Skip to content

dolalima/check_code_integrity

BranchesTags

Repository files navigation

Code Integrity Checker v1.0

A robust Python-based tool for verifying the integrity of code directories by comparing file hashes and detecting differences between reference and target code structures. Features comprehensive help system, multiple hash algorithms, and automated service integration.

Features

  • Hash-based integrity verification: Calculate and compare MD5, SHA256, or SHA1 hashes of files and directories
  • Batch folder analysis: Analyze multiple code directories against a reference
  • File difference detection: Identify specific file differences between directories
  • Pattern-based file ignoring: Skip files matching specified patterns during analysis
  • Service integration: Automatically start/stop system services based on integrity results
  • Colored output: Visual feedback with color-coded results (PASS/FAIL)
  • Multiple hash algorithms: Support for MD5 (default), SHA256, and SHA1
  • Comprehensive help system: Professional help documentation with examples and usage guidance
  • Standalone executable: Build portable executables with PyInstaller
  • Cross-platform compatibility: Works on Linux, macOS, and Windows

Project Structure

check_code_integrity/
├── analise.py          # Main integrity analysis tool
├── diff.py             # File comparison utility
├── build.sh            # Build script for creating executable
├── test.sh             # Test script with example commands
├── test_diff.sh        # Test script for difference checking
├── requirements.txt    # Python dependencies (optional)
├── README.md           # Project documentation
├── .ignore             # File patterns to ignore during analysis
├── analise.spec        # PyInstaller specification (auto-generated)
├── dist/               # Built executables directory
├── build/              # Build artifacts directory
├── ref_code/           # Reference code directory
├── valid_codes/        # Valid code samples for testing
└── invalid_codes/      # Invalid code samples for testing

Installation

Prerequisites

  • Python 3.x (3.6 or higher recommended)
  • No external dependencies required (uses Python standard library only)

Optional dependencies:

# For building standalone executables
pip install pyinstaller

# For development (optional)
pip install pytest flake8 black

Note: The core functionality uses only Python standard library modules: hashlib, os, re, getopt, sys, and difflib.

Building Executable (Optional)

To create a standalone executable:

# Install PyInstaller if not already installed
pip install pyinstaller

# Make build script executable and run
chmod +x build.sh
./build.sh

This creates a single ~14MB executable in dist/analise that can be distributed without Python dependencies.

Quick Start

# Clone and test the tool
git clone https://github.com/dolalima/check_code_integrity.git
cd check_code_integrity

# Run built-in tests
chmod +x test.sh
./test.sh

# Or build and test executable
./build.sh
./dist/analise --help

Usage

Getting Help

The tool includes comprehensive built-in help:

# Display detailed help with examples
python3 analise.py --help
# or
./dist/analise --help

The help system includes:

  • Complete option descriptions
  • Real-world usage examples
  • Hash algorithm recommendations
  • Service integration guide
  • Exit code documentation

Basic Commands

Calculate Reference Hash

Generate a hash from a reference directory:

python3 analise.py -a ./ref_code

Verify Against Known Hash

Check directories against a specific hash:

python3 analise.py -r <HASH_VALUE> -f ./target_folder

Compare Against Reference Directory

Analyze folders using a reference directory:

python3 analise.py -a ./ref_code -f ./target_folders

Command Line Options

Option Long Form Description
-a Calculate hash from reference file/directory
-r --reference Input hash code for verification
-f --folder Analyze group of folders with same code
-i --ignore Specify ignore pattern file
-s --service Service name for start/stop operations
-o --output Enable special output mode
-h --help Display help information
--hash= Choose hash algorithm (md5, sha256, sha1)
--shutdown Enable service shutdown on integrity failure

Examples

Example 1: Verify Multiple Directories

# Generate reference hash and verify valid codes
python3 analise.py -a ./ref_code -f ./valid_codes

# Check invalid codes against reference
python3 analise.py -a ./ref_code -f ./invalid_codes

Example 2: Using SHA256 Algorithm

python3 analise.py -a ./ref_code -f ./valid_codes --hash=sha256

Example 3: Service Integration

# Stop nginx service if integrity check fails
python3 analise.py -r ca44ff5eccbd5b05b6ade6314784595b -f ./target_codes -s nginx --shutdown

Example 4: File Difference Analysis

# Compare specific directories and show differences
python3 diff.py ./ref_code ./target_code

Example 5: Using the Standalone Executable

# All commands work with the executable
./dist/analise -a ./ref_code -f ./valid_codes
./dist/analise --help
./dist/analise -r <hash> -f ./folders --hash=sha256

Ignore Patterns

Create a .ignore file to specify patterns for files that should be excluded from analysis:

application/config/database.php
uploads
.jpg
.png
.env

The tool supports wildcard patterns where * matches any characters.

Output Format

The tool provides colored output indicating the status of each check:

  • GREEN "PASSED": Directory matches reference hash
  • RED "FAIL": Directory differs from reference hash

Example output:

./valid_codes/c1    ca44ff5eccbd5b05b6ade6314784595b    PASSED
./invalid_codes/c1  df9b8e4c12a3b5d6e7f8a9b0c1d2e3f4    FAIL

Service Integration

The tool can integrate with system services:

  • Automatically stop services when integrity checks fail
  • Start services when all checks pass
  • Useful for maintaining system security and preventing execution of compromised code

Testing

Run the included test scripts:

# Test integrity checking
chmod +x test.sh
./test.sh

# Test file differences
chmod +x test_diff.sh
./test_diff.sh

# Test standalone executable
./build.sh
./dist/analise -a ./ref_code -f ./valid_codes

Test Results

The tool has been thoroughly tested with:

  • ✅ Hash calculation and verification
  • ✅ Multiple hash algorithms (MD5, SHA256, SHA1)
  • ✅ File pattern ignoring
  • ✅ Service integration simulation
  • ✅ Standalone executable functionality
  • ✅ Comprehensive help system

Error Handling

The tool handles various error conditions:

  • Missing directories or files
  • Invalid hash algorithms
  • File permission issues
  • Service control errors
  • PyInstaller build issues (automatically resolved)

Version History

v1.0 (Current)

  • ✅ Comprehensive help system with examples
  • ✅ Fixed PyInstaller compatibility issues
  • ✅ Professional documentation
  • ✅ Enhanced error handling
  • ✅ Cross-platform executable builds

Troubleshooting

Common Issues

Build Issues:

# If PyInstaller is not found
pip install pyinstaller

# If executable fails with exit() error (fixed in v1.0)
# Ensure you're using the latest version

Permission Issues:

# Make scripts executable
chmod +x build.sh test.sh test_diff.sh

Contributing

  1. Fork the repository
  2. Create a feature branch
  3. Make your changes
  4. Test thoroughly
  5. Submit a pull request

License

This project is open source. Please check the repository for license details.

Support

For issues, questions, or contributions, please refer to the project repository or contact the maintainers.

About

script to check is code in production is correct.

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages