On Tue, 14 Apr 2020 12:56:49 -0400
Robert Haas <robertmhaas@gmail.com> wrote:
> On Mon, Apr 13, 2020 at 5:43 PM Alvaro Herrera <alvherre@2ndquadrant.com>
> wrote:
> > Yeah, I guess I'm just saying that it feels brittle to have a file
> > format that's supposed to be good for data exchange and then make it
> > itself depend on representation details such as the order that fields
> > appear in, the letter case, or the format of newlines. Maybe this isn't
> > really of concern, but it seemed strange.
>
> I didn't want to use JSON for this at all, but I got outvoted. When I
> raised this issue, it was suggested that I deal with it in this way,
> so I did. I can't really defend it too far beyond that, although I do
> think that one nice thing about this is that you can verify the
> checksum using shell commands if you want. Just figure out the number
> of lines in the file, minus one, and do head -n$LINES backup_manifest
> | shasum -a256 and boom. If there were some whitespace-skipping thing
> figuring out how to reproduce the checksum calculation would be hard.
FWIW, shell commands (md5sum and sha*sum) read checksums from a separate file
with a very simple format: one file per line with format "CHECKSUM FILEPATH".
Thanks to json, it is fairly easy to extract checksums and filenames from the
current manifest file format and check them all with one command:
jq -r '.Files|.[]|.Checksum+" "+.Path' backup_manifest > checksums.sha256
sha256sum --check --quiet checksums.sha256
You can even pipe these commands together to avoid the intermediary file.
But for backup_manifest, it's kind of shame we have to check the checksum
against an transformed version of the file. Did you consider creating eg. a
separate backup_manifest.sha256 file?
I'm very sorry in advance if this has been discussed previously.
Regards,