albertvaka/verify-gradle-wrapper.sh

## verify-gradle-wrapper.sh
#!/bin/bash
set -euo pipefail

# Verifies gradle/wrapper/gradle-wrapper.jar by comparing it with the jar
# from the official Gradle distribution referenced in gradle-wrapper.properties.

wrapper_jar_path="gradle/wrapper/gradle-wrapper.jar"
wrapper_props_path="gradle/wrapper/gradle-wrapper.properties"

if [[ ! -f "$wrapper_jar_path" ]]; then
  echo "Missing $wrapper_jar_path" >&2
  exit 1
fi

if [[ ! -f "$wrapper_props_path" ]]; then
  echo "Missing $wrapper_props_path" >&2
  exit 1
fi

distribution_url="$(awk -F= '/^distributionUrl=/{print $2}' "$wrapper_props_path" | tr -d '\r' | sed 's/\\:/:/g')"
if [[ -z "$distribution_url" ]]; then
  echo "Could not find distributionUrl in $wrapper_props_path" >&2
  exit 1
fi

if ! command -v curl >/dev/null 2>&1; then
  echo "curl is required" >&2
  exit 1
fi

hash_file() {
  local file="$1"
  if command -v sha256sum >/dev/null 2>&1; then
    sha256sum "$file" | awk '{print $1}'
  else
    shasum -a 256 "$file" | awk '{print $1}'
  fi
}

tmp_dir="$(mktemp -d)"
cleanup() { rm -rf "$tmp_dir"; }
trap cleanup EXIT

wrapper_url="${distribution_url/-bin.zip/-wrapper.jar}"
wrapper_url="${wrapper_url/-all.zip/-wrapper.jar}"
wrapper_sha="$tmp_dir/gradle-wrapper.sha256"

#echo "Downloading official wrapper checksum: ${wrapper_url}.sha256"
if curl -fsSL "${wrapper_url}.sha256" -o "$wrapper_sha"; then
  official_hash="$(awk '{print $1}' "$wrapper_sha")"
else
  echo "Missing official wrapper checksum at ${wrapper_url}.sha256" >&2
  exit 1
fi
local_hash="$(hash_file "$wrapper_jar_path")"

if [[ "$official_hash" == "$local_hash" ]]; then
  echo "OK: $wrapper_jar_path matches official gradle-wrapper.jar"
else
  echo "Mismatch: $wrapper_jar_path does not match official gradle-wrapper.jar" >&2
  echo "Expected: $official_hash" >&2
  echo "Actual:   $local_hash" >&2
  exit 1
fi
	#!/bin/bash
	set -euo pipefail

	# Verifies gradle/wrapper/gradle-wrapper.jar by comparing it with the jar
	# from the official Gradle distribution referenced in gradle-wrapper.properties.

	wrapper_jar_path="gradle/wrapper/gradle-wrapper.jar"
	wrapper_props_path="gradle/wrapper/gradle-wrapper.properties"

	if [[ ! -f "$wrapper_jar_path" ]]; then
	echo "Missing $wrapper_jar_path" >&2
	exit 1
	fi

	if [[ ! -f "$wrapper_props_path" ]]; then
	echo "Missing $wrapper_props_path" >&2
	exit 1
	fi

	distribution_url="$(awk -F= '/^distributionUrl=/{print $2}' "$wrapper_props_path" \| tr -d '\r' \| sed 's/\\:/:/g')"
	if [[ -z "$distribution_url" ]]; then
	echo "Could not find distributionUrl in $wrapper_props_path" >&2
	exit 1
	fi

	if ! command -v curl >/dev/null 2>&1; then
	echo "curl is required" >&2
	exit 1
	fi

	hash_file() {
	local file="$1"
	if command -v sha256sum >/dev/null 2>&1; then
	sha256sum "$file" \| awk '{print $1}'
	else
	shasum -a 256 "$file" \| awk '{print $1}'
	fi
	}

	tmp_dir="$(mktemp -d)"
	cleanup() { rm -rf "$tmp_dir"; }
	trap cleanup EXIT

	wrapper_url="${distribution_url/-bin.zip/-wrapper.jar}"
	wrapper_url="${wrapper_url/-all.zip/-wrapper.jar}"
	wrapper_sha="$tmp_dir/gradle-wrapper.sha256"

	#echo "Downloading official wrapper checksum: ${wrapper_url}.sha256"
	if curl -fsSL "${wrapper_url}.sha256" -o "$wrapper_sha"; then
	official_hash="$(awk '{print $1}' "$wrapper_sha")"
	else
	echo "Missing official wrapper checksum at ${wrapper_url}.sha256" >&2
	exit 1
	fi
	local_hash="$(hash_file "$wrapper_jar_path")"

	if [[ "$official_hash" == "$local_hash" ]]; then
	echo "OK: $wrapper_jar_path matches official gradle-wrapper.jar"
	else
	echo "Mismatch: $wrapper_jar_path does not match official gradle-wrapper.jar" >&2
	echo "Expected: $official_hash" >&2
	echo "Actual: $local_hash" >&2
	exit 1
	fi
No results found