Fixes #430: Validate an artifact using "hash" rather than "fileName"

Jenkins only stores one version of an artifact by its hash and by the
original filename.  Subsequent stores of an artifact with an identical
hash but different filename will point to the original artifact.  If a
duplicate artifact (identical hash) has a different filename than the
original filename then that new filename will be stored as a name in
the build artifacts but will not change the fileName of the original
artifact.  This makes it problematic to compare against the original
fileName when validating a build artifact that has been saved.

Since the md5sum hash is computed for the local, saved artifact it can
be compared against the Jenkins artifact ID (viz hash) for validation.
This avoids the problem of identical artifacts having additional
filenames.  Using the hash is also a better way of validating data
integrity rather than using the fileName even when the filename
matches.

Author: plastikos

jenkinsapi/fingerprint.py

@@ -71,6 +71,7 @@ def valid(self) -> bool:
         return True
 
     def validate_for_build(self, filename: str, job: str, build: int) -> bool:
+        _ = filename  # Currently unused
         if not self.valid():
             log.info("Fingerprint is not known to jenkins.")
             return False
@@ -81,10 +82,10 @@ def validate_for_build(self, filename: str, job: str, build: int) -> bool:
             if self._data["original"]["name"] == job:
                 if self._data["original"]["number"] == build:
                     return True
-        if self._data["fileName"] != filename:
+        if self._data["hash"] != self.id_:
             log.info(
-                msg="Filename from jenkins (%s) did not match provided (%s)"
-                % (self._data["fileName"], filename)
+                msg="File hash from Jenkins (%s) did not match local hash (%s)"
+                % (self._data["hash"], self.id_)
             )
             return False
         for usage_item in self._data["usage"]: