Canonical Click Reviewers tools

Merge lp:~mvo/click-reviewers-tools/snappy into lp:click-reviewers-tools

  1. snappy
  2. Merge into trunk
Proposed by Michael Vogt on 2015-10-20
Status: Merged
Merged at revision: 538
Proposed branch: lp:~mvo/click-reviewers-tools/snappy
Merge into: lp:click-reviewers-tools
Diff against target: 148 lines (+72/-19)
4 files modified
clickreviews/cr_common.py (+44/-18)
clickreviews/cr_lint.py (+16/-1)
clickreviews/tests/test_cr_lint.py (+11/-0)
debian/control (+1/-0)
To merge this branch: bzr merge lp:~mvo/click-reviewers-tools/snappy
Reviewer Review Type Date Requested Status
Jamie Strandboge 2015-10-20 Approve on 2015-10-27
Daniel Holbach (community) Approve on 2015-10-27
Ricardo Kirkner (community) Approve on 2015-10-21
Review via email: mp+275058@code.launchpad.net

Description of the Change

Tiny branch to allow unpacking of squashfs based snaps. This will be used by the store and its the first step toward more snappy specific support for c-r-t.

To post a comment you must log in.
Ricardo Kirkner (ricardokirkner) :
lp:~mvo/click-reviewers-tools/snappy updated on 2015-10-20
534. By Michael Vogt on 2015-10-20

address review comments from Ricardo (many thanks!)

Michael Vogt (mvo) wrote :

Thanks Ricardo, excellent feedback and you are absolutely right, your suggestion makes it much nicer.

Ricardo Kirkner (ricardokirkner) wrote :

LGTM

review: Approve
Jamie Strandboge (jdstrand) wrote :

If we accept this, won't that mean that the store will accept squashfs snaps and clicks? Are we ready to do this now?

review: Needs Information
Michael Vogt (mvo) wrote :

Thanks for the review Jamie. We want this for os and kernel snaps (that are manual review currently now anyway). This will unblock the all-snap work. Of course we need the verification of the squashfs (i.e. repacking it and compare) before this is ready for non-manual review snaps.

James Westby (james-w) wrote :

Jamie Strandboge <email address hidden> writes:

> Review: Needs Information
>
> If we accept this, won't that mean that the store will accept squashfs snaps and clicks? Are we ready to do this now?

We will accept them if they pass all the rest of the checks. We probably
don't want that, but if a check fails it will be held for manual review.

Is there going to be a base framework update for the new capability?

Thanks,

James

lp:~mvo/click-reviewers-tools/snappy updated on 2015-10-26
535. By Michael Vogt on 2015-10-26

clickreviews/cr_common.py: s/unsquashfs/unpacking/ thanks to Ricardo Kirkner

Michael Vogt (mvo) wrote :

Updated to fix typo as suggested by Ricardo.

Jamie Strandboge (jdstrand) wrote :

Ok, we discussed this on irc. The code in this branch is ok, but a check needs to be added to make sure that if a squashfs is used, it triggers a manual review. Once that is in place, it would be safe for the store to pull as is and then people can build on top of that in future iterations.

review: Needs Fixing
lp:~mvo/click-reviewers-tools/snappy updated on 2015-10-27
536. By Michael Vogt on 2015-10-27

add cr_lint check for squashfs

537. By Michael Vogt on 2015-10-27

pep8 fixes

Michael Vogt (mvo) wrote :

Thanks Jamie! I added a check to cr_lint and a test. Please let me know if that is sufficient. I ran the "tests-{pep8,pyflakes,tests}" and they all pass.

lp:~mvo/click-reviewers-tools/snappy updated on 2015-10-27
538. By Michael Vogt on 2015-10-27

merged trunk and resolved conflicts

Daniel Holbach (dholbach) wrote :

Looks good to me.

The only (less important) bit I was unsure about was the question if squashfs-tools should be a Recommends or a Depends. It looks like c-r-t error out just fine if the tools can't be found, but as the squashfs snaps are going to be the future of everything, we could as well make it a depends. No super strong opinion though. :-)

review: Approve
Jamie Strandboge (jdstrand) wrote :

