Compare commits

...

10 Commits

2 changed files with 66 additions and 22 deletions

View File

@ -1,4 +1,3 @@
from concurrent.futures import ThreadPoolExecutor, as_completed
import json import json
import logging import logging
import typing import typing
@ -14,16 +13,20 @@ class CasWrapper:
binary_name = 'cas' binary_name = 'cas'
@classmethod
def _is_binary_present(cls):
if cls.binary_name not in local:
raise FileNotFoundError(
'Binary CAS is not found in PATH on the machine',
)
def __init__( def __init__(
self, self,
cas_api_key: str, cas_api_key: str,
cas_signer_id: str, cas_signer_id: str,
logger: logging.Logger = None, logger: logging.Logger = None,
): ):
if self.binary_name not in local: self._is_binary_present()
raise FileNotFoundError(
'Binary CAS is not found in PATH on the machine',
)
self._cas_api_key = cas_api_key self._cas_api_key = cas_api_key
self._cas_signer_id = cas_signer_id self._cas_signer_id = cas_signer_id
self._cas = local['cas'] self._cas = local['cas']
@ -31,6 +34,13 @@ class CasWrapper:
if self._logger is None: if self._logger is None:
self._logger = logging.getLogger() self._logger = logging.getLogger()
@classmethod
def get_version(cls):
cls._is_binary_present()
command = local['cas']['--version']
version = command().split()[-1].split('v')[1]
return version
def ensure_login(self): def ensure_login(self):
with local.env( with local.env(
CAS_API_KEY=self._cas_api_key, CAS_API_KEY=self._cas_api_key,
@ -69,11 +79,36 @@ class CasWrapper:
result_of_execution = command() result_of_execution = command()
return json.loads(result_of_execution)['hash'] return json.loads(result_of_execution)['hash']
def notarize_no_exc(
self,
local_path: str,
metadata: typing.Dict = None,
) -> typing.Tuple[bool, str]:
"""
Wrapper for avoiding raising exceptions during notarization.
Return `success` flag instead for library user to react respectively.
:param local_path: path to a local Git repo
:param metadata: additional metadata
:return: boolean flag for operation success and the hash
of the notarized artifact.
:rtype: tuple
"""
success = False
try:
cas_hash = self.notarize(local_path, metadata=metadata)
success = True
except Exception:
self._logger.exception('Cannot notarize artifact: %s',
local_path)
cas_hash = ''
return success, cas_hash
def authenticate( def authenticate(
self, self,
local_path: str, local_path: str,
return_json: bool = False, return_json: bool = False,
use_hash: bool = False, use_hash: bool = False,
signer_id: str = None,
): ):
""" """
Wrapper around `cas authenticate` Wrapper around `cas authenticate`
@ -89,6 +124,8 @@ class CasWrapper:
command_args = ['authenticate', local_path] command_args = ['authenticate', local_path]
if use_hash: if use_hash:
command_args = ['authenticate', '--hash', local_path] command_args = ['authenticate', '--hash', local_path]
if signer_id:
command_args.extend(('--signerID', signer_id))
command_args.extend(('-o', 'json')) command_args.extend(('-o', 'json'))
command = self._cas[command_args] command = self._cas[command_args]
try: try:
@ -112,6 +149,7 @@ class CasWrapper:
def authenticate_source( def authenticate_source(
self, self,
local_path: str, local_path: str,
signer_id: str = None,
) -> typing.Tuple[bool, typing.Optional[str]]: ) -> typing.Tuple[bool, typing.Optional[str]]:
""" """
Authenticates source by git path. Authenticates source by git path.
@ -121,7 +159,11 @@ class CasWrapper:
commit_cas_hash = None commit_cas_hash = None
self.ensure_login() self.ensure_login()
try: try:
result_json = self.authenticate(local_path, return_json=True) result_json = self.authenticate(
local_path,
return_json=True,
signer_id=signer_id
)
is_authenticated = result_json['verified'] is_authenticated = result_json['verified']
commit_cas_hash = result_json['hash'] commit_cas_hash = result_json['hash']
# we can fall with ProcessExecutionError, # we can fall with ProcessExecutionError,
@ -134,6 +176,7 @@ class CasWrapper:
self, self,
local_path: str, local_path: str,
use_hash: bool = False, use_hash: bool = False,
signer_id: str = None,
) -> bool: ) -> bool:
""" """
Authenticates artifact by artifact path or hash if `use_hash` is True. Authenticates artifact by artifact path or hash if `use_hash` is True.
@ -146,6 +189,7 @@ class CasWrapper:
local_path, local_path,
use_hash=use_hash, use_hash=use_hash,
return_json=True, return_json=True,
signer_id=signer_id
)['verified'] )['verified']
# we can fall with ProcessExecutionError, # we can fall with ProcessExecutionError,
# because artifact can be not notarized # because artifact can be not notarized
@ -166,19 +210,19 @@ class CasWrapper:
all_artifacts_is_notarized = True all_artifacts_is_notarized = True
notarized_artifacts = {} notarized_artifacts = {}
self.ensure_login() self.ensure_login()
with ThreadPoolExecutor(max_workers=4) as executor:
futures = { # ALBS-576: We stopped doing this process in parallel due to the
executor.submit(self.notarize, artifact_path, metadata): artifact_path # problems experienced and described in this CAS issue:
for artifact_path in artifact_paths # https://github.com/codenotary/cas/issues/275
} # Hence, we decided to go sequential here until the problem is
for future in as_completed(futures): # resolved in CAS itself.
artifact_path = futures[future] for artifact_path in artifact_paths:
try: try:
cas_artifact_hash = future.result() cas_artifact_hash = self.notarize(artifact_path, metadata)
except Exception: except Exception:
self._logger.exception('Cannot notarize artifact: %s', self._logger.exception('Cannot notarize artifact: %s',
artifact_path) artifact_path)
all_artifacts_is_notarized = False all_artifacts_is_notarized = False
continue continue
notarized_artifacts[artifact_path] = cas_artifact_hash notarized_artifacts[artifact_path] = cas_artifact_hash
return all_artifacts_is_notarized, notarized_artifacts return all_artifacts_is_notarized, notarized_artifacts

View File

@ -2,7 +2,7 @@ from setuptools import setup
setup( setup(
name="cas_wrapper", name="cas_wrapper",
version="0.0.2", version="0.0.5",
author="Stepan Oksanichenko", author="Stepan Oksanichenko",
author_email="soksanichenko@almalinux.org", author_email="soksanichenko@almalinux.org",
description="The python wrapper around binary cas from " description="The python wrapper around binary cas from "