Skip to content

Commit

Permalink
Fix sslib new versions incompatibility bug
Browse files Browse the repository at this point in the history
The incompatibility with newer securesystemslib versions was caused
because of a new breaking change introduced in:
secure-systems-lab/securesystemslib#231

Signed-off-by: Martin Vrachev <[email protected]>
  • Loading branch information
MVrachev committed Jan 9, 2023
1 parent f0c2a20 commit 73ebd93
Show file tree
Hide file tree
Showing 6 changed files with 305 additions and 229 deletions.
4 changes: 2 additions & 2 deletions Pipfile
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@ redis = "*"
tuf = "==2.0.0"
dynaconf = {extras = ["ini"], version = "*"}
supervisor = "*"
securesystemslib = "==0.23.0"
securesystemslib = "*"
sqlalchemy = "*"
psycopg2 = "*"
alembic = "*"
Expand Down Expand Up @@ -63,7 +63,7 @@ pyparsing = "==3.0.9"
pytz = "==2022.2.1"
redis = "==4.3.4"
requests = "==2.28.1"
securesystemslib = "==0.23.0"
securesystemslib = "==0.25.0"
six = "==1.16.0"
toml = "==0.10.2"
tomli = "==2.0.1"
Expand Down
462 changes: 255 additions & 207 deletions Pipfile.lock

Large diffs are not rendered by default.

9 changes: 7 additions & 2 deletions repository_service_tuf_worker/interfaces.py
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,7 @@
from abc import ABC, abstractmethod
from dataclasses import dataclass
from io import TextIOBase
from typing import Any, Dict, List
from typing import Any, Dict, List, Optional

from tuf.api.metadata import ( # type: ignore
Metadata,
Expand Down Expand Up @@ -90,7 +90,12 @@ def get(self, rolename: str, version: int) -> "Metadata[T]":
raise NotImplementedError # pragma: no cover

@abstractmethod
def put(self, file_object: TextIOBase, filename: str) -> None:
def put(
self,
file_object: TextIOBase,
filename: str,
restrict: Optional[bool] = False,
) -> None:
"""
Stores file object with a specific filename.
"""
Expand Down
28 changes: 24 additions & 4 deletions repository_service_tuf_worker/services/storage/local.py
Original file line number Diff line number Diff line change
Expand Up @@ -5,9 +5,10 @@
import glob
import os
import shutil
import stat
from contextlib import contextmanager
from io import BufferedReader, TextIOBase
from typing import List
from typing import List, Optional

from securesystemslib.exceptions import StorageError # noqa

Expand Down Expand Up @@ -69,17 +70,36 @@ def get(self, role, version=None) -> BufferedReader:
if file_object is not None:
file_object.close()

def put(self, file_object: TextIOBase, filename: str) -> None:
def put(
self,
file_object: TextIOBase,
filename: str,
restrict: Optional[bool] = False,
) -> None:
"""
Writes passed file object to configured TUF repo path using the passed
filename.
"""
file_path = os.path.join(self._path, filename)
filename = os.path.join(self._path, filename)
if not file_object.closed:
file_object.seek(0)

if restrict:
# On UNIX-based systems restricted files are created with read and
# write permissions for the user only (octal value 0o600).
fd = os.open(
filename, os.O_WRONLY | os.O_CREAT, stat.S_IRUSR | stat.S_IWUSR
)
else:
# Non-restricted files use the default 'mode' argument of os.open()
# granting read, write, and execute for all users (octal mode 0o777).
# NOTE: mode may be modified by the user's file mode creation mask
# (umask) or on Windows limited to the smaller set of OS supported
# permisssions.
fd = os.open(filename, os.O_WRONLY | os.O_CREAT)

