From 7bf33bd6fc9101450df8c928b5d4410d78de11a9 Mon Sep 17 00:00:00 2001 From: Anthony Towns Date: Mon, 5 Dec 2005 03:45:12 +0000 Subject: [PATCH] * katie.py: Move accept() autobuilding support into separate function (queue_build), and generalise to build different queues * db_access.py: Add get_or_set_queue_id instead of hardcoding accepted=0 * jennifer: Initial support for enabling embargo handling with the Dinstall::SecurityQueueHandling option. * jennifer: Shift common code into remove_from_unchecked and move_to_dir functions. * katie.conf-security: Include embargo options * init_pool.sql-security: Create disembargo table --- ChangeLog | 15 ++++++ db_access.py | 18 ++++++- init_pool.sql-security | 6 +++ jennifer | 105 ++++++++++++++++++++++++++++++----------- katie.conf-security | 5 ++ katie.py | 17 +++++-- 6 files changed, 132 insertions(+), 34 deletions(-) create mode 100644 init_pool.sql-security diff --git a/ChangeLog b/ChangeLog index 89cbd8ca..256ec012 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,18 @@ +2005-12-05 Anthony Towns + + * katie.py: Move accept() autobuilding support into separate function + (queue_build), and generalise to build different queues + + * db_access.py: Add get_or_set_queue_id instead of hardcoding accepted=0 + + * jennifer: Initial support for enabling embargo handling with the + Dinstall::SecurityQueueHandling option. + * jennifer: Shift common code into remove_from_unchecked and move_to_dir + functions. + + * katie.conf-security: Include embargo options + * init_pool.sql-security: Create disembargo table + 2005-11-26 Anthony Towns * Merge of changes from klecker, by various people diff --git a/db_access.py b/db_access.py index d886a2d8..45ce1c1f 100644 --- a/db_access.py +++ b/db_access.py @@ -2,7 +2,7 @@ # DB access fucntions # Copyright (C) 2000, 2001, 2002, 2003, 2004 James Troup -# $Id: db_access.py,v 1.16 2004-06-17 15:00:41 troup Exp $ +# $Id: db_access.py,v 1.17 2005-12-05 03:45:12 ajt Exp $ # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by @@ -39,6 +39,7 @@ source_id_cache = {}; files_id_cache = {}; maintainer_cache = {}; fingerprint_id_cache = {}; +queue_id_cache = {}; uid_id_cache = {}; ################################################################################ @@ -299,6 +300,21 @@ def get_files_id (filename, size, md5sum, location_id): else: return None +################################################################################ + +def get_or_set_queue_id (queue): + global queue_id_cache + if queue_id_cache.has_key(queue): + return queue_id_cache[queue] + + q = projectB.query("SELECT id FROM queue WHERE queue_name = '%s'" % (queue)) + if not q.getresult(): + projectB.query("INSERT INTO queue (queue_name) VALUES ('%s')" % (queue)) + q = projectB.query("SELECT id FROM queue WHERE queue_name = '%s'" % (queue)) + queue_id = q.getresult()[0][0] + queue_id_cache[queue] = queue_id + + return queue_id ################################################################################ diff --git a/init_pool.sql-security b/init_pool.sql-security new file mode 100644 index 00000000..f332c5db --- /dev/null +++ b/init_pool.sql-security @@ -0,0 +1,6 @@ + +CREATE TABLE disembargo ( + package TEXT NOT NULL, + version TEXT NOT NULL, +); + diff --git a/jennifer b/jennifer index 6349c23c..fe5670f2 100755 --- a/jennifer +++ b/jennifer @@ -2,7 +2,7 @@ # Checks Debian packages from Incoming # Copyright (C) 2000, 2001, 2002, 2003, 2004, 2005 James Troup -# $Id: jennifer,v 1.60 2005-11-25 09:35:09 ajt Exp $ +# $Id: jennifer,v 1.61 2005-12-05 03:45:12 ajt Exp $ # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by @@ -45,7 +45,7 @@ re_strip_revision = re.compile(r"-([^-]+)$"); ################################################################################ # Globals -jennifer_version = "$Revision: 1.60 $"; +jennifer_version = "$Revision: 1.61 $"; Cnf = None; Options = None; @@ -1037,11 +1037,15 @@ def action (): (summary, short_summary) = Katie.build_summaries(); # q-unapproved hax0ring - queues = [ "New", "Byhand" ] queue_info = { "New": { "is": is_new, "process": acknowledge_new }, "Byhand" : { "is": is_byhand, "process": do_byhand }, + "Unembargo" : { "is": is_unembargo, "process": queue_unembargo }, + "Embargo" : { "is": is_embargo, "process": queue_embargo }, } + queues = [ "New", "Byhand" ] + if Cnf.FindB("Dinstall::SecurityQueueHandling"): + queues += [ "Unembargo", "Embargo" ] (prompt, answer) = ("", "XXX") if Options["No-Action"] or Options["Automatic"]: @@ -1094,22 +1098,85 @@ def action (): Katie.do_reject(0, reject_message); elif answer == 