Feature #2657
Fetch binary dependencies from SHA1SUM
Status: | CLOSED | Start date: | ||
---|---|---|---|---|
Priority: | Normal | Due date: | ||
Assignee: | - | % Done: | 100% | |
Category: | nethserver-devbox | |||
Target version: | v6.5 | |||
Resolution: | REJECTED | NEEDINFO: | No |
Description
External binary dependencies must be fetched from a centralized repository. It's not safe nor secure fetching dependencies from other places.
When building the source RPM package, if a SHA1SUM file is present at the SCM root, it must be used to query the binary repo and download the required contents.
Related issues
History
#1 Updated by Davide Principi over 7 years ago
A config
parameter, say BINREPO
could provide the base repository URL:
BINREPO=http://someaddress/path/
or, for local filesystem
BINREPO=/some/absolute_path
The full binary URL is obtained by appending SHA1SUM and file name
${BINREPO}/${SHA1SUM}/${FILENAME}
#2 Updated by Davide Principi over 7 years ago
- Target version set to ~FUTURE
#3 Updated by Davide Principi about 7 years ago
- Related to Enhancement #2812: Build from plain .spec file enhanced added
#4 Updated by Davide Principi about 7 years ago
- Related to Feature #1646: Build RPMs from plain .spec file added
#5 Updated by Davide Principi about 7 years ago
- Status changed from NEW to CLOSED
- Target version changed from ~FUTURE to v6.5
- % Done changed from 0 to 100
- Resolution set to REJECTED
A better support for SHA1SUM checks will be developed in #2812.
Update developer's documentation to follow Fedora "Referencing Source" guidelines:
http://fedoraproject.org/wiki/Packaging:SourceURL
Use spectool
command to fetch external sources manually.