launchpad-buildd

Merge lp:~cjwatson/launchpad-buildd/snap-git-proxy into lp:launchpad-buildd

  1. snap-git-proxy
  2. Merge into trunk
Proposed by Colin Watson
Status: Merged
Merged at revision: 219
Proposed branch: lp:~cjwatson/launchpad-buildd/snap-git-proxy
Merge into: lp:launchpad-buildd
Diff against target: 224 lines (+64/-7)
11 files modified
MANIFEST.in (+1/-0)
buildsnap (+12/-0)
debian/changelog (+1/-0)
debian/launchpad-buildd.install (+1/-0)
lpbuildd/slave.py (+3/-0)
lpbuildd/tests/buildlog (+1/-0)
lpbuildd/tests/buildlog.long (+2/-0)
lpbuildd/tests/test_1.diff (+8/-1)
lpbuildd/tests/test_2.diff (+6/-5)
lpbuildd/tests/test_buildd_slave.py (+1/-1)
snap-git-proxy (+28/-0)
To merge this branch: bzr merge lp:~cjwatson/launchpad-buildd/snap-git-proxy
Reviewer Review Type Date Requested Status
William Grant code Approve
Review via email: mp+323691@code.launchpad.net

Commit message

Configure a git:// proxy for snap builds (LP: #1663920).

To post a comment you must log in.
Revision history for this message
William Grant (wgrant) :
review: Approve (code)
Revision history for this message
Colin Watson (cjwatson) :
lp:~cjwatson/launchpad-buildd/snap-git-proxy updated
217. By Colin Watson

Sanitise snap proxy auth from logs.

Revision history for this message
Colin Watson (cjwatson) :
lp:~cjwatson/launchpad-buildd/snap-git-proxy updated
218. By Colin Watson

Merge trunk.

