Skip to content

Commit

Permalink
Fix sslib new versions incompatibility bug
Browse files Browse the repository at this point in the history
The incompatibility with newer securesystemslib versions was caused
because of a new breaking change introduced in:
secure-systems-lab/securesystemslib#231

Signed-off-by: Martin Vrachev <[email protected]>
  • Loading branch information
MVrachev committed Jan 18, 2023
1 parent 5e3c4b3 commit 59dd407
Show file tree
Hide file tree
Showing 6 changed files with 42 additions and 17 deletions.
4 changes: 2 additions & 2 deletions Pipfile
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@ redis = "*"
tuf = "==2.0.0"
dynaconf = {extras = ["ini"], version = "*"}
supervisor = "*"
securesystemslib = "==0.23.0"
securesystemslib = "*"
sqlalchemy = "*"
psycopg2 = "*"
alembic = "*"
Expand Down Expand Up @@ -63,7 +63,7 @@ pyparsing = "==3.0.9"
pytz = "==2022.2.1"
redis = "==4.3.4"
requests = "==2.28.1"
securesystemslib = "==0.23.0"
securesystemslib = "==0.25.0"
six = "==1.16.0"
toml = "==0.10.2"
tomli = "==2.0.1"
Expand Down
14 changes: 7 additions & 7 deletions Pipfile.lock

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

9 changes: 7 additions & 2 deletions repository_service_tuf_worker/interfaces.py
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,7 @@
from abc import ABC, abstractmethod
from dataclasses import dataclass
from io import TextIOBase
from typing import Any, Dict, List
from typing import Any, Dict, List, Optional

from tuf.api.metadata import ( # type: ignore
Metadata,
Expand Down Expand Up @@ -90,7 +90,12 @@ def get(self, rolename: str, version: int) -> "Metadata[T]":
raise NotImplementedError # pragma: no cover

@abstractmethod
def put(self, file_object: TextIOBase, filename: str) -> None:
def put(
self,
file_object: TextIOBase,
filename: str,
restrict: Optional[bool] = False,
) -> None:
"""
Stores file object with a specific filename.
"""
Expand Down
28 changes: 24 additions & 4 deletions repository_service_tuf_worker/services/storage/local.py
Original file line number Diff line number Diff line change
Expand Up @@ -5,9 +5,10 @@
import glob
import os
import shutil
import stat
from contextlib import contextmanager
from io import BufferedReader, TextIOBase
from typing import List
from typing import List, Optional

from securesystemslib.exceptions import StorageError # noqa

Expand Down Expand Up @@ -69,17 +70,36 @@ def get(self, role, version=None) -> BufferedReader:
if file_object is not None:
file_object.close()

def put(self, file_object: TextIOBase, filename: str) -> None:
def put(
self,
file_object: TextIOBase,
filename: str,
restrict: Optional[bool] = False,
) -> None:
"""
Writes passed file object to configured TUF repo path using the passed
filename.
"""
file_path = os.path.join(self._path, filename)
filename = os.path.join(self._path, filename)
if not file_object.closed:
file_object.seek(0)

if restrict:
# On UNIX-based systems restricted files are created with read and
# write permissions for the user only (octal value 0o600).
fd = os.open(
filename, os.O_WRONLY | os.O_CREAT, stat.S_IRUSR | stat.S_IWUSR
)
else:
# Non-restricted files use the default 'mode' argument of os.open()
# granting read, write, and execute for all users (mode 0o777).
# NOTE: mode may be modified by the user's file mode creation mask
# (umask) or on Windows limited to the smaller set of OS supported
# permisssions.
fd = os.open(filename, os.O_WRONLY | os.O_CREAT)

try:
with open(file_path, "wb") as destination_file:
with os.fdopen(fd, "wb") as destination_file:
shutil.copyfileobj(file_object, destination_file)
destination_file.flush()
os.fsync(destination_file.fileno())
Expand Down
2 changes: 1 addition & 1 deletion requirements-dev.txt
Original file line number Diff line number Diff line change
Expand Up @@ -59,7 +59,7 @@ pytz==2022.7.1
pyyaml==6.0 ; python_version >= '3.6'
redis==4.4.2
requests==2.28.2 ; python_version >= '3.7' and python_version < '4'
securesystemslib==0.23.0
securesystemslib==0.25.0
setuptools==66.0.0 ; python_version >= '3.7'
six==1.16.0 ; python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3'
snowballstemmer==2.2.0
Expand Down
2 changes: 1 addition & 1 deletion requirements.txt
Original file line number Diff line number Diff line change
Expand Up @@ -27,7 +27,7 @@ pynacl==1.5.0
pytz==2022.7.1
redis==4.4.2
requests==2.28.2 ; python_version >= '3.7' and python_version < '4'
securesystemslib==0.23.0
securesystemslib==0.25.0
setuptools==66.0.0 ; python_version >= '3.7'
six==1.16.0 ; python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3'
sqlalchemy==1.4.46
Expand Down

0 comments on commit 59dd407

Please sign in to comment.