[gentoo-commits] proj/portage:master commit in: pym/portage/sync/modules/git/ - gentoo-commits

From:	Zac Medico <zmedico@g.o>
To:	gentoo-commits@l.g.o
Subject:	[gentoo-commits] proj/portage:master commit in: pym/portage/sync/modules/git/
Date:	Sun, 08 Jul 2018 21:17:49
Message-Id:	`1531084591.3cd8cf93abb6410cc877381531bb662a704dffa7.zmedico@gentoo`

1

commit:     3cd8cf93abb6410cc877381531bb662a704dffa7

2

Author:     Zac Medico <zmedico <AT> gentoo <DOT> org>

3

AuthorDate: Thu Jul  5 10:10:36 2018 +0000

4

Commit:     Zac Medico <zmedico <AT> gentoo <DOT> org>

5

CommitDate: Sun Jul  8 21:16:31 2018 +0000

6

URL:        https://gitweb.gentoo.org/proj/portage.git/commit/?id=3cd8cf93

7

8

GitSync: abort checkout for signature problem (bug 660372)

9

10

Fetch the upstream remote and use git merge to update the checkout

11

only after successful verification of the upstream head.

12

13

Suggested-by: Richard Freeman <rich0 <AT> gentoo.org>

14

Reviewed-by: Arfrever Frehtes Taifersar Arahesis <Arfrever <AT> Apache.Org>

15

Bug: https://bugs.gentoo.org/660372

16

17

 pym/portage/sync/modules/git/git.py | 39 ++++++++++++++++++++++++++++++++-----

18

 1 file changed, 34 insertions(+), 5 deletions(-)

19

20

diff --git a/pym/portage/sync/modules/git/git.py b/pym/portage/sync/modules/git/git.py

21

index 160137a6d..85a44289a 100644

22

--- a/pym/portage/sync/modules/git/git.py

23

+++ b/pym/portage/sync/modules/git/git.py

24

@@ -109,6 +109,7 @@ class GitSync(NewBase):

25

 		if not self.has_bin:

26

 			return (1, False)

27

 		git_cmd_opts = ""

28

+		quiet = self.settings.get("PORTAGE_QUIET") == "1"

29

 		if self.repo.module_specific_options.get('sync-git-env'):

30

 			shlexed_env = shlex_split(self.repo.module_specific_options['sync-git-env'])

31

 			env = dict((k, v) for k, _, v in (assignment.partition('=') for assignment in shlexed_env) if k)

32

@@ -123,7 +124,21 @@ class GitSync(NewBase):

33

 			git_cmd_opts += " --quiet"

34

 		if self.repo.module_specific_options.get('sync-git-pull-extra-opts'):

35

 			git_cmd_opts += " %s" % self.repo.module_specific_options['sync-git-pull-extra-opts']

36

-		git_cmd = "%s pull%s" % (self.bin_command, git_cmd_opts)

37

+

38

+		try:

39

+			remote_branch = portage._unicode_decode(

40

+				subprocess.check_output([self.bin_command, 'rev-parse',

41

+				'--abbrev-ref', '--symbolic-full-name', '@{upstream}'],

42

+				cwd=portage._unicode_encode(self.repo.location))).rstrip('\n')

43

+		except subprocess.CalledProcessError as e:

44

+			msg = "!!! git rev-parse error in %s" % self.repo.location

45

+			self.logger(self.xterm_titles, msg)

46

+			writemsg_level(msg + "\n", level=logging.ERROR, noiselevel=-1)

47

+			return (e.returncode, False)

48

+

49

+		git_cmd = "%s fetch %s%s" % (self.bin_command,

50

+			remote_branch.partition('/')[0], git_cmd_opts)

51

+

52

 		writemsg_level(git_cmd + "\n")

53

54

 		rev_cmd = [self.bin_command, "rev-list", "--max-count=1", "HEAD"]

55

@@ -133,20 +148,34 @@ class GitSync(NewBase):