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
=== modified file 'MANIFEST.in'
--- MANIFEST.in 2017-04-26 12:24:32 +0000
+++ MANIFEST.in 2017-05-11 11:45:36 +0000
@@ -15,6 +15,7 @@
15include sbuildrc15include sbuildrc
16include scan-for-processes16include scan-for-processes
17include slave-prep17include slave-prep
18include snap-git-proxy
18include sudo-wrapper19include sudo-wrapper
19include template-buildd-slave.conf20include template-buildd-slave.conf
20include test_buildd_generatetranslationtemplates21include test_buildd_generatetranslationtemplates
2122
=== modified file 'buildsnap'
--- buildsnap 2017-04-03 12:30:15 +0000
+++ buildsnap 2017-05-11 11:45:36 +0000
@@ -117,7 +117,16 @@
117 deps.append("bzr")117 deps.append("bzr")
118 else:118 else:
119 deps.append("git")119 deps.append("git")
120 if self.options.proxy_url:
121 deps.extend(["python3", "socat"])
120 self.chroot(["apt-get", "-y", "install"] + deps)122 self.chroot(["apt-get", "-y", "install"] + deps)
123 if self.options.proxy_url:
124 subprocess.check_call([
125 "sudo", "cp", "-a",
126 os.path.join(os.path.dirname(__file__), "snap-git-proxy"),
127 os.path.join(
128 self.chroot_path, "usr", "local", "bin", "snap-git-proxy"),
129 ])
121130
122 def repo(self):131 def repo(self):
123 """Collect git or bzr branch."""132 """Collect git or bzr branch."""
@@ -126,6 +135,7 @@
126 if self.options.proxy_url:135 if self.options.proxy_url:
127 env["http_proxy"] = self.options.proxy_url136 env["http_proxy"] = self.options.proxy_url
128 env["https_proxy"] = self.options.proxy_url137 env["https_proxy"] = self.options.proxy_url
138 env["GIT_PROXY_COMMAND"] = "/usr/local/bin/snap-git-proxy"
129 if self.options.branch is not None:139 if self.options.branch is not None:
130 self.run_build_command(['ls', '/build'])140 self.run_build_command(['ls', '/build'])
131 cmd = ["bzr", "branch", self.options.branch, self.name]141 cmd = ["bzr", "branch", self.options.branch, self.name]
@@ -161,6 +171,7 @@
161 if self.options.proxy_url:171 if self.options.proxy_url:
162 env["http_proxy"] = self.options.proxy_url172 env["http_proxy"] = self.options.proxy_url
163 env["https_proxy"] = self.options.proxy_url173 env["https_proxy"] = self.options.proxy_url
174 env["GIT_PROXY_COMMAND"] = "/usr/local/bin/snap-git-proxy"
164 self.run_build_command(175 self.run_build_command(
165 ["snapcraft", "pull"],176 ["snapcraft", "pull"],
166 path=os.path.join("/build", self.name),177 path=os.path.join("/build", self.name),
@@ -173,6 +184,7 @@
173 if self.options.proxy_url:184 if self.options.proxy_url:
174 env["http_proxy"] = self.options.proxy_url185 env["http_proxy"] = self.options.proxy_url
175 env["https_proxy"] = self.options.proxy_url186 env["https_proxy"] = self.options.proxy_url
187 env["GIT_PROXY_COMMAND"] = "/usr/local/bin/snap-git-proxy"
176 self.run_build_command(188 self.run_build_command(
177 ["snapcraft"], path=os.path.join("/build", self.name), env=env)189 ["snapcraft"], path=os.path.join("/build", self.name), env=env)
178190
179191
=== modified file 'debian/changelog'
--- debian/changelog 2017-05-11 08:52:10 +0000
+++ debian/changelog 2017-05-11 11:45:36 +0000
@@ -4,6 +4,7 @@
4 other XML-RPC status information (LP: #1679157).4 other XML-RPC status information (LP: #1679157).
5 * Write out trusted keys sent by buildd-manager (LP: #1626739).5 * Write out trusted keys sent by buildd-manager (LP: #1626739).
6 * Add tests for lpbuildd.pottery, extracted from Launchpad.6 * Add tests for lpbuildd.pottery, extracted from Launchpad.
7 * Configure a git:// proxy for snap builds (LP: #1663920).
78
8 -- Colin Watson <cjwatson@ubuntu.com> Fri, 31 Mar 2017 15:31:10 +01009 -- Colin Watson <cjwatson@ubuntu.com> Fri, 31 Mar 2017 15:31:10 +0100
910
1011
=== modified file 'debian/launchpad-buildd.install'
--- debian/launchpad-buildd.install 2017-04-26 12:24:32 +0000
+++ debian/launchpad-buildd.install 2017-05-11 11:45:36 +0000
@@ -14,6 +14,7 @@
14sbuild-package usr/share/launchpad-buildd/slavebin14sbuild-package usr/share/launchpad-buildd/slavebin
15scan-for-processes usr/share/launchpad-buildd/slavebin15scan-for-processes usr/share/launchpad-buildd/slavebin
16slave-prep usr/share/launchpad-buildd/slavebin16slave-prep usr/share/launchpad-buildd/slavebin
