[Checkins] SVN: zc.recipe.cmmi/branches/tlotze-download-api/src/zc/recipe/cmmi/ evaluate the md5sum and patch-md5sum options to optionally perform checksum tests on downloaded sources and patches
Thomas Lotze
tl at gocept.com
Mon Jun 22 15:05:20 EDT 2009
Log message for revision 101235:
evaluate the md5sum and patch-md5sum options to optionally perform checksum tests on downloaded sources and patches
Changed:
U zc.recipe.cmmi/branches/tlotze-download-api/src/zc/recipe/cmmi/README.txt
U zc.recipe.cmmi/branches/tlotze-download-api/src/zc/recipe/cmmi/__init__.py
-=-
Modified: zc.recipe.cmmi/branches/tlotze-download-api/src/zc/recipe/cmmi/README.txt
===================================================================
--- zc.recipe.cmmi/branches/tlotze-download-api/src/zc/recipe/cmmi/README.txt 2009-06-22 19:02:06 UTC (rev 101234)
+++ zc.recipe.cmmi/branches/tlotze-download-api/src/zc/recipe/cmmi/README.txt 2009-06-22 19:05:19 UTC (rev 101235)
@@ -5,7 +5,7 @@
- bar.tgz
- foo.tgz
- >>> distros = start_server(distros)
+ >>> distros_url = start_server(distros)
Let's update a sample buildout to installs it:
@@ -17,7 +17,7 @@
... [foo]
... recipe = zc.recipe.cmmi
... url = %sfoo.tgz
- ... """ % distros)
+ ... """ % distros_url)
We used the url option to specify the location of the archive.
@@ -56,7 +56,7 @@
... recipe = zc.recipe.cmmi
... url = %sfoo.tgz
... extra_options = -a -b c
- ... """ % distros)
+ ... """ % distros_url)
>>> print system('bin/buildout'),
Uninstalling foo.
@@ -98,7 +98,7 @@
... url = %sfoo.tgz
... environment =
... CFLAGS=-I/usr/lib/postgresql7.4/include
- ... """ % distros)
+ ... """ % distros_url)
>>> print system('bin/buildout'),
@@ -156,7 +156,7 @@
... url = %sfoo.tgz
... patch = ${buildout:directory}/patches/config.patch
... patch_options = -p0
- ... """ % distros)
+ ... """ % distros_url)
>>> print system('bin/buildout'),
Uninstalling foo.
@@ -181,7 +181,7 @@
... recipe = zc.recipe.cmmi
... url = %s/bar.tgz
... autogen = autogen.sh
- ... """ % distros)
+ ... """ % distros_url)
>>> print system('bin/buildout'),
Uninstalling foo.
@@ -194,3 +194,78 @@
building foo
echo installing foo
installing foo
+
+When downloading a source archive or a patch, we can optionally make sure of
+its authenticity by supplying an MD5 checksum that must be matched. If it
+matches, we'll not be bothered with the check by buildout's output:
+
+ >>> try: from hashlib import md5
+ ... except ImportError: from md5 import new as md5
+ >>> foo_md5sum = md5(open(join(distros, 'foo.tgz')).read()).hexdigest()
+
+ >>> write('buildout.cfg',
+ ... """
+ ... [buildout]
+ ... parts = foo
+ ...
+ ... [foo]
+ ... recipe = zc.recipe.cmmi
+ ... url = %sfoo.tgz
+ ... md5sum = %s
+ ... """ % (distros_url, foo_md5sum))
+
+ >>> print system('bin/buildout'),
+ Uninstalling foo.
+ Installing foo.
+ foo: Downloading http://localhost/foo.tgz
+ foo: Unpacking and configuring
+ configuring foo --prefix=/sample_buildout/parts/foo
+ echo building foo
+ building foo
+ echo installing foo
+ installing foo
+
+But if the archive doesn't match the checksum, the recipe refuses to install:
+
+ >>> write('buildout.cfg',
+ ... """
+ ... [buildout]
+ ... parts = foo
+ ...
+ ... [foo]
+ ... recipe = zc.recipe.cmmi
+ ... url = %sbar.tgz
+ ... md5sum = %s
+ ... patch = ${buildout:directory}/patches/config.patch
+ ... """ % (distros_url, foo_md5sum))
+
+ >>> print system('bin/buildout'),
+ Uninstalling foo.
+ Installing foo.
+ foo: Downloading http://localhost:20617/bar.tgz
+ While:
+ Installing foo.
+ Error: MD5 checksum mismatch downloading 'http://localhost/bar.tgz'
+
+Similarly, a checksum mismatch for the patch will cause the buildout run to be
+aborted:
+
+ >>> write('buildout.cfg',
+ ... """
+ ... [buildout]
+ ... parts = foo
+ ...
+ ... [foo]
+ ... recipe = zc.recipe.cmmi
+ ... url = %sfoo.tgz
+ ... patch = ${buildout:directory}/patches/config.patch
+ ... patch-md5sum = %s
+ ... """ % (distros_url, foo_md5sum))
+
+ >>> print system('bin/buildout'),
+ Installing foo.
+ foo: Downloading http://localhost:21669/foo.tgz
+ foo: Unpacking and configuring
+ While:
+ Installing foo.
+ Error: MD5 checksum mismatch for local resource at '/.../sample-buildout/patches/config.patch'.
Modified: zc.recipe.cmmi/branches/tlotze-download-api/src/zc/recipe/cmmi/__init__.py
===================================================================
--- zc.recipe.cmmi/branches/tlotze-download-api/src/zc/recipe/cmmi/__init__.py 2009-06-22 19:02:06 UTC (rev 101234)
+++ zc.recipe.cmmi/branches/tlotze-download-api/src/zc/recipe/cmmi/__init__.py 2009-06-22 19:05:19 UTC (rev 101235)
@@ -105,7 +105,7 @@
if not os.path.exists(dest):
os.mkdir(dest)
- fname = download(self.url)
+ fname = download(self.url, md5sum=self.options.get('md5sum'))
# now unpack and work as normal
tmp = tempfile.mkdtemp('buildout-'+self.name)
@@ -127,7 +127,8 @@
if self.patch is not '':
# patch may be a filesystem path or url
# url patches can go through the cache
- self.patch = download(self.patch)
+ self.patch = download(
+ self.patch, md5sum=self.options.get('patch-md5sum'))
system("patch %s < %s" % (self.patch_options, self.patch))
if self.autogen is not '':
logger.info('auto generating configure files')
More information about the Checkins
mailing list