gtristan commented on code in PR #1997:
URL: https://github.com/apache/buildstream/pull/1997#discussion_r1995801257
##########
src/buildstream/downloadablefilesource.py:
##########
@@ -270,6 +270,13 @@ def fetch(self): # pylint: disable=arguments-differ
"File downloaded from {} has sha256sum '{}', not
'{}'!".format(self.url, sha256, self.ref)
)
+ def collect_source_info(self):
+ #
+ # XXX remote sources are not necessarily archives, perhaps we should
+ # allow downloadablefilesource imlementations to choose the
SourceInfoMedium
+ #
+ return [SourceInfo(self.url, SourceInfoMedium.ARCHIVE,
SourceVersionType.SHA256, self.ref)]
Review Comment:
So the `ref` for a `DownloadableFileSource`, if not overridden, is the
checksum of the downloaded archive (or "file"), so it is correct for
`SourceVersionType.SHA256`.
The `self.url` is a fully qualified URL, my intention here, ideally, would
be to guarantee that it is the original fully qualified URL after the initial
project aliasing, and guarantee that no mirrors are involved.
The only time that a `self.url` would **not** be the original qualified URL
of where the source *originally came from*, is if
`Source.collect_source_info()` were to be called by the plugin inside
`Source.fetch()` or `Source.track()`, possibly we can make this illegal with an
assertion.
I would further like to protect against any *"original URL"* mangling would
could result from junctioning and alias mappings, but I'm pretty sure that the
alias mapping feature used for mirror plugins does not affect what the original
upstream URLs would be.
If the project(s) are written in such a way to not ever write down the real
provenance of upstream sources, of course we would get those URLs.
Does this make sense ?
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
