Source code for daklib.archive

# Copyright (C) 2012, Ansgar Burchardt <ansgar@debian.org>
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License along
# with this program; if not, write to the Free Software Foundation, Inc.,
# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.

"""module to manipulate the archive

This module provides classes to manipulate the archive.
"""

from daklib.dbconn import *
import daklib.checks as checks
from daklib.config import Config
from daklib.externalsignature import check_upload_for_external_signature_request
import daklib.upload
import daklib.utils
from daklib.fstransactions import FilesystemTransaction
from daklib.regexes import re_changelog_versions, re_bin_only_nmu

import os
import shutil
from collections.abc import Callable, Iterable
from sqlalchemy.orm.exc import NoResultFound
from sqlalchemy.orm import object_session
from typing import Optional, TYPE_CHECKING, Union
import sqlalchemy.exc
import subprocess
import traceback

if TYPE_CHECKING:
    import daklib.packagelist


[docs]class ArchiveException(Exception): pass
[docs]class HashMismatchException(ArchiveException): pass
[docs]class ArchiveTransaction: """manipulate the archive in a transaction """ def __init__(self): self.fs = FilesystemTransaction() self.session = DBConn().session()
[docs] def get_file(self, hashed_file: daklib.upload.HashedFile, source_name: str, check_hashes: bool = True) -> PoolFile: """Look for file `hashed_file` in database :param hashed_file: file to look for in the database :param source_name: source package name :param check_hashes: check size and hashes match :return: database entry for the file :raises KeyError: file was not found in the database :raises HashMismatchException: hash mismatch """ poolname = os.path.join(daklib.utils.poolify(source_name), hashed_file.filename) try: poolfile = self.session.query(PoolFile).filter_by(filename=poolname).one() if check_hashes and (poolfile.filesize != hashed_file.size or poolfile.md5sum != hashed_file.md5sum or poolfile.sha1sum != hashed_file.sha1sum or poolfile.sha256sum != hashed_file.sha256sum): raise HashMismatchException('{0}: Does not match file already existing in the pool.'.format(hashed_file.filename)) return poolfile except NoResultFound: raise KeyError('{0} not found in database.'.format(poolname))
[docs] def _install_file(self, directory, hashed_file, archive, component, source_name) -> PoolFile: """Install a file Will not give an error when the file is already present. :return: database object for the new file """ session = self.session poolname = os.path.join(daklib.utils.poolify(source_name), hashed_file.filename) try: poolfile = self.get_file(hashed_file, source_name) except KeyError: poolfile = PoolFile(filename=poolname, filesize=hashed_file.size) poolfile.md5sum = hashed_file.md5sum poolfile.sha1sum = hashed_file.sha1sum poolfile.sha256sum = hashed_file.sha256sum session.add(poolfile) session.flush() try: session.query(ArchiveFile).filter_by(archive=archive, component=component, file=poolfile).one() except NoResultFound: archive_file = ArchiveFile(archive, component, poolfile) session.add(archive_file) session.flush() path = os.path.join(archive.path, 'pool', component.component_name, poolname) hashed_file_path = os.path.join(directory, hashed_file.input_filename) self.fs.copy(hashed_file_path, path, link=False, mode=archive.mode) return poolfile
[docs] def install_binary(self, directory: str, binary: daklib.upload.Binary, suite: Suite, component: Component, allow_tainted: bool = False, fingerprint: Optional[Fingerprint] = None, source_suites=None, extra_source_archives: Optional[Iterable[Archive]] = None) -> DBBinary: """Install a binary package :param directory: directory the binary package is located in :param binary: binary package to install :param suite: target suite :param component: target component :param allow_tainted: allow to copy additional files from tainted archives :param fingerprint: optional fingerprint :param source_suites: suites to copy the source from if they are not in `suite` or :const:`True` to allow copying from any suite. Can be a SQLAlchemy subquery for :class:`Suite` or :const:`True`. :param extra_source_archives: extra archives to copy Built-Using sources from :return: database object for the new package """ session = self.session control = binary.control maintainer = get_or_set_maintainer(control['Maintainer'], session) architecture = get_architecture(control['Architecture'], session) (source_name, source_version) = binary.source source_query = session.query(DBSource).filter_by(source=source_name, version=source_version) source = source_query.filter(DBSource.suites.contains(suite)).first() if source is None: if source_suites is not True: source_query = source_query.join(DBSource.suites) \ .filter(Suite.suite_id == source_suites.c.id) source = source_query.first() if source is None: raise ArchiveException('{0}: trying to install to {1}, but could not find source ({2} {3})'. format(binary.hashed_file.filename, suite.suite_name, source_name, source_version)) self.copy_source(source, suite, source.poolfile.component) db_file = self._install_file(directory, binary.hashed_file, suite.archive, component, source_name) unique = dict( package=control['Package'], version=control['Version'], architecture=architecture, ) rest = dict( source=source, maintainer=maintainer, poolfile=db_file, binarytype=binary.type, ) # Other attributes that are ignored for purposes of equality with # an existing source rest2 = dict( fingerprint=fingerprint, ) try: db_binary = session.query(DBBinary).filter_by(**unique).one() for key, value in rest.items(): if getattr(db_binary, key) != value: raise ArchiveException('{0}: Does not match binary in database.'