fedora-qa / oraculum

Clone
Source Code
GIT

#45 Support to specify allowed group names
Merged 3 years ago by frantisekz. Opened 3 years ago by frantisekz.
allowed_groups  into  master

file modified
+3 -1 
@@ -35,7 +35,9 @@ 
 

  

  EPEL_RELEASES = [6, 7, 8]
 

  

- 

+ # Specify groups that are allowed to own packages, regexes and explicit names are allowed
 

+ # Only groups ending with "-sig" can own packages as per https://pagure.io/fedora-infrastructure/issue/5478#comment-9109
 

+ ALLOWED_PACKAGER_GROUPS = ["^sssd-maintainers$", ".+-sig$"]
 

  

  SYNC_INTERVALS = defaultdict(lambda: 3600) # Default sync interval
 

  # You can set specific tasks' sync intervals here, unset tasks will be refreshed in the

file modified
+3 
@@ -63,6 +63,9 @@ 
 

  

      EPEL_RELEASES = [6, 7, 8]
 

  

+     # Specify groups that are allowed to own packages, regexes and explicit names are allowed
 

+     ALLOWED_PACKAGER_GROUPS = ["^sssd-maintainers$", ".+-sig$"]
 

+ 

      SYNC_INTERVALS = defaultdict(lambda: 3600)
 

      # You can set specific tasks' sync intervals here, unset tasks will be refreshed in the
 

      #  default interval above

file modified
+3 -2 
@@ -31,6 +31,7 @@ 
 

  import bugzilla
 

  import koji
 

  import urllib.parse
 

+ import re
 

  

  from bodhi.client.bindings import BodhiClient
 

  from urllib3.util.retry import Retry
 
@@ -279,9 +280,9 @@ 
 

      resp = get_json("https://src.fedoraproject.org/api/0/groups?per_page=100")  # TODO: Handle pagination properly
 

      if not resp:
 

          return None
 

+     allowed_groups = [re.compile(a) for a in app.config["ALLOWED_PACKAGER_GROUPS"]]
 

      for group in resp["groups"]:
 

-         if not group.endswith("-sig"):
 

-             # Only groups ending with "-sig" can own packages as per https://pagure.io/fedora-infrastructure/issue/5478#comment-9109
 

+         if not any(regex.match(group) for regex in allowed_groups):
 

              continue
 

          app.logger.debug("Checking out Pagure group %s" % group)
 

          group_resp = get_json("https://src.fedoraproject.org/api/0/group/%s?projects=1&acl=commit" % group)

no initial comment

Not sure what's the intent with sssd-maintainters but if it's supposed to be matching only specifically the sssd-maintainers string, then ^sssd-maintainers$ would be better, since the sssd-maintainers behaves as sssd-maintainers.*

other than ^ LGTM, if the intent is to only allow groups named ssd-maintainers or ending with -sig

rebased onto 58fcd4c
3 years ago

Pull-Request has been merged by frantisekz
3 years ago
Metadata
None
No Tags
Changes Summary 3
+3 -1
file changed
conf/settings.py.example
+3 -0
file changed
oraculum/config.py
+3 -2
file changed
oraculum/utils/dashboard.py
Powered by Pagure 5.13.3
DocumentationFile an IssueAboutSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.