core: Add API (and standard concept for) content checksum

There are a few cases for knowing whether a commit has identical content to another commit. Some people want to do a "promotion workflow", where the content of a commit on a tesitng branch is then "promoted" to a production branch with `ostree commit --tree=ref`. Another use case I just hit in rpm-ostree deals with [jigdo](https://github.com/projectatomic/rpm-ostree/issues/1081) where we're importing RPMs on both the client and server, and will be using the content checksum, since the client/server cases inject different metadata into the commit object. Closes: https://github.com/ostreedev/ostree/issues/1315 Closes: #1449 Approved by: jlebon
2018-02-08 16:33:18 -05:00 · 2018-02-08 16:33:18 -05:00 · 0041a7a1ed
parent 5848de93a4
commit 0041a7a1ed
6 changed files with 63 additions and 1 deletions
--- a/apidoc/ostree-sections.txt
+++ b/apidoc/ostree-sections.txt
@ -149,6 +149,7 @@ ostree_validate_structureof_dirtree
 ostree_validate_structureof_dirmeta
 ostree_commit_get_parent
 ostree_commit_get_timestamp
 ostree_commit_get_content_checksum
 ostree_check_version
 </SECTION>
--- a/src/libostree/libostree-devel.sym
+++ b/src/libostree/libostree-devel.sym
@ -19,6 +19,7 @@
 /* Add new symbols here.  Release commits should copy this section into -released.sym. */
 LIBOSTREE_2018.2 {
  ostree_commit_get_content_checksum;
 } LIBOSTREE_2018.1;
 /* Stub section for the stable release *after* this development one; don't
--- a/src/libostree/ostree-core.c
+++ b/src/libostree/ostree-core.c
@ -2371,6 +2371,51 @@ ostree_commit_get_timestamp (GVariant  *commit_variant)
  return GUINT64_FROM_BE (ret);
 }
 /**
 * ostree_commit_get_content_checksum:
 * @commit_variant: A commit object
 *
 * There are use cases where one wants a checksum just of the content of a
 * commit. OSTree commits by default capture the current timestamp, and may have
 * additional metadata, which means that re-committing identical content
 * often results in a new checksum.
 *
 * By comparing checksums of content, it's possible to easily distinguish
 * cases where nothing actually changed.
 *
 * The content checksums is simply defined as `SHA256(root dirtree_checksum || root_dirmeta_checksum)`,
 * i.e. the SHA-256 of the root "dirtree" object's checksum concatenated with the
 * root "dirmeta" checksum (both in binary form, not hexadecimal).
 *
 * Returns: (nullable): A SHA-256 hex string, or %NULL if @commit_variant is not well-formed
 */
 gchar *
 ostree_commit_get_content_checksum (GVariant *commit_variant)
 {
  g_auto(OtChecksum) checksum = { 0, };
  ot_checksum_init (&checksum);
  g_autoptr(GVariant) tree_contents_csum = NULL;
  g_autoptr(GVariant) tree_meta_csum = NULL;
  g_variant_get_child (commit_variant, 6, "@ay", &tree_contents_csum);
  g_variant_get_child (commit_variant, 7, "@ay", &tree_meta_csum);
  const guchar *bytes;
  bytes = ostree_checksum_bytes_peek_validate (tree_contents_csum, NULL);
  if (!bytes)
    return NULL;
  ot_checksum_update (&checksum, bytes, OSTREE_SHA256_DIGEST_LEN);
  bytes = ostree_checksum_bytes_peek_validate (tree_meta_csum, NULL);
  if (!bytes)
    return NULL;
  ot_checksum_update (&checksum, bytes, OSTREE_SHA256_DIGEST_LEN);
  char hexdigest[OSTREE_SHA256_STRING_LEN+1];
  ot_checksum_get_hexdigest (&checksum, hexdigest, sizeof (hexdigest));
  return g_strdup (hexdigest);
 }
 /* Used in pull/deploy to validate we're not being downgraded */
 gboolean
 _ostree_compare_timestamps (const char   *current_rev,
--- a/src/libostree/ostree-core.h
+++ b/src/libostree/ostree-core.h
@ -520,6 +520,9 @@ gchar *  ostree_commit_get_parent            (GVariant  *commit_variant);
 _OSTREE_PUBLIC
 guint64  ostree_commit_get_timestamp         (GVariant  *commit_variant);
 _OSTREE_PUBLIC
 gchar *  ostree_commit_get_content_checksum  (GVariant  *commit_variant);
 _OSTREE_PUBLIC
 gboolean ostree_check_version (guint required_year, guint required_release);
--- a/src/ostree/ot-dump.c
+++ b/src/ostree/ot-dump.c
@ -126,6 +126,8 @@ dump_commit (GVariant            *variant,
  str = format_timestamp (timestamp, &local_error);
  if (!str)
    errx (1, "Failed to read commit: %s", local_error->message);
  g_autofree char *contents = ostree_commit_get_content_checksum (variant) ?: "<invalid commit>";
  g_print ("ContentChecksum:  %s\n", contents);
  g_print ("Date:  %s\n", str);
  if ((version = ot_admin_checksum_version (variant)))
--- a/tests/basic-test.sh
+++ b/tests/basic-test.sh
@ -21,7 +21,7 @@
 set -euo pipefail
-echo "1..$((81 + ${extra_basic_tests:-0}))"
+echo "1..$((82 + ${extra_basic_tests:-0}))"
 CHECKOUT_U_ARG=""
 CHECKOUT_H_ARGS="-H"
@ -755,6 +755,16 @@ assert_file_has_content show-output "Third commit"
 assert_file_has_content show-output "commit $checksum"
 echo "ok show full output"
 grep -E -e '^ContentChecksum' show-output > previous-content-checksum.txt
 cd $test_tmpdir/checkout-test2
 checksum=$($OSTREE commit ${COMMIT_ARGS} -b test4 -s "Another commit with different subject")
 cd ${test_tmpdir}
 $OSTREE show test4 | grep -E -e '^ContentChecksum' > new-content-checksum.txt
 if ! diff -u previous-content-checksum.txt new-content-checksum.txt; then
    fatal "content checksum differs"
 fi
 echo "ok content checksum"
 cd $test_tmpdir/checkout-test2
 checksum1=$($OSTREE commit ${COMMIT_ARGS} -b test5 -s "First commit")
 checksum2=$($OSTREE commit ${COMMIT_ARGS} -b test5 -s "Second commit")