17snap-git-proxy usr/share/launchpad-buildd/slavebin
17sudo-wrapper usr/share/launchpad-buildd/slavebin18sudo-wrapper usr/share/launchpad-buildd/slavebin
18umount-chroot usr/share/launchpad-buildd/slavebin19umount-chroot usr/share/launchpad-buildd/slavebin
19unpack-chroot usr/share/launchpad-buildd/slavebin20unpack-chroot usr/share/launchpad-buildd/slavebin
2021
=== modified file 'lpbuildd/slave.py'
--- lpbuildd/slave.py 2017-05-11 08:42:49 +0000
+++ lpbuildd/slave.py 2017-05-11 11:45:36 +0000
@@ -37,9 +37,12 @@
37 # This regular expression will be used to remove authentication37 # This regular expression will be used to remove authentication
38 # credentials from URLs.38 # credentials from URLs.
39 password_re = re.compile('://([^:]+:[^@]+@)(\S+)')39 password_re = re.compile('://([^:]+:[^@]+@)(\S+)')
40 # Snap proxy passwords are UUIDs.
41 snap_proxy_auth_re = re.compile(',proxyauth=[^:]+:[A-Za-z0-9-]+')
4042
41 for line in text_seq:43 for line in text_seq:
42 sanitized_line = password_re.sub(r'://\2', line)44 sanitized_line = password_re.sub(r'://\2', line)
45 sanitized_line = snap_proxy_auth_re.sub('', sanitized_line)
43 yield sanitized_line46 yield sanitized_line
4447
4548
4649
=== modified file 'lpbuildd/tests/buildlog'
--- lpbuildd/tests/buildlog 2011-11-09 07:50:56 +0000
+++ lpbuildd/tests/buildlog 2017-05-11 11:45:36 +0000
@@ -21,3 +21,4 @@
21Need to get 0B/2832kB of archives.21Need to get 0B/2832kB of archives.
22After unpacking 94.2kB of additional disk space will be used.22After unpacking 94.2kB of additional disk space will be used.
23(Reading database ... 8942 files and directories currently installed.)23(Reading database ... 8942 files and directories currently installed.)
24socat STDIO PROXY:snap-proxy.launchpad.dev:github.com:443,proxyport=3128,proxyauth=user:blah
2425
=== modified file 'lpbuildd/tests/buildlog.long'
--- lpbuildd/tests/buildlog.long 2011-11-09 07:50:56 +0000
+++ lpbuildd/tests/buildlog.long 2017-05-11 11:45:36 +0000
@@ -21,6 +21,7 @@
21Need to get 0B/2832kB of archives.21Need to get 0B/2832kB of archives.
22After unpacking 94.2kB of additional disk space will be used.22After unpacking 94.2kB of additional disk space will be used.
23(Reading database ... 8942 files and directories currently installed.)23(Reading database ... 8942 files and directories currently installed.)
24socat STDIO PROXY:snap-proxy.launchpad.dev:github.com:443,proxyport=3128,proxyauth=user:blah
24RUN: /usr/share/launchpad-buildd/slavebin/unpack-chroot ['unpack-chroot', '370614-896976', '/home/buildd/filecache-default/a40e3c410938399b35051833fe5244f9ac6f3774']25RUN: /usr/share/launchpad-buildd/slavebin/unpack-chroot ['unpack-chroot', '370614-896976', '/home/buildd/filecache-default/a40e3c410938399b35051833fe5244f9ac6f3774']
25Unpacking chroot for build 370614-89697626Unpacking chroot for build 370614-896976
26RUN: /usr/share/launchpad-buildd/slavebin/mount-chroot ['mount-chroot', '370614-896976']27RUN: /usr/share/launchpad-buildd/slavebin/mount-chroot ['mount-chroot', '370614-896976']
@@ -80,3 +81,4 @@
80Get:3 http://scrub:this@ftpmaster.internal gutsy/main Packages [1085kB]81Get:3 http://scrub:this@ftpmaster.internal gutsy/main Packages [1085kB]
81Get:4 http://ftpmaster.internal gutsy/universe Packages [3991kB]82Get:4 http://ftpmaster.internal gutsy/universe Packages [3991kB]
82Fetched 5142kB in 5s (1012kB/s)83Fetched 5142kB in 5s (1012kB/s)
84socat STDIO PROXY:snap-proxy.launchpad.dev:github.com:443,proxyport=3128,proxyauth=user:blah
8385
=== modified file 'lpbuildd/tests/test_1.diff'
--- lpbuildd/tests/test_1.diff 2011-11-09 07:50:56 +0000
+++ lpbuildd/tests/test_1.diff 2017-05-11 11:45:36 +0000
@@ -14,4 +14,11 @@
14+Get:3 http://ftpmaster.internal gutsy/main Packages [1085kB]14+Get:3 http://ftpmaster.internal gutsy/main Packages [1085kB]
15 Get:4 http://ftpmaster.internal gutsy/universe Packages [3991kB]15 Get:4 http://ftpmaster.internal gutsy/universe Packages [3991kB]
16 Fetched 5142kB in 5s (1012kB/s)16 Fetched 5142kB in 5s (1012kB/s)
17 Reading package lists...
18\ No newline at end of file17\ No newline at end of file
18 Reading package lists...
19@@ -21,4 +21,4 @@
20
21 Need to get 0B/2832kB of archives.
