pkg/index: validate sha256 values #281

ahmetb · 2019-07-20T05:02:28Z

This makes sure the code only deals with valid lowercase sha256 values
(i.e. all lowercase) while doing comparisons etc.

ahmetb · 2019-07-20T05:28:36Z

This is expected to have merge-conflicts with #278 as it updates some test cases deleted in that PR.

codecov-io · 2019-07-20T05:31:39Z

Codecov Report

Merging #281 into master will increase coverage by 0.57%.
The diff coverage is 100%.

@@            Coverage Diff             @@
##           master     #281      +/-   ##
==========================================
+ Coverage   54.91%   55.49%   +0.57%     
==========================================
  Files          19       19              
  Lines         874      883       +9     
==========================================
+ Hits          480      490      +10     
+ Misses        341      337       -4     
- Partials       53       56       +3

Impacted Files	Coverage Δ
pkg/index/validate.go	`95.34% <100%> (+0.34%)`	⬆️
pkg/installation/install.go	`32% <0%> (-2.32%)`	⬇️
pkg/installation/upgrade.go	`0% <0%> (ø)`	⬆️
pkg/installation/util.go	`48.88% <0%> (+7.5%)`	⬆️

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update f346eba...83c2c00. Read the comment docs.

corneliusweig

One small nit. Otherwise looks great.

corneliusweig · 2019-07-20T21:58:56Z

pkg/index/validate.go

@@ -93,6 +96,9 @@ func (p Platform) Validate() error {
 	if p.Sha256 == "" {
 		return errors.New("sha256 sum has to be set")
 	}
+	if !isValidSHA256(p.Sha256) {
+		return errors.Errorf("sha256 value %s is not a valid sha256sum string", p.Sha256)


Could you mention the requirement, that the string is expected to be lower-case?

I decided to include the pattern in the error message.

This makes sure the code only deals with valid lowercase sha256 values (i.e. all lowercase) while doing comparisons etc. Signed-off-by: Ahmet Alp Balkan <ahmetb@google.com>

corneliusweig · 2019-07-21T15:33:20Z

/lgtm
/approve

k8s-ci-robot · 2019-07-21T15:33:25Z

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: ahmetb, corneliusweig

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

~~OWNERS~~ [ahmetb,corneliusweig]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

k8s-ci-robot added the cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. label Jul 20, 2019

k8s-ci-robot requested review from corneliusweig and juanvallejo July 20, 2019 05:02

k8s-ci-robot added approved Indicates a PR has been approved by an approver from all required OWNERS files. size/S Denotes a PR that changes 10-29 lines, ignoring generated files. labels Jul 20, 2019

ahmetb force-pushed the enforce-lowercase-sha branch from 4410e93 to 58ed322 Compare July 20, 2019 05:04

k8s-ci-robot added size/M Denotes a PR that changes 30-99 lines, ignoring generated files. and removed size/S Denotes a PR that changes 10-29 lines, ignoring generated files. labels Jul 20, 2019

ahmetb force-pushed the enforce-lowercase-sha branch from 58ed322 to 5a3d370 Compare July 20, 2019 05:11

ahmetb mentioned this pull request Jul 20, 2019

Refactor upgrade machinery to use semver versions #278

Merged

ahmetb force-pushed the enforce-lowercase-sha branch from 5a3d370 to 3efd737 Compare July 20, 2019 05:28

corneliusweig approved these changes Jul 20, 2019

View reviewed changes

k8s-ci-robot added the needs-rebase Indicates a PR cannot be merged because it has merge conflicts with HEAD. label Jul 20, 2019

ahmetb force-pushed the enforce-lowercase-sha branch from 3efd737 to bf4fa11 Compare July 21, 2019 04:48

pkg/index: validate sha256 values

83c2c00

This makes sure the code only deals with valid lowercase sha256 values (i.e. all lowercase) while doing comparisons etc. Signed-off-by: Ahmet Alp Balkan <ahmetb@google.com>

ahmetb force-pushed the enforce-lowercase-sha branch from bf4fa11 to 83c2c00 Compare July 21, 2019 04:50

k8s-ci-robot removed the needs-rebase Indicates a PR cannot be merged because it has merge conflicts with HEAD. label Jul 21, 2019

k8s-ci-robot assigned corneliusweig Jul 21, 2019

k8s-ci-robot added the lgtm "Looks good to me", indicates that a PR is ready to be merged. label Jul 21, 2019

k8s-ci-robot merged commit 44caf6c into kubernetes-sigs:master Jul 21, 2019

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

pkg/index: validate sha256 values #281

pkg/index: validate sha256 values #281

ahmetb commented Jul 20, 2019

ahmetb commented Jul 20, 2019 •

edited

Loading

codecov-io commented Jul 20, 2019 •

edited

Loading

corneliusweig left a comment

corneliusweig Jul 20, 2019

ahmetb Jul 21, 2019

corneliusweig commented Jul 21, 2019

k8s-ci-robot commented Jul 21, 2019

pkg/index: validate sha256 values #281

pkg/index: validate sha256 values #281

Conversation

ahmetb commented Jul 20, 2019

ahmetb commented Jul 20, 2019 • edited Loading

codecov-io commented Jul 20, 2019 • edited Loading

Codecov Report

corneliusweig left a comment

Choose a reason for hiding this comment

corneliusweig Jul 20, 2019

Choose a reason for hiding this comment

ahmetb Jul 21, 2019

Choose a reason for hiding this comment

corneliusweig commented Jul 21, 2019

k8s-ci-robot commented Jul 21, 2019

ahmetb commented Jul 20, 2019 •

edited

Loading

codecov-io commented Jul 20, 2019 •

edited

Loading