sureshanaparti commented on code in PR #11656:
URL: https://github.com/apache/cloudstack/pull/11656#discussion_r2521717417
##########
client/bindir/cloud-setup-management.in:
##########
@@ -36,6 +36,106 @@ from cloudutils.cloudException import
CloudRuntimeException, CloudInternalExcept
from cloudutils.globalEnv import globalEnv
from cloudutils.serviceConfigServer import cloudManagementConfig
from optparse import OptionParser
+import urllib.request
+import configparser
+import hashlib
+
+SYSTEMVM_TEMPLATES_PATH = "/usr/share/cloudstack-management/templates/systemvm"
+SYSTEMVM_TEMPLATES_METADATA_FILE = SYSTEMVM_TEMPLATES_PATH + "/metadata.ini"
+
+def verify_sha512_checksum(file_path, expected_checksum):
+ sha512 = hashlib.sha512()
+ try:
+ with open(file_path, "rb") as f:
+ for chunk in iter(lambda: f.read(8192), b""):
+ sha512.update(chunk)
+ return sha512.hexdigest().lower() == expected_checksum.lower()
+ except Exception as e:
+ print(f"Failed to verify checksum for {file_path}: {e}")
+ return False
+
+def download_file(url, dest_path, chunk_size=8 * 1024 * 1024):
+ """
+ Downloads a file from the given URL to the specified destination path in
chunks.
+ """
+ try:
+ with urllib.request.urlopen(url) as response:
+ total_size = response.length if response.length else None
+ downloaded = 0
+ try:
+ with open(dest_path, 'wb') as out_file:
+ while True:
+ chunk = response.read(chunk_size)
+ if not chunk:
+ break
+ out_file.write(chunk)
+ downloaded += len(chunk)
+ if total_size:
+ print(f"Downloaded {downloaded / (1024 *
1024):.2f}MB of {total_size / (1024 * 1024):.2f}MB", end='\r')
+ except PermissionError as pe:
+ print(f"Permission denied: {dest_path}")
+ raise
+ print(f"\nDownloaded file from {url} to {dest_path}")
+ except Exception as e:
+ print(f"Failed to download file: {e}")
+ raise
+
+def download_template_if_needed(template, url, filename, checksum):
+ dest_path = os.path.join(SYSTEMVM_TEMPLATES_PATH, filename)
+ if os.path.exists(dest_path):
+ if checksum and verify_sha512_checksum(dest_path, checksum):
+ print(f"{template} System VM template already exists at
{dest_path} with valid checksum, skipping download.")
+ return
+ else:
+ print(f"{template} System VM template at {dest_path} has invalid
or missing checksum, re-downloading...")
+ else:
+ print(f"Downloading {template} System VM template from {url} to
{dest_path}...")
+ try:
+ download_file(url, dest_path)
+ #After download, verify checksum if provided
+ if checksum:
+ if verify_sha512_checksum(dest_path, checksum):
+ print(f"{template} System VM template downloaded and verified
successfully.")
+ else:
+ print(f"ERROR: Checksum verification failed for {template}
System VM template after download.")
Review Comment:
is it good to remove the template if checksum verification failed, and
prompt to provide a valid one?
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
