FAQ
I'm fetching build artifacts from our build system and don't know the hash
in advance.

salt file.managed seems to require hash when fetching from http urls.

i could just shell out and run curl or wget but it'd be nice to keep it
simple.


--
You received this message because you are subscribed to the Google Groups "Salt-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to salt-users+unsubscribe@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Search Discussions

  • Ethan Erchinger at Aug 14, 2014 at 2:16 am
    Can the artifact system not provide a source hash file?
    On Wednesday, August 13, 2014 8:06:15 AM UTC-7, dmar...@zulily.com wrote:


    I'm fetching build artifacts from our build system and don't know the hash
    in advance.

    salt file.managed seems to require hash when fetching from http urls.

    i could just shell out and run curl or wget but it'd be nice to keep it
    simple.

    --
    You received this message because you are subscribed to the Google Groups "Salt-users" group.
    To unsubscribe from this group and stop receiving emails from it, send an email to salt-users+unsubscribe@googlegroups.com.
    For more options, visit https://groups.google.com/d/optout.
  • Colton Myers at Sep 4, 2014 at 10:56 pm
    Should we add an argument to bypass the hash requirement? There are some
    situations where I could see someone not caring about the security
    implications, as the file in question is not critical. I'll have to think
    about this.

    --
    Colton Myers

    On Wed, Aug 13, 2014 at 8:16 PM, Ethan Erchinger wrote:

    Can the artifact system not provide a source hash file?

    On Wednesday, August 13, 2014 8:06:15 AM UTC-7, dmar...@zulily.com wrote:


    I'm fetching build artifacts from our build system and don't know the
    hash in advance.

    salt file.managed seems to require hash when fetching from http urls.

    i could just shell out and run curl or wget but it'd be nice to keep it
    simple.


    --
    You received this message because you are subscribed to the Google Groups
    "Salt-users" group.
    To unsubscribe from this group and stop receiving emails from it, send an
    email to salt-users+unsubscribe@googlegroups.com.
    For more options, visit https://groups.google.com/d/optout.
    --
    You received this message because you are subscribed to the Google Groups "Salt-users" group.
    To unsubscribe from this group and stop receiving emails from it, send an email to salt-users+unsubscribe@googlegroups.com.
    For more options, visit https://groups.google.com/d/optout.
  • David Boucha at Sep 4, 2014 at 11:18 pm
    I've always wanted to make the hash requirement optional. I think it should
    be required by default, but allow for "None" in the field.

    On Thu, Sep 4, 2014 at 4:56 PM, Colton Myers wrote:

    Should we add an argument to bypass the hash requirement? There are some
    situations where I could see someone not caring about the security
    implications, as the file in question is not critical. I'll have to think
    about this.

    --
    Colton Myers

    On Wed, Aug 13, 2014 at 8:16 PM, Ethan Erchinger wrote:

    Can the artifact system not provide a source hash file?

    On Wednesday, August 13, 2014 8:06:15 AM UTC-7, dmar...@zulily.com wrote:


    I'm fetching build artifacts from our build system and don't know the
    hash in advance.

    salt file.managed seems to require hash when fetching from http urls.

    i could just shell out and run curl or wget but it'd be nice to keep it
    simple.


    --
    You received this message because you are subscribed to the Google Groups
    "Salt-users" group.
    To unsubscribe from this group and stop receiving emails from it, send an
    email to salt-users+unsubscribe@googlegroups.com.
    For more options, visit https://groups.google.com/d/optout.
    --
    You received this message because you are subscribed to the Google Groups
    "Salt-users" group.
    To unsubscribe from this group and stop receiving emails from it, send an
    email to salt-users+unsubscribe@googlegroups.com.
    For more options, visit https://groups.google.com/d/optout.
    --
    You received this message because you are subscribed to the Google Groups "Salt-users" group.
    To unsubscribe from this group and stop receiving emails from it, send an email to salt-users+unsubscribe@googlegroups.com.
    For more options, visit https://groups.google.com/d/optout.
  • Jean-Michel Smith at Sep 5, 2014 at 2:56 pm
    I would second this, for hashes everywhere. archive, http downloads, etc
    from trusted hosts where the file changes nightly (or more frequently), and
    you shouldn't be forced to rewrite a state frequently to keep up. In fact,
    we end up using cmd.run and wget instead of various modules for this to
    bypass this requirement for many of our in-house software deployments
    because the hash requirement is so onerous.
    On Thursday, September 4, 2014 6:18:03 PM UTC-5, David Boucha wrote:

    I've always wanted to make the hash requirement optional. I think it
    should be required by default, but allow for "None" in the field.