.format(binary.hashed_file.filename)) except NoResultFound: db_binary = DBBinary(**unique) for key, value in rest.items(): setattr(db_binary, key, value) for key, value in rest2.items(): setattr(db_binary, key, value) session.add(db_binary) session.flush() import_metadata_into_db(db_binary, session) self._add_built_using(db_binary, binary.hashed_file.filename, control, suite, extra_archives=extra_source_archives) if suite not in db_binary.suites: db_binary.suites.append(suite) session.flush() return db_binary
[docs] def _ensure_extra_source_exists(self, filename: str, source: DBSource, archive: Archive, extra_archives: Optional[Iterable[Archive]] = None): """ensure source exists in the given archive This is intended to be used to check that Built-Using sources exist. :param filename: filename to use in error messages :param source: source to look for :param archive: archive to look in :param extra_archives: list of archives to copy the source package from if it is not yet present in `archive` """ session = self.session db_file = session.query(ArchiveFile).filter_by(file=source.poolfile, archive=archive).first() if db_file is not None: return True # Try to copy file from one extra archive if extra_archives is None: extra_archives = [] db_file = session.query(ArchiveFile).filter_by(file=source.poolfile).filter(ArchiveFile.archive_id.in_([a.archive_id for a in extra_archives])).first() if db_file is None: raise ArchiveException('{0}: Built-Using refers to package {1} (= {2}) not in target archive {3}.'.format(filename, source.source, source.version, archive.archive_name)) source_archive = db_file.archive for dsc_file in source.srcfiles: af = session.query(ArchiveFile).filter_by(file=dsc_file.poolfile, archive=source_archive, component=db_file.component).one() # We were given an explicit list of archives so it is okay to copy from tainted archives. self._copy_file(af.file, archive, db_file.component, allow_tainted=True)
[docs] def _add_built_using(self, db_binary, filename, control, suite, extra_archives=None) -> None: """Add Built-Using sources to ``db_binary.extra_sources`` """ session = self.session for bu_source_name, bu_source_version in daklib.utils.parse_built_using(control): bu_source = session.query(DBSource).filter_by(source=bu_source_name, version=bu_source_version).first() if bu_source is None: raise ArchiveException('{0}: Built-Using refers to non-existing source package {1} (= {2})'.format(filename, bu_source_name, bu_source_version)) self._ensure_extra_source_exists(filename, bu_source, suite.archive, extra_archives=extra_archives) db_binary.extra_sources.append(bu_source)
[docs] def install_source_to_archive(self, directory, source, archive, component, changed_by, allow_tainted=False, fingerprint=None) -> DBSource: """Install source package to archive""" session = self.session control = source.dsc maintainer = get_or_set_maintainer(control['Maintainer'], session) source_name = control['Source'] ### Add source package to database # We need to install the .dsc first as the DBSource object refers to it. db_file_dsc = self._install_file(directory, source._dsc_file, archive, component, source_name) unique = dict( source=source_name, version=control['Version'], ) rest = dict( maintainer=maintainer, poolfile=db_file_dsc, dm_upload_allowed=(control.get('DM-Upload-Allowed', 'no') == 'yes'), ) # Other attributes that are ignored for purposes of equality with # an existing source rest2 = dict( changedby=changed_by, fingerprint=fingerprint, ) created = False try: db_source = session.query(DBSource).filter_by(**unique).one() for key, value in rest.items(): if getattr(db_source, key) != value: raise ArchiveException('{0}: Does not match source in database.'.format(source._dsc_file.filename)) except NoResultFound: created = True db_source = DBSource(**unique) for key, value in rest.items(): setattr(db_source, key, value) for key, value in rest2.items(): setattr(db_source, key, value) session.add(db_source) session.flush() # Add .dsc file. Other files will be added later. db_dsc_file = DSCFile() db_dsc_file.source = db_source db_dsc_file.poolfile = db_file_dsc session.add(db_dsc_file) session.flush() if not created: for f in db_source.srcfiles: self._copy_file(f.poolfile, archive, component, allow_tainted=allow_tainted) return db_source ### Now add remaining files and copy them to the archive. for hashed_file in source.files.values(): hashed_file_path = os.path.join(directory, hashed_file.input_filename) if os.path.exists(hashed_file_path): db_file = self._install_file(directory, hashed_file, archive, component, source_name) session.add(db_file) else: db_file = self.get_file(hashed_file, source_name) self._copy_file(db_file, archive, component, allow_tainted=allow_tainted) db_dsc_file = DSCFile() db_dsc_file.source = db_source db_dsc_file.poolfile = db_file session.add(db_dsc_file) session.flush() # Importing is safe as we only arrive here when we did not find the source already installed earlier. import_metadata_into_db(db_source, session) # Uploaders are the maintainer and co-maintainers from the Uploaders field db_source.uploaders.append(maintainer) if 'Uploaders' in control: from daklib.textutils import split_uploaders for u in split_uploaders(control['Uploaders']): db_source.uploaders.append(get_or_set_maintainer(u, session)) session.flush() return db_source
