Class TrustedChecksumsArtifactResolverPostProcessor
- java.lang.Object
-
- org.eclipse.aether.internal.impl.resolution.ArtifactResolverPostProcessorSupport
-
- org.eclipse.aether.internal.impl.resolution.TrustedChecksumsArtifactResolverPostProcessor
-
- All Implemented Interfaces:
ArtifactResolverPostProcessor
@Singleton @Named("trustedChecksums") public final class TrustedChecksumsArtifactResolverPostProcessor extends ArtifactResolverPostProcessorSupport
Artifact resolver processor that verifies the checksums of all resolved artifacts against trusted checksums. Is also able to "record" (calculate and write them) to trusted checksum sources, that do support this operation.It uses a list of
ChecksumAlgorithmFactory
ies to work with, by default SHA-1.Configuration keys:
aether.artifactResolver.postProcessor.trustedChecksums.checksumAlgorithms
- Comma separated list ofChecksumAlgorithmFactory
names to use (default "SHA-1").aether.artifactResolver.postProcessor.trustedChecksums.failIfMissing
- To fail if artifact being validated is missing a trusted checksum (defaultfalse
).aether.artifactResolver.postProcessor.trustedChecksums.snapshots
- Should snapshot artifacts be handled (validated or recorded). Snapshots are by "best practice" in-house produced, hence should be trusted (defaultfalse
).aether.artifactResolver.postProcessor.trustedChecksums.record
- If this value set totrue
, this component with not validate but "record" encountered artifact checksums instead (defaultfalse
).
This component uses
TrustedChecksumsSource
as source of checksums for validation and also to "record" the calculated checksums. To have this component usable, there must exist at least one enabled checksum source. In case of multiple checksum sources enabled, ALL of them are used as source for validation or recording. This implies that if two enabled checksum sources "disagree" about an artifact checksum, the validation failure is inevitable.- Since:
- 1.9.0
-
-
Field Summary
Fields Modifier and Type Field Description private static java.lang.String
CHECKSUM_ALGORITHMS_CACHE_KEY
private ChecksumAlgorithmFactorySelector
checksumAlgorithmFactorySelector
private static java.lang.String
CONF_NAME_CHECKSUM_ALGORITHMS
private static java.lang.String
CONF_NAME_FAIL_IF_MISSING
private static java.lang.String
CONF_NAME_RECORD
private static java.lang.String
CONF_NAME_SNAPSHOTS
private static java.lang.String
DEFAULT_CHECKSUM_ALGORITHMS
static java.lang.String
NAME
private java.util.Map<java.lang.String,TrustedChecksumsSource>
trustedChecksumsSources
-
Constructor Summary
Constructors Constructor Description TrustedChecksumsArtifactResolverPostProcessor(ChecksumAlgorithmFactorySelector checksumAlgorithmFactorySelector, java.util.Map<java.lang.String,TrustedChecksumsSource> trustedChecksumsSources)
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description protected void
doPostProcess(RepositorySystemSession session, java.util.List<ArtifactResult> artifactResults)
private void
recordArtifactChecksums(RepositorySystemSession session, ArtifactResult artifactResult, java.util.List<ChecksumAlgorithmFactory> checksumAlgorithmFactories)
Calculates and records checksums into trusted sources that support writing.private boolean
validateArtifactChecksums(RepositorySystemSession session, ArtifactResult artifactResult, java.util.List<ChecksumAlgorithmFactory> checksumAlgorithmFactories, boolean failIfMissing)
Validates trusted checksums againstArtifactResult
, returnstrue
denoting "valid" checksums orfalse
denoting "invalid" checksums.-
Methods inherited from class org.eclipse.aether.internal.impl.resolution.ArtifactResolverPostProcessorSupport
configPropKey, isEnabled, postProcess
-
-
-
-
Field Detail
-
NAME
public static final java.lang.String NAME
- See Also:
- Constant Field Values
-
CONF_NAME_CHECKSUM_ALGORITHMS
private static final java.lang.String CONF_NAME_CHECKSUM_ALGORITHMS
- See Also:
- Constant Field Values
-
DEFAULT_CHECKSUM_ALGORITHMS
private static final java.lang.String DEFAULT_CHECKSUM_ALGORITHMS
- See Also:
- Constant Field Values
-
CONF_NAME_FAIL_IF_MISSING
private static final java.lang.String CONF_NAME_FAIL_IF_MISSING
- See Also:
- Constant Field Values
-
CONF_NAME_SNAPSHOTS
private static final java.lang.String CONF_NAME_SNAPSHOTS
- See Also:
- Constant Field Values
-
CONF_NAME_RECORD
private static final java.lang.String CONF_NAME_RECORD
- See Also:
- Constant Field Values
-
CHECKSUM_ALGORITHMS_CACHE_KEY
private static final java.lang.String CHECKSUM_ALGORITHMS_CACHE_KEY
-
checksumAlgorithmFactorySelector
private final ChecksumAlgorithmFactorySelector checksumAlgorithmFactorySelector
-
trustedChecksumsSources
private final java.util.Map<java.lang.String,TrustedChecksumsSource> trustedChecksumsSources
-
-
Constructor Detail
-
TrustedChecksumsArtifactResolverPostProcessor
@Inject public TrustedChecksumsArtifactResolverPostProcessor(ChecksumAlgorithmFactorySelector checksumAlgorithmFactorySelector, java.util.Map<java.lang.String,TrustedChecksumsSource> trustedChecksumsSources)
-
-
Method Detail
-
doPostProcess
protected void doPostProcess(RepositorySystemSession session, java.util.List<ArtifactResult> artifactResults)
- Specified by:
doPostProcess
in classArtifactResolverPostProcessorSupport
-
recordArtifactChecksums
private void recordArtifactChecksums(RepositorySystemSession session, ArtifactResult artifactResult, java.util.List<ChecksumAlgorithmFactory> checksumAlgorithmFactories)
Calculates and records checksums into trusted sources that support writing.
-
validateArtifactChecksums
private boolean validateArtifactChecksums(RepositorySystemSession session, ArtifactResult artifactResult, java.util.List<ChecksumAlgorithmFactory> checksumAlgorithmFactories, boolean failIfMissing)
Validates trusted checksums againstArtifactResult
, returnstrue
denoting "valid" checksums orfalse
denoting "invalid" checksums.
-
-