From 5163a39469fb6ed61f03077233e59f416f353a3e Mon Sep 17 00:00:00 2001 From: plastikos <3281727+plastikos@users.noreply.github.com> Date: Tue, 12 Dec 2023 03:11:23 -0700 Subject: [PATCH 1/3] Fixes #430: Validate an artifact using "hash" rather than "fileName" Jenkins only stores one version of an artifact by its hash and by the original filename. Subsequent stores of an artifact with an identical hash but different filename will point to the original artifact. If a duplicate artifact (identical hash) has a different filename than the original filename then that new filename will be stored as a name in the build artifacts but will not change the fileName of the original artifact. This makes it problematic to compare against the original fileName when validating a build artifact that has been saved. Since the md5sum hash is computed for the local, saved artifact it can be compared against the Jenkins artifact ID (viz hash) for validation. This avoids the problem of identical artifacts having additional filenames. Using the hash is also a better way of validating data integrity rather than using the fileName even when the filename matches. --- jenkinsapi/fingerprint.py | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/jenkinsapi/fingerprint.py b/jenkinsapi/fingerprint.py index 5ccc4cca..c813d9bc 100644 --- a/jenkinsapi/fingerprint.py +++ b/jenkinsapi/fingerprint.py @@ -71,6 +71,7 @@ def valid(self) -> bool: return True def validate_for_build(self, filename: str, job: str, build: int) -> bool: + _ = filename # Currently unused if not self.valid(): log.info("Fingerprint is not known to jenkins.") return False @@ -81,10 +82,10 @@ def validate_for_build(self, filename: str, job: str, build: int) -> bool: if self._data["original"]["name"] == job: if self._data["original"]["number"] == build: return True - if self._data["fileName"] != filename: + if self._data["hash"] != self.id_: log.info( - msg="Filename from jenkins (%s) did not match provided (%s)" - % (self._data["fileName"], filename) + msg="File hash from Jenkins (%s) did not match local hash (%s)" + % (self._data["hash"], self.id_) ) return False for usage_item in self._data["usage"]: From 7c0a605bd025efa31c3e3d5ff44534091c11f57b Mon Sep 17 00:00:00 2001 From: plastikos <3281727+plastikos@users.noreply.github.com> Date: Tue, 12 Dec 2023 03:51:00 -0700 Subject: [PATCH 2/3] Change to log-style argument passing. This updates an invocation of log.info() to use %-format style and quells a Codacy complaint. --- jenkinsapi/fingerprint.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/jenkinsapi/fingerprint.py b/jenkinsapi/fingerprint.py index c813d9bc..7bd431f2 100644 --- a/jenkinsapi/fingerprint.py +++ b/jenkinsapi/fingerprint.py @@ -84,8 +84,8 @@ def validate_for_build(self, filename: str, job: str, build: int) -> bool: return True if self._data["hash"] != self.id_: log.info( - msg="File hash from Jenkins (%s) did not match local hash (%s)" - % (self._data["hash"], self.id_) + "File hash from Jenkins (%s) did not match local hash (%s)", + self._data["hash"], self.id_ ) return False for usage_item in self._data["usage"]: From 1e1708bcbb568424d8897a5c596db7f51816a421 Mon Sep 17 00:00:00 2001 From: "pre-commit-ci[bot]" <66853113+pre-commit-ci[bot]@users.noreply.github.com> Date: Tue, 12 Dec 2023 10:52:41 +0000 Subject: [PATCH 3/3] [pre-commit.ci] auto fixes from pre-commit.com hooks for more information, see https://pre-commit.ci --- jenkinsapi/fingerprint.py | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/jenkinsapi/fingerprint.py b/jenkinsapi/fingerprint.py index 7bd431f2..4a8d745c 100644 --- a/jenkinsapi/fingerprint.py +++ b/jenkinsapi/fingerprint.py @@ -85,7 +85,8 @@ def validate_for_build(self, filename: str, job: str, build: int) -> bool: if self._data["hash"] != self.id_: log.info( "File hash from Jenkins (%s) did not match local hash (%s)", - self._data["hash"], self.id_ + self._data["hash"], + self.id_, ) return False for usage_item in self._data["usage"]: