Add an optional checksum attribute to the plugins installer that will be passed to the Chef::Resource::RemoteFile when installing a plugin form url.
Issues Resolved
We can now specify a checksum in addition to the source url when installing plugins from url.
This will enforce the authenticity and trustfulness of the linked source hpi (or jpi) file by preventing spoofing, malicious activity, broken download, and so on.
Also prevent the chef-client from re-downloading the hpi (or jpi) file if already present on the node. (see https://docs.chef.io/resource_remote_file.html#prevent-re-downloads)
Description
Add an optional checksum attribute to the plugins installer that will be passed to the Chef::Resource::RemoteFile when installing a plugin form url.
Issues Resolved
We can now specify a checksum in addition to the source url when installing plugins from url. This will enforce the authenticity and trustfulness of the linked source hpi (or jpi) file by preventing spoofing, malicious activity, broken download, and so on. Also prevent the chef-client from re-downloading the hpi (or jpi) file if already present on the node. (see https://docs.chef.io/resource_remote_file.html#prevent-re-downloads)
Check List