Code refactoring, added functions for build and sign node integration
This commit is contained in:
parent
4d05f388a2
commit
0a94dc6f8f
@ -1,7 +1,15 @@
|
|||||||
|
from concurrent.futures import ThreadPoolExecutor, as_completed
|
||||||
import json
|
import json
|
||||||
from typing import Dict
|
import logging
|
||||||
|
import typing
|
||||||
|
|
||||||
from plumbum import local, ProcessExecutionError
|
from plumbum import local, ProcessExecutionError
|
||||||
|
from pydantic import BaseModel
|
||||||
|
|
||||||
|
|
||||||
|
class CasArtifact(BaseModel):
|
||||||
|
path: str
|
||||||
|
cas_hash: typing.Optional[str]
|
||||||
|
|
||||||
|
|
||||||
class CasWrapper:
|
class CasWrapper:
|
||||||
@ -16,6 +24,7 @@ class CasWrapper:
|
|||||||
self,
|
self,
|
||||||
cas_api_key: str,
|
cas_api_key: str,
|
||||||
cas_signer_id: str,
|
cas_signer_id: str,
|
||||||
|
logger: logging.Logger = None,
|
||||||
):
|
):
|
||||||
if self.binary_name not in local:
|
if self.binary_name not in local:
|
||||||
raise FileNotFoundError(
|
raise FileNotFoundError(
|
||||||
@ -23,19 +32,16 @@ class CasWrapper:
|
|||||||
)
|
)
|
||||||
self._cas_api_key = cas_api_key
|
self._cas_api_key = cas_api_key
|
||||||
self._cas_signer_id = cas_signer_id
|
self._cas_signer_id = cas_signer_id
|
||||||
with local.env(
|
|
||||||
CAS_API_KEY=self._cas_api_key,
|
|
||||||
SIGNER_ID=self._cas_signer_id
|
|
||||||
):
|
|
||||||
self._cas = local['cas']
|
self._cas = local['cas']
|
||||||
self._cas['login']()
|
self._logger = logger
|
||||||
|
if self._logger is None:
|
||||||
|
self._logger = logging.getLogger()
|
||||||
|
|
||||||
def __enter__(self):
|
def __enter__(self):
|
||||||
with local.env(
|
with local.env(
|
||||||
CAS_API_KEY=self._cas_api_key,
|
CAS_API_KEY=self._cas_api_key,
|
||||||
SIGNER_ID=self._cas_signer_id,
|
SIGNER_ID=self._cas_signer_id,
|
||||||
):
|
):
|
||||||
self._cas = local['cas']
|
|
||||||
self._cas['login']()
|
self._cas['login']()
|
||||||
return self
|
return self
|
||||||
|
|
||||||
@ -45,7 +51,7 @@ class CasWrapper:
|
|||||||
def notarize(
|
def notarize(
|
||||||
self,
|
self,
|
||||||
local_path: str,
|
local_path: str,
|
||||||
metadata: Dict = None,
|
metadata: typing.Dict = None,
|
||||||
) -> str:
|
) -> str:
|
||||||
"""
|
"""
|
||||||
Wrapper around `cas notarize`
|
Wrapper around `cas notarize`
|
||||||
@ -110,3 +116,59 @@ class CasWrapper:
|
|||||||
if return_json:
|
if return_json:
|
||||||
return json_result
|
return json_result
|
||||||
return not bool(json_result['status'])
|
return not bool(json_result['status'])
|
||||||
|
|
||||||
|
def authenticate_source(
|
||||||
|
self,
|
||||||
|
local_path: str,
|
||||||
|
) -> typing.Tuple[bool, typing.Optional[str]]:
|
||||||
|
is_authenticated = False
|
||||||
|
commit_cas_hash = None
|
||||||
|
with self as cas:
|
||||||
|
try:
|
||||||
|
result_json = cas.authenticate(local_path, return_json=True)
|
||||||
|
# it should return 0 for authenticated and trusted commits
|
||||||
|
is_authenticated = not bool(
|
||||||
|
result_json.get('status', 1))
|
||||||
|
commit_cas_hash = result_json.get('hash')
|
||||||
|
# we can fall with ProcessExecutionError,
|
||||||
|
# because source can be not notarized
|
||||||
|
except ProcessExecutionError:
|
||||||
|
self._logger.exception('Cannot authenticate %s:', local_path)
|
||||||
|
return is_authenticated, commit_cas_hash
|
||||||
|
|
||||||
|
def authenticate_artifact(
|
||||||
|
self,
|
||||||
|
local_path: str,
|
||||||
|
) -> bool:
|
||||||
|
is_authenticated = False
|
||||||
|
with self as cas:
|
||||||
|
try:
|
||||||
|
is_authenticated = cas.authenticate(local_path)
|
||||||
|
# we can fall with ProcessExecutionError,
|
||||||
|
# because source can be not notarized
|
||||||
|
except ProcessExecutionError:
|
||||||
|
self._logger.exception('Cannot authenticate %s:', local_path)
|
||||||
|
return is_authenticated
|
||||||
|
|
||||||
|
def notarize_artifacts(
|
||||||
|
self,
|
||||||
|
artifacts: typing.List[CasArtifact],
|
||||||
|
metadata: typing.Dict[str, typing.Any],
|
||||||
|
) -> bool:
|
||||||
|
all_artifacts_is_notarized = True
|
||||||
|
with self as cas, ThreadPoolExecutor(max_workers=4) as executor:
|
||||||
|
futures = {
|
||||||
|
executor.submit(cas.notarize, artifact.path, metadata): artifact
|
||||||
|
for artifact in artifacts
|
||||||
|
if not artifact.cas_hash
|
||||||
|
}
|
||||||
|
for future in as_completed(futures):
|
||||||
|
artifact = futures[future]
|
||||||
|
try:
|
||||||
|
cas_artifact_hash = future.result()
|
||||||
|
except Exception:
|
||||||
|
self._logger.exception('Cannot notarize artifact:')
|
||||||
|
all_artifacts_is_notarized = False
|
||||||
|
continue
|
||||||
|
artifact.cas_hash = cas_artifact_hash
|
||||||
|
return all_artifacts_is_notarized
|
||||||
|
Loading…
Reference in New Issue
Block a user