almalinux
/
cas_wrapper
14
0
Fork 2
Code Issues Pull Requests Releases Activity

ALBS-444 #2

Merged
anfimovdm merged 9 commits from ALBS-444 into master 2022-07-01 14:25:17 +00:00
Conversation 0 Commits 9 Files Changed 3 +72 -9
2 changed files with 72 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files
Showing only changes of commit 0a94dc6f8f - Show all commits

80
cas_wrapper.py
View File

@ -1,7 +1,15 @@
from concurrent.futures import ThreadPoolExecutor, as_completed
import json
from typing import Dict
import logging
import typing
from plumbum import local, ProcessExecutionError
from pydantic import BaseModel
class CasArtifact(BaseModel):
path: str
cas_hash: typing.Optional[str]
class CasWrapper:
@ -16,6 +24,7 @@ class CasWrapper:
self,
cas_api_key: str,
cas_signer_id: str,
logger: logging.Logger = None,
):
if self.binary_name not in local:
raise FileNotFoundError(
@ -23,19 +32,16 @@ class CasWrapper:
)
self._cas_api_key = cas_api_key
self._cas_signer_id = cas_signer_id
with local.env(
CAS_API_KEY=self._cas_api_key,
SIGNER_ID=self._cas_signer_id
):
self._cas = local['cas']
self._cas['login']()
self._cas = local['cas']
self._logger = logger
if self._logger is None:
self._logger = logging.getLogger()
def __enter__(self):
with local.env(
CAS_API_KEY=self._cas_api_key,
SIGNER_ID=self._cas_signer_id,
):
self._cas = local['cas']
self._cas['login']()
return self
@ -45,7 +51,7 @@ class CasWrapper:
def notarize(
self,
local_path: str,
metadata: Dict = None,
metadata: typing.Dict = None,
) -> str:
"""
Wrapper around `cas notarize`
@ -110,3 +116,59 @@ class CasWrapper:
if return_json:
return json_result
return not bool(json_result['status'])
def authenticate_source(
self,
local_path: str,
) -> typing.Tuple[bool, typing.Optional[str]]:
is_authenticated = False
anfimovdm marked this conversation as resolved
soksanichenko commented 2022-06-30 10:13:18 +00:00
Review
Copy Link

You don't get hash because use_hash equals to Fasle by default

You don't get hash because use_hash equals to Fasle by default
anfimovdm commented 2022-06-30 12:27:28 +00:00
Review
Copy Link

I can get hash here, because when I use return_json flag, self.authenticate returns full JSON response

I can get hash here, because when I use `return_json` flag, `self.authenticate` returns full JSON response
commit_cas_hash = None
with self as cas:
try:
result_json = cas.authenticate(local_path, return_json=True)
# it should return 0 for authenticated and trusted commits
is_authenticated = not bool(
result_json.get('status', 1))
commit_cas_hash = result_json.get('hash')
# we can fall with ProcessExecutionError,
# because source can be not notarized
except ProcessExecutionError:
self._logger.exception('Cannot authenticate %s:', local_path)
return is_authenticated, commit_cas_hash
def authenticate_artifact(
self,
local_path: str,
) -> bool:
is_authenticated = False
with self as cas:
try:
is_authenticated = cas.authenticate(local_path)
# we can fall with ProcessExecutionError,
anfimovdm marked this conversation as resolved Outdated
AvoidMe commented 2022-06-29 16:06:27 +00:00
Outdated
Review
Copy Link

Instead of with self I would prefer self.ensure_login() or something, because you didn't use exit

Instead of `with self` I would prefer `self.ensure_login()` or something, because you didn't use __exit__
anfimovdm commented 2022-06-30 10:07:22 +00:00
Outdated
Review
Copy Link

Done

Done
# because source can be not notarized
anfimovdm marked this conversation as resolved Outdated
soksanichenko commented 2022-06-30 10:14:21 +00:00
Outdated
Review
Copy Link

I guess colon is not needed in the logging message or it's in wrong place of the message

I guess colon is not needed in the logging message or it's in wrong place of the message
except ProcessExecutionError:
self._logger.exception('Cannot authenticate %s:', local_path)
return is_authenticated
def notarize_artifacts(
self,
artifacts: typing.List[CasArtifact],
metadata: typing.Dict[str, typing.Any],
) -> bool:
all_artifacts_is_notarized = True
with self as cas, ThreadPoolExecutor(max_workers=4) as executor:
futures = {
executor.submit(cas.notarize, artifact.path, metadata): artifact
for artifact in artifacts
if not artifact.cas_hash
}
for future in as_completed(futures):
artifact = futures[future]
try:
cas_artifact_hash = future.result()
except Exception:
anfimovdm marked this conversation as resolved Outdated
soksanichenko commented 2022-06-30 10:15:24 +00:00
Outdated
Review
Copy Link

Add name of an artifact to the logging message

Add name of an artifact to the logging message
self._logger.exception('Cannot notarize artifact:')
all_artifacts_is_notarized = False
continue
artifact.cas_hash = cas_artifact_hash
return all_artifacts_is_notarized

1
setup.py
View File

@ -21,6 +21,7 @@ setup(
scripts=['cas_wrapper.py'],
install_requires=[
'plumbum>=1.7.2',
'pydantic>=1.8.1',
],
python_requires=">=3.6",
)