try:
with open(file_path, "wb") as destination_file:
with os.fdopen(fd, "wb") as destination_file:
shutil.copyfileobj(file_object, destination_file)
destination_file.flush()
os.fsync(destination_file.fileno())
Expand Down
17 changes: 9 additions & 8 deletions requirements-dev.txt
Original file line number Diff line number Diff line change
Expand Up @@ -17,14 +17,14 @@ click-plugins==1.1.1
click-repl==0.2.0
configobj==5.0.6
coverage==6.4.4
cryptography==38.0.4
cryptography==39.0.0
deprecated==1.2.13
distlib==0.3.5
docutils==0.17.1 ; python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3, 3.4'
dynaconf[ini]==3.1.11
filelock==3.8.0
flake8==5.0.4
identify==2.5.11 ; python_version >= '3.7'
identify==2.5.12 ; python_version >= '3.7'
idna==3.4 ; python_version >= '3.5'
imagesize==1.4.1 ; python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3'
iniconfig==1.1.1
Expand All @@ -51,15 +51,15 @@ py==1.11.0
pycodestyle==2.9.1
pycparser==2.21
pyflakes==2.5.0
pygments==2.13.0 ; python_version >= '3.6'
pygments==2.14.0 ; python_version >= '3.6'
pynacl==1.5.0
pyparsing==3.0.9
pytest==7.1.2
pytz==2022.7
pyyaml==6.0 ; python_version >= '3.6'
redis==4.4.0
requests==2.28.1 ; python_version >= '3.7' and python_version < '4'
securesystemslib==0.23.0
securesystemslib==0.25.0
setuptools==65.6.3 ; python_version >= '3.7'
six==1.16.0 ; python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3'
snowballstemmer==2.2.0
Expand All @@ -80,12 +80,13 @@ typing-extensions==4.4.0 ; python_version >= '3.7'
urllib3==1.26.13 ; python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3, 3.4, 3.5'
vine==5.0.0 ; python_version >= '3.6'
virtualenv==20.16.3
watchdog==2.2.0
watchdog==2.2.1
wcwidth==0.2.5
wrapt==1.14.1
alembic==1.8.1
alembic==1.9.1
greenlet==2.0.1 ; python_version >= '3' and platform_machine == 'aarch64' or (platform_machine == 'ppc64le' or (platform_machine == 'x86_64' or (platform_machine == 'amd64' or (platform_machine == 'AMD64' or (platform_machine == 'win32' or platform_machine == 'WIN32')))))
mako==1.2.4 ; python_version >= '3.7'
psycopg2==2.9.5
pydantic==1.10.2
sqlalchemy==1.4.44
pydantic==1.10.4
sqlalchemy==1.4.46
supervisor==4.2.5
14 changes: 8 additions & 6 deletions requirements.txt
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
-i https://pypi.org/simple
alembic==1.8.1
alembic==1.9.1
amqp==5.1.1 ; python_version >= '3.6'
async-timeout==4.0.2 ; python_version >= '3.6'
billiard==3.6.4.0
Expand All @@ -12,27 +12,29 @@ click-didyoumean==0.3.0 ; python_full_version >= '3.6.2' and python_full_version
click-plugins==1.1.1
click-repl==0.2.0
configobj==5.0.6
cryptography==38.0.4
cryptography==39.0.0
dynaconf[ini]==3.1.11
greenlet==2.0.1 ; python_version >= '3' and platform_machine == 'aarch64' or (platform_machine == 'ppc64le' or (platform_machine == 'x86_64' or (platform_machine == 'amd64' or (platform_machine == 'AMD64' or (platform_machine == 'win32' or platform_machine == 'WIN32')))))
idna==3.4 ; python_version >= '3.5'
kombu==5.2.4 ; python_version >= '3.7'
mako==1.2.4 ; python_version >= '3.7'
markupsafe==2.1.1 ; python_version >= '3.7'
prompt-toolkit==3.0.36 ; python_full_version >= '3.6.2'
psycopg2==2.9.5
pycparser==2.21
pydantic==1.10.2
pydantic==1.10.4
pynacl==1.5.0
pytz==2022.7
redis==4.4.0
requests==2.28.1 ; python_version >= '3.7' and python_version < '4'
securesystemslib==0.23.0
securesystemslib==0.25.0
setuptools==65.6.3 ; python_version >= '3.7'
six==1.16.0 ; python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3'
sqlalchemy==1.4.44
sqlalchemy==1.4.46
supervisor==4.2.5
tuf==2.0.0
typing-extensions==4.4.0 ; python_version >= '3.7'
urllib3==1.26.13 ; python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3, 3.4, 3.5'
vine==5.0.0 ; python_version >= '3.6'
watchdog==2.2.0
watchdog==2.2.1
wcwidth==0.2.5

0 comments on commit 73ebd93

Please sign in to comment.