22 After unpacking 94.2kB of additional disk space will be used.
23 (Reading database ... 8942 files and directories currently installed.)
24-socat STDIO PROXY:snap-proxy.launchpad.dev:github.com:443,proxyport=3128,proxyauth=user:blah
25+socat STDIO PROXY:snap-proxy.launchpad.dev:github.com:443,proxyport=3128
19\ No newline at end of file26\ No newline at end of file
2027
=== modified file 'lpbuildd/tests/test_2.diff'
--- lpbuildd/tests/test_2.diff 2011-11-09 07:50:56 +0000
+++ lpbuildd/tests/test_2.diff 2017-05-11 11:45:36 +0000
@@ -2,10 +2,9 @@
22
3+++ 3+++
44
5@@ -1,11 +1,10 @@5@@ -1,10 +1,9 @@
66
7-ting chroot for build 370614-8969767-l ['apply-ogre-model', '370614-896976', 'universe']
8 RUN: /usr/share/launchpad-buildd/slavebin/apply-ogre-model ['apply-ogre-model', '370614-896976', 'universe']
9 Attempting OGRE for universe in build-370614-8969768 Attempting OGRE for universe in build-370614-896976
10 RUN: /usr/share/launchpad-buildd/slavebin/update-debian-chroot ['update-debian-chroot', '370614-896976']9 RUN: /usr/share/launchpad-buildd/slavebin/update-debian-chroot ['update-debian-chroot', '370614-896976']
11 Updating debian chroot for build 370614-89697610 Updating debian chroot for build 370614-896976
@@ -17,7 +16,7 @@
17 Get:4 http://ftpmaster.internal gutsy/universe Packages [3991kB]16 Get:4 http://ftpmaster.internal gutsy/universe Packages [3991kB]
18 Fetched 5142kB in 5s (1012kB/s)17 Fetched 5142kB in 5s (1012kB/s)
19 Reading package lists...18 Reading package lists...
20@@ -26,8 +25,8 @@19@@ -25,9 +24,9 @@
2120
22 Attempting OGRE for universe in build-370614-89697621 Attempting OGRE for universe in build-370614-896976
23 RUN: /usr/share/launchpad-buildd/slavebin/update-debian-chroot ['update-debian-chroot', '370614-896976']22 RUN: /usr/share/launchpad-buildd/slavebin/update-debian-chroot ['update-debian-chroot', '370614-896976']
@@ -29,4 +28,6 @@
29+Get:2 http://ftpmaster.internal gutsy Release [65.9kB]28+Get:2 http://ftpmaster.internal gutsy Release [65.9kB]
30+Get:3 http://ftpmaster.internal gutsy/main Packages [1085kB]29+Get:3 http://ftpmaster.internal gutsy/main Packages [1085kB]
31 Get:4 http://ftpmaster.internal gutsy/universe Packages [3991kB]30 Get:4 http://ftpmaster.internal gutsy/universe Packages [3991kB]
32 Fetched 5142kB in 5s (1012kB/s)
33\ No newline at end of file31\ No newline at end of file
32 Fetched 5142kB in 5s (1012kB/s)
33-socat STDIO PROXY:snap-proxy.launchpad.dev:github.com:443,proxyport=3128,proxyauth=user:blah
34+socat STDIO PROXY:snap-proxy.launchpad.dev:github.com:443,proxyport=3128
34\ No newline at end of file35\ No newline at end of file
3536
=== modified file 'lpbuildd/tests/test_buildd_slave.py'
--- lpbuildd/tests/test_buildd_slave.py 2014-05-10 17:40:29 +0000
+++ lpbuildd/tests/test_buildd_slave.py 2017-05-11 11:45:36 +0000
@@ -3,7 +3,7 @@
33
4"""Buildd Slave tests.4"""Buildd Slave tests.
55
6This file contains the follwoing tests:6This file contains the following tests:
77
8 * Basic authentication handling (used to download private sources);8 * Basic authentication handling (used to download private sources);
9 * Build log sanitization (removal of passwords from private buildlog);9 * Build log sanitization (removal of passwords from private buildlog);
1010
=== added file 'snap-git-proxy'
--- snap-git-proxy 1970-01-01 00:00:00 +0000
+++ snap-git-proxy 2017-05-11 11:45:36 +0000
@@ -0,0 +1,28 @@
1#! /usr/bin/python3
2# Copyright 2017 Canonical Ltd. This software is licensed under the
3# GNU Affero General Public License version 3 (see the file LICENSE).
4
5"""Proxy the git protocol via http_proxy.
6
7Note that this is copied into the build chroot and run there.
8"""
9
10import os
11import sys
12from urllib.parse import urlparse
13
14
15def main():
16 proxy_url = urlparse(os.environ["http_proxy"])
17 proxy_arg = "PROXY:%s:%s:%s" % (
18 proxy_url.hostname, sys.argv[1], sys.argv[2])
19 if proxy_url.port:
20 proxy_arg += ",proxyport=%s" % proxy_url.port
21 if proxy_url.username:
22 proxy_arg += ",proxyauth=%s:%s" % (
23 proxy_url.username, proxy_url.password)
24 os.execvp("socat", ["socat", "STDIO", proxy_arg])
25
26
27if __name__ == "__main__":
28 main()

Subscribers

People subscribed via source and target branches

to all changes: