diff --git a/.gitea/workflows/base-build.yml b/.gitea/workflows/base-build.yml index a5c1277..fc2cba1 100644 --- a/.gitea/workflows/base-build.yml +++ b/.gitea/workflows/base-build.yml @@ -401,14 +401,14 @@ jobs: GIT_CREDENTIAL="${{ secrets.GIT_TOKEN || secrets.GIT_PASSWORD }}" git clone --depth=1 "https://${{ env.GIT_USERNAME }}:${GIT_CREDENTIAL}@gitea.fithwum.tech/fithwum/debian-base.git" upload-repo - - name: Copy sha256sums.txt - run: | - if [[ -f upload-repo/sha256sums.txt ]]; then - cp upload-repo/sha256sums.txt buildinfo/ - else - echo "[ERROR] sha256sums.txt missing in upload-repo!" - exit 1 - fi + # - name: Copy sha256sums.txt + # run: | + # if [[ -f upload-repo/sha256sums.txt ]]; then + # cp upload-repo/sha256sums.txt buildinfo/ + # else + # echo "[ERROR] sha256sums.txt missing in upload-repo!" + # exit 1 + # fi - name: Generate build-info.json files run: | @@ -449,13 +449,30 @@ jobs: # Load SHA256 from file if available TARBALL_NAME="debian-$version.tar.bz2" - SHA256_LINE=$(grep -F "$TARBALL_NAME" sha256sums.txt || true) - if [[ -z "$SHA256_LINE" ]]; then - echo "[WARN] SHA256 for $TARBALL_NAME not found!" - SHA256="unknown" - else + TARBALL_PATH="../upload-repo/$version/$TARBALL_NAME" + SHA_FILE="../upload-repo/$version/sha256sums.txt" + + SHA256="unknown" + + if [[ -f "$TARBALL_PATH" ]]; then + echo "[INFO] Found tarball for $version: $TARBALL_NAME" + + if [[ ! -f "$SHA_FILE" ]]; then + echo "[ERROR] sha256sums.txt missing for $version but tarball exists" + exit 1 + fi + + SHA256_LINE=$(grep -F "$TARBALL_NAME" "$SHA_FILE" || true) + + if [[ -z "$SHA256_LINE" ]]; then + echo "[ERROR] SHA256 entry missing for $TARBALL_NAME in $SHA_FILE" + exit 1 + fi + SHA256=$(echo "$SHA256_LINE" | awk '{print $1}') echo "[INFO] SHA256 for $TARBALL_NAME: $SHA256" + else + echo "[INFO] No tarball for $version — skipping SHA256 enforcement" fi jq -n \