

Compare Artifact Digests #1975

merged 5 commits into from
Mar 7, 2025

Conversation

GhadimiR
Copy link
Contributor

@GhadimiR GhadimiR commented Mar 5, 2025
edited
Loading

The Artifacts REST API and Twirp services now return a digest field, giving a SHA256 digest of whatever was uploaded to the service.

This change (combined with the implementation on the download-artifact package, will allow end users to use this to perform a comparison of this digest against the downloaded artifact to validate the integrity of what was downloaded.

The intent here is that the download-artifact package can then use the digests from the list method to supply them to download only if the comparison is desired. That package can also decide on whether to end the workflow or warn.

@GhadimiR GhadimiR requested a review from a team as a code owner March 5, 2025 11:35
GhadimiR
GhadimiR commented Mar 5, 2025
View reviewed changes
packages/artifact/src/internal/shared/interfaces.ts
/**
* Returns true if the digest of the downloaded artifact does not match the expected hash
*/
digestMismatch?: boolean
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is kinda dual-use in that it returns false if the digests match OR if a digest wasn't supplied (i.e. we're not doing the comparison), imo this is fine because the consumer of this interface knows if a digest was supplied and so it has all the information needed, but if there's a more elegant way to do this I'd love to hear about it.

@GhadimiR GhadimiR merged commit dc22dc7 into main Mar 7, 2025
16 of 17 checks passed
@GhadimiR GhadimiR mentioned this pull request Mar 7, 2025
Merged
This was referenced Mar 18, 2025
Closed
Closed
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@JoannaaKL JoannaaKL JoannaaKL approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@GhadimiR @JoannaaKL
pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy