modules/fm-orchestrator
1
0
Fork 0
mirror of https://pagure.io/fm-orchestrator.git synced 2026-04-10 22:29:44 +08:00
Code Issues Actions Packages Projects Releases Wiki Activity
Files
dc30b483c564b935c8b51cd8eff5cc709d26bc9d
fm-orchestrator/rida/views.py
Ralph Bean b12bda2d55 Check FAS for packager status, not pkgdb. 
Before this, we were consulting pkgdb to see if the given user was the
maintainer of any packages.

That mostly works... but technically, we want to consult FAS to see if
the user is in the packager group.

We found this when @mprahl was unable to submit builds to rida.  I added
him to the packager group, but nothing changed!  (As written, he had to
actually own a package).

This change fixes all that so that we query FAS instead of pkgdb.

Tests are added.
2016-09-07 16:35:25 -04:00

190 lines
6.2 KiB
Python
Raw Blame History

#!/usr/bin/python3
# -*- coding: utf-8 -*-
# Copyright (c) 2016 Red Hat, Inc.
#
# Permission is hereby granted, free of charge, to any person obtaining a copy
# of this software and associated documentation files (the "Software"), to deal
# in the Software without restriction, including without limitation the rights
# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
# copies of the Software, and to permit persons to whom the Software is
# furnished to do so, subject to the following conditions:
#
# The above copyright notice and this permission notice shall be included in all
# copies or substantial portions of the Software.
#
# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
# SOFTWARE.
#
# Written by Petr Šabata <contyk@redhat.com>
# Matt Prahl <mprahl@redhat.com>
""" The module build orchestrator for Modularity, API.
This is the implementation of the orchestrator's public RESTful API.
"""
from flask import request, jsonify
import json
import logging
import modulemd
import os
import rida.auth
import rida.logger
import rida.scm
import shutil
import tempfile
from rida import app, conf, db, log
from rida import models
from rida.utils import pagination_metadata, filter_module_builds
from errors import (ValidationError, Unauthorized, UnprocessableEntity,
Conflict, NotFound)
@app.route("/rida/module-builds/", methods=["POST"])
def submit_build():
"""Handles new module build submissions."""
username = rida.auth.get_username(request.environ)
rida.auth.assert_is_packager(username, fas_kwargs=dict(
base_url=conf.fas_url,
username=conf.fas_username,
password=conf.fas_password))
try:
r = json.loads(request.get_data().decode("utf-8"))
except:
raise ValidationError('Invalid JSON submitted')
if "scmurl" not in r:
raise ValidationError('Missing scmurl')
url = r["scmurl"]
urlallowed = False
for prefix in conf.scmurls:
if url.startswith(prefix):
urlallowed = True
break
if not urlallowed:
raise Unauthorized('The submitted scmurl isn\'t allowed')
yaml = str()
td = None
try:
td = tempfile.mkdtemp()
scm = rida.scm.SCM(url, conf.scmurls)
cod = scm.checkout(td)
cofn = os.path.join(cod, (scm.name + ".yaml"))
with open(cofn, "r") as mmdfile:
yaml = mmdfile.read()
finally:
try:
if td is not None:
shutil.rmtree(td)
except Exception as e:
log.warning(
"Failed to remove temporary directory {!r}: {}".format(
td, str(e)))
mmd = modulemd.ModuleMetadata()
try:
mmd.loads(yaml)
except:
raise UnprocessableEntity('Invalid modulemd')
if models.ModuleBuild.query.filter_by(name=mmd.name, version=mmd.version, release=mmd.release).first():
raise Conflict('Module already exists')
module = models.ModuleBuild.create(
db.session,
conf,
name=mmd.name,
version=mmd.version,
release=mmd.release,
modulemd=yaml,
scmurl=url,
username=username
)
for pkgname, pkg in mmd.components.rpms.packages.items():
try:
if pkg.get("repository") and not conf.rpms_allow_repository:
raise Unauthorized(
"Custom component repositories aren't allowed")
if pkg.get("cache") and not conf.rpms_allow_cache:
raise Unauthorized("Custom component caches aren't allowed")
if not pkg.get("repository"):
pkg["repository"] = conf.rpms_default_repository + pkgname
if not pkg.get("cache"):
pkg["cache"] = conf.rpms_default_cache + pkgname
if not pkg.get("commit"):
try:
pkg["commit"] = rida.scm.SCM(
pkg["repository"]).get_latest()
except Exception as e:
raise UnprocessableEntity(
"Failed to get the latest commit: %s" % pkgname)
except Exception:
module.transition(conf, models.BUILD_STATES["failed"])
db.session.add(module)
db.session.commit()
raise
full_url = pkg["repository"] + "?#" + pkg["commit"]
if not rida.scm.SCM(full_url).is_available():
raise UnprocessableEntity("Cannot checkout %s" % pkgname)
build = models.ComponentBuild(
module_id=module.id,
package=pkgname,
format="rpms",
scmurl=full_url,
)
db.session.add(build)
module.modulemd = mmd.dumps()
module.transition(conf, models.BUILD_STATES["wait"])
db.session.add(module)
db.session.commit()
logging.info("%s submitted build of %s-%s-%s", username, mmd.name,
mmd.version, mmd.release)
return jsonify(module.json()), 201
@app.route("/rida/module-builds/", methods=["GET"])
def query_builds():
"""Lists all tracked module builds."""
p_query = filter_module_builds(request)
json_data = {
'meta': pagination_metadata(p_query)
}
verbose_flag = request.args.get('verbose', 'false')
if verbose_flag.lower() == 'true' or verbose_flag == '1':
json_data['items'] = [item.api_json() for item in p_query.items]
else:
json_data['items'] = [{'id': item.id, 'state': item.state} for item in p_query.items]
return jsonify(json_data), 200
@app.route("/rida/module-builds/<int:id>", methods=["GET"])
def query_build(id):
"""Lists details for the specified module builds."""
module = models.ModuleBuild.query.filter_by(id=id).first()
if module:
return jsonify(module.api_json()), 200
else:
raise NotFound('No such module found.')
Reference in New Issue View Git Blame Copy Permalink