diff --git a/modules.go b/modules.go index 59b669d..31acfb6 100644 --- a/modules.go +++ b/modules.go @@ -6,6 +6,7 @@ import ( "context" "crypto/sha1" "crypto/sha256" + "crypto/sha512" "encoding/base64" "encoding/hex" "encoding/json" @@ -1453,6 +1454,15 @@ func verifyGetURLChecksum(content []byte, checksumSpec string) error { case "sha1": sum := sha1.Sum(content) actual = hex.EncodeToString(sum[:]) + case "sha224": + sum := sha256.Sum224(content) + actual = hex.EncodeToString(sum[:]) + case "sha384": + sum := sha512.Sum384(content) + actual = hex.EncodeToString(sum[:]) + case "sha512": + sum := sha512.Sum512(content) + actual = hex.EncodeToString(sum[:]) default: return coreerr.E("Executor.moduleGetURL", "unsupported checksum algorithm: "+algorithm, nil) } diff --git a/modules_file_test.go b/modules_file_test.go index 48dcfce..93bacfc 100644 --- a/modules_file_test.go +++ b/modules_file_test.go @@ -3,6 +3,7 @@ package ansible import ( "context" "crypto/sha256" + "crypto/sha512" "encoding/hex" "io" "io/fs" @@ -1627,6 +1628,28 @@ func TestModulesFile_ModuleGetURL_Good_Checksum(t *testing.T) { assert.Equal(t, fs.FileMode(0600), up.Mode) } +func TestModulesFile_ModuleGetURL_Good_Sha512Checksum(t *testing.T) { + e, mock := newTestExecutorWithMock("host1") + payload := "downloaded artifact" + mock.expectCommand(`curl.*https://downloads\.example\.com/app\.tgz`, payload, "", 0) + + sum := sha512.Sum512([]byte(payload)) + result, err := e.moduleGetURL(context.Background(), mock, map[string]any{ + "url": "https://downloads.example.com/app.tgz", + "dest": "/tmp/app.tgz", + "checksum": "sha512:" + hex.EncodeToString(sum[:]), + }) + + require.NoError(t, err) + assert.True(t, result.Changed) + assert.Equal(t, 1, mock.uploadCount()) + + up := mock.lastUpload() + require.NotNil(t, up) + assert.Equal(t, "/tmp/app.tgz", up.Remote) + assert.Equal(t, []byte(payload), up.Content) +} + func TestModulesFile_ModuleGetURL_Bad_ChecksumMismatch(t *testing.T) { e, mock := newTestExecutorWithMock("host1") mock.expectCommand(`curl.*https://downloads\.example\.com/app\.tgz`, "downloaded artifact", "", 0)