sous-chefs / jenkins

Development repository for the jenkins cookbook
https://supermarket.chef.io/cookbooks/jenkins
Apache License 2.0
424 stars 635 forks source link

Allow optional checksum property for plugin install from url #695

Closed clementboone closed 5 years ago

clementboone commented 6 years ago

Description

Add an optional checksum attribute to the plugins installer that will be passed to the Chef::Resource::RemoteFile when installing a plugin form url.

Issues Resolved

We can now specify a checksum in addition to the source url when installing plugins from url. This will enforce the authenticity and trustfulness of the linked source hpi (or jpi) file by preventing spoofing, malicious activity, broken download, and so on. Also prevent the chef-client from re-downloading the hpi (or jpi) file if already present on the node. (see https://docs.chef.io/resource_remote_file.html#prevent-re-downloads)

Check List

tas50 commented 5 years ago

@clementboone if you can rebase this against the new changes to this resource I'd gladly get it merged in.

tas50 commented 5 years ago

I'm closing this out at this point since we never heard back from the author.