We run a couple of recipes that use ChecksumVerifier to monitor changes in vendor scripts. @foigus' ColourNavigator7 and ShareFile (in our repo that plagiarises Patricks good work)
When the recipes are run with VirusTotalAnalyzer as a post processor the recipes fail, this is because ChecksumVerifier has overwritten the pathname variable with the path of the postinstall script, at the end of the run VirusTotalAnalyzer wants to upload the postinstall script, but can't as like all well written recipes should, it tidies up after itself and deletes the file. This results in a message like this
io.github.hjuutilainen.VirusTotalAnalyzer/VirusTotalAnalyzer
{'Input': {'VIRUSTOTAL_ALWAYS_REPORT': False,
'VIRUSTOTAL_AUTO_SUBMIT': True,
'pathname': '/Users/sadmin/Library/AutoPkg/Cache/local.definition.ColorNavigator7/unpack/ColorNavigator_7.pkg/Scripts/postinstall'}}
VirusTotalAnalyzer: No value supplied for CURL_PATH, setting default value of: /usr/bin/curl
VirusTotalAnalyzer: Calculating checksum for /Users/sadmin/Library/AutoPkg/Cache/local.definition.ColorNavigator7/unpack/ColorNavigator_7.pkg/Scripts/postinstall
[Errno 2] No such file or directory: '/Users/sadmin/Library/AutoPkg/Cache/local.definition.ColorNavigator7/unpack/ColorNavigator_7.pkg/Scripts/postinstall'
Failed.
Receipt written to /Users/sadmin/Library/AutoPkg/Cache/local.definition.ColorNavigator7/receipts/local.definition-receipt-20230928-131811.plist
The following recipes failed:
local.definition.ColorNavigator7
Error in local.definition.ColorNavigator7: Processor: io.github.hjuutilainen.VirusTotalAnalyzer/VirusTotalAnalyzer: Error: [Errno 2] No such file or directory: '/Users/sadmin/Library/AutoPkg/Cache/local.definition.ColorNavigator7/unpack/ColorNavigator_7.pkg/Scripts/postinstall'
Not sure how you want to handle this, but after chatting it though with @macmule one option would be to change pathname to MD5pathname (or another name that makes sense) in the ChecksumVerifier processor.
This might be worth a separate issue on the VirusTotalAnalyzer repo, but it's possible that other processors/steps could overwrite the pathname variable resulting in VTA uploading an incorrect file. Maybe this could be fixed by looking in %RECIPE_CACHE_DIR%/downloads? Or having the upload path as a user set variable? Happy to raise an issue there if you want me to?
HI, @hjuutilainen
Wasn't quite sure on where to raise this as the issue we've discovered relates to both ChecksumVerifier.py and VirusTotalAnalyzer
We run a couple of recipes that use
ChecksumVerifierto monitor changes in vendor scripts. @foigus'ColourNavigator7andShareFile(in our repo that plagiarises Patricks good work)When the recipes are run with
VirusTotalAnalyzeras a post processor the recipes fail, this is becauseChecksumVerifierhas overwritten thepathnamevariable with the path of the postinstall script, at the end of the runVirusTotalAnalyzerwants to upload the postinstall script, but can't as like all well written recipes should, it tidies up after itself and deletes the file. This results in a message like thisNot sure how you want to handle this, but after chatting it though with @macmule one option would be to change
pathnametoMD5pathname(or another name that makes sense) in theChecksumVerifierprocessor.This might be worth a separate issue on the
VirusTotalAnalyzerrepo, but it's possible that other processors/steps could overwrite the pathname variable resulting in VTA uploading an incorrect file. Maybe this could be fixed by looking in%RECIPE_CACHE_DIR%/downloads? Or having the upload path as a user set variable? Happy to raise an issue there if you want me to?Thanks!