GH actions. build-packages.yml: adding a hash verification for all targets

diff --git a/.github/workflows/build-packages.yml b/.github/workflows/build-packages.yml
index 63fe7e1256b4b5ad6336661e6475d61f50e7dfaa..12bedec6cb98b7396be925a7477add07b62b4884 100644 (file)
--- a/.github/workflows/build-packages.yml
+++ b/.github/workflows/build-packages.yml
@@ -136,6 +136,18 @@ jobs:
           echo "$HOSTKEY" > ~/.ssh/known_hosts
           rsync -4rlptD built_pkgs/* "$RSYNCTARGET"
 
+  check-hashes:
+    needs: build
+    name: Check if hashes were created for all requested targets
+    runs-on: ubuntu-20.04
+    steps:
+      - name: Get list of outputs from build jobs
+        run: echo '${{ toJSON(needs.build.outputs) }}' | jq 'keys[]' | grep -v version | tee /tmp/build-outputs.txt
+      - name: Get list of OS inputs
+        run: for i in ${{ inputs.os }}; do echo "\"pkghashes-$i\""; done | sort | tee /tmp/os-inputs.txt; echo "\"srchashes\"" | tee -a /tmp/os-inputs.txt
+      - name: Fail if there is a hash missing
+        run: if ! diff -q /tmp/build-outputs.txt /tmp/os-inputs.txt; then exit 1; fi
+
   provenance-pkgs:
     needs: [prepare, build]
     name: Generate provenance for ${{ inputs.product }} (${{ inputs.ref }}) for ${{ matrix.os }}