-
Notifications
You must be signed in to change notification settings - Fork 5
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
add root command to list unverified upstream sources
This new root command is part of the `stest` and is designed to list all upstream sources with the `skip-check` flag set to `true`. - If `-p <package>` is specified, it lists unverified sources for the specified package. - Otherwise, it lists all unverified upstream sources in the repository. The output is written to: `/dest/code.arista.io/eos/eext/{rep}/{package}.unverifiedSources.json`. This file will be included in the Barney snapshot build, enabling better tracking of unverified sources.
- Loading branch information
1 parent
2f083e0
commit 2b2c92b
Showing
4 changed files
with
194 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,40 @@ | ||
// Copyright (c) 2022 Arista Networks, Inc. All rights reserved. | ||
// Arista Networks, Inc. Confidential and Proprietary. | ||
|
||
package cmd | ||
|
||
import ( | ||
"fmt" | ||
|
||
"code.arista.io/eos/tools/eext/impl" | ||
"github.com/spf13/cobra" | ||
) | ||
|
||
// listUnverifiedSourcesCmd represents the list-unverified-sources command | ||
var listUnverifiedSourcesCmd = &cobra.Command{ | ||
Use: "list-unverified-sources", | ||
Short: "list unverified upstream sources", | ||
Long: `Checks for the upstream sources within package which don't | ||
have a valid signature check return prints the upstreamSrc | ||
to stdout.`, | ||
Args: cobra.ExactArgs(0), | ||
PreRunE: func(cmd *cobra.Command, args []string) error { | ||
pkg, _ := cmd.Flags().GetString("package") | ||
if pkg == "" { | ||
return fmt.Errorf("package not specified. Use : eext list-unverified-sources -p <package>") | ||
} | ||
return nil | ||
}, | ||
RunE: func(cmd *cobra.Command, args []string) error { | ||
repo, _ := cmd.Flags().GetString("repo") | ||
pkg, _ := cmd.Flags().GetString("package") | ||
err := impl.ListUnverifiedSources(repo, pkg) | ||
return err | ||
}, | ||
} | ||
|
||
func init() { | ||
listUnverifiedSourcesCmd.Flags().StringP("repo", "r", "", "Repository name (OPTIONAL)") | ||
listUnverifiedSourcesCmd.Flags().StringP("package", "p", "", "specify package name (REQUIRED)") | ||
rootCmd.AddCommand(listUnverifiedSourcesCmd) | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,57 @@ | ||
// Copyright (c) 2022 Arista Networks, Inc. All rights reserved. | ||
// Arista Networks, Inc. Confidential and Proprietary. | ||
|
||
package impl | ||
|
||
import ( | ||
"fmt" | ||
|
||
"code.arista.io/eos/tools/eext/manifest" | ||
"gopkg.in/yaml.v3" | ||
) | ||
|
||
// fetch upstream sources from manifest | ||
func fetchUpstreamSrcsWithSkipCheck(upstreamSrcManifest []manifest.UpstreamSrc) []manifest.UpstreamSrc { | ||
upstreamSrcs := []manifest.UpstreamSrc{} | ||
|
||
for _, upstreamSrcFromManifest := range upstreamSrcManifest { | ||
if upstreamSrcFromManifest.Signature.SkipCheck { | ||
upstreamSrcs = append(upstreamSrcs, upstreamSrcFromManifest) | ||
} | ||
} | ||
|
||
return upstreamSrcs | ||
} | ||
|
||
// ListUnverifiedSources lists all the upstream sources within a package | ||
// which do not have valid signature check. | ||
func ListUnverifiedSources(repo string, pkg string) error { | ||
repoManifest, loadManifestErr := manifest.LoadManifest(repo) | ||
if loadManifestErr != nil { | ||
return loadManifestErr | ||
} | ||
|
||
upstreamSources := []manifest.UpstreamSrc{} | ||
pkgFound := false | ||
for _, pkgSpec := range repoManifest.Package { | ||
pkgName := pkgSpec.Name | ||
if pkgName != pkg { | ||
continue | ||
} | ||
pkgFound = true | ||
upstreamSources = append(upstreamSources, fetchUpstreamSrcsWithSkipCheck(pkgSpec.UpstreamSrc)...) | ||
} | ||
|
||
if !pkgFound { | ||
return fmt.Errorf("listUnverifiedSources - '%s' package is not part of this repo", pkg) | ||
} | ||
|
||
if len(upstreamSources) != 0 { | ||
yamlUpstreamSources, err := yaml.Marshal(upstreamSources) | ||
if err != nil { | ||
return fmt.Errorf("listUnverifiedSources - errored with %s", err) | ||
} | ||
fmt.Println(string(yamlUpstreamSources)) | ||
} | ||
return nil | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,72 @@ | ||
// Copyright (c) 2023 Arista Networks, Inc. All rights reserved. | ||
// Arista Networks, Inc. Confidential and Proprietary. | ||
|
||
//go:build containerized | ||
|
||
package impl | ||
|
||
import ( | ||
"bytes" | ||
"os" | ||
"path/filepath" | ||
"testing" | ||
|
||
"github.com/stretchr/testify/require" | ||
) | ||
|
||
func TestListUnverifiedSources(t *testing.T) { | ||
cwd, _ := os.Getwd() | ||
repo := filepath.Join(cwd, "testData/unverified-src") | ||
|
||
testpkgs := map[string]string{ | ||
"foo1": "", | ||
"foo2": `- source-bundle: | ||
name: srpm | ||
override: | ||
version: 1.7.7-1.fc40 | ||
src-suffix: "" | ||
sig-suffix: "" | ||
full-url: "" | ||
git: | ||
url: "" | ||
revision: "" | ||
signature: | ||
skip-check: true | ||
detached-sig: | ||
full-url: "" | ||
public-key: "" | ||
on-uncompressed: false | ||
`, | ||
} | ||
|
||
var r, w, rescueStdout *(os.File) | ||
var buffer bytes.Buffer | ||
|
||
for pkg, outputExpected := range testpkgs { | ||
rescueStdout = os.Stdout | ||
r, w, _ = os.Pipe() | ||
os.Stdout = w | ||
|
||
ListUnverifiedSources(repo, pkg) | ||
|
||
w.Close() | ||
buffer.ReadFrom(r) | ||
outputGot := buffer.String() | ||
os.Stdout = rescueStdout | ||
|
||
require.Equal(t, outputExpected, outputGot) | ||
} | ||
|
||
t.Log("TestListUnverifiedSources test Passed") | ||
} | ||
|
||
func TestListUnverifiedSourcesFail(t *testing.T) { | ||
cwd, _ := os.Getwd() | ||
repo := filepath.Join(cwd, "testData/unverified-src") | ||
|
||
err := ListUnverifiedSources(repo, "foo3") | ||
require.NotEqual(t, nil, err) | ||
|
||
t.Log("TestListUnverifiedSourcesFail test Passed") | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,25 @@ | ||
--- | ||
package: | ||
- name: foo1 | ||
upstream-sources: | ||
- source-bundle: | ||
name: srpm | ||
override: | ||
version: 1.7.7-1.fc40 | ||
type: srpm | ||
build: | ||
repo-bundle: | ||
- name: el9 | ||
|
||
- name: foo2 | ||
upstream-sources: | ||
- source-bundle: | ||
name: srpm | ||
override: | ||
version: 1.7.7-1.fc40 | ||
signature: | ||
skip-check: true | ||
type: srpm | ||
build: | ||
repo-bundle: | ||
- name: el9 |