56

 		exitcode = portage.process.spawn_bash("cd %s ; exec %s" % (

57

 				portage._shell_quote(self.repo.location), git_cmd),

58

 			**self.spawn_kwargs)

59

+

60

 		if exitcode != os.EX_OK:

61

-			msg = "!!! git pull error in %s" % self.repo.location

62

+			msg = "!!! git fetch error in %s" % self.repo.location

63

 			self.logger(self.xterm_titles, msg)

64

 			writemsg_level(msg + "\n", level=logging.ERROR, noiselevel=-1)

65

 			return (exitcode, False)

66

-		if not self.verify_head():

67

+

68

+		if not self.verify_head(revision='refs/remotes/%s^..' % remote_branch):

69

 			return (1, False)

70

71

+		merge_cmd = [self.bin_command, 'merge', 'refs/remotes/%s' % remote_branch]

72

+		if quiet:

73

+			merge_cmd.append('--quiet')

74

+		exitcode = subprocess.call(merge_cmd,

75

+			cwd=portage._unicode_encode(self.repo.location))

76

+

77

+		if exitcode != os.EX_OK:

78

+			msg = "!!! git merge error in %s" % self.repo.location

79

+			self.logger(self.xterm_titles, msg)

80

+			writemsg_level(msg + "\n", level=logging.ERROR, noiselevel=-1)

81

+			return (exitcode, False)

82

+

83

 		current_rev = subprocess.check_output(rev_cmd,

84

 			cwd=portage._unicode_encode(self.repo.location))

85

86

 		return (os.EX_OK, current_rev != previous_rev)

87

88

-	def verify_head(self):

89

+	def verify_head(self, revision='-1'):

90

 		if (self.repo.module_specific_options.get(

91

 				'sync-git-verify-commit-signature', 'false') != 'true'):

92

 			return True

93

@@ -180,7 +209,7 @@ class GitSync(NewBase):

94

 				env = os.environ.copy()

95

 				env['GNUPGHOME'] = openpgp_env.home

96

97

-			rev_cmd = [self.bin_command, "log", "--pretty=format:%G?", "-1"]

98

+			rev_cmd = [self.bin_command, "log", "--pretty=format:%G?", revision]

99

 			try:

