Reputation: 13135
Fix checksum in Artifactory when uploading file through REST API
I'm using the code below to upload a file through Artifactory's REST API. My problem is that when I view the file through the GUI I get this message:
Client did not publish a checksum value. If you trust the uploaded artifact you can accept the actual checksum by clicking the 'Fix Checksum' button.
How do I fix the upload so that this message disappears?
If I upload the file through the GUI I'm not supplying checksum values so why do I have to do it when I use the API? Is there an extra function I can call when using the API to fix the checksums?
I also saw this setting: https://www.jfrog.com/confluence/display/RTF20/Handling+Checksums Could this have anything to do with my problem?
string inFilePath = @"C:\temp\file.ext";
string inUrl = @"domain.com/repoKey/";
string username = "username";
string apiKey = "apikey";
using (HttpClient client = new HttpClient())
{
client.DefaultRequestHeaders.Authorization =
new AuthenticationHeaderValue("Basic", Convert.ToBase64String(Encoding.ASCII.GetBytes(username+":"+apiKey)));
using (var stream = File.OpenRead(inFilePath))
{
var response = client.PutAsync(inUrl + stream.Name, new StreamContent(stream));
using (HttpContent content = response.Result.Content)
{
string data = content.ReadAsStringAsync().Result;
}
}
}
Updates
There are three types of checksums and two sets of checksum groups.
"checksums" : {
"sha1" : "94332c090bdcdd87bd86426c224bcc7dc1c5f784",
"md5" : "dcada413214a5bd7164c6961863f5111",
"sha256" : "049c671f48e94c1ad25500f64e4879312cae70f489edc21313334b3f77b631e6"
},
"originalChecksums" : {
"sha1" : "94332c090bdcdd87bd86426c224bcc7dc1c5f784",
"md5" : "dcada413214a5bd7164c6961863f5111"
}
checksums - are calculated by Artifactory
originalChecksums - are the ones supplied by the uploader
When I use the API the originalChecksums group is empty which I think renders the message above.
Upvotes: 15
Views: 14880
Answers (3)
Reputation: 46
I was able to just use the sha1 header and artifactory stopped complaining, here's a bash snippet as example:
CHECKSUM=sha1sum some.rpm | awk '{ print $1 }'
curl -k -umy_user:my_pass -H "X-Checksum-Sha1:$CHECKSUM" -XPUT https://cudgels_are_cool.com/artifactory/some_repo -T some.rpm
Upvotes: 0
Reputation: 2862
@Arnaud Jeansen's answer is good and true. I thought I would share my bash/curl script for deploying with checksums to provide additional details.
This is current as of Artifactory 6.2, and the date of this writing.
# assume test2.zip is the file to upload in current directory
# calculate checksums
sha256=$(openssl dgst -sha256 test2.zip|sed 's/^SHA256.*= //')
sha1=$(openssl dgst -sha1 test2.zip|sed 's/^SHA.*= //')
# upload to Artifactory
curl -u"${ARTIFACTORY_USER}:${ARTIFACTORY_PASSWORD}" \
-sS -T test2.zip \
-H "X-Checksum-Sha256:${sha256}" -H "X-Checksum-Sha1:${sha1}" \
"http://${ARTIFACTORY_HOST}:8081/artifactory/REPO/path/test2.zip" \
> response
jq '.' < response
echo ''
The resultant artifact does not display the warning about checksums in the UI.
Upvotes: 15
Reputation: 1726
I am hitting the same issue using the artifactory-client-java library :-(
So after some digging, it appears that you need to:
- calculate the checksums on the client side (sha1)
- provide each checksum as a HTTP header on the PUT request
For your C# example, the correct solution is to add a header "X-Checksum-Sha1" with the calculated checksum. As explained in the link documentation, a simple curl example is
curl -uadmin:password -T file.jar -H "X-Checksum-Sha1:c9a355147857198da3bdb3f24c4e90bd98a61e8b""http://localhost:8081/artifactory/libs-release-local/file.jar" -i
For artifactory-client-java users, the easy fix is to add to the documented upload example:
java.io.File file = new java.io.File("fileToUpload.txt");
File result = artifactory.repository("RepoName").upload("path/to/newName.txt", file).doUpload();
an additional intermediary call: bySha1Checksum():
java.io.File file = new java.io.File("fileToUpload.txt");
File result = artifactory.repository("RepoName").upload("path/to/newName.txt", file).bySha1Checksum().doUpload();
Upvotes: 15
Related Questions
- Artifactory upload with checksum
- FIX CHECKSUM error on uploading artifact to artifactory
- 409 response when uploading to artifactory using X-Checksum-Sha1 header with Apache's HTTP client in Java
- Dumping the stored checksum of a file in Artifactory using jfrog CLI
- Maven "checksum validation failed, expected xxx but is yyy for" on upload from Jenkins to Artifactory
- Get Artifactory stored file checksum via BASH
- Artifactory ignores checksum uploads on maven-metadata.xml files
- artifactory upload with checksum using powershell
- checksum vs originalChecksums in artifactory API response
- Upload to Artifactory using Java client