Remove integrity field from Gazelle manifest

bazelbuild · Jan 5, 2024 · 4b7583c · 4b7583c
1 parent 887e740
commit 4b7583c
Show file tree

Hide file tree

Showing 7 changed files with 2 additions and 76 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -37,6 +37,8 @@ A brief description of the categories of changes:
 * (pip_install) the deprecated `pip_install` macro and related items have been
   removed.
 
+* (gazelle) the integrity field has been removed from the Gazelle manifest.
+
 ### Fixed
 
 * (gazelle) The gazelle plugin helper was not working with Python toolchains 3.11

diff --git a/examples/build_file_generation/gazelle_python.yaml b/examples/build_file_generation/gazelle_python.yaml
@@ -824,4 +824,3 @@ manifest:
     zipp.py310compat: zipp
   pip_repository:
     name: pip
-integrity: 4658c69530ba1ee117da0c963c9c671041e1c470d938c31cdbbfccc21dd259cb
diff --git a/examples/bzlmod_build_file_generation/gazelle_python.yaml b/examples/bzlmod_build_file_generation/gazelle_python.yaml
@@ -586,4 +586,3 @@ manifest:
     yamllint.rules.truthy: yamllint
   pip_repository:
     name: pip
-integrity: cd25503dc6b3d9e1c5f46715ba2d0499ecc8b3d654ebcbf9f4e52f2074290e0a
diff --git a/gazelle/manifest/manifest.go b/gazelle/manifest/manifest.go
@@ -15,7 +15,6 @@
 package manifest
 
 import (
-	"crypto/sha256"
 	"fmt"
 	"io"
 	"os"
@@ -28,10 +27,6 @@ import (
 // File represents the gazelle_python.yaml file.
 type File struct {
 	Manifest *Manifest `yaml:"manifest,omitempty"`
-	// Integrity is the hash of the requirements.txt file and the Manifest for
-	// ensuring the integrity of the entire gazelle_python.yaml file. This
-	// controls the testing to keep the gazelle_python.yaml file up-to-date.
-	Integrity string `yaml:"integrity"`
 }
 
 // NewFile creates a new File with a given Manifest.
@@ -41,11 +36,6 @@ func NewFile(manifest *Manifest) *File {
 
 // Encode encodes the manifest file to the given writer.
 func (f *File) Encode(w io.Writer, manifestGeneratorHashFile, requirements io.Reader) error {
-	integrityBytes, err := f.calculateIntegrity(manifestGeneratorHashFile, requirements)
-	if err != nil {
-		return fmt.Errorf("failed to encode manifest file: %w", err)
-	}
-	f.Integrity = fmt.Sprintf("%x", integrityBytes)
 	encoder := yaml.NewEncoder(w)
 	defer encoder.Close()
 	if err := encoder.Encode(f); err != nil {
@@ -54,45 +44,6 @@ func (f *File) Encode(w io.Writer, manifestGeneratorHashFile, requirements io.Re
 	return nil
 }
 
-// VerifyIntegrity verifies if the integrity set in the File is valid.
-func (f *File) VerifyIntegrity(manifestGeneratorHashFile, requirements io.Reader) (bool, error) {
-	integrityBytes, err := f.calculateIntegrity(manifestGeneratorHashFile, requirements)
-	if err != nil {
-		return false, fmt.Errorf("failed to verify integrity: %w", err)
-	}
-	valid := (f.Integrity == fmt.Sprintf("%x", integrityBytes))
-	return valid, nil
-}
-
-// calculateIntegrity calculates the integrity of the manifest file based on the
-// provided checksum for the requirements.txt file used as input to the modules
-// mapping, plus the manifest structure in the manifest file. This integrity
-// calculation ensures the manifest files are kept up-to-date.
-func (f *File) calculateIntegrity(
-	manifestGeneratorHash, requirements io.Reader,
-) ([]byte, error) {
-	hash := sha256.New()
-
-	// Sum the manifest part of the file.
-	encoder := yaml.NewEncoder(hash)
-	defer encoder.Close()
-	if err := encoder.Encode(f.Manifest); err != nil {
-		return nil, fmt.Errorf("failed to calculate integrity: %w", err)
-	}
-
-	// Sum the manifest generator checksum bytes.
-	if _, err := io.Copy(hash, manifestGeneratorHash); err != nil {
-		return nil, fmt.Errorf("failed to calculate integrity: %w", err)
-	}
-
-	// Sum the requirements.txt checksum bytes.
-	if _, err := io.Copy(hash, requirements); err != nil {
-		return nil, fmt.Errorf("failed to calculate integrity: %w", err)
-	}
-
-	return hash.Sum(nil), nil
-}
-
 // Decode decodes the manifest file from the given path.
 func (f *File) Decode(manifestPath string) error {
 	file, err := os.Open(manifestPath)

diff --git a/gazelle/manifest/manifest_test.go b/gazelle/manifest/manifest_test.go
@@ -82,27 +82,4 @@ func TestFile(t *testing.T) {
 			t.FailNow()
 		}
 	})
-	t.Run("VerifyIntegrity", func(t *testing.T) {
-		f := manifest.NewFile(&manifest.Manifest{})
-		if err := f.Decode("testdata/gazelle_python.yaml"); err != nil {
-			log.Println(err)
-			t.FailNow()
-		}
-		manifestGeneratorHashFile := strings.NewReader("")
-		requirements, err := os.Open("testdata/requirements.txt")
-		if err != nil {
-			log.Println(err)
-			t.FailNow()
-		}
-		defer requirements.Close()
-		valid, err := f.VerifyIntegrity(manifestGeneratorHashFile, requirements)
-		if err != nil {
-			log.Println(err)
-			t.FailNow()
-		}
-		if !valid {
-			log.Println("decoded manifest file is not valid")
-			t.FailNow()
-		}
-	})
 }
diff --git a/gazelle/manifest/testdata/gazelle_python.yaml b/gazelle/manifest/testdata/gazelle_python.yaml
@@ -10,4 +10,3 @@ manifest:
     arrow.parser: arrow
     arrow.util: arrow
   pip_deps_repository_name: test_repository_name
-integrity: eedf187f8b7ec27cdfc682feee4206e063b51d13d78f77c05d3a30ec11bd7411
diff --git a/gazelle/python/testdata/with_third_party_requirements_from_imports/gazelle_python.yaml b/gazelle/python/testdata/with_third_party_requirements_from_imports/gazelle_python.yaml
@@ -1675,4 +1675,3 @@ manifest:
     urllib3.util.wait: urllib3
   pip_repository:
     name: gazelle_python_test
-integrity: 32e38932043eca090a64ca741758d8e4a5817c2cd7dc821fc927914c32fb3114