Remove path from release json and add sha256 (#280)

PR addresses
https://github.com/paritytech/revive/issues/162#issuecomment-2783173447

.github/scripts/json_generator.py

@@ -2,7 +2,6 @@ import os
 import sys
 import json
 import requests
-from datetime import datetime
 
 def validate_github_token():
     """Validate that GITHUB_TOKEN environment variable is set."""
@@ -27,26 +26,70 @@ def fetch_release_data(repo, tag):
         print(f"Error fetching release data: {e}")
         sys.exit(1)
 
+def fetch_checksum_file(release_data):
+    """
+    Fetch the checksum.txt file from the release assets
+    and parse it into a dictionary mapping file names to their SHA256 checksums.
+    """
+    checksums = {}
+
+    # Find the checksum.txt asset URL
+    checksum_asset = None
+    for asset in release_data['assets']:
+        if asset['name'] == 'checksums.txt':
+            checksum_asset = asset
+            break
+
+    if not checksum_asset:
+        print("Warning: checksum.txt file not found in release assets.")
+        return checksums
+
+    # Download the checksum file
+    headers = {
+        'Authorization': f"Bearer {os.environ['GITHUB_TOKEN']}",
+        'Accept': 'application/octet-stream'
+    }
+
+    try:
+        response = requests.get(checksum_asset['browser_download_url'], headers=headers)
+        response.raise_for_status()
+
+        # Parse checksum file
+        for line in response.text.splitlines():
+            if line.strip():
+                checksum, filename = line.strip().split(None, 1)
+                checksums[filename] = checksum
+
+        return checksums
+    except requests.RequestException as e:
+        print(f"Error fetching checksum file: {e}")
+        return checksums
+    except Exception as e:
+        print(f"Error parsing checksum file: {e}")
+        return checksums
+
 def extract_build_hash(target_commitish):
     """Extract the first 8 characters of the commit hash."""
     return f"commit.{target_commitish[:8]}"
 
-def generate_asset_json(release_data, asset):
+def generate_asset_json(release_data, asset, checksums):
     """Generate JSON for a specific asset."""
     version = release_data['tag_name'].lstrip('v')
     build = extract_build_hash(release_data['target_commitish'])
     long_version = f"{version}+{build}"
-    path = f"{asset['name']}+{long_version}"
+
+    # Get SHA256 checksum if available
+    sha256 = checksums.get(asset['name'], "")
 
     return {
-        "path": path,
         "name": asset['name'],
         "version": version,
         "build": build,
         "longVersion": long_version,
         "url": asset['browser_download_url'],
-        "firstSolcVersion": os.environ["FIRST_SOLC_VERSION"],
-        "lastSolcVersion": os.environ["LAST_SOLC_VERSION"]
+        "sha256": sha256,
+        "firstSolcVersion": os.environ.get("FIRST_SOLC_VERSION", ""),
+        "lastSolcVersion": os.environ.get("LAST_SOLC_VERSION", "")
     }
 
 def save_platform_json(platform_folder, asset_json, tag):
@@ -69,14 +112,14 @@ def save_platform_json(platform_folder, asset_json, tag):
     # Remove any existing entry with the same path
     list_data['builds'] = [
         build for build in list_data['builds']
-        if build['path'] != asset_json['path']
+        if build['version'] != asset_json['version']
     ]
     # Add the new build
     list_data['builds'].append(asset_json)
 
     # Update releases
     version = asset_json['version']
-    list_data['releases'][version] = asset_json['path']
+    list_data['releases'][version] = f"{asset_json['name']}+{asset_json['longVersion']}"
 
     # Update latest release
     list_data['latestRelease'] = version
@@ -98,6 +141,9 @@ def main():
     # Fetch release data
     release_data = fetch_release_data(repo, tag)
 
+    # Fetch checksums
+    checksums = fetch_checksum_file(release_data)
+
     # Mapping of asset names to platform folders
     platform_mapping = {
         'resolc-x86_64-unknown-linux-musl': 'linux',
@@ -111,7 +157,7 @@ def main():
         platform_name = platform_mapping.get(asset['name'])
         if platform_name:
             platform_folder = os.path.join(platform_name)
-            asset_json = generate_asset_json(release_data, asset)
+            asset_json = generate_asset_json(release_data, asset, checksums)
             save_platform_json(platform_folder, asset_json, tag)
             print(f"Processed {asset['name']} for {platform_name}")
 

.github/workflows/release.yml

@@ -249,6 +249,15 @@ jobs:
           chmod +x resolc-x86_64-unknown-linux-musl
           chmod +x resolc-universal-apple-darwin
 
+      - name: Create sha-256 checksum
+        run: |
+          shasum -a 256 resolc-x86_64-unknown-linux-musl > checksums.txt
+          shasum -a 256 resolc-universal-apple-darwin >> checksums.txt
+          shasum -a 256 resolc-x86_64-pc-windows-msvc.exe >> checksums.txt
+          shasum -a 256 resolc.js >> checksums.txt
+          shasum -a 256 resolc.wasm >> checksums.txt
+          shasum -a 256 resolc_web.js >> checksums.txt
+
       - uses: actions/create-github-app-token@v1
         id: app-token
         with:
@@ -276,3 +285,4 @@ jobs:
             resolc.js
             resolc.wasm
             resolc_web.js
+            checksums.txt