Merge pull request #11 from drone-plugins/checksum-fix

Copy the target file first and fix checksum checks
2026-06-16 14:50:33 +08:00 · 2018-09-27 20:29:14 +02:00 · 2018-09-27 14:37:43 +02:00 · 2018-09-26 07:38:35 +02:00 · 2018-09-25 22:38:06 +02:00 · 2018-09-25 21:01:32 +02:00
3 changed files with 76 additions and 46 deletions
@@ -45,7 +45,7 @@ deploy_script:
      if ( $env:APPVEYOR_PULL_REQUEST_NUMBER ) {
        Write-Host Nothing to deploy.
      } else {
-        docker login --username $env:DOCKER_USERNAME --password $env:DOCKER_PASSWORD
+        echo $env:DOCKER_PASSWORD | docker login --username $env:DOCKER_USERNAME --password-stdin

        if ( $env:APPVEYOR_REPO_TAG -eq 'true' ) {
          $major,$minor,$patch = $env:APPVEYOR_REPO_TAG_NAME.substring(1).split('.')
@@ -31,6 +31,11 @@ func main() {
 			Usage:  "destination for the download",
 			EnvVar: "PLUGIN_DESTINATION",
 		},
+		cli.StringFlag{
+			Name:   "authorization",
+			Usage:  "value to send in the authorization header",
+			EnvVar: "PLUGIN_AUTHORIZATION,DOWNLOAD_AUTHORIZATION",
+		},
 		cli.StringFlag{
 			Name:   "username",
 			Usage:  "username for basic auth",
@@ -52,9 +57,9 @@ func main() {
 			EnvVar: "PLUGIN_MD5",
 		},
 		cli.StringFlag{
-			Name:   "sha265-checksum",
-			Usage:  "checksum in sha265 format",
-			EnvVar: "PLUGIN_SHA265",
+			Name:   "sha256-checksum",
+			Usage:  "checksum in sha256 format",
+			EnvVar: "PLUGIN_SHA256,PLUGIN_SHA265",
 		},
 	}

@@ -66,13 +71,14 @@ func main() {
 func run(c *cli.Context) error {
 	plugin := Plugin{
 		Config: Config{
-			Source:      c.String("source"),
-			Destination: c.String("destination"),
-			Username:    c.String("username"),
-			Password:    c.String("password"),
-			SkipVerify:  c.Bool("skip-verify"),
-			MD5:         c.String("md5-checksum"),
-			SHA265:      c.String("sha265-checksum"),
+			Source:        c.String("source"),
+			Destination:   c.String("destination"),
+			Authorization: c.String("authorization"),
+			Username:      c.String("username"),
+			Password:      c.String("password"),
+			SkipVerify:    c.Bool("skip-verify"),
+			MD5:           c.String("md5-checksum"),
+			SHA256:        c.String("sha256-checksum"),
 		},
 	}

@@ -19,13 +19,14 @@ import (

 type (
 	Config struct {
-		Source      string
-		Destination string
-		Username    string
-		Password    string
-		SkipVerify  bool
-		MD5         string
-		SHA265      string
+		Source        string
+		Destination   string
+		Authorization string
+		Username      string
+		Password      string
+		SkipVerify    bool
+		MD5           string
+		SHA256        string
 	}

 	Plugin struct {
@@ -57,6 +58,15 @@ func (p Plugin) Exec() error {
 				InsecureSkipVerify: p.Config.SkipVerify,
 			},
 		},
+		CheckRedirect: func(req *http.Request, via []*http.Request) error {
+			if p.Config.Username != "" && p.Config.Password != "" {
+				req.SetBasicAuth(p.Config.Username, p.Config.Password)
+			}
+			if p.Config.Authorization != "" {
+				req.Header.Add("Authorization", p.Config.Authorization)
+			}
+			return nil
+		},
 	}

 	req, err := http.NewRequest(
@@ -73,6 +83,10 @@ func (p Plugin) Exec() error {
 		req.SetBasicAuth(p.Config.Username, p.Config.Password)
 	}

+	if p.Config.Authorization != "" {
+		req.Header.Add("Authorization", p.Config.Authorization)
+	}
+
 	resp, err := client.Do(req)

 	if err != nil {
@@ -81,6 +95,10 @@ func (p Plugin) Exec() error {

 	defer resp.Body.Close()

+	if resp.StatusCode != http.StatusOK {
+		return errors.Errorf("request failed, status %s", http.StatusText(resp.StatusCode))
+	}
+
 	target, err := os.Create(destination)

 	if err != nil {
@@ -89,39 +107,45 @@ func (p Plugin) Exec() error {

 	defer target.Close()

