pungi

Clone

#1404 Make productid glob stricter
Merged 3 years ago by lsedlar. Opened 3 years ago by lsedlar.
lsedlar/pungi product-id-pattern  into  master

file modified
+7 -1 
@@ -448,7 +448,7 @@ 
 

  

  **product_id** = None
 

      (:ref:`scm_dict <scm_support>`) -- If specified, it should point to a
 

-     directory with certificates ``<variant_uid>-<arch>-*.pem``. Pungi will
 

+     directory with certificates ``*<variant_uid>-<arch>-*.pem``. Pungi will
 

      copy each certificate file into the relevant Yum repositories as a
 

      ``productid`` file in the ``repodata`` directories. The purpose of these
 

      ``productid`` files is to expose the product data to `subscription-manager
 
@@ -462,6 +462,12 @@ 
 

      When you set this option to ``True``, Pungi will ignore the missing
 

      certificate and simply log a warning message.
 

  

+ **product_id_allow_name_prefix** = True
 

+     (*bool*) -- Allow arbitrary prefix for the certificate file name (see
 

+     leading ``*`` in the pattern above). Setting this option to ``False`` will
 

+     make the pattern more strict by requiring the file name to start directly
 

+     with variant name.
 

+ 

  

  Example
 

  -------

file modified
+1 
@@ -859,6 +859,7 @@ 
 

              },
 

              "product_id": {"$ref": "#/definitions/str_or_scm_dict"},
 

              "product_id_allow_missing": {"type": "boolean", "default": False},
 

+             "product_id_allow_name_prefix": {"type": "boolean", "default": True},
 

              # Deprecated in favour of regular local/phase/global setting.
 

              "live_target": {"type": "string"},
 

              "tree_arches": {"$ref": "#/definitions/list_of_strings", "default": []},

file modified
+6 -3 
@@ -350,12 +350,15 @@ 
 

              return
 

          raise
 

  

+     if compose.conf["product_id_allow_name_prefix"]:
 

+         pattern = "%s/*%s-%s-*.pem"
 

+     else:
 

+         pattern = "%s/%s-%s-*.pem"
 

+ 

      for arch in compose.get_arches():
 

          for variant in compose.get_variants(arch=arch):
 

              # some layered products may use base product name before variant
 

-             pem_files = glob.glob("%s/*%s-%s-*.pem" % (tmp_dir, variant.uid, arch))
 

-             # use for development:
 

-             # pem_files = glob.glob("%s/*.pem" % tmp_dir)[-1:]
 

+             pem_files = glob.glob(pattern % (tmp_dir, variant.uid, arch))
 

              if not pem_files:
 

                  warning = "No product certificate found (arch: %s, variant: %s)" % (
 

                      arch,

This makes the code behave as documented (there was no leading wildcard in documentation).

The extra wildcard is causing problems when there are two variants in the compose and one UID is a suffix of the other (e.g. DevTools and Tools), since multiple files will match the shorter name and an error will be reported.

I agree with the change.

rebased onto f48edce10cfd5142652946d97df4958bdb9767bc
3 years ago

I updated the patch to make the new behavior configurable, so that without a user action there's no change.

should this be product_id_allow_name_prefix?

Oh yes, totally right.

rebased onto b59bdce
3 years ago

Looks good. Is long term plan to change the default value of product_id_allow_name_prefix to False?

It might be an option, but I don't think there's any pressure to switch the default.

Looks good to me. :thumbsup:

Pull-Request has been merged by lsedlar
3 years ago
Changes Summary 3
+7 -1
file changed
doc/configuration.rst
+1 -0
file changed
pungi/checks.py
+6 -3
file changed
pungi/phases/createrepo.py
Powered by Pagure 5.13.3
DocumentationFile an IssueAboutSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.