-
Notifications
You must be signed in to change notification settings - Fork 95
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
fix: verify shasum for finch dependencies #969
Merged
austinvazquez
merged 1 commit into
runfinch:main
from
austinvazquez:verify-shasum-for-finch-dependencies
Jun 27, 2024
Merged
fix: verify shasum for finch dependencies #969
austinvazquez
merged 1 commit into
runfinch:main
from
austinvazquez:verify-shasum-for-finch-dependencies
Jun 27, 2024
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
austinvazquez
changed the title
Verify shasum for finch dependencies
fix: verify shasum for finch dependencies
Jun 5, 2024
austinvazquez
force-pushed
the
verify-shasum-for-finch-dependencies
branch
3 times, most recently
from
June 5, 2024 22:37
6fd0211
to
6ac74d6
Compare
1 task
austinvazquez
added a commit
that referenced
this pull request
Jun 21, 2024
Issue #, if available: Split from #969 *Description of changes:* This change fixes SOCI installation to verify pull artifacts matches hardcoded hashchecks. *Testing done:* Updated unit tests to check for new hashcheck. - [x] I've reviewed the guidance in CONTRIBUTING.md #### License Acceptance By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license. Signed-off-by: Austin Vazquez <macedonv@amazon.com>
austinvazquez
force-pushed
the
verify-shasum-for-finch-dependencies
branch
from
June 24, 2024 23:51
6ac74d6
to
533cb36
Compare
austinvazquez
commented
Jun 24, 2024
austinvazquez
force-pushed
the
verify-shasum-for-finch-dependencies
branch
6 times, most recently
from
June 26, 2024 16:48
364a557
to
90d648c
Compare
pendo324
reviewed
Jun 26, 2024
This change refactors the build system to use finch-core's dependency mechanism for installing and verifying the base OS image, rootfs archive, and Lima bundle needed for macOS and Windows platforms. Signed-off-by: Austin Vazquez <macedonv@amazon.com>
austinvazquez
force-pushed
the
verify-shasum-for-finch-dependencies
branch
from
June 27, 2024 17:18
90d648c
to
96f6cf5
Compare
pendo324
approved these changes
Jun 27, 2024
1 task
austinvazquez
pushed a commit
that referenced
this pull request
Jul 1, 2024
Issue #, if available: *Description of changes:* Recently in #969, the Makefile was refactored significantly, and the mechanism that was used to override the installation directory was removed ([used here](https://github.com/runfinch/finch/blob/main/.github/workflows/build-pkg.yaml#L57)). This just adds that mechanism back. There could be a better way to do this, but for now just reverting back to how it was done before the recent change. *Testing done:* Tested locally. The `_output/os/finch.yaml` file correctly used `/Applications/Finch/`, which was the path I overwrote, as a prefix - [x] I've reviewed the guidance in CONTRIBUTING.md #### License Acceptance By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license. Signed-off-by: Justin Alvarez <alvajus@amazon.com>
austinvazquez
pushed a commit
that referenced
this pull request
Jul 2, 2024
🤖 I have created a release *beep* *boop* --- ## [1.2.1](v1.2.0...v1.2.1) (2024-07-02) ### Build System or External Dependencies * **deps:** Bump github.com/aws/aws-sdk-go-v2 from 1.27.0 to 1.27.1 ([#963](#963)) ([4c2dc12](4c2dc12)) * **deps:** Bump github.com/aws/aws-sdk-go-v2 from 1.27.1 to 1.27.2 ([#974](#974)) ([54aa67c](54aa67c)) * **deps:** bump github.com/aws/aws-sdk-go-v2 from 1.27.2 to 1.30.0 ([#991](#991)) ([bbcb8e7](bbcb8e7)) * **deps:** Bump github.com/docker/cli from 26.1.3+incompatible to 26.1.4+incompatible ([#973](#973)) ([f774e2d](f774e2d)) * **deps:** bump github.com/docker/cli from 26.1.4+incompatible to 27.0.2+incompatible ([#999](#999)) ([0244698](0244698)) * **deps:** bump github.com/docker/cli from 27.0.2+incompatible to 27.0.3+incompatible ([#1005](#1005)) ([c801e69](c801e69)) * **deps:** Bump github.com/docker/docker from 26.1.3+incompatible to 26.1.4+incompatible ([#972](#972)) ([05b9c05](05b9c05)) * **deps:** bump github.com/docker/docker from 26.1.4+incompatible to 27.0.1+incompatible ([#996](#996)) ([1f68260](1f68260)) * **deps:** bump github.com/docker/docker from 27.0.1+incompatible to 27.0.2+incompatible ([#1001](#1001)) ([50a639b](50a639b)) * **deps:** bump github.com/docker/docker from 27.0.2+incompatible to 27.0.3+incompatible ([#1006](#1006)) ([537abad](537abad)) * **deps:** bump github.com/spf13/cobra from 1.8.0 to 1.8.1 ([#983](#983)) ([7b2bed6](7b2bed6)) * **deps:** bump golang.org/x/image from 0.12.0 to 0.18.0 ([#998](#998)) ([398658e](398658e)) * **deps:** Bump golang.org/x/text from 0.15.0 to 0.16.0 ([#964](#964)) ([8a3973a](8a3973a)) * **deps:** Bump golang.org/x/tools from 0.21.0 to 0.22.0 ([#967](#967)) ([3921b00](3921b00)) * **deps:** bump k8s.io/apimachinery from 0.30.1 to 0.30.2 ([#981](#981)) ([c8ebf20](c8ebf20)) * **deps:** Bump submodules and dependencies ([#1008](#1008)) ([6134a5a](6134a5a)) * **deps:** Bump submodules and dependencies ([#949](#949)) ([b5ee424](b5ee424)) ### Bug Fixes * add SOCI snapshotter hash check ([#985](#985)) ([563f346](563f346)) * Allow to use the COMPOSE_FILE variable in finch compose ([#994](#994)) ([17d4bc8](17d4bc8)) * Enable `finch support-bundle generate` to execute on Windows whe… ([#976](#976)) ([9c1caf0](9c1caf0)) * update snapshotters reference ([#986](#986)) ([06b9027](06b9027)) * verify shasum for finch dependencies ([#969](#969)) ([9d85f25](9d85f25)) --- This PR was generated with [Release Please](https://github.com/googleapis/release-please). See [documentation](https://github.com/googleapis/release-please#release-please). Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Issue #, if available:
Finch dependencies must be verified against known good shasum at pull time.
Description of changes:
This change refactors Finch to use the dependency mechanism in
finch-core
for pulling and verifying core dependencies such as the OS image and Lima bundle for macOS and the rootfs archive for Windows platforms.As a side effect of this change, dependency updates are now 1-to-1 with finch-core updates. This is a simplification on the current mechanism which duplicated the effort for updates.
Testing done:
Ran
make
on macOS.License Acceptance
By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.