Add a check for all URLs in the package file (#7848)

Avoid issues like #7847 by downloading and checking SHA for each file in the package.json bundle.
esp8266 · Jan 28, 2021 · 39d1453 · 39d1453
1 parent 600c5d7
commit 39d1453
Show file tree

Hide file tree

Showing 3 changed files with 25 additions and 0 deletions.
diff --git a/.github/workflows/pull-request.yml b/.github/workflows/pull-request.yml
@@ -268,3 +268,4 @@ jobs:
       run: |
           bash ./tests/ci/build_boards.sh
           bash ./tests/ci/eboot_test.sh
+          bash ./tests/ci/pkgrefs_test.sh
diff --git a/tests/ci/eboot_test.sh b/tests/ci/eboot_test.sh
diff --git a/tests/ci/pkgrefs_test.sh b/tests/ci/pkgrefs_test.sh
@@ -0,0 +1,24 @@
+#!/bin/bash
+
+set -ev
+
+fail=0
+for i in $(cat "$TRAVIS_BUILD_DIR/package/package_esp8266com_index.template.json" | jq '.packages[0]."tools" | .[] | .systems[] | "\(.url) \(.checksum)"' | sort -u | sed 's/ /@/'); do
+    url=$(echo $i | sed 's/@/ /' | cut -f2 -d\" | cut -f1 -d' ')
+    sha=$(echo $i | sed 's/@/ /' | cut -f2 -d\" | cut -f2 -d' ' | cut -f2 -d:)
+    echo "INFO:  Checking $url"
+    rm -f file.bin
+    wget --quiet -O file.bin $url
+    calc=$(sha256sum file.bin | cut -f1 -d" ")
+    if [ "$sha" != "$calc" ]; then
+        echo "ERROR:  Download failed or SHA mismatch for $url"
+        echo "ERROR:  Expected $sha"
+        echo "ERROR:  Received $calc"
+        fail=1
+    fi
+done
+
+if [ $fail -ne 0 ]; then
+    echo ERROR:  Package file integrity check failed
+    exit 1
+fi