Support Acquire-By-Hash for index files #664
Conversation
|
Added documentation in PR aptly-dev/www.aptly.info#55 |
sliverc
force-pushed
the
acquire-by-hash
branch
from
384300c
to
34ae8bb
Compare
bash_completion.d/aptly
Outdated
| @@ -499,7 +499,7 @@ _aptly() | |||
| "snapshot"|"repo") | |||
| if [[ $numargs -eq 0 ]]; then | |||
| if [[ "$cur" == -* ]]; then | |||
| COMPREPLY=($(compgen -W "-batch -force-overwrite -distribution= -component= -gpg-key= -keyring= -label= -origin= -notautomatic= -butautomaticupgrades= -passphrase= -passphrase-file= -secret-keyring= -skip-contents -skip-signing" -- ${cur})) | |||
| COMPREPLY=($(compgen -W "-batch -force-overwrite -distribution= -component= -gpg-key= -keyring= -label= -origin= -notautomatic= -butautomaticupgrades= -passphrase= -passphrase-file= -secret-keyring= -skip-contents -skip-signing -acquire-by-hash" -- ${cur})) | |||
There was a problem hiding this comment.
Could you please keep options sorted here, so that it's easier to find if something is there in the list or not?
There was a problem hiding this comment.
Make sense. There were some other options which were not in order either so reordered whole list.
deb/index_files.go
Outdated
| hashs := []string{} | ||
| if file.acquireByHash { | ||
| hashs = append(hashs, "MD5Sum", "SHA1", "SHA256", "SHA512") | ||
| for _, hash := range hashs { |
There was a problem hiding this comment.
I think this can be straight for _, hash := range []string{"MD5Sum", "SHA1", ....} {
deb/index_files.go
Outdated
| if file.acquireByHash { | ||
| sums := file.parent.generatedFiles[file.relativePath+ext] | ||
|
|
||
| err = packageIndexByHash(file, ext, "SHA512", sums.SHA512) |
There was a problem hiding this comment.
I think we can rewrite this in a loop similar line 107?
There was a problem hiding this comment.
Used map to accomplish this.
deb/index_files.go
Outdated
|
|
||
| err = packageIndexByHash(file, ext, "SHA512", sums.SHA512) | ||
| if err != nil { | ||
| fmt.Printf("%s\n", err) |
There was a problem hiding this comment.
We should return an error here? Unless we want to ignore some errors (I would prefer error to be returned)
files/public.go
Outdated
|
|
||
| // FileExists returns true if path exists | ||
| func (storage *PublishedStorage) FileExists(path string) bool { | ||
| list, err := storage.Filelist(filepath.Dir(path)) |
There was a problem hiding this comment.
Should we use os.Lstat (https://godoc.org/os#Lstat) + os.IsNotExist (https://godoc.org/os#IsNotExist) here? Listing directory seems to be really resource-consuming for this simple task?
There was a problem hiding this comment.
Definitely. Changed as suggested.
There was a problem hiding this comment.
There were also some unit tests missing which I added now.
s3/public.go
Outdated
|
|
||
| params := &s3.CopyObjectInput{ | ||
| Bucket: aws.String(storage.bucket), | ||
| CopySource: aws.String(src), |
There was a problem hiding this comment.
I think we need to do filepath.Join(storage.prefix, src) here as well
s3/public.go
Outdated
| Key: aws.String(filepath.Join(storage.prefix, path)), | ||
| } | ||
| _, err := storage.s3.HeadObject(params) | ||
| return err == nil |
There was a problem hiding this comment.
I think we should distinguish "not found" error vs. some other AWS error (which would be an error, and it's better for FileExists to return bool, error here)
There was a problem hiding this comment.
Make sense. Adjusted interface and also implemented difference between file existence and error in other storage types as well.
sliverc
force-pushed
the
acquire-by-hash
branch
2 times, most recently
from
1b9b9bf
to
46cce5a
Compare
|
@smira Adjusted PR according to your comments. Let me know if there is anything else. |
The added "aptly publish repo" option "-access-by-hash" publishes the index files (Packages*, Sources*) also as hardlinked hashes. Example: /dists/yakkety/main/binary-amd64/by-hash/SHA512/31833ec39acc... The Release files indicate this with the option "Acquire-By-Hash: yes" This is used by apt >= 1.2.0 and prevents the "Hash sum mismatch" race condition between a server side "aptly publish repo" and "apt-get update" on a client. See: http://www.chiark.greenend.org.uk/~cjwatson/blog/no-more-hash-sum-mismatch-errors.html This implementation uses symlinks in the by-hash/*/ directory for keeping only two versions of the index files and deleting older files automatically. Note: this only works with aptly.FileSystemPublishedStorage Closes: aptly-dev#536 Signed-off-by: André Roth <neolynx@gmail.com>
Signed-off-by: André Roth <neolynx@gmail.com>
This makes it easier maintainable.
sliverc
force-pushed
the
acquire-by-hash
branch
from
46cce5a
to
b2bf4f7
Compare
|
Great news... Thanks |
Fixes #536
Description of the Change
This follows up on #551 beside small fixes adds following:
Checklist
AUTHORS