Checksums are already generated and Maven central already have checksums
for all files:
and the website as well at
some point.
On 27 January 2017 at 02:04, Bruno Oliveira <bruno(a)abstractj.org> wrote:
Ahoy, for the quickstarts we have to provide a wrapper, which will
be
responsible to download a specific version of Keycloak and other
tasks[1].
For this wrapper we have some scenarios:
Scenario #1: User execute the script and manage to download Keycloak
Scenario #2: User execute the script and download is interrupted. Which
means that next time the script will resume that download
Scenario #3: User already downloaded Keycloak and of course she does not
want to do it again.
For scenario 3, I was thinking about generate a SHA1[2] file for each
Keycloak distribution to check the integrity of that file, not only for
security, but for consistency. If we just check if file exists, thinking
about scenario 2 and 3, we can't tell if that file was corrupted or not.
Thoughts?
[1] -
https://issues.jboss.org/browse/KEYCLOAK-4321
[2] -
http://maven.apache.org/plugins/maven-install-plugin/
examples/installing-checksums.html
--
abstractj
_______________________________________________
keycloak-dev mailing list
keycloak-dev(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-dev