PR#1481: pkgset: Remove reuse file when packages are not signed - pungi

pungi

#1481 pkgset: Remove reuse file when packages are not signed

Merged 3 years ago by lsedlar. Opened 3 years ago by lsedlar.

lsedlar/pungi unsigned-pkgset-reuse into master

pkgset: Remove reuse file when packages are not signed

Lubomír Sedlář • 3 years ago

49a5661

pungi/phases/pkgset/pkgsets.py

file modified

+8 -2

		`@@ -35,6 +35,10 @@`
		`from pungi.arch import get_valid_arches, is_excluded`


		`+ class UnsignedPackagesError(RuntimeError):`
		`+ pass`
		`+`
		`+`
		`class ExtendedRpmWrapper(kobo.pkgset.SimpleRpmWrapper):`
		`"""`
		`ExtendedRpmWrapper extracts only certain RPM fields instead of`
		`@@ -144,7 +148,7 @@`

		`def raise_invalid_sigkeys_exception(self, rpminfos):`
		`"""`
		`- Raises RuntimeError containing details of RPMs with invalid`
		`+ Raises UnsignedPackagesError containing details of RPMs with invalid`
		sigkeys defined in `rpminfos`.
		`"""`

		`@@ -166,7 +170,9 @@`

		`if not isinstance(rpminfos, dict):`
		`rpminfos = {self.sigkey_ordering: rpminfos}`
		`- raise RuntimeError("\n".join(get_error(k, v) for k, v in rpminfos.items()))`
		`+ raise UnsignedPackagesError(`
		`+ "\n".join(get_error(k, v) for k, v in rpminfos.items())`
		`+ )`

		`def read_packages(self, rpms, srpms):`
		`srpm_pool = ReaderPool(self, self._logger)`

pungi/scripts/pungi_koji.py

file modified

+15 -6

		`@@ -5,6 +5,7 @@`

		`import argparse`
		`import getpass`
		`+ import glob`
		`import json`
		`import locale`
		`import logging`
		`@@ -327,12 +328,20 @@`
		`)`
		`notifier.compose = compose`
		`COMPOSE = compose`
		`- run_compose(`
		`- compose,`
		`- create_latest_link=create_latest_link,`
		`- latest_link_status=latest_link_status,`
		`- latest_link_components=latest_link_components,`
		`- )`
		`+ try:`
		`+ run_compose(`
		`+ compose,`
		`+ create_latest_link=create_latest_link,`
		`+ latest_link_status=latest_link_status,`
		`+ latest_link_components=latest_link_components,`
		`+ )`
		`+ except pungi.phases.pkgset.pkgsets.UnsignedPackagesError:`
		`+ # There was an unsigned package somewhere. It is not safe to reuse any`
		`+ # package set from this compose (since we could leak the unsigned`
		`+ # package). Let's make sure all reuse files are deleted.`
		`+ for fp in glob.glob(compose.paths.work.pkgset_reuse_file("*")):`
		`+ os.unlink(fp)`
		`+ raise`


		`def run_compose(`

lsedlar commented 3 years ago

In such case we never want to reuse the pkgset, as it risks leaking unsigned packages. Safest option is to remove the file completely.

Fixes: https://pagure.io/pungi/issue/1480

rebased onto 41c999fc179ac2584307b39dfb91b7008a0ed461

3 years ago

rebased onto 2d7948c88371e56df74e7ad507e16e3d3b8fc531

3 years ago

rebased onto c37b7d46d41d43869e6be1e0a08274e5f8594457

3 years ago

rebased onto 020c8c0abbf665a0f947a3200f2b818f22dfd533

3 years ago

onosek commented on line 31 of pungi/scripts/pungi_koji.py 3 years ago

Just question ... is it OK to run it without "try/OSError" block? I am not sure whether files were linked during the current compose run (in this case try is probably not necessary).
Otherwise, I don't have other concerns.

lsedlar commented on line 31 of pungi/scripts/pungi_koji.py 3 years ago

I think it's not necessary. This code only deletes files that were created in this particular compose. And even if there is a problem deleting it, the only difference will be a compose failed with a different error message.