diff --git a/.github/actions/sha-of-zip.sh b/.github/actions/sha-of-zip.sh index 38e5d11f6..cd59b680d 100755 --- a/.github/actions/sha-of-zip.sh +++ b/.github/actions/sha-of-zip.sh @@ -1,6 +1,6 @@ #!/bin/bash # Unzips the given zip file, then generates a checksum of the zip file that ignores -# the timestamps by extracting it and SHA'ing a file of all SHAs. This is not recursive:- +# the timestamps by extracting it and SHA'ing a file of all SHAs. This is not recursive: # zips within the zip will not be extracted, and therefore the timestamps of the "inner" zip # will be a part of the hash. # Usage: ./sha-of-zip.sh diff --git a/.github/actions/sha-of-zip/action.yml b/.github/actions/sha-of-zip/action.yml index 46c60c919..0e7241d9b 100644 --- a/.github/actions/sha-of-zip/action.yml +++ b/.github/actions/sha-of-zip/action.yml @@ -3,10 +3,10 @@ description: "Cross-platform helper: timestamp-independent .zip checksum done vi inputs: zipFilename: - description: "The output file name" + description: "The output filename" required: true shaA: - description: "The sha version (1, 256, or 512)" + description: "The SHA version (1, 256, or 512)" required: true runs: @@ -16,12 +16,12 @@ runs: shell: bash run: ${{ inputs.command }} - - name: "Generate zip for Linux/Mac" + - name: "Generate SHA of zip for Linux/Mac" if: runner.os == 'Linux' || runner.os == 'MacOS' shell: bash run: ./.github/actions/sha-of-zip.sh ${{ inputs.zipFilename }} ${{ runner.os }} ${{ inputs.shaA }} > ${{ inputs.zipFilename }}.golden.sha${{ inputs.shaA }} - - name: "Generate zip for Windows" + - name: "Generate SHA of zip for Windows" if: runner.os == 'Windows' shell: powershell run: ./.github/actions/sha-of-zip.bat ${{ inputs.zipFilename }} ${{ inputs.shaA }} > ${{ inputs.zipFilename }}.golden.sha${{ inputs.shaA }} diff --git a/.github/actions/zip/action.yml b/.github/actions/zip/action.yml index 034b832b1..9bc976931 100644 --- a/.github/actions/zip/action.yml +++ b/.github/actions/zip/action.yml @@ -9,7 +9,7 @@ inputs: description: "The command to run first" required: true zipFilename: - description: "The output file name" + description: "The output filename" required: true runs: diff --git a/.github/workflows/generate-dependency-hashes.sh b/.github/workflows/generate-dependency-hashes.sh index 7bd77d114..e36220fe1 100755 --- a/.github/workflows/generate-dependency-hashes.sh +++ b/.github/workflows/generate-dependency-hashes.sh @@ -1,6 +1,6 @@ #!/bin/bash -# Generates a CSV of checksums for all maven dependencies in the global cache -# Including their actual SHA 256, and where to verify that online +# Generates a CSV of checksums for all Maven dependencies in the global cache +# including their actual SHA 256, and where to verify that online. # Usage: ./generate-dependency-hashes.sh set -e @@ -22,11 +22,11 @@ for filename in $(find * -type f); do version=$(echo $filename | cut -f3 -d/) ext=${filename#*.} slashSeparatedOrg=$(echo $dotSeparatedOrg | tr "." "/") - friendlyurl="https://mvnrepository.com/artifact/$dotSeparatedOrg/$dependencyName/$version" + friendlyUrl="https://mvnrepository.com/artifact/$dotSeparatedOrg/$dependencyName/$version" directUrl="https://repo1.maven.org/maven2/$slashSeparatedOrg/$dependencyName/$version/$dependencyName-$version.