    On Thu, Sep 4, 2014 at 4:56 PM, Colton Myers <colton...@gmail.com
    <javascript:>> wrote:
    Should we add an argument to bypass the hash requirement? There are some
    situations where I could see someone not caring about the security
    implications, as the file in question is not critical. I'll have to think
    about this.

    --
    Colton Myers


    On Wed, Aug 13, 2014 at 8:16 PM, Ethan Erchinger <eth...@erchinger.org
    <javascript:>> wrote:
    Can the artifact system not provide a source hash file?


    On Wednesday, August 13, 2014 8:06:15 AM UTC-7, dmar...@zulily.com
    wrote:

    I'm fetching build artifacts from our build system and don't know the
    hash in advance.

    salt file.managed seems to require hash when fetching from http urls.

    i could just shell out and run curl or wget but it'd be nice to keep it
    simple.


    --
    You received this message because you are subscribed to the Google
    Groups "Salt-users" group.
    To unsubscribe from this group and stop receiving emails from it, send
    an email to salt-users+...@googlegroups.com <javascript:>.
    For more options, visit https://groups.google.com/d/optout.
    --
    You received this message because you are subscribed to the Google Groups
    "Salt-users" group.
    To unsubscribe from this group and stop receiving emails from it, send an
    email to salt-users+...@googlegroups.com <javascript:>.
    For more options, visit https://groups.google.com/d/optout.
    --
    You received this message because you are subscribed to the Google Groups "Salt-users" group.
    To unsubscribe from this group and stop receiving emails from it, send an email to salt-users+unsubscribe@googlegroups.com.
    For more options, visit https://groups.google.com/d/optout.
  • Colton Myers at Sep 5, 2014 at 10:06 pm
    Agreed, None should override. Is there an open issue somewhere? I expect
    there probably is. If not, we should open one.

    --
    Colton Myers

    On Fri, Sep 5, 2014 at 8:56 AM, Jean-Michel Smith wrote:

    I would second this, for hashes everywhere. archive, http downloads, etc
    from trusted hosts where the file changes nightly (or more frequently), and
    you shouldn't be forced to rewrite a state frequently to keep up. In fact,
    we end up using cmd.run and wget instead of various modules for this to
    bypass this requirement for many of our in-house software deployments
    because the hash requirement is so onerous.
    On Thursday, September 4, 2014 6:18:03 PM UTC-5, David Boucha wrote:

    I've always wanted to make the hash requirement optional. I think it
    should be required by default, but allow for "None" in the field.

    On Thu, Sep 4, 2014 at 4:56 PM, Colton Myers wrote:

    Should we add an argument to bypass the hash requirement? There are
    some situations where I could see someone not caring about the security
    implications, as the file in question is not critical. I'll have to think
    about this.

    --
    Colton Myers


    On Wed, Aug 13, 2014 at 8:16 PM, Ethan Erchinger <eth...@erchinger.org>
    wrote:
    Can the artifact system not provide a source hash file?


    On Wednesday, August 13, 2014 8:06:15 AM UTC-7, dmar...@zulily.com
    wrote:

    I'm fetching build artifacts from our build system and don't know the
    hash in advance.

    salt file.managed seems to require hash when fetching from http urls.

    i could just shell out and run curl or wget but it'd be nice to keep
    it simple.


    --
    You received this message because you are subscribed to the Google
    Groups "Salt-users" group.
    To unsubscribe from this group and stop receiving emails from it, send
    an email to salt-users+...@googlegroups.com.
    For more options, visit https://groups.google.com/d/optout.
    --
    You received this message because you are subscribed to the Google
    Groups "Salt-users" group.
    To unsubscribe from this group and stop receiving emails from it, send
    an email to salt-users+...@googlegroups.com.
    For more options, visit https://groups.google.com/d/optout.
    --
    You received this message because you are subscribed to the Google Groups
    "Salt-users" group.
    To unsubscribe from this group and stop receiving emails from it, send an
    email to salt-users+unsubscribe@googlegroups.com.
    For more options, visit https://groups.google.com/d/optout.
    --
    You received this message because you are subscribed to the Google Groups "Salt-users" group.
    To unsubscribe from this group and stop receiving emails from it, send an email to salt-users+unsubscribe@googlegroups.com.
    For more options, visit https://groups.google.com/d/optout.

Related Discussions

Discussion Navigation
viewthread | post
Discussion Overview
groupsalt-users @
postedAug 13, '14 at 3:06p
activeSep 5, '14 at 10:06p
posts6
users5

People

Translate

site design / logo © 2022 Grokbase