-	if p.Config.MD5 != "" {
-		h := md5.New()
-
-		if _, err := io.Copy(h, resp.Body); err != nil {
-			return errors.Wrap(err, "failed to compare checksum")
-		}
-
-		check := fmt.Sprintf("%x", h.Sum(nil))
-
-		if p.Config.MD5 != check {
-			return fmt.Errorf("checksum doesn't match, got %s and expected %s", check, p.Config.MD5)
-		}
-	}
-
-	if p.Config.SHA265 != "" {
-		h := sha256.New()
-
-		if _, err := io.Copy(h, resp.Body); err != nil {
-			return errors.Wrap(err, "failed to compare checksum")
-		}
-
-		check := fmt.Sprintf("%x", h.Sum(nil))
-
-		if p.Config.MD5 != check {
-			return fmt.Errorf("checksum doesn't match, got %s and expected %s", check, p.Config.SHA265)
-		}
-	}
-
 	_, err = io.Copy(target, resp.Body)

 	if err != nil {
 		return errors.Wrap(err, "copying destination failed")
 	}

+	if p.Config.MD5 != "" {
+		h := md5.New()
+		target.Seek(0, 0)
+
+		if _, err := io.Copy(h, target); err != nil {
+			defer os.Remove(target.Name())
+			return errors.Wrap(err, "failed to compare checksum")
+		}
+
+		check := fmt.Sprintf("%x", h.Sum(nil))
+
+		if p.Config.MD5 != check {
+			defer os.Remove(target.Name())
+			return fmt.Errorf("checksum doesn't match, got %s and expected %s", check, p.Config.MD5)
+		}
+	}
+
+	if p.Config.SHA256 != "" {
+		h := sha256.New()
+		target.Seek(0, 0)
+
+		if _, err := io.Copy(h, target); err != nil {
+			defer os.Remove(target.Name())
+			return errors.Wrap(err, "failed to compare checksum")
+		}
+
+		check := fmt.Sprintf("%x", h.Sum(nil))
+
+		if p.Config.SHA256 != check {
+			defer os.Remove(target.Name())
+			return fmt.Errorf("checksum doesn't match, got %s and expected %s", check, p.Config.SHA256)
+		}
+	}
+
 	return nil
 }
Author	SHA1	Message	Date
Thomas Boerger	f06bb4fcc7	Merge pull request #11 from drone-plugins/checksum-fix Copy the target file first and fix checksum checks	2018-09-27 20:29:14 +02:00
Thomas Boerger	852b0b104c	Copy the target file first and fix checksum checks	2018-09-27 14:37:43 +02:00
Thomas Boerger	125c08a2e6	Merge pull request #9 from patrickjahns/fix_checksum_miscalculation fix comparison for sha256 checksum	2018-09-26 07:38:35 +02:00
Patrick Jahns	64bc79b1db	fix comparison for sha256 checksum	2018-09-25 22:38:06 +02:00
Thomas Boerger	ce7e9cd1c9	Merge pull request #8 from patrickjahns/fix_checksumming fixed typo regards to sha checksumming	2018-09-25 21:01:32 +02:00
Patrick Jahns	77d760c2b9	provide legacy fallback option to avoid breaking changes	2018-09-25 19:33:31 +02:00
Patrick Jahns	a367d8be06	fixed typo regards to sha checksumming	2018-09-25 16:29:22 +02:00
Thomas Boerger	cb10efa30b	Merge pull request #7 from patrickjahns/add_header_options added ability to specify a authorization header	2018-09-25 14:46:33 +02:00
Patrick Jahns	0746c93e6d	added ability to specify a authorization header	2018-09-25 13:02:34 +02:00
Thomas Boerger	f60fbda48d	Merge pull request #6 from appleboy/patch-1 Provide a password using STDIN	2018-09-25 12:58:41 +02:00
Bo-Yi Wu	d0e70bf7f1	Provide a password using STDIN	2018-06-30 20:17:54 +08:00
Thomas Boerger	67694d2750	Merge pull request #4 from drone-plugins/stats-code Properly check for status 200	2018-05-02 13:01:37 +02:00
Thomas Boerger	ccc30ebd8d	Merge pull request #5 from drone-plugins/redirect-basicauth Add basic auth on redirects	2018-05-02 13:01:27 +02:00
Thomas Boerger	49372d3e9d	Add basic auth on redirects	2018-05-02 12:25:36 +02:00
Thomas Boerger	e12b6abe00	Properly check for status 200	2018-05-02 11:53:44 +02:00