Login/Register
How to get a sha256 hash code for a github repo?
Asked Answered
pythonanacondacondasha256
M

3

8

I am trying to build a condo package for a git hub repo which requires a "sha256" hash code how I can I obtained sha256 for a git repo example. https://github.com/jensengroup/fragbuilder

example is here: 

source:
  url: https://files.pythonhosted.org/packages/38/7c/be04cb1010161c5f32a0a3d7f79af492e98d0487814d8d1bd35ca257a41a/{{ name }}-{{ version }}.zip
  sha256: "bbd9fd380826c6cef78871f62b3fb8cf4a466fa99a32e61ea9ba839dc1833e5d"

this sha256 generated by the conda skeleton how I can get his for a git repo.

Mesopause answered 20/4, 2020 at 21:31 Comment(9)
Are you talking about a commit hash? That's the long hexadecimal string you find on every commit.Portiaportico
@KlausD. I have updated the question I am not very sure if it belongs to a commit.Mesopause
Obviously you need the SHA256 hash of that ZIP file. And BTW it does not make sense to parameterize the URL with name and version and have a fixed hash at the same time.Portiaportico
SO my question is that How we can generate that checksum Sha256Mesopause
Download the ZIP file and run sha256sum … on it.Portiaportico
I already tried this but when I am using the generated hash sha256 in conda build its showing an error miss-match of sha256Mesopause
Then please put what you have tried into the question, including the exact commands you used and the exact output.Stroman
Please include all relevant information on the post itself, and clarify your question. See How to Ask, help center.Hankhanke
The question is basically asking if/where GitHub posts the sha- hash like so many other source download websites do. Anyone could download it and get the hash manually, but then that downloaded-made sha hash itself would be in question. Where does GitHub itself actually give us the hash to know if we got it correctly? Or, is that something the vendors need to post manually themselves like Ampache does?Stover
M
16

I solve the problem I am posting here what I have tried so that if anyone experiences the same problem can get help from here.

Rather zip file I downloaded the tar.gz source file from the release section of github repo. 

fragbuilder-1.0.1.tar.gz

the command generates a stable sha256

shasum -a 256 fragbuilder-1.0.1.tar.gz

sha256 hash

sha256: edc718e09a72ae0ba2cc99d54a406d6034f71b572a19f85c408a22c5d63f117b

That can be used to meta.yaml to build a package.

Mesopause answered 21/4, 2020 at 1:26 Comment(0)
F
2

If you would like to generate the sha256 automatically for any release published for a github repo you can use a very simple Github Action to do that. Here is an example I am using for one of my projects as I need the sha256 to publish to homebrew:

# release.yml - Automatic creation of sha256 for release tarball

name: goprox release action
run-name: ${{ github.actor }} is publishing release ${{ github.ref_name }}
on:
  release:
    types: [published]
jobs:
  sha256:
    name: sha256
    runs-on: ubuntu-latest
    steps:
      - name: Tarball url
        run: echo "${{ github.server_url }}/${{ github.repository }}/archive/refs/tags/${{ github.ref_name }}.tar.gz"
      - name: Create tarball sha256 
        run: curl -sL "${{ github.server_url }}/${{ github.repository }}/archive/refs/tags/${{ github.ref_name }}.tar.gz" | shasum -a 256 | cut -d " " -f 1
Frausto answered 25/10, 2022 at 5:20 Comment(0)
B
0

I recently got the problem using gitea, here an example :

commit 148ebfe7d86cb0d6c5d23fda129956d3cd13d046 (HEAD, tag: v0.0.0, origin/main, origin/HEAD, main)
Author: kindcarebear <>
Date:   Mon Jul 1 12:42:21 2024 +0000
    
    Initial commit

The commit code 148ebfe7d86cb0d6c5d23fda129956d3cd13d046 is sha-1 and you have to translate it to sha-256.

echo sha256-$(echo -n <insert-your-sha1-code> | xxd -r -p | openssl dgst -sha256 -binary | openssl base64)

Here you get the sha256 hash code !

qwIJ5WGV64AovJ1A5loJknSSLzkJsO6vZGqNEpM7iCU=

You can eventually prefix it with sha256-

sha256-qwIJ5WGV64AovJ1A5loJknSSLzkJsO6vZGqNEpM7iCU=
Beguine answered 19/8 at 15:57 Comment(0)

© 2022 - 2024 — McMap. All rights reserved.