From 55add5cfc0a6044561ce23afecd76a9251faeff4 Mon Sep 17 00:00:00 2001 From: Chenxiong Qi Date: Thu, 6 Dec 2018 15:43:09 +0800 Subject: [PATCH] Use anonymous Koji session properly MBS calls some read-only Koji APIs which does not require to log into a session. This patch makes it optional to choose whether to login a session and use anonymous session properly to call those read-only APIs. Signed-off-by: Chenxiong Qi --- .../builder/KojiContentGenerator.py | 8 +-- .../builder/KojiModuleBuilder.py | 57 ++++++++++--------- .../builder/MockModuleBuilder.py | 3 +- module_build_service/scheduler/producer.py | 7 +-- module_build_service/utils/ursine.py | 4 +- 5 files changed, 41 insertions(+), 38 deletions(-) diff --git a/module_build_service/builder/KojiContentGenerator.py b/module_build_service/builder/KojiContentGenerator.py index cc7b35c5..5234be78 100644 --- a/module_build_service/builder/KojiContentGenerator.py +++ b/module_build_service/builder/KojiContentGenerator.py @@ -48,9 +48,9 @@ from module_build_service.scm import SCM logging.basicConfig(level=logging.DEBUG) -def get_session(config, owner): +def get_session(config, owner, login=True): from module_build_service.builder.KojiModuleBuilder import KojiModuleBuilder - return KojiModuleBuilder.get_session(config, owner) + return KojiModuleBuilder.get_session(config, owner, login=login) def strip_suffixes(s, suffixes): @@ -228,7 +228,7 @@ class KojiContentGenerator(object): def _koji_rpms_in_tag(self, tag): """ Return the list of koji rpms in a tag. """ log.debug("Listing rpms in koji tag %s", tag) - session = get_session(self.config, self.owner) + session = get_session(self.config, self.owner, login=False) try: rpms, builds = session.listTaggedRPMS(tag, latest=True) @@ -307,7 +307,7 @@ class KojiContentGenerator(object): } } } - session = get_session(self.config, None) + session = get_session(self.config, None, login=False) # Only add the CG build owner if the user exists in Koji if session.getUser(self.owner): ret[u'owner'] = self.owner diff --git a/module_build_service/builder/KojiModuleBuilder.py b/module_build_service/builder/KojiModuleBuilder.py index 89c6b85b..f3c0e14e 100644 --- a/module_build_service/builder/KojiModuleBuilder.py +++ b/module_build_service/builder/KojiModuleBuilder.py @@ -237,7 +237,7 @@ class KojiModuleBuilder(GenericBuilder): reusable_module = get_reusable_module(db_session, module_build) if not reusable_module: return filtered_rpms - koji_session = KojiModuleBuilder.get_session(conf, None) + koji_session = KojiModuleBuilder.get_session(conf, None, login=False) # Get all the RPMs and builds of the reusable module in Koji rpms, builds = koji_session.listTaggedRPMS(reusable_module.koji_tag, latest=True) # Convert the list to a dict where each key is the build_id @@ -445,7 +445,7 @@ chmod 644 %buildroot/etc/rpm/macros.zz-modules @staticmethod @module_build_service.utils.retry(wait_on=(xmlrpclib.ProtocolError, koji.GenericError)) - def get_session(config, owner): + def get_session(config, owner, login=True): koji_config = munch.Munch(koji.read_config( profile_name=config.koji_profile, user_config=config.koji_config, @@ -454,31 +454,34 @@ chmod 644 %buildroot/etc/rpm/macros.zz-modules koji_config["timeout"] = 60 * 10 address = koji_config.server - authtype = koji_config.authtype - log.info("Connecting to koji %r with %r." % (address, authtype)) + log.info("Connecting to koji %r.", address) koji_session = koji.ClientSession(address, opts=koji_config) - if authtype == "kerberos": - ccache = getattr(config, "krb_ccache", None) - keytab = getattr(config, "krb_keytab", None) - principal = getattr(config, "krb_principal", None) - log.debug(" ccache: %r, keytab: %r, principal: %r" % ( - ccache, keytab, principal)) - if keytab and principal: - koji_session.krb_login( - principal=principal, - keytab=keytab, - ccache=ccache + + if login: + authtype = koji_config.authtype + log.info("Authenticate session with %r.", authtype) + if authtype == "kerberos": + ccache = getattr(config, "krb_ccache", None) + keytab = getattr(config, "krb_keytab", None) + principal = getattr(config, "krb_principal", None) + log.debug(" ccache: %r, keytab: %r, principal: %r" % ( + ccache, keytab, principal)) + if keytab and principal: + koji_session.krb_login( + principal=principal, + keytab=keytab, + ccache=ccache + ) + else: + koji_session.krb_login(ccache=ccache) + elif authtype == "ssl": + koji_session.ssl_login( + os.path.expanduser(koji_config.cert), + None, + os.path.expanduser(koji_config.serverca) ) else: - koji_session.krb_login(ccache=ccache) - elif authtype == "ssl": - koji_session.ssl_login( - os.path.expanduser(koji_config.cert), - None, - os.path.expanduser(koji_config.serverca) - ) - else: - raise ValueError("Unrecognized koji authtype %r" % authtype) + raise ValueError("Unrecognized koji authtype %r" % authtype) return koji_session @@ -1084,7 +1087,7 @@ chmod 644 %buildroot/etc/rpm/macros.zz-modules """ # If the component has not been built before, then None is returned. Instead, let's # return 0.0 so the type is consistent - koji_session = KojiModuleBuilder.get_session(conf, None) + koji_session = KojiModuleBuilder.get_session(conf, None, login=False) return koji_session.getAverageBuildDuration(component) or 0.0 @classmethod @@ -1191,7 +1194,7 @@ chmod 644 %buildroot/etc/rpm/macros.zz-modules build = models.ModuleBuild.get_build_from_nsvc( db_session, mmd.get_name(), mmd.get_stream(), mmd.get_version(), mmd.get_context()) - koji_session = KojiModuleBuilder.get_session(conf, None) + koji_session = KojiModuleBuilder.get_session(conf, None, login=False) rpms = koji_session.listTaggedRPMS(build.koji_tag, latest=True)[0] nvrs = set(kobo.rpmlib.make_nvr(rpm, force_epoch=True) for rpm in rpms) return list(nvrs) @@ -1214,7 +1217,7 @@ chmod 644 %buildroot/etc/rpm/macros.zz-modules :return: koji tag """ - session = KojiModuleBuilder.get_session(conf, None) + session = KojiModuleBuilder.get_session(conf, None, login=False) rpm_md = session.getRPM(rpm) if not rpm_md: return None diff --git a/module_build_service/builder/MockModuleBuilder.py b/module_build_service/builder/MockModuleBuilder.py index 2f912c1d..887b8f85 100644 --- a/module_build_service/builder/MockModuleBuilder.py +++ b/module_build_service/builder/MockModuleBuilder.py @@ -588,7 +588,8 @@ class SCMBuilder(BaseBuilder): if not self.koji_session: # If Koji is not configured on the system, then just return 0.0 for components try: - self.koji_session = KojiModuleBuilder.get_session(self.config, self.owner) + self.koji_session = KojiModuleBuilder.get_session( + self.config, self.owner, login=False) # If the component has not been built before, then None is returned. Instead, # let's return 0.0 so the type is consistent return self.koji_session.getAverageBuildDuration(component.package) or 0.0 diff --git a/module_build_service/scheduler/producer.py b/module_build_service/scheduler/producer.py index b0ca9af9..83f28db5 100644 --- a/module_build_service/scheduler/producer.py +++ b/module_build_service/scheduler/producer.py @@ -35,6 +35,7 @@ import module_build_service.scheduler import module_build_service.scheduler.consumer from module_build_service import conf, models, log from module_build_service.builder import GenericBuilder +from module_build_service.builder.KojiModuleBuilder import KojiModuleBuilder class MBSProducer(PollingProducer): @@ -66,8 +67,7 @@ class MBSProducer(PollingProducer): if conf.system == 'koji': # We don't do this on behalf of users - koji_session = module_build_service.builder.KojiModuleBuilder.KojiModuleBuilder\ - .get_session(conf, None) + koji_session = KojiModuleBuilder.get_session(conf, None, login=True) log.info('Querying tasks for statuses:') res = models.ComponentBuild.query.filter_by( state=koji.BUILD_STATES['BUILDING']).options( @@ -302,8 +302,7 @@ class MBSProducer(PollingProducer): now = datetime.utcnow() - koji_session = module_build_service.builder.KojiModuleBuilder.KojiModuleBuilder\ - .get_session(config, None) + koji_session = KojiModuleBuilder.get_session(config, None, login=False) for target in koji_session.getBuildTargets(): koji_tag = target["dest_tag_name"] module = session.query(models.ModuleBuild).filter_by( diff --git a/module_build_service/utils/ursine.py b/module_build_service/utils/ursine.py index 94f9dfcf..76d4c638 100644 --- a/module_build_service/utils/ursine.py +++ b/module_build_service/utils/ursine.py @@ -126,7 +126,7 @@ def get_modulemds_from_ursine_content(tag): :rtype: list[Modulemd.Module] """ from module_build_service.builder.KojiModuleBuilder import KojiModuleBuilder - koji_session = KojiModuleBuilder.get_session(conf, None) + koji_session = KojiModuleBuilder.get_session(conf, None, login=False) repos = koji_session.getExternalRepoList(tag) build_tags = find_build_tags_from_external_repos(koji_session, repos) if not build_tags: @@ -265,7 +265,7 @@ def find_module_built_rpms(modules_nsvc): resolver = GenericResolver.create(conf) built_rpms = [] - koji_session = KojiModuleBuilder.get_session(conf, None) + koji_session = KojiModuleBuilder.get_session(conf, None, login=False) for nsvc in modules_nsvc: name, stream, version, context = nsvc.split(':')