[docs] def install_source(self, directory: str, source: daklib.upload.Source, suite: Suite, component: Component, changed_by: Maintainer, allow_tainted: bool = False, fingerprint: Optional[Fingerprint] = None) -> DBSource: """Install a source package :param directory: directory the source package is located in :param source: source package to install :param suite: target suite :param component: target component :param changed_by: person who prepared this version of the package :param allow_tainted: allow to copy additional files from tainted archives :param fingerprint: optional fingerprint :return: database object for the new source """ db_source = self.install_source_to_archive(directory, source, suite.archive, component, changed_by, allow_tainted, fingerprint) if suite in db_source.suites: return db_source db_source.suites.append(suite) self.session.flush() return db_source
[docs] def _copy_file(self, db_file: PoolFile, archive: Archive, component: Component, allow_tainted: bool = False) -> None: """Copy a file to the given archive and component :param db_file: file to copy :param archive: target archive :param component: target component :param allow_tainted: allow to copy from tainted archives (such as NEW) """ session = self.session if session.query(ArchiveFile).filter_by(archive=archive, component=component, file=db_file).first() is None: query = session.query(ArchiveFile).filter_by(file=db_file) if not allow_tainted: query = query.join(Archive).filter(Archive.tainted == False) # noqa:E712 source_af = query.first() if source_af is None: raise ArchiveException('cp: Could not find {0} in any archive.'.format(db_file.filename)) target_af = ArchiveFile(archive, component, db_file) session.add(target_af) session.flush() self.fs.copy(source_af.path, target_af.path, link=False, mode=archive.mode)
[docs] def copy_binary(self, db_binary: DBBinary, suite: Suite, component: Component, allow_tainted: bool = False, extra_archives: Optional[Iterable[Archive]] = None) -> None: """Copy a binary package to the given suite and component :param db_binary: binary to copy :param suite: target suite :param component: target component :param allow_tainted: allow to copy from tainted archives (such as NEW) :param extra_archives: extra archives to copy Built-Using sources from """ session = self.session archive = suite.archive if archive.tainted: allow_tainted = True filename = db_binary.poolfile.filename # make sure source is present in target archive db_source = db_binary.source if session.query(ArchiveFile).filter_by(archive=archive, file=db_source.poolfile).first() is None: raise ArchiveException('{0}: cannot copy to {1}: source is not present in target archive'.format(filename, suite.suite_name)) # make sure built-using packages are present in target archive for db_source in db_binary.extra_sources: self._ensure_extra_source_exists(filename, db_source, archive, extra_archives=extra_archives) # copy binary db_file = db_binary.poolfile self._copy_file(db_file, suite.archive, component, allow_tainted=allow_tainted) if suite not in db_binary.suites: db_binary.suites.append(suite) self.session.flush()
[docs] def copy_source(self, db_source: DBSource, suite: Suite, component: Component, allow_tainted: bool = False) -> None: """Copy a source package to the given suite and component :param db_source: source to copy :param suite: target suite :param component: target component :param allow_tainted: allow to copy from tainted archives (such as NEW) """ archive = suite.archive if archive.tainted: allow_tainted = True for db_dsc_file in db_source.srcfiles: self._copy_file(db_dsc_file.poolfile, archive, component, allow_tainted=allow_tainted) if suite not in db_source.suites: db_source.suites.append(suite) self.session.flush()
[docs] def remove_file(self, db_file: PoolFile, archive: Archive, component: Component) -> None: """Remove a file from a given archive and component :param db_file: file to remove :param archive: archive to remove the file from :param component: component to remove the file from """ af = self.session.query(ArchiveFile).filter_by(file=db_file, archive=archive, component=component) self.fs.unlink(af.path) self.session.delete(af)
[docs] def remove_binary(self, binary: DBBinary, suite: Suite) -> None: """Remove a binary from a given suite and component :param binary: binary to remove :param suite: suite to remove the package from """ binary.suites.remove(suite) self.session.flush()
[docs] def remove_source(self, source: DBSource, suite: Suite) -> None: """Remove a source from a given suite and component :param source: source to remove :param suite: suite to remove the package from :raises ArchiveException: source package is still referenced by other binaries in the suite """ session = self.session query = session.query(DBBinary).filter_by(source=source) \ .filter(DBBinary.suites.contains(suite)) if query.first() is not None: raise ArchiveException('src:{0} is still used by binaries in suite {1}'.format(source.source, suite.suite_name)) source.suites.remove(suite) session.flush()
[docs] def commit(self) -> None: """commit changes""" try: self.session.commit() self.fs.commit() finally: self.session.rollback() self.fs.rollback()
[docs] def rollback(self) -> None: """rollback changes""" self.session.rollback() self.fs.rollback()
[docs] def flush(self) -> None: """flush underlying database session""" self.session.flush()
def __enter__(self): return self def __exit__(self, type, value, traceback): if type is None: self.commit() else: self.rollback() return None
[docs]def source_component_from_package_list(package_list: 'daklib.packagelist.PackageList', suite: Suite) -> Optional[Component]: """Get component for a source package This function will look at the Package-List field to determine the component the source package belongs to. This is the first component the source package provides binaries for (first with respect to the ordering of components). It the source package has no Package-List field, None is returned. :param package_list: package list of the source to get the override for :param suite: suite to consider for binaries produced :return: component for the given source or :const:`None` """ if package_list.fallback: return None session = object_session(suite) packages = package_list.packages_for_suite(suite) components = set(p.component for p in packages) query = session.query(Component).order_by(Component.ordering) \ .filter(Component.component_name.in_(components)) return query.first()
[docs]class ArchiveUpload: """handle an upload This class can be used in a with-statement:: with ArchiveUpload(...) as upload: ... Doing so will automatically run any required cleanup and also rollback the transaction if it was not committed. """ def __init__(self, directory: str, changes, keyrings): self.transaction: ArchiveTransaction = ArchiveTransaction() """transaction used to handle the upload""" self.session = self.transaction.session """database session""" self.original_directory: str = directory self.original_changes = changes self.changes: Optional[daklib.upload.Changes] = None """upload to process""" self.directory: str = None """directory with temporary copy of files. set by :meth:`prepare`""" self.keyrings = keyrings self.fingerprint: Fingerprint = self.session.query(Fingerprint).filter_by(fingerprint=changes.primary_fingerprint).one() """fingerprint of the key used to sign the upload""" self.reject_reasons: list[str] = [] """reasons why the upload cannot by accepted""" self.warnings: list[str] = [] """warnings .. note:: Not used yet. """ self.final_suites = None self.new: bool = False """upload is NEW. set by :meth:`check`""" self._checked: bool = False """checks passes. set by :meth:`check`""" self._new_queue = self.session.query(PolicyQueue).filter_by(queue_name='new').one() self._new = self._new_queue.suite
[docs] def warn(self, message: str) -> None: """add a warning message Adds a warning message that can later be seen in :attr:`warnings` :param message: warning message """ self.warnings.append(message)
[docs] def prepare(self): """prepare upload for further processing This copies the files involved to a temporary directory. If you use this method directly, you have to remove the directory given by the :attr:`directory` attribute later on your own. Instead of using the method directly, you can also use a with-statement:: with ArchiveUpload(...) as upload: ... This will automatically handle any required cleanup. """ assert self.directory is None assert self.original_changes.valid_signature cnf = Config() session = self.transaction.session group = cnf.get('Dinstall::UnprivGroup') or None self.directory = daklib.utils.temp_dirname(parent=cnf.get('Dir::TempPath'), mode=0o2750, group=group) with FilesystemTransaction() as fs: src = os.path.join(self.original_directory, self.original_changes.filename) dst = os.path.join(self.directory, self.original_changes.filename) fs.copy(src, dst, mode=0o640) self.changes = daklib.upload.Changes(self.directory, self.original_changes.filename, self.keyrings) files = {} try: files = self.changes.files except daklib.upload.InvalidChangesException: # Do not raise an exception; upload will be rejected later # due to the missing files pass for f in files.values(): src = os.path.join(self.original_directory, f.filename) dst = os.path.join(self.directory, f.filename) if not os.path.exists(src): continue fs.copy(src, dst, mode=0o640) source = None try: source = self.changes.source except Exception: # Do not raise an exception here if the .dsc is invalid. pass if source is not None: for f in source.files.values(): src = os.path.join(self.original_directory, f.filename) dst = os.path.join(self.directory, f.filename) if not os.path.exists(dst): try: db_file = self.transaction.get_file(f, source.dsc['Source'], check_hashes=False) db_archive_file = session.query(ArchiveFile).filter_by(file=db_file).first() fs.copy(db_archive_file.path, dst, mode=0o640) except KeyError: # Ignore if get_file could not find it. Upload will # probably be rejected later. pass
[docs] def unpacked_source(self) -> Optional[str]: """Path to unpacked source Get path to the unpacked source. This method does unpack the source into a temporary directory under :attr:`directory` if it has not been done so already. :return: string giving the path to the unpacked source directory or :const:`None` if no source was included in the upload. """ assert self.directory is not None source = self.changes.source if source is None: return None dsc_path = os.path.join(self.directory, source._dsc_file.filename) sourcedir = os.path.join(self.directory, 'source') if not os.path.exists(sourcedir): subprocess.check_call(["dpkg-source", "--no-copy", "--no-check", "-x", dsc_path, sourcedir], shell=False, stdout=subprocess.DEVNULL) if not os.path.isdir(sourcedir): raise Exception("{0} is not a directory after extracting source package".format(sourcedir)) return sourcedir
