Bug 1325445 - Use sha256sum to verify rust releases. r=mshal draft
authorRalph Giles <giles@mozilla.com>
Fri, 23 Dec 2016 13:29:13 -0800
changeset 453661 1b8526f5ffbcbdb57e00ff1db8a07e75cdf3cc49
parent 453660 da22155a2dc30dafc93d70f38f6bb8a49248c80f
child 453662 c983a334010595e3e183f1758f8764b512932657
push id39723
push userbmo:giles@thaumas.net
push dateSat, 24 Dec 2016 06:49:13 +0000
reviewersmshal
bugs1325445
milestone53.0a1
Bug 1325445 - Use sha256sum to verify rust releases. r=mshal Use sha256sum from coreutils instead of shasum to verify rust releases when not running on MacOS. This makes the repack script more portable between MacOS and Linux. MozReview-Commit-ID: BxFDquTVklu
taskcluster/docker/rust-build/VERSION
taskcluster/docker/rust-build/repack_rust.py
--- a/taskcluster/docker/rust-build/VERSION
+++ b/taskcluster/docker/rust-build/VERSION
@@ -1,1 +1,1 @@
-0.4.0
+0.4.1
--- a/taskcluster/docker/rust-build/repack_rust.py
+++ b/taskcluster/docker/rust-build/repack_rust.py
@@ -1,16 +1,18 @@
 #!/bin/env python
 '''
 This script downloads and repacks official rust language builds
 with the necessary tool and target support for the Firefox
 build environment.
 '''
 
 import os.path
+import sys
+
 import requests
 import subprocess
 import toml
 
 
 def fetch_file(url):
     '''Download a file from the given url if it's not already present.'''
     filename = os.path.basename(url)
@@ -18,27 +20,36 @@ def fetch_file(url):
         return
     r = requests.get(url, stream=True)
     r.raise_for_status()
     with open(filename, 'wb') as fd:
         for chunk in r.iter_content(4096):
             fd.write(chunk)
 
 
+def sha256sum():
+    '''Return the command for verifying SHA-2 256-bit checksums.'''
+    if sys.platform.startswith('darwin'):
+        return 'shasum'
+    else:
+        return 'sha256sum'
+
+
 def fetch(url):
     '''Download and verify a package url.'''
     base = os.path.basename(url)
     print('Fetching %s...' % base)
     fetch_file(url + '.asc')
     fetch_file(url)
     fetch_file(url + '.sha256')
     fetch_file(url + '.asc.sha256')
     print('Verifying %s...' % base)
-    subprocess.check_call(['shasum', '-c', base + '.sha256'])
-    subprocess.check_call(['shasum', '-c', base + '.asc.sha256'])
+    shasum = sha256sum()
+    subprocess.check_call([shasum, '-c', base + '.sha256'])
+    subprocess.check_call([shasum, '-c', base + '.asc.sha256'])
     subprocess.check_call(['gpg', '--verify', base + '.asc', base])
     if False:
         subprocess.check_call([
             'keybase', 'pgp', 'verify', '-d', base + '.asc', '  -i', base,
         ])
 
 
 def install(filename, target):