@Singleton @Named(value="summaryFile") public final class SummaryFileTrustedChecksumsSource extends FileTrustedChecksumsSourceSupport
FileTrustedChecksumsSourceSupport
implementation that use specified directory as base
directory, where it expects a "summary" file named as "checksums.${checksumExt}" for each checksum algorithm.
File format is GNU Coreutils compatible: each line holds checksum followed by two spaces and artifact relative path
(from local repository root, without leading "./"). This means that trusted checksums summary file can be used to
validate artifacts or generate it using standard GNU tools like GNU sha1sum
is (for BSD derivatives same
file can be used with -r
switch).
The format supports comments "#" (hash) and empty lines for easier structuring the file content, and both are ignored. Also, their presence makes the summary file incompatible with GNU Coreutils format. On save of the summary file, the comments and empty lines are lost, and file is sorted by path names for easier diffing (2nd column in file).
The source by default is "origin aware", and it will factor in origin repository ID as well into summary file name, for example "checksums-central.sha256".
Example commands for managing summary file (in examples will use repository ID "central"):
find * -not -name "checksums-central.sha256" -type f -print0 |
xargs -0 sha256sum | sort -k 2 > checksums-central.sha256
sha256sum --quiet -c checksums-central.sha256
The checksums summary file is lazily loaded and remains cached during lifetime of the component, so file changes during lifecycle of the component are not picked up. This implementation can be simultaneously used to lookup and also record checksums. The recorded checksums will become visible for every session, and will be flushed at repository system shutdown, merged with existing ones on disk.
The name of this implementation is "summaryFile".
Modifier and Type | Class and Description |
---|---|
private class |
SummaryFileTrustedChecksumsSource.SummaryFileWriter |
TrustedChecksumsSource.Writer
Modifier and Type | Field and Description |
---|---|
private java.util.concurrent.ConcurrentHashMap<java.nio.file.Path,java.lang.Boolean> |
changedChecksums |
private java.util.concurrent.ConcurrentHashMap<java.nio.file.Path,java.util.concurrent.ConcurrentHashMap<java.lang.String,java.lang.String>> |
checksums |
private static java.lang.String |
CHECKSUMS_FILE_PREFIX |
private LocalPathComposer |
localPathComposer |
private static org.slf4j.Logger |
LOGGER |
static java.lang.String |
NAME |
private java.util.concurrent.atomic.AtomicBoolean |
onShutdownHandlerRegistered |
private RepositorySystemLifecycle |
repositorySystemLifecycle |
LOCAL_REPO_PREFIX_DIR
Constructor and Description |
---|
SummaryFileTrustedChecksumsSource(LocalPathComposer localPathComposer,
RepositorySystemLifecycle repositorySystemLifecycle) |
Modifier and Type | Method and Description |
---|---|
protected java.util.Map<java.lang.String,java.lang.String> |
doGetTrustedArtifactChecksums(RepositorySystemSession session,
Artifact artifact,
ArtifactRepository artifactRepository,
java.util.List<ChecksumAlgorithmFactory> checksumAlgorithmFactories)
Implementors MUST NOT return
null at this point, as this source is enabled. |
protected SummaryFileTrustedChecksumsSource.SummaryFileWriter |
doGetTrustedArtifactChecksumsWriter(RepositorySystemSession session)
Implementors may override this method and return
Writer instance. |
private java.util.concurrent.ConcurrentHashMap<java.lang.String,java.lang.String> |
loadProvidedChecksums(java.nio.file.Path summaryFile) |
private void |
saveRecordedLines()
On-close handler that saves recorded checksums, if any.
|
private java.nio.file.Path |
summaryFile(java.nio.file.Path basedir,
boolean originAware,
java.lang.String repositoryId,
java.lang.String checksumExtension)
Returns the summary file path.
|
configPropKey, getBasedir, getTrustedArtifactChecksums, getTrustedArtifactChecksumsWriter, isEnabled, isOriginAware
public static final java.lang.String NAME
private static final java.lang.String CHECKSUMS_FILE_PREFIX
private static final org.slf4j.Logger LOGGER
private final LocalPathComposer localPathComposer
private final RepositorySystemLifecycle repositorySystemLifecycle
private final java.util.concurrent.ConcurrentHashMap<java.nio.file.Path,java.util.concurrent.ConcurrentHashMap<java.lang.String,java.lang.String>> checksums
private final java.util.concurrent.ConcurrentHashMap<java.nio.file.Path,java.lang.Boolean> changedChecksums
private final java.util.concurrent.atomic.AtomicBoolean onShutdownHandlerRegistered
@Inject public SummaryFileTrustedChecksumsSource(LocalPathComposer localPathComposer, RepositorySystemLifecycle repositorySystemLifecycle)
protected java.util.Map<java.lang.String,java.lang.String> doGetTrustedArtifactChecksums(RepositorySystemSession session, Artifact artifact, ArtifactRepository artifactRepository, java.util.List<ChecksumAlgorithmFactory> checksumAlgorithmFactories)
FileTrustedChecksumsSourceSupport
null
at this point, as this source is enabled.doGetTrustedArtifactChecksums
in class FileTrustedChecksumsSourceSupport
protected SummaryFileTrustedChecksumsSource.SummaryFileWriter doGetTrustedArtifactChecksumsWriter(RepositorySystemSession session)
FileTrustedChecksumsSourceSupport
Writer
instance.doGetTrustedArtifactChecksumsWriter
in class FileTrustedChecksumsSourceSupport
private java.nio.file.Path summaryFile(java.nio.file.Path basedir, boolean originAware, java.lang.String repositoryId, java.lang.String checksumExtension)
private java.util.concurrent.ConcurrentHashMap<java.lang.String,java.lang.String> loadProvidedChecksums(java.nio.file.Path summaryFile)
private void saveRecordedLines()