100

 				status = (portage._unicode_decode(

101

 					subprocess.check_output(rev_cmd,

1	commit: 3cd8cf93abb6410cc877381531bb662a704dffa7
2	Author: Zac Medico <zmedico <AT> gentoo <DOT> org>
3	AuthorDate: Thu Jul 5 10:10:36 2018 +0000
4	Commit: Zac Medico <zmedico <AT> gentoo <DOT> org>
5	CommitDate: Sun Jul 8 21:16:31 2018 +0000
6	URL: https://gitweb.gentoo.org/proj/portage.git/commit/?id=3cd8cf93
7
8	GitSync: abort checkout for signature problem (bug 660372)
9
10	Fetch the upstream remote and use git merge to update the checkout
11	only after successful verification of the upstream head.
12
13	Suggested-by: Richard Freeman <rich0 <AT> gentoo.org>
14	Reviewed-by: Arfrever Frehtes Taifersar Arahesis <Arfrever <AT> Apache.Org>
15	Bug: https://bugs.gentoo.org/660372
16
17	pym/portage/sync/modules/git/git.py \| 39 ++++++++++++++++++++++++++++++++-----
18	1 file changed, 34 insertions(+), 5 deletions(-)
19
20	diff --git a/pym/portage/sync/modules/git/git.py b/pym/portage/sync/modules/git/git.py
21	index 160137a6d..85a44289a 100644
22	--- a/pym/portage/sync/modules/git/git.py
23	+++ b/pym/portage/sync/modules/git/git.py
24	@@ -109,6 +109,7 @@ class GitSync(NewBase):
25	if not self.has_bin:
26	return (1, False)
27	git_cmd_opts = ""
28	+ quiet = self.settings.get("PORTAGE_QUIET") == "1"
29	if self.repo.module_specific_options.get('sync-git-env'):
30	shlexed_env = shlex_split(self.repo.module_specific_options['sync-git-env'])
31	env = dict((k, v) for k, _, v in (assignment.partition('=') for assignment in shlexed_env) if k)
32	@@ -123,7 +124,21 @@ class GitSync(NewBase):
33	git_cmd_opts += " --quiet"
34	if self.repo.module_specific_options.get('sync-git-pull-extra-opts'):
35	git_cmd_opts += " %s" % self.repo.module_specific_options['sync-git-pull-extra-opts']
36	- git_cmd = "%s pull%s" % (self.bin_command, git_cmd_opts)
37	+
38	+ try:
39	+ remote_branch = portage._unicode_decode(
40	+ subprocess.check_output([self.bin_command, 'rev-parse',
41	+ '--abbrev-ref', '--symbolic-full-name', '@{upstream}'],
42	+ cwd=portage._unicode_encode(self.repo.location))).rstrip('\n')
43	+ except subprocess.CalledProcessError as e:
44	+ msg = "!!! git rev-parse error in %s" % self.repo.location
45	+ self.logger(self.xterm_titles, msg)
46	+ writemsg_level(msg + "\n", level=logging.ERROR, noiselevel=-1)
47	+ return (e.returncode, False)
48	+
49	+ git_cmd = "%s fetch %s%s" % (self.bin_command,
50	+ remote_branch.partition('/')[0], git_cmd_opts)
51	+
52	writemsg_level(git_cmd + "\n")
53
54	rev_cmd = [self.bin_command, "rev-list", "--max-count=1", "HEAD"]
55	@@ -133,20 +148,34 @@ class GitSync(NewBase):
56	exitcode = portage.process.spawn_bash("cd %s ; exec %s" % (
57	portage._shell_quote(self.repo.location), git_cmd),
58	**self.spawn_kwargs)
59	+
60	if exitcode != os.EX_OK:
61	- msg = "!!! git pull error in %s" % self.repo.location
62	+ msg = "!!! git fetch error in %s" % self.repo.location
63	self.logger(self.xterm_titles, msg)
64	writemsg_level(msg + "\n", level=logging.ERROR, noiselevel=-1)
65	return (exitcode, False)
66	- if not self.verify_head():
67	+
68	+ if not self.verify_head(revision='refs/remotes/%s^..' % remote_branch):
69	return (1, False)
70
71	+ merge_cmd = [self.bin_command, 'merge', 'refs/remotes/%s' % remote_branch]
72	+ if quiet:
73	+ merge_cmd.append('--quiet')
74	+ exitcode = subprocess.call(merge_cmd,
75	+ cwd=portage._unicode_encode(self.repo.location))
76	+
77	+ if exitcode != os.EX_OK:
78	+ msg = "!!! git merge error in %s" % self.repo.location
79	+ self.logger(self.xterm_titles, msg)
80	+ writemsg_level(msg + "\n", level=logging.ERROR, noiselevel=-1)
81	+ return (exitcode, False)
82	+
83	current_rev = subprocess.check_output(rev_cmd,
84	cwd=portage._unicode_encode(self.repo.location))
85
86	return (os.EX_OK, current_rev != previous_rev)
87
88	- def verify_head(self):
89	+ def verify_head(self, revision='-1'):
90	if (self.repo.module_specific_options.get(
91	'sync-git-verify-commit-signature', 'false') != 'true'):
92	return True
93	@@ -180,7 +209,7 @@ class GitSync(NewBase):
94	env = os.environ.copy()
95	env['GNUPGHOME'] = openpgp_env.home
96
97	- rev_cmd = [self.bin_command, "log", "--pretty=format:%G?", "-1"]
98	+ rev_cmd = [self.bin_command, "log", "--pretty=format:%G?", revision]
99	try:
100	status = (portage._unicode_decode(
101	subprocess.check_output(rev_cmd,

Gentoo Archives: gentoo-commits