[docs] def _map_suite(self, suite_name): suite_names = set((suite_name, )) for rule in Config().value_list("SuiteMappings"): fields = rule.split() rtype = fields[0] if rtype == "map" or rtype == "silent-map": (src, dst) = fields[1:3] if src in suite_names: suite_names.remove(src) suite_names.add(dst) if rtype != "silent-map": self.warnings.append('Mapping {0} to {1}.'.format(src, dst)) elif rtype == "copy" or rtype == "silent-copy": (src, dst) = fields[1:3] if src in suite_names: suite_names.add(dst) if rtype != "silent-copy": self.warnings.append('Copy {0} to {1}.'.format(src, dst)) elif rtype == "ignore": ignored = fields[1] if ignored in suite_names: suite_names.remove(ignored) self.warnings.append('Ignoring target suite {0}.'.format(ignored)) elif rtype == "reject": rejected = fields[1] if rejected in suite_names: raise checks.Reject('Uploads to {0} are not accepted.'.format(rejected)) ## XXX: propup-version and map-unreleased not yet implemented return suite_names
[docs] def _mapped_suites(self) -> list[Suite]: """Get target suites after mappings :return: list giving the mapped target suites of this upload """ session = self.session suite_names = set() for dist in self.changes.distributions: suite_names.update(self._map_suite(dist)) suites = session.query(Suite).filter(Suite.suite_name.in_(suite_names)) return suites.all()
[docs] def _check_new_binary_overrides(self, suite, overridesuite): new = False source = self.changes.source # Check binaries listed in the source package's Package-List field: if source is not None and not source.package_list.fallback: packages = source.package_list.packages_for_suite(suite) binaries = [entry for entry in packages] for b in binaries: override = self._binary_override(overridesuite, b) if override is None: self.warnings.append('binary:{0} is NEW.'.format(b.name)) new = True # Check all uploaded packages. # This is necessary to account for packages without a Package-List # field, really late binary-only uploads (where an unused override # was already removed), and for debug packages uploaded to a suite # without a debug suite (which are then considered as NEW). binaries = self.changes.binaries for b in binaries: if daklib.utils.is_in_debug_section(b.control) and suite.debug_suite is not None: continue override = self._binary_override(overridesuite, b) if override is None: self.warnings.append('binary:{0} is NEW.'.format(b.name)) new = True return new
[docs] def _check_new(self, suite, overridesuite) -> bool: """Check if upload is NEW An upload is NEW if it has binary or source packages that do not have an override in `overridesuite` OR if it references files ONLY in a tainted archive (eg. when it references files in NEW). Debug packages (*-dbgsym in Section: debug) are not considered as NEW if `suite` has a separate debug suite. :return: :const:`True` if the upload is NEW, :const:`False` otherwise """ session = self.session new = False # Check for missing overrides if self._check_new_binary_overrides(suite, overridesuite): new = True if self.changes.source is not None: override = self._source_override(overridesuite, self.changes.source) if override is None: self.warnings.append('source:{0} is NEW.'.format(self.changes.source.dsc['Source'])) new = True # Check if we reference a file only in a tainted archive files = list(self.changes.files.values()) if self.changes.source is not None: files.extend(self.changes.source.files.values()) for f in files: query = session.query(ArchiveFile).join(PoolFile).filter(PoolFile.sha1sum == f.sha1sum) query_untainted = query.join(Archive).filter(Archive.tainted == False) # noqa:E712 in_archive = (query.first() is not None) in_untainted_archive = (query_untainted.first() is not None) if in_archive and not in_untainted_archive: self.warnings.append('{0} is only available in NEW.'.format(f.filename)) new = True return new
[docs] def _final_suites(self): session = self.session mapped_suites = self._mapped_suites() final_suites = list() for suite in mapped_suites: overridesuite = suite if suite.overridesuite is not None: overridesuite = session.query(Suite).filter_by(suite_name=suite.overridesuite).one() if self._check_new(suite, overridesuite): self.new = True if suite not in final_suites: final_suites.append(suite) return final_suites
[docs] def _binary_override(self, suite: Suite, binary: 'Union[daklib.upload.Binary, daklib.packagelist.PackageListEntry]') -> Optional[Override]: """Get override entry for a binary :param suite: suite to get override for :param binary: binary to get override for :return: override for the given binary or :const:`None` """ if suite.overridesuite is not None: suite = self.session.query(Suite).filter_by(suite_name=suite.overridesuite).one() mapped_component = get_mapped_component(binary.component) if mapped_component is None: return None query = self.session.query(Override).filter_by(suite=suite, package=binary.name) \ .join(Component).filter(Component.component_name == mapped_component.component_name) \ .join(OverrideType).filter(OverrideType.overridetype == binary.type) return query.one_or_none()
