parent
e0e46895b6
commit
5a4382088b
|
|
@ -0,0 +1,66 @@
|
|||
import json
|
||||
|
||||
from plumbum import local, ProcessExecutionError
|
||||
|
||||
|
||||
class CasWrapper:
|
||||
"""
|
||||
The python wrapper around binary `cas`
|
||||
from Codenotary Community Attestation Service
|
||||
"""
|
||||
|
||||
binary_name = 'cas'
|
||||
|
||||
def __init__(
|
||||
self,
|
||||
cas_api_key: str,
|
||||
cas_signer_id: str,
|
||||
):
|
||||
if self.binary_name not in local:
|
||||
raise FileNotFoundError(
|
||||
'Binary CAS is not found in PATH on the machine',
|
||||
)
|
||||
self._cas_api_key = cas_api_key
|
||||
self._cas_signer_id = cas_signer_id
|
||||
with local.env(
|
||||
CAS_API_KEY=self._cas_api_key,
|
||||
SIGNER_ID=self._cas_signer_id
|
||||
):
|
||||
self._cas = local['cas']
|
||||
self._cas('login')
|
||||
|
||||
def notarize(self, local_git_repo_path: str) -> str:
|
||||
"""
|
||||
Wrapper around `cas notarize`
|
||||
:param local_git_repo_path: path to a local Git repo
|
||||
:return: hash of notarized commit
|
||||
:rtype: str
|
||||
"""
|
||||
command = self._cas[
|
||||
'notarize',
|
||||
f'git://{local_git_repo_path}',
|
||||
'-o',
|
||||
'json',
|
||||
]
|
||||
result_of_execution = command()
|
||||
return json.loads(result_of_execution)['hash']
|
||||
|
||||
def authenticate(self, local_git_repo_path: str) -> bool:
|
||||
"""
|
||||
Wrapper around `cas authenticate`
|
||||
:param local_git_repo_path: path to a local Git repo
|
||||
:return: true if a commit is trusted, vice versa - false
|
||||
:rtype: bool
|
||||
"""
|
||||
command = self._cas[
|
||||
'authenticate',
|
||||
f'git://{local_git_repo_path}',
|
||||
'-o',
|
||||
'json',
|
||||
]
|
||||
try:
|
||||
result_of_execution = command()
|
||||
except ProcessExecutionError:
|
||||
# in case if commit is untrusted
|
||||
result_of_execution = command(retcode=1)
|
||||
return not bool(json.loads(result_of_execution)['status'])
|
||||
Loading…
Reference in New Issue