[feature] Checksum when downloading file #1399
Description
I did this
I have a bunch of shell scripts and Dockerfiles. They download files with curl.
Right now I have adhoc and inconsistent checksums of these downloaded files.
Rough example of this pattern:
export DLURL= "http://..."
export SOURCEHASH="c6596eb7be8581c18be736c846fb9173b69eccf6ef94c5135893ec56bd92ba08"
export LOCALPATH = "/tmp/example.tar.gz"
curl -s -o "${LOCALPATH}" "${DLURL}"
GOTHASH=$(openssl dgst -sha256 "${LOCALPATH}" | sed 's/^.* //')
if [ "${GOTHASH}" != "${SOURCEHASH}" ]; then
echo "error: calculated hash ${GOTHASH} != provided hash: ${SOURCEHASH} for ${LOCALPATH}"
exit 1
else
echo "sha256 checksum matches"
fi
I expected the following
I wish there was acurl flag, where curl would exit-non-zero, if an outputed file didn't match a specified hash.
curl --output-checksum sha256:XXXX -o /tmp/example.tar.gz http://.../