[docs] def _source_override(self, suite: Suite, source: daklib.upload.Source) -> Optional[Override]: """Get override entry for a source :param suite: suite to get override for :param source: source to get override for :return: override for the given source or :const:`None` """ if suite.overridesuite is not None: suite = self.session.query(Suite).filter_by(suite_name=suite.overridesuite).one() query = self.session.query(Override).filter_by(suite=suite, package=source.dsc['Source']) \ .join(OverrideType).filter(OverrideType.overridetype == 'dsc') component = source_component_from_package_list(source.package_list, suite) if component is not None: query = query.filter(Override.component == component) return query.one_or_none()
[docs] def _binary_component(self, suite: Suite, binary: daklib.upload.Binary, only_overrides: bool = True) -> Optional[Component]: """get component for a binary By default this will only look at overrides to get the right component; if `only_overrides` is :const:`False` this method will also look at the Section field. :param only_overrides: only use overrides to get the right component """ override = self._binary_override(suite, binary) if override is not None: return override.component if only_overrides: return None return get_mapped_component(binary.component, self.session)
[docs] def _source_component(self, suite: Suite, source: daklib.upload.Binary, only_overrides: bool = True) -> Optional[Component]: """get component for a source By default this will only look at overrides to get the right component; if `only_overrides` is :const:`False` this method will also look at the Section field. :param only_overrides: only use overrides to get the right component """ override = self._source_override(suite, source) if override is not None: return override.component if only_overrides: return None return get_mapped_component(source.component, self.session)
[docs] def check(self, force: bool = False) -> bool: """run checks against the upload :param force: ignore failing forcable checks :return: :const:`True` if all checks passed, :const:`False` otherwise """ # XXX: needs to be better structured. assert self.changes.valid_signature try: # Validate signatures and hashes before we do any real work: for chk in ( checks.SignatureAndHashesCheck, checks.WeakSignatureCheck, checks.SignatureTimestampCheck, checks.ChangesCheck, checks.ExternalHashesCheck, checks.SourceCheck, checks.BinaryCheck, checks.BinaryMembersCheck, checks.BinaryTimestampCheck, checks.SingleDistributionCheck, checks.ArchAllBinNMUCheck, ): chk().check(self) final_suites = self._final_suites() if len(final_suites) == 0: self.reject_reasons.append('No target suite found. Please check your target distribution and that you uploaded to the right archive.') return False self.final_suites = final_suites for chk in ( checks.TransitionCheck, checks.ACLCheck, checks.NewOverrideCheck, checks.NoSourceOnlyCheck, checks.LintianCheck, ): chk().check(self) for chk in ( checks.SuiteCheck, checks.ACLCheck, checks.SourceFormatCheck, checks.SuiteArchitectureCheck, checks.VersionCheck, ): for suite in final_suites: chk().per_suite_check(self, suite) if len(self.reject_reasons) != 0: return False self._checked = True return True except checks.Reject as e: self.reject_reasons.append(str(e)) except Exception as e: self.reject_reasons.append("Processing raised an exception: {0}.\n{1}".format(e, traceback.format_exc())) return False
[docs] def _install_to_suite( self, target_suite: Suite, suite: Suite, source_component_func: Callable[[daklib.upload.Source], Component], binary_component_func: Callable[[daklib.upload.Binary], Component], source_suites=None, extra_source_archives: Optional[Iterable[Archive]] = None, policy_upload: bool = False ) -> tuple[Optional[DBSource], list[DBBinary]]: """Install upload to the given suite :param target_suite: target suite (before redirection to policy queue or NEW) :param suite: suite to install the package into. This is the real suite, ie. after any redirection to NEW or a policy queue :param source_component_func: function to get the :class:`daklib.dbconn.Component` for a :class:`daklib.upload.Source` object :param binary_component_func: function to get the :class:`daklib.dbconn.Component` for a :class:`daklib.upload.Binary` object :param source_suites: see :meth:`daklib.archive.ArchiveTransaction.install_binary` :param extra_source_archives: see :meth:`daklib.archive.ArchiveTransaction.install_binary` :param policy_upload: Boolean indicating upload to policy queue (including NEW) :return: tuple with two elements. The first is a :class:`daklib.dbconn.DBSource` object for the install source or :const:`None` if no source was included. The second is a list of :class:`daklib.dbconn.DBBinary` objects for the installed binary packages. """ # XXX: move this function to ArchiveTransaction? control = self.changes.changes changed_by = get_or_set_maintainer(control.get('Changed-By', control['Maintainer']), self.session) if source_suites is None: source_suites = self.session.query(Suite).join((VersionCheck, VersionCheck.reference_id == Suite.suite_id)).filter(VersionCheck.check == 'Enhances').filter(VersionCheck.suite == suite).subquery() source = self.changes.source if source is not None: component = source_component_func(source) db_source = self.transaction.install_source( self.directory, source, suite, component, changed_by, fingerprint=self.fingerprint ) else: db_source = None db_binaries = [] for binary in sorted(self.changes.binaries, key=lambda x: x.name): copy_to_suite = suite if daklib.utils.is_in_debug_section(binary.control) and suite.debug_suite is not None: copy_to_suite = suite.debug_suite component = binary_component_func(binary) db_binary = self.transaction.install_binary( self.directory, binary, copy_to_suite, component, fingerprint=self.fingerprint, source_suites=source_suites, extra_source_archives=extra_source_archives ) db_binaries.append(db_binary) if not policy_upload: check_upload_for_external_signature_request(self.session, target_suite, copy_to_suite, db_binary) if suite.copychanges: src = os.path.join(self.directory, self.changes.filename) dst = os.path.join(suite.archive.path, 'dists', suite.suite_name, self.changes.filename) self.transaction.fs.copy(src, dst, mode=suite.archive.mode) suite.update_last_changed() return (db_source, db_binaries)
