From 7a2107a7bc27129a1eae84476d9878f1d2732a63 Mon Sep 17 00:00:00 2001 From: julian-CStack <97684800+julian-CStack@users.noreply.github.com> Date: Thu, 18 May 2023 15:07:02 -0600 Subject: [PATCH 1/4] Create main.yml test adding action to verify theme zip files match with what is expected in themes.json --- .github/workflows/main.yml | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) create mode 100644 .github/workflows/main.yml diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml new file mode 100644 index 0000000..a2501c3 --- /dev/null +++ b/.github/workflows/main.yml @@ -0,0 +1,20 @@ +#should deny +name: Verify +on: [pull_request] +jobs: + test: + runs-on: ubuntu-20.04 + steps: + - name: Prepare repository + uses: actions/checkout@v3 + + - name: Install dependencies + run: | + sudo apt install -y unzip jq + + - name: Run verify script + run: | + bash scripts/verify.sh + if [ $? -eq 1 ]; then + exit 1 + fi -- 2.45.2 From a891c4a8791ffb943ce95082d41588702dfc5201 Mon Sep 17 00:00:00 2001 From: julian Date: Thu, 18 May 2023 15:10:37 -0600 Subject: [PATCH 2/4] verify script --- scripts/verify.sh | 67 +++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 67 insertions(+) create mode 100755 scripts/verify.sh diff --git a/scripts/verify.sh b/scripts/verify.sh new file mode 100755 index 0000000..a8e305e --- /dev/null +++ b/scripts/verify.sh @@ -0,0 +1,67 @@ +#!/bin/bash + +function checkVersionAndId { + idArg=$1 + versionArg=$2 + + themeId="$(unzip -p "${idArg}.zip" theme.json | jq -r '.id')" + if [[ $idArg != "$themeId" ]]; then + echo "Theme id for $idArg does NOT match!" + exit 1 + else + echo "theme ids match" + fi + + themeVersion="$(unzip -p "${idArg}.zip" theme.json | jq -r '.version')" + if [[ "$versionArg" != "$themeVersion" ]]; then + echo "Versions for $idArg do NOT match!" + exit 1 + else + echo "versions match" + fi +} + +zip_dir="../data/themes" + +# Change to the specified zip_dir +cd "$zip_dir" || exit 1 + + +json_file="../themes.json" + +# Read the contents of the JSON file +json=$(cat "$json_file") + +# Extract the "sha256" and "id" values using jq +themes=$(echo "$json" | jq -r '.themes[] | "\(.sha256) \(.id) \(.version)"') + +# Loop through each theme and print the "sha256" and "id" values +while read -r sha256 id version; do + + file="${id}.zip" + if [[ -f "$file" ]]; then + # Calculate the SHA256 hash + sha256sum_output=$(sha256sum "$file") + sha256_hash=${sha256sum_output%% *} + + # Check if match + if [[ "$sha256" == "$sha256_hash" ]]; then + echo "Theme $file hash matches hash in themes.json" + else + echo "Theme $file hash doe NOT match hash in themes.json!" + exit 1 + fi + + # Check inside zip file + checkVersionAndId "$id" "$version" + + echo + + else + echo "Theme $file not found!" + exit 1 + fi + +done <<< "$themes" + + -- 2.45.2 From f013161b69291226277f0423c3f10ace93c472f2 Mon Sep 17 00:00:00 2001 From: julian-CStack <97684800+julian-CStack@users.noreply.github.com> Date: Thu, 18 May 2023 15:17:12 -0600 Subject: [PATCH 3/4] Update main.yml --- .github/workflows/main.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index a2501c3..6af2296 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -14,6 +14,7 @@ jobs: - name: Run verify script run: | + cd scripts bash scripts/verify.sh if [ $? -eq 1 ]; then exit 1 -- 2.45.2 From 8dee85c16fb4acd8579a67005d818920e2e11baf Mon Sep 17 00:00:00 2001 From: julian-CStack <97684800+julian-CStack@users.noreply.github.com> Date: Thu, 18 May 2023 15:19:44 -0600 Subject: [PATCH 4/4] Update main.yml --- .github/workflows/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 6af2296..5c844ec 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -15,7 +15,7 @@ jobs: - name: Run verify script run: | cd scripts - bash scripts/verify.sh + bash verify.sh if [ $? -eq 1 ]; then exit 1 fi -- 2.45.2