diff --git a/docs/manual/CoreTasks/get.html b/docs/manual/CoreTasks/get.html index dc1a8c28a..bc89e225b 100644 --- a/docs/manual/CoreTasks/get.html +++ b/docs/manual/CoreTasks/get.html @@ -141,6 +141,31 @@ ignore the fact that it is part of your build file which may be readable by third parties. If you need more security, consider using the input task to query for a password.

+

Using a macro like the following

+ +
+  <macrodef name="get-and-checksum">
+    <attribute name="url"/>
+    <attribute name="dest"/>
+    <sequential>
+      <get src="@{url}" dest="@{dest}"/>
+      <get src="@{url}.sha1" dest="@{dest}.sha"/>
+      <local name="checksum.matches"/>
+      <local name="checksum.matches.fail"/>
+      <checksum file="@{dest}" algorithm="sha" fileext=".sha"
+                verifyproperty="checksum.matches"/>
+      <condition property="checksum.matches.fail">
+        <equals arg1="${checksum.matches}" arg2="false"/>
+      </condition>
+      <fail if="checksum.matches.fail">Checksum error</fail>
+    </sequential>
+  </macrodef>
+
+ +

it is possible to download an artifacts together with its SHA1 + checksum (assuming a certain naming convention for the checksum + file, of course) and validate the checksum on the fly.

+