Skip to content

Commit fa6d106

Browse files
authored
Merge pull request #389 from yma955/main
Fix range IndexError when processing the radas signing json
2 parents 60d962c + 4923864 commit fa6d106

File tree

3 files changed

+79
-19
lines changed

3 files changed

+79
-19
lines changed

charon/pkgs/maven.py

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -422,7 +422,7 @@ def handle_maven_uploading(
422422
if conf.is_radas_enabled() and sign_result_file and os.path.isfile(sign_result_file):
423423
logger.info("Start generating radas signature files for s3 bucket %s\n", bucket_name)
424424
(_failed_metas, _generated_signs) = radas_signature.generate_radas_sign(
425-
top_level=top_level, sign_result_file=sign_result_file
425+
top_level=top_level, root=root, sign_result_file=sign_result_file
426426
)
427427
if not _generated_signs:
428428
logger.error(

charon/pkgs/radas_sign.py

Lines changed: 24 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -294,7 +294,9 @@ def _handle_failed_delivery(self, reason: str):
294294
self.close()
295295

296296

297-
def generate_radas_sign(top_level: str, sign_result_file: str) -> Tuple[List[str], List[str]]:
297+
def generate_radas_sign(
298+
top_level: str, root: str, sign_result_file: str
299+
) -> Tuple[List[str], List[str]]:
298300
"""
299301
Generate .asc files based on RADAS sign result json file
300302
"""
@@ -321,11 +323,28 @@ async def generate_single_sign_file(
321323
if not file_path or not signature:
322324
logger.error("Invalid JSON entry")
323325
return
324-
# remove the root path maven-repository
325-
filename = file_path.split("/", 1)[1]
326326

327-
artifact_path = os.path.join(top_level, filename)
328-
asc_filename = f"{filename}.asc"
327+
if "/" not in file_path:
328+
logger.warning("Invalid entry: %s, skip signature file generation.", file_path)
329+
return
330+
331+
if root not in file_path:
332+
logger.debug(
333+
"Root '%s' not found in file_path '%s', handling directly.", root, file_path
334+
)
335+
artifact_path = os.path.join(top_level, file_path)
336+
asc_filename = f"{file_path}.asc"
337+
else:
338+
logger.debug(
339+
"Root '%s' found in file_path '%s', removing it as prefix.", root, file_path
340+
)
341+
stripped_file_path = file_path
342+
parts = file_path.split(root, 1)
343+
if len(parts) > 1:
344+
stripped_file_path = parts[1].lstrip("/")
345+
artifact_path = os.path.join(top_level, stripped_file_path)
346+
asc_filename = f"{stripped_file_path}.asc"
347+
329348
signature_path = os.path.join(top_level, asc_filename)
330349

331350
if not os.path.isfile(artifact_path):

tests/test_radas_sign_generation.py

Lines changed: 54 additions & 13 deletions
Original file line numberDiff line numberDiff line change
@@ -38,13 +38,19 @@ def tearDown(self) -> None:
3838

3939
def test_multi_sign_files_generation(self):
4040
self.__prepare_artifacts()
41-
failed, generated = generate_radas_sign(self.__repo_dir, self.__sign_result_file)
41+
failed, generated = generate_radas_sign(
42+
self.__repo_dir, self.__root, self.__sign_result_file
43+
)
4244
self.assertEqual(failed, [])
4345
expected_asc1 = os.path.join(self.__repo_dir, "foo/bar/1.0/foo-bar-1.0.jar.asc")
4446
expected_asc2 = os.path.join(self.__repo_dir, "foo/bar/2.0/foo-bar-2.0.jar.asc")
45-
self.assertEqual(len(generated), 2)
47+
expected_asc3 = os.path.join(self.__repo_dir, "foo/bar/3.0/foo-bar-3.0.jar.asc")
48+
expected_asc4 = os.path.join(self.__repo_dir, "foo/bar/4.0/foo-bar-4.0.jar.asc")
49+
self.assertEqual(len(generated), 4)
4650
self.assertIn(expected_asc1, generated)
4751
self.assertIn(expected_asc2, generated)
52+
self.assertIn(expected_asc3, generated)
53+
self.assertIn(expected_asc4, generated)
4854

4955
with open(expected_asc1) as f:
5056
content1 = f.read()
@@ -54,7 +60,9 @@ def test_multi_sign_files_generation(self):
5460
self.assertIn("signature2@hash", content2)
5561

