diff options
| author | Todd Gamblin <tgamblin@llnl.gov> | 2019-10-12 02:04:05 -0700 |
|---|---|---|
| committer | Todd Gamblin <tgamblin@llnl.gov> | 2019-10-12 07:19:43 -0700 |
| commit | 64bdc3251f86667cfe1df533ee8638e73514c540 (patch) | |
| tree | fe907e8985645415b6070b003472708896b76e47 /lib | |
| parent | 8cbd349cb4c2420e64de138e848cbeaad232ec1d (diff) | |
| download | spack-64bdc3251f86667cfe1df533ee8638e73514c540.tar.gz spack-64bdc3251f86667cfe1df533ee8638e73514c540.tar.bz2 spack-64bdc3251f86667cfe1df533ee8638e73514c540.tar.xz spack-64bdc3251f86667cfe1df533ee8638e73514c540.zip | |
checksums: enforce that all mainline packages use sha256 checksums
- Add a test that verifies checksums on all packages
- Also add an attribute to packages that indicates whether they need a
manual download or not, and add an exception in the tests for these
packages until we can verify them.
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/spack/spack/package.py | 5 | ||||
| -rw-r--r-- | lib/spack/spack/test/package_sanity.py | 42 |
2 files changed, 45 insertions, 2 deletions
diff --git a/lib/spack/spack/package.py b/lib/spack/spack/package.py index 23763edf10..e8d78a6ac7 100644 --- a/lib/spack/spack/package.py +++ b/lib/spack/spack/package.py @@ -465,10 +465,13 @@ class PackageBase(with_metaclass(PackageMeta, PackageViewMixin, object)): #: _spack_build_envfile. archive_files = [] + #: Boolean. Set to ``True`` for packages that require a manual download. + #: This is currently only used by package sanity tests. + manual_download = False + # # Set default licensing information # - #: Boolean. If set to ``True``, this software requires a license. #: If set to ``False``, all of the ``license_*`` attributes will #: be ignored. Defaults to ``False``. diff --git a/lib/spack/spack/test/package_sanity.py b/lib/spack/spack/test/package_sanity.py index e1a16e80af..1dd96dccec 100644 --- a/lib/spack/spack/test/package_sanity.py +++ b/lib/spack/spack/test/package_sanity.py @@ -8,9 +8,10 @@ import re import pytest +import spack.fetch_strategy import spack.paths import spack.repo -import spack.fetch_strategy +import spack.util.crypto as crypto def check_repo(): @@ -94,3 +95,42 @@ def test_docstring(): for name in spack.repo.all_package_names(): pkg = spack.repo.get(name) assert pkg.__doc__ + + +def test_all_packages_use_sha256_checksums(): + """Make sure that no packages use md5 checksums.""" + + errors = [] + for name in spack.repo.all_package_names(): + pkg = spack.repo.path.get(name) + + # for now, don't enforce on packages that require manual downloads + # TODO: eventually fix these, too. + if pkg.manual_download: + continue + + def invalid_sha256_digest(fetcher): + if getattr(fetcher, "digest", None): + h = crypto.hash_algo_for_digest(fetcher.digest) + if h != "sha256": + return h + + for v, args in pkg.versions.items(): + fetcher = spack.fetch_strategy.for_package_version(pkg, v) + bad_digest = invalid_sha256_digest(fetcher) + if bad_digest: + errors.append( + "All packages must use sha256 checksums. %s@%s uses %s." % + (name, v, bad_digest) + ) + + for _, resources in pkg.resources.items(): + for resource in resources: + bad_digest = invalid_sha256_digest(resource.fetcher) + if bad_digest: + errors.append( + "All packages must use sha256 checksums." + "Resource in %s uses %s." % (name, v, bad_digest) + ) + + assert [] == errors |