[docs] def _install_changes(self) -> DBChange: assert self.changes.valid_signature control = self.changes.changes session = self.transaction.session config = Config() changelog_id = None # Only add changelog for sourceful uploads and binNMUs if self.changes.sourceful or re_bin_only_nmu.search(control['Version']): query = 'INSERT INTO changelogs_text (changelog) VALUES (:changelog) RETURNING id' changelog_id = session.execute(query, {'changelog': control['Changes']}).scalar() assert changelog_id is not None db_changes = DBChange() db_changes.changesname = self.changes.filename db_changes.source = control['Source'] db_changes.binaries = control.get('Binary', None) db_changes.architecture = control['Architecture'] db_changes.version = control['Version'] db_changes.distribution = control['Distribution'] db_changes.urgency = control['Urgency'] db_changes.maintainer = control['Maintainer'] db_changes.changedby = control.get('Changed-By', control['Maintainer']) db_changes.date = control['Date'] db_changes.fingerprint = self.fingerprint.fingerprint db_changes.changelog_id = changelog_id db_changes.closes = self.changes.closed_bugs try: self.transaction.session.add(db_changes) self.transaction.session.flush() except sqlalchemy.exc.IntegrityError: raise ArchiveException('{0} is already known.'.format(self.changes.filename)) return db_changes
[docs] def _install_policy(self, policy_queue, target_suite, db_changes, db_source, db_binaries) -> PolicyQueueUpload: """install upload to policy queue""" u = PolicyQueueUpload() u.policy_queue = policy_queue u.target_suite = target_suite u.changes = db_changes u.source = db_source u.binaries = db_binaries self.transaction.session.add(u) self.transaction.session.flush() queue_files = [self.changes.filename] queue_files.extend(f.filename for f in self.changes.buildinfo_files) for fn in queue_files: src = os.path.join(self.changes.directory, fn) dst = os.path.join(policy_queue.path, fn) self.transaction.fs.copy(src, dst, mode=policy_queue.change_perms) return u
[docs] def try_autobyhand(self) -> bool: """Try AUTOBYHAND Try to handle byhand packages automatically. """ assert len(self.reject_reasons) == 0 assert self.changes.valid_signature assert self.final_suites is not None assert self._checked byhand = self.changes.byhand_files if len(byhand) == 0: return True suites = list(self.final_suites) assert len(suites) == 1, "BYHAND uploads must be to a single suite" suite = suites[0] cnf = Config() control = self.changes.changes automatic_byhand_packages = cnf.subtree("AutomaticByHandPackages") remaining = [] for f in byhand: if '_' in f.filename: parts = f.filename.split('_', 2) if len(parts) != 3: print("W: unexpected byhand filename {0}. No automatic processing.".format(f.filename)) remaining.append(f) continue package, version, archext = parts arch, ext = archext.split('.', 1) else: parts = f.filename.split('.') if len(parts) < 2: print("W: unexpected byhand filename {0}. No automatic processing.".format(f.filename)) remaining.append(f) continue package = parts[0] version = '0' arch = 'all' ext = parts[-1] try: rule = automatic_byhand_packages.subtree(package) except KeyError: remaining.append(f) continue if rule['Source'] != self.changes.source_name \ or rule['Section'] != f.section \ or ('Extension' in rule and rule['Extension'] != ext): remaining.append(f) continue script = rule['Script'] retcode = subprocess.call([script, os.path.join(self.directory, f.filename), control['Version'], arch, os.path.join(self.directory, self.changes.filename), suite.suite_name], shell=False) if retcode != 0: print("W: error processing {0}.".format(f.filename)) remaining.append(f) return len(remaining) == 0
[docs] def _install_byhand(self, policy_queue_upload: PolicyQueueUpload, hashed_file: daklib.upload.HashedFile) -> PolicyQueueByhandFile: """install byhand file""" fs = self.transaction.fs session = self.transaction.session policy_queue = policy_queue_upload.policy_queue byhand_file = PolicyQueueByhandFile() byhand_file.upload = policy_queue_upload byhand_file.filename = hashed_file.filename session.add(byhand_file) session.flush() src = os.path.join(self.directory, hashed_file.filename) dst = os.path.join(policy_queue.path, hashed_file.filename) fs.copy(src, dst, mode=policy_queue.change_perms) return byhand_file