Thanks for the updates. +1

review: Approve

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1=== modified file 'clickreviews/cr_common.py'
2--- clickreviews/cr_common.py 2015-10-16 04:47:48 +0000
3+++ clickreviews/cr_common.py 2015-10-27 08:51:15 +0000
4@@ -639,6 +639,38 @@
5 return [sp2.returncode, out]
6
7
8+def _unpack_cmd(cmd_args, d, dest):
9+ '''Low level unpack helper'''
10+ curdir = os.getcwd()
11+ os.chdir(d)
12+
13+ (rc, out) = cmd(cmd_args)
14+ os.chdir(curdir)
15+
16+ if rc != 0:
17+ if os.path.isdir(d):
18+ recursive_rm(d)
19+ error("unpacking failed with '%d':\n%s" % (rc, out))
20+
21+ if dest is None:
22+ dest = d
23+ else:
24+ shutil.move(d, dest)
25+
26+ return dest
27+
28+
29+def _unpack_snap_squashfs(snap_pkg, dest):
30+ '''Unpack a squashfs based snap package to dest'''
31+ d = tempfile.mkdtemp(prefix='clickreview-')
32+ return _unpack_cmd(['unsquashfs', '-f', '-d', d, snap_pkg], d, dest)
33+
34+
35+def _unpack_click_deb(click_pkg, dest):
36+ d = tempfile.mkdtemp(prefix='clickreview-')
37+ return _unpack_cmd(['dpkg-deb', '-R', click_pkg, d], d, dest)
38+
39+
40 def unpack_click(fn, dest=None):
41 '''Unpack click package'''
42 if not os.path.isfile(fn):
43@@ -650,24 +682,18 @@
44 if dest is not None and os.path.exists(dest):
45 error("'%s' exists. Aborting." % dest)
46
47- d = tempfile.mkdtemp(prefix='clickreview-')
48-
49- curdir = os.getcwd()
50- os.chdir(d)
51- (rc, out) = cmd(['dpkg-deb', '-R', click_pkg, d])
52- os.chdir(curdir)
53-
54- if rc != 0:
55- if os.path.isdir(d):
56- recursive_rm(d)
57- error("dpkg-deb -R failed with '%d':\n%s" % (rc, out))
58-
59- if dest is None:
60- dest = d
61- else:
62- shutil.move(d, dest)
63-
64- return dest
65+ # check if its a squashfs based snap
66+ if is_squashfs(click_pkg):
67+ return _unpack_snap_squashfs(fn, dest)
68+
69+ return _unpack_click_deb(fn, dest)
70+
71+
72+def is_squashfs(filename):
73+ '''Return true if the given filename as a squashfs header'''
74+ with open(filename, 'rb') as f:
75+ header = f.read(10)
76+ return header.startswith(b"hsqs")
77
78
79 def raw_unpack_pkg(fn, dest=None):
80
81=== modified file 'clickreviews/cr_lint.py'
82--- clickreviews/cr_lint.py 2015-10-21 21:48:50 +0000
83+++ clickreviews/cr_lint.py 2015-10-27 08:51:15 +0000
84@@ -24,7 +24,13 @@
85 import yaml
86
87 from clickreviews.frameworks import Frameworks
88-from clickreviews.cr_common import ClickReview, open_file_read, cmd, error
89+from clickreviews.cr_common import (
90+ ClickReview,
91+ open_file_read,
92+ cmd,
93+ error,
94+ is_squashfs,
95+)
96
97 CONTROL_FILE_NAMES = ["control", "manifest", "preinst"]
98 MINIMUM_CLICK_FRAMEWORK_VERSION = "0.4"
99@@ -1206,6 +1212,15 @@
100 break
101 self._add_result(t, n, s)
102
103+ def check_is_squashfs(self):
104+ '''Check snapfs'''
105+ if is_squashfs(self.click_package):
106+ t = 'error'
107+ n = self._get_check_name('is_squashfs')
108+ s = "(MANUAL REVIEW) squashfs pkg"
109+ manual_review = True
110+ self._add_result(t, n, s, manual_review=manual_review)
111+
112 def check_snappy_hashes(self):
113 '''Check snappy hashes.yaml'''
114 if not self.is_snap:
115
116=== modified file 'clickreviews/tests/test_cr_lint.py'
117--- clickreviews/tests/test_cr_lint.py 2015-10-16 05:27:08 +0000
118+++ clickreviews/tests/test_cr_lint.py 2015-10-27 08:51:15 +0000
119@@ -1864,6 +1864,17 @@
120 expected_counts = {'info': None, 'warn': 0, 'error': 1}
121 self.check_results(r, expected_counts)
122
123+ def test_squashfs_errors(self):
124+ '''Test that squashfs snaps are marked for manual review'''
125+ c = ClickReviewLint(self.test_name)
126+ c.unpack_dir = "/nonexistent.nonexec"
127+ with patch("clickreviews.cr_lint.is_squashfs") as mock_is_squashfs:
128+ mock_is_squashfs.return_value = True
129+ c.check_is_squashfs()
130+ r = c.click_report
131+ expected_counts = {'info': None, 'warn': 0, 'error': 1}
132+ self.check_results(r, expected_counts)
133+
134
135 class ClickReviewLintTestCase(TestCase):
136 """Tests without mocks where they are not needed."""
137
138=== modified file 'debian/control'
139--- debian/control 2015-06-09 13:02:53 +0000
140+++ debian/control 2015-10-27 08:51:15 +0000
141@@ -32,6 +32,7 @@
142 python3-yaml,
143 ${misc:Depends},
144 ${python3:Depends}
145+Recommends: squashfs-tools
146 Description: tools to review click packages
147 These scripts can be used to review click packages both manually and in a
148 programmatic fashion.

Subscribers

People subscribed via source and target branches