$ext" directUrlToSha1="$directUrl.sha1" directUrlToSha256="$directUrl.sha256" sha1=$($parentPath/sha.sh $filename $os 1) sha256=$($parentPath/sha.sh $filename $os 256) - echo "$filename,$sha1,$sha256,$friendlyurl,$directUrlToSha1,$directUrlToSha256" + echo "$filename,$sha1,$sha256,$friendlyUrl,$directUrlToSha1,$directUrlToSha256" done diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index ed8cb2bf0..2cba69047 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -92,7 +92,7 @@ jobs: run: | echo "FILEPATH=cache/checksums.csv" >> $GITHUB_OUTPUT - - name: "Generate SHA1 and SHA256 for each maven dependency" + - name: "Generate SHA1 and SHA256 for each Maven dependency" shell: bash run: ./.github/workflows/generate-dependency-hashes.sh ${{ runner.os }} >> ${{steps.checksumsfn.outputs.FILEPATH}} @@ -109,7 +109,7 @@ jobs: run: | ./.github/workflows/sha.sh ${{steps.cachefn.outputs.FILEPATH}} ${{ runner.os }} 512 > ${{steps.cachefn.outputs.FILEPATH}}.sha512 - - name: "Generate SHA512 for plugins' checksums" + - name: "Generate SHA512 for checksums of plugins" shell: bash run: | ./.github/workflows/sha.sh ${{steps.checksumsfn.outputs.FILEPATH}} ${{ runner.os }} 512 > ${{steps.checksumsfn.outputs.FILEPATH}}.sha512 @@ -133,7 +133,7 @@ jobs: security create-keychain -p $TEMP_PWD build.keychain security unlock-keychain -p $TEMP_PWD build.keychain echo "Import certificates into keychain" - # Note: in the next command, the -A should not be used outside of github actions. + # Note: in the next command, the -A should not be used outside of GitHub actions. # It allows any application to read the keychain, which is fine in an ephemeral environment, # but not fine if you run this on your own machine. security import certificate.p12 -k build.keychain -P $MACOS_CERTIFICATE_PWD -A -T /usr/bin/codesign -T /usr/bin/productbuild -T /usr/bin/security diff --git a/README.md b/README.md index c70e18657..eba4d8b3f 100644 --- a/README.md +++ b/README.md @@ -53,13 +53,13 @@ On Linux, you may install the .deb file, then run `/opt/rcv/bin/RCTab` to launch `$ chmod 777 gradlew` -#### Method 3 (Least Easy): Building on an airgapped Machine +#### Method 3 (Least Easy): Building on an Air-Gapped Machine - -1. Download gradle from https://gradle.org/releases/ and place it in your path -2. Download and extract the source code from [releases page](https://github.com/BrightSpots/rcv/releases) +1. Download Gradle from https://gradle.org/releases/ and place it in your path +2. Download and extract the source code from + the [releases page](https://github.com/BrightSpots/rcv/releases) 3. Download the appropriate cache files for your OS: cache.[OS].zip -4. Stop the gradle daemon with `gradle --stop` +4. Stop the Gradle daemon with `gradle --stop` 5. Delete the directory ~/.gradle/caches if it exists 6. Extract the appropriate caches/[filename].zip to ~/.gradle/caches so that the "caches" directory is in ~/.gradle 7. In the extracted directory, you may manually verify each dependency using checksums.csv in accordance with your own policies @@ -120,7 +120,9 @@ need to set undeclaredWriteInLabel, you should use "Undeclared Write-ins". ## Viewing Tabulator Output -Tabulator output file names automatically include the current date and time, e.g. `2019-06-25_17-19-28_summary.csv`. This keeps them separate if you tabulate the same contest multiple times. +Tabulator output filenames automatically include the current date and time, +e.g. `2019-06-25_17-19-28_summary.csv`. This keeps them separate if you tabulate the same contest +multiple times. Look in the console window to see where the output spreadsheet was written, e.g. @@ -128,7 +130,9 @@ Look in the console window to see where the output spreadsheet was written, e.g. The summary spreadsheet (in .csv format), summary .json, and audit .log files are all readable using a basic text editor. -**Note**: If you intend to print any of the output files, we **strongly recommend** adding headers / footers with page numbers, the file name, the date and time of printing, who is doing the printing, and any other desired information. +**Note**: If you intend to print any of the output files, we **strongly recommend** adding headers / +footers with page numbers, the filename, the date and time of printing, who is doing the printing, +and any other desired information. ## Acknowledgements