[docs] def _do_bts_versiontracking(self) -> None: cnf = Config() fs = self.transaction.fs btsdir = cnf.get('Dir::BTSVersionTrack') if btsdir is None or btsdir == '': return base = os.path.join(btsdir, self.changes.filename[:-8]) # version history sourcedir = self.unpacked_source() if sourcedir is not None: dch_path = os.path.join(sourcedir, 'debian', 'changelog') with open(dch_path, 'r') as fh: versions = fs.create("{0}.versions".format(base), mode=0o644) for line in fh.readlines(): if re_changelog_versions.match(line): versions.write(line) versions.close() # binary -> source mapping if self.changes.binaries: debinfo = fs.create("{0}.debinfo".format(base), mode=0o644) for binary in self.changes.binaries: control = binary.control source_package, source_version = binary.source line = " ".join([control['Package'], control['Version'], control['Architecture'], source_package, source_version]) print(line, file=debinfo) debinfo.close()
[docs] def _policy_queue(self, suite) -> Optional[PolicyQueue]: if suite.policy_queue is not None: return suite.policy_queue return None
[docs] def install(self) -> None: """install upload Install upload to a suite or policy queue. This method does **not** handle uploads to NEW. You need to have called the :meth:`check` method before calling this method. """ assert len(self.reject_reasons) == 0 assert self.changes.valid_signature assert self.final_suites is not None assert self._checked assert not self.new db_changes = self._install_changes() for suite in self.final_suites: overridesuite = suite if suite.overridesuite is not None: overridesuite = self.session.query(Suite).filter_by(suite_name=suite.overridesuite).one() policy_queue = self._policy_queue(suite) policy_upload = False redirected_suite = suite if policy_queue is not None: redirected_suite = policy_queue.suite policy_upload = True # source can be in the suite we install to or any suite we enhance source_suite_ids = set([suite.suite_id, redirected_suite.suite_id]) for enhanced_suite_id, in self.session.query(VersionCheck.reference_id) \ .filter(VersionCheck.suite_id.in_(source_suite_ids)) \ .filter(VersionCheck.check == 'Enhances'): source_suite_ids.add(enhanced_suite_id) source_suites = self.session.query(Suite).filter(Suite.suite_id.in_(source_suite_ids)).subquery() def source_component_func(source): return self._source_component(overridesuite, source, only_overrides=False) def binary_component_func(binary): return self._binary_component(overridesuite, binary, only_overrides=False) (db_source, db_binaries) = self._install_to_suite(suite, redirected_suite, source_component_func, binary_component_func, source_suites=source_suites, extra_source_archives=[suite.archive], policy_upload=policy_upload) if policy_queue is not None: self._install_policy(policy_queue, suite, db_changes, db_source, db_binaries) # copy to build queues if policy_queue is None or policy_queue.send_to_build_queues: for build_queue in suite.copy_queues: self._install_to_suite(suite, build_queue.suite, source_component_func, binary_component_func, source_suites=source_suites, extra_source_archives=[suite.archive]) self._do_bts_versiontracking()
[docs] def install_to_new(self) -> None: """install upload to NEW Install upload to NEW. This method does **not** handle regular uploads to suites or policy queues. You need to have called the :meth:`check` method before calling this method. """ # Uploads to NEW are special as we don't have overrides. assert len(self.reject_reasons) == 0 assert self.changes.valid_signature assert self.final_suites is not None source = self.changes.source binaries = self.changes.binaries byhand = self.changes.byhand_files # we need a suite to guess components suites = list(self.final_suites) assert len(suites) == 1, "NEW uploads must be to a single suite" suite = suites[0] # decide which NEW queue to use if suite.new_queue is None: new_queue = self.transaction.session.query(PolicyQueue).filter_by(queue_name='new').one() else: new_queue = suite.new_queue if len(byhand) > 0: # There is only one global BYHAND queue new_queue = self.transaction.session.query(PolicyQueue).filter_by(queue_name='byhand').one() new_suite = new_queue.suite def binary_component_func(binary): return self._binary_component(suite, binary, only_overrides=False) # guess source component # XXX: should be moved into an extra method binary_component_names = set() for binary in binaries: component = binary_component_func(binary) binary_component_names.add(component.component_name) source_component_name = None for c in self.session.query(Component).order_by(Component.component_id): guess = c.component_name if guess in binary_component_names: source_component_name = guess break if source_component_name is None: source_component = self.session.query(Component).order_by(Component.component_id).first() else: source_component = self.session.query(Component).filter_by(component_name=source_component_name).one() def source_component_func(source): return source_component db_changes = self._install_changes() (db_source, db_binaries) = self._install_to_suite(suite, new_suite, source_component_func, binary_component_func, source_suites=True, extra_source_archives=[suite.archive], policy_upload=True) policy_upload = self._install_policy(new_queue, suite, db_changes, db_source, db_binaries) for f in byhand: self._install_byhand(policy_upload, f) self._do_bts_versiontracking()
[docs] def commit(self) -> None: """commit changes""" self.transaction.commit()
[docs] def rollback(self) -> None: """rollback changes""" self.transaction.rollback()
def __enter__(self): self.prepare() return self def __exit__(self, type, value, traceback): if self.directory is not None: shutil.rmtree(self.directory) self.directory = None self.changes = None self.transaction.rollback() return None