Fix checksum parsing for Cirros and Rocky Linux

For Rocky Linux, the checksum file format differs from Ubuntu. The current awk expression failed to extract the correct checksum and would instead output SHA256. This caused checksum validation to fail. A similar issue exists for CirrOS which uses the MD5 algorithm. Changes the logic to first extract the line with the corresponding image name and then searches for a string that looks like a checksum within that line. Closes-Bug: #2081031 Change-Id: Id426db0ad418898a2ebe9f2b5001945520dc6b1d
2024-09-18 10:59:22 +01:00 · 2024-09-18 10:59:22 +01:00 · 7446da03e8
commit 7446da03e8
parent a453e2cfe2
2 changed files with 11 additions and 1 deletions
--- a/playbooks/roles/bifrost-ironic-install/tasks/download_deployment_image.yml
+++ b/playbooks/roles/bifrost-ironic-install/tasks/download_deployment_image.yml
@ -27,7 +27,11 @@
        mode: "0644"

 - name: "Extract deployment image checksum"
-  command: awk '/{{ deploy_image_upstream_url | basename }}|^[a-z0-9]+$/{print $1}' {{ http_boot_folder }}/{{ deploy_image_filename }}-checksum.CHECKSUMS
+  shell:
+    cmd: |
+      set -o pipefail
+      grep "{{ deploy_image_upstream_url | basename }}" {{ http_boot_folder }}/{{ deploy_image_filename }}-checksum.CHECKSUMS | grep -owE "[[:xdigit:]]{32,64}"
+    executable: /bin/bash
  register: parsed_deployment_image_checksum
  failed_when: parsed_deployment_image_checksum is failed
               or not parsed_deployment_image_checksum.stdout
--- a/releasenotes/notes/fixes-checksum-parsing-82c04ff1bb575c51.yaml
+++ b/releasenotes/notes/fixes-checksum-parsing-82c04ff1bb575c51.yaml
@ -0,0 +1,6 @@
+---
+fixes:
+  - |
+    Fixes an issue with checksum verification when setting
+    ``upstream_deploy_image_distribution`` to ``rocky`` or
+    ``cirros``.