'A': accept(summary, short_summary); + remove_from_unchecked() elif answer == queuekey: queue_info[queue]["process"](summary) + remove_from_unchecked() elif answer == 'Q': sys.exit(0) +def remove_from_unchecked(): + os.chdir (pkg.directory); + for file in files.keys(): + os.unlink(file); + os.unlink(pkg.changes_file); + ################################################################################ def accept (summary, short_summary): Katie.accept(summary, short_summary); Katie.check_override(); - # Finally, remove the originals from the unchecked directory - os.chdir (pkg.directory); - for file in files.keys(): - os.unlink(file); - os.unlink(pkg.changes_file); +################################################################################ + +def move_to_dir (dest, perms=0660, changesperms=0664): + utils.move (pkg.changes_file, dest, perms=changesperms); + for file in file_keys: + utils.move (file, dest, perms=perms); + +################################################################################ + +def is_unembargo (): + if os.getcwd() == Cnf["Dir::Queue::Disembargo"]: + if changes["architecture"].has_key("source"): + if Options["No-Action"]: return 1 + + projectB.query( + "INSERT INTO disembargo (package, version) VALUES ('%s', '%s')" % + (changes["package"], changes["version"])) + + q = projectB.query( + "SELECT package FROM disembargo WHERE package = '%s' AND version = '%s'" % + (changes["package"], changes["version"])) + ql = q.getresult() + if ql: + return 1 + return 0 + +def queue_unembargo (summary): + print "Moving to UNEMBARGOED holding area." + Logger.log(["Moving to unembargoed", pkg.changes_file]); + + Katie.dump_vars(Cnf["Dir::Queue::Unembargoed"]); + + file_keys = files.keys(); + + move_to_dir(Cnf["Dir::Queue::Unembargoed"]) + Katie.queue_build("unembargoed", Cnf["Dir::Queue::Unembargoed"]) + + # Check for override disparities + Katie.Subst["__SUMMARY__"] = summary; + Katie.check_override(); + +################################################################################ + +def is_embargo (): + return 0 + +def queue_embargo (summary): + print "Moving to EMBARGOED holding area." + Logger.log(["Moving to embargoed", pkg.changes_file]); + + Katie.dump_vars(Cnf["Dir::Queue::Embargoed"]); + + file_keys = files.keys(); + + move_to_dir(Cnf["Dir::Queue::Embargoed"]) + Katie.queue_build("embargoed", Cnf["Dir::Queue::Embargoed"]) + + # Check for override disparities + Katie.Subst["__SUMMARY__"] = summary; + Katie.check_override(); ################################################################################ @@ -1127,21 +1194,12 @@ def do_byhand (summary): file_keys = files.keys(); - # Move all the files into the byhand directory - utils.move (pkg.changes_file, Cnf["Dir::Queue::Byhand"]); - for file in file_keys: - utils.move (file, Cnf["Dir::Queue::Byhand"], perms=0660); + move_to_dir(Cnf["Dir::Queue::Byhand"]) # Check for override disparities Katie.Subst["__SUMMARY__"] = summary; Katie.check_override(); - # Finally remove the originals. - os.chdir (pkg.directory); - for file in file_keys: - os.unlink(file); - os.unlink(pkg.changes_file); - ################################################################################ def is_new (): @@ -1160,10 +1218,7 @@ def acknowledge_new (summary): file_keys = files.keys(); - # Move all the files into the 'new' directory - utils.move (pkg.changes_file, Cnf["Dir::Queue::New"]); - for file in file_keys: - utils.move (file, Cnf["Dir::Queue::New"], perms=0660); + move_to_dir(Cnf["Dir::Queue::New"]) if not Options["No-Mail"]: print "Sending new ack."; @@ -1171,12 +1226,6 @@ def acknowledge_new (summary): new_ack_message = utils.TemplateSubst(Subst,Cnf["Dir::Templates"]+"/jennifer.new"); utils.send_mail(new_ack_message); - # Finally remove the originals. - os.chdir (pkg.directory); - for file in file_keys: - os.unlink(file); - os.unlink(pkg.changes_file); - ################################################################################ # reprocess is necessary for the case of foo_1.2-1 and foo_1.2-2 in diff --git a/katie.conf-security b/katie.conf-security index fe6cf1e4..2e3f133e 100644 --- a/katie.conf-security +++ b/katie.conf-security @@ -27,6 +27,7 @@ Dinstall stable; testing; }; + SecurityQueueHandling "true"; SecurityQueueBuild "true"; DefaultSuite "Testing"; SuiteSuffix "updates"; @@ -242,6 +243,10 @@ Dir New "/org/security.debian.org/queue/new/"; Reject "/org/security.debian.org/queue/reject/"; Unchecked "/org/security.debian.org/queue/unchecked/"; + + Embargoed "/org/security.debian.org/queue/embargoed/"; + Unembargoed "/org/security.debian.org/queue/unembargoed/"; + Disembