forked from almalinux/cas_wrapper
Compare commits
10 Commits
master
...
4ced19c78c
Author | SHA1 | Date | |
---|---|---|---|
4ced19c78c | |||
|
211d4521c0 | ||
|
de5d91217f | ||
|
7093f13a10 | ||
|
49c4c97645 | ||
|
d2f8cdda42 | ||
|
e5fd2bf3b1 | ||
d6eca7c2e3 | |||
|
9bb706e2d0 | ||
f93f95fca5 |
@ -1,4 +1,3 @@
|
|||||||
from concurrent.futures import ThreadPoolExecutor, as_completed
|
|
||||||
import json
|
import json
|
||||||
import logging
|
import logging
|
||||||
import typing
|
import typing
|
||||||
@ -14,16 +13,20 @@ class CasWrapper:
|
|||||||
|
|
||||||
binary_name = 'cas'
|
binary_name = 'cas'
|
||||||
|
|
||||||
|
@classmethod
|
||||||
|
def _is_binary_present(cls):
|
||||||
|
if cls.binary_name not in local:
|
||||||
|
raise FileNotFoundError(
|
||||||
|
'Binary CAS is not found in PATH on the machine',
|
||||||
|
)
|
||||||
|
|
||||||
def __init__(
|
def __init__(
|
||||||
self,
|
self,
|
||||||
cas_api_key: str,
|
cas_api_key: str,
|
||||||
cas_signer_id: str,
|
cas_signer_id: str,
|
||||||
logger: logging.Logger = None,
|
logger: logging.Logger = None,
|
||||||
):
|
):
|
||||||
if self.binary_name not in local:
|
self._is_binary_present()
|
||||||
raise FileNotFoundError(
|
|
||||||
'Binary CAS is not found in PATH on the machine',
|
|
||||||
)
|
|
||||||
self._cas_api_key = cas_api_key
|
self._cas_api_key = cas_api_key
|
||||||
self._cas_signer_id = cas_signer_id
|
self._cas_signer_id = cas_signer_id
|
||||||
self._cas = local['cas']
|
self._cas = local['cas']
|
||||||
@ -31,6 +34,13 @@ class CasWrapper:
|
|||||||
if self._logger is None:
|
if self._logger is None:
|
||||||
self._logger = logging.getLogger()
|
self._logger = logging.getLogger()
|
||||||
|
|
||||||
|
@classmethod
|
||||||
|
def get_version(cls):
|
||||||
|
cls._is_binary_present()
|
||||||
|
command = local['cas']['--version']
|
||||||
|
version = command().split()[-1].split('v')[1]
|
||||||
|
return version
|
||||||
|
|
||||||
def ensure_login(self):
|
def ensure_login(self):
|
||||||
with local.env(
|
with local.env(
|
||||||
CAS_API_KEY=self._cas_api_key,
|
CAS_API_KEY=self._cas_api_key,
|
||||||
@ -69,11 +79,36 @@ class CasWrapper:
|
|||||||
result_of_execution = command()
|
result_of_execution = command()
|
||||||
return json.loads(result_of_execution)['hash']
|
return json.loads(result_of_execution)['hash']
|
||||||
|
|
||||||
|
def notarize_no_exc(
|
||||||
|
self,
|
||||||
|
local_path: str,
|
||||||
|
metadata: typing.Dict = None,
|
||||||
|
) -> typing.Tuple[bool, str]:
|
||||||
|
"""
|
||||||
|
Wrapper for avoiding raising exceptions during notarization.
|
||||||
|
Return `success` flag instead for library user to react respectively.
|
||||||
|
:param local_path: path to a local Git repo
|
||||||
|
:param metadata: additional metadata
|
||||||
|
:return: boolean flag for operation success and the hash
|
||||||
|
of the notarized artifact.
|
||||||
|
:rtype: tuple
|
||||||
|
"""
|
||||||
|
success = False
|
||||||
|
try:
|
||||||
|
cas_hash = self.notarize(local_path, metadata=metadata)
|
||||||
|
success = True
|
||||||
|
except Exception:
|
||||||
|
self._logger.exception('Cannot notarize artifact: %s',
|
||||||
|
local_path)
|
||||||
|
cas_hash = ''
|
||||||
|
return success, cas_hash
|
||||||
|
|
||||||
def authenticate(
|
def authenticate(
|
||||||
self,
|
self,
|
||||||
local_path: str,
|
local_path: str,
|
||||||
return_json: bool = False,
|
return_json: bool = False,
|
||||||
use_hash: bool = False,
|
use_hash: bool = False,
|
||||||
|
signer_id: str = None,
|
||||||
):
|
):
|
||||||
"""
|
"""
|
||||||
Wrapper around `cas authenticate`
|
Wrapper around `cas authenticate`
|
||||||
@ -89,6 +124,8 @@ class CasWrapper:
|
|||||||
command_args = ['authenticate', local_path]
|
command_args = ['authenticate', local_path]
|
||||||
if use_hash:
|
if use_hash:
|
||||||
command_args = ['authenticate', '--hash', local_path]
|
command_args = ['authenticate', '--hash', local_path]
|
||||||
|
if signer_id:
|
||||||
|
command_args.extend(('--signerID', signer_id))
|
||||||
command_args.extend(('-o', 'json'))
|
command_args.extend(('-o', 'json'))
|
||||||
command = self._cas[command_args]
|
command = self._cas[command_args]
|
||||||
try:
|
try:
|
||||||
@ -112,6 +149,7 @@ class CasWrapper:
|
|||||||
def authenticate_source(
|
def authenticate_source(
|
||||||
self,
|
self,
|
||||||
local_path: str,
|
local_path: str,
|
||||||
|
signer_id: str = None,
|
||||||
) -> typing.Tuple[bool, typing.Optional[str]]:
|
) -> typing.Tuple[bool, typing.Optional[str]]:
|
||||||
"""
|
"""
|
||||||
Authenticates source by git path.
|
Authenticates source by git path.
|
||||||
@ -121,7 +159,11 @@ class CasWrapper:
|
|||||||
commit_cas_hash = None
|
commit_cas_hash = None
|
||||||
self.ensure_login()
|
self.ensure_login()
|
||||||
try:
|
try:
|
||||||
result_json = self.authenticate(local_path, return_json=True)
|
result_json = self.authenticate(
|
||||||
|
local_path,
|
||||||
|
return_json=True,
|
||||||
|
signer_id=signer_id
|
||||||
|
)
|
||||||
is_authenticated = result_json['verified']
|
is_authenticated = result_json['verified']
|
||||||
commit_cas_hash = result_json['hash']
|
commit_cas_hash = result_json['hash']
|
||||||
# we can fall with ProcessExecutionError,
|
# we can fall with ProcessExecutionError,
|
||||||
@ -134,6 +176,7 @@ class CasWrapper:
|
|||||||
self,
|
self,
|
||||||
local_path: str,
|
local_path: str,
|
||||||
use_hash: bool = False,
|
use_hash: bool = False,
|
||||||
|
signer_id: str = None,
|
||||||
) -> bool:
|
) -> bool:
|
||||||
"""
|
"""
|
||||||
Authenticates artifact by artifact path or hash if `use_hash` is True.
|
Authenticates artifact by artifact path or hash if `use_hash` is True.
|
||||||
@ -146,6 +189,7 @@ class CasWrapper:
|
|||||||
local_path,
|
local_path,
|
||||||
use_hash=use_hash,
|
use_hash=use_hash,
|
||||||
return_json=True,
|
return_json=True,
|
||||||
|
signer_id=signer_id
|
||||||
)['verified']
|
)['verified']
|
||||||
# we can fall with ProcessExecutionError,
|
# we can fall with ProcessExecutionError,
|
||||||
# because artifact can be not notarized
|
# because artifact can be not notarized
|
||||||
@ -166,19 +210,19 @@ class CasWrapper:
|
|||||||
all_artifacts_is_notarized = True
|
all_artifacts_is_notarized = True
|
||||||
notarized_artifacts = {}
|
notarized_artifacts = {}
|
||||||
self.ensure_login()
|
self.ensure_login()
|
||||||
with ThreadPoolExecutor(max_workers=4) as executor:
|
|
||||||
futures = {
|
# ALBS-576: We stopped doing this process in parallel due to the
|
||||||
executor.submit(self.notarize, artifact_path, metadata): artifact_path
|
# problems experienced and described in this CAS issue:
|
||||||
for artifact_path in artifact_paths
|
# https://github.com/codenotary/cas/issues/275
|
||||||
}
|
# Hence, we decided to go sequential here until the problem is
|
||||||
for future in as_completed(futures):
|
# resolved in CAS itself.
|
||||||
artifact_path = futures[future]
|
for artifact_path in artifact_paths:
|
||||||
try:
|
try:
|
||||||
cas_artifact_hash = future.result()
|
cas_artifact_hash = self.notarize(artifact_path, metadata)
|
||||||
except Exception:
|
except Exception:
|
||||||
self._logger.exception('Cannot notarize artifact: %s',
|
self._logger.exception('Cannot notarize artifact: %s',
|
||||||
artifact_path)
|
artifact_path)
|
||||||
all_artifacts_is_notarized = False
|
all_artifacts_is_notarized = False
|
||||||
continue
|
continue
|
||||||
notarized_artifacts[artifact_path] = cas_artifact_hash
|
notarized_artifacts[artifact_path] = cas_artifact_hash
|
||||||
return all_artifacts_is_notarized, notarized_artifacts
|
return all_artifacts_is_notarized, notarized_artifacts
|
||||||
|
2
setup.py
2
setup.py
@ -2,7 +2,7 @@ from setuptools import setup
|
|||||||
|
|
||||||
setup(
|
setup(
|
||||||
name="cas_wrapper",
|
name="cas_wrapper",
|
||||||
version="0.0.2",
|
version="0.0.5",
|
||||||
author="Stepan Oksanichenko",
|
author="Stepan Oksanichenko",
|
||||||
author_email="soksanichenko@almalinux.org",
|
author_email="soksanichenko@almalinux.org",
|
||||||
description="The python wrapper around binary cas from "
|
description="The python wrapper around binary cas from "
|
||||||
|
Loading…
Reference in New Issue
Block a user