5662
def test_sign_files_generation_with_missing_artifacts(self):
57-
failed, generated = generate_radas_sign(self.__repo_dir, self.__sign_result_file)
63+
failed, generated = generate_radas_sign(
64+
self.__repo_dir, self.__root, self.__sign_result_file
65+
)
5866
self.assertEqual(failed, [])
5967
expected_asc1 = os.path.join(self.__repo_dir, "foo/bar/1.0/foo-bar-1.0.jar.asc")
6068
expected_asc2 = os.path.join(self.__repo_dir, "foo/bar/2.0/foo-bar-2.0.jar.asc")
@@ -70,12 +78,16 @@ def test_sign_files_generation_with_failure(self):
7078
# simulate expected_asc1 can not be written properly
7179
real_overwrite = overwrite_file
7280
with mock.patch("charon.pkgs.radas_sign.files.overwrite_file") as mock_overwrite:
81+
7382
def side_effect(path, content):
7483
if path == expected_asc1:
7584
raise IOError("mock write error")
7685
return real_overwrite(path, content)
86+
7787
mock_overwrite.side_effect = side_effect
78-
failed, generated = generate_radas_sign(self.__repo_dir, self.__sign_result_file)
88+
failed, generated = generate_radas_sign(
89+
self.__repo_dir, self.__root, self.__sign_result_file
90+
)
7991

8092
self.assertEqual(len(failed), 1)
8193
self.assertNotIn(expected_asc1, generated)
@@ -86,7 +98,9 @@ def test_sign_files_generation_with_missing_result(self):
8698
# simulate missing pull result by removing the sign result file loc
8799
shutil.rmtree(self.__sign_result_loc)
88100

89-
failed, generated = generate_radas_sign(self.__repo_dir, self.__sign_result_file)
101+
failed, generated = generate_radas_sign(
102+
self.__repo_dir, self.__root, self.__sign_result_file
103+
)
90104
self.assertEqual(failed, [])
91105
expected_asc1 = os.path.join(self.__repo_dir, "foo/bar/1.0/foo-bar-1.0.jar.asc")
92106
expected_asc2 = os.path.join(self.__repo_dir, "foo/bar/2.0/foo-bar-2.0.jar.asc")
@@ -97,6 +111,7 @@ def test_sign_files_generation_with_missing_result(self):
97111
def __prepare_sign_result_file(self):
98112
self.__sign_result_loc = tempfile.mkdtemp()
99113
self.__sign_result_file = os.path.join(self.__sign_result_loc, "result.json")
114+
self.__root = "maven-repository"
100115
self.__repo_dir = os.path.join(tempfile.mkdtemp(), "maven-repository")
101116
data = {
102117
"request-id": "request-id",
@@ -120,20 +135,46 @@ def __prepare_sign_result_file(self):
120135
),
121136
"checksum": "sha256:sha256-content",
122137
},
138+
{
139+
"file": "README.md",
140+
"signature": (
141+
"-----BEGIN PGP SIGNATURE-----"
142+
"signature2@hash"
143+
"-----END PGP SIGNATURE-----"
144+
),
145+
"checksum": "sha256:sha256-content",
146+
},
147+
{
148+
"file": "radas-tmp/maven-repository/foo/bar/3.0/foo-bar-3.0.jar",
149+
"signature": (
150+
"-----BEGIN PGP SIGNATURE-----"
151+
"signature2@hash"
152+
"-----END PGP SIGNATURE-----"
153+
),
154+
"checksum": "sha256:sha256-content",
155+
},
156+
{
157+
"file": "foo/bar/4.0/foo-bar-4.0.jar",
158+
"signature": (
159+
"-----BEGIN PGP SIGNATURE-----"
160+
"signature2@hash"
161+
"-----END PGP SIGNATURE-----"
162+
),
163+
"checksum": "sha256:sha256-content",
164+
},
123165
],
124166
}
125167
json_str = json.dumps(data, indent=2)
126168
overwrite_file(self.__sign_result_file, json_str)
127169

128170
def __prepare_artifacts(self):
129-
os.makedirs(os.path.join(self.__repo_dir, "foo/bar/1.0"), exist_ok=True)
130-
os.makedirs(os.path.join(self.__repo_dir, "foo/bar/2.0"), exist_ok=True)
131-
artifact1 = os.path.join(self.__repo_dir, "foo/bar/1.0/foo-bar-1.0.jar")
132-
artifact2 = os.path.join(self.__repo_dir, "foo/bar/2.0/foo-bar-2.0.jar")
133-
with open(artifact1, "w") as f:
134-
f.write("dummy1")
135-
with open(artifact2, "w") as f:
136-
f.write("dummy2")
171+
for version in ["1.0", "2.0", "3.0", "4.0"]:
172+
dir_path = os.path.join(self.__repo_dir, f"foo/bar/{version}")
173+
os.makedirs(dir_path, exist_ok=True)
174+
175+
artifact_path = os.path.join(dir_path, f"foo-bar-{version}.jar")
176+
with open(artifact_path, "w") as f:
177+
f.write("dummy")
137178

138179
def __clear_sign_result_file(self):
139180
if os.path.exists(self.__sign_result_loc):

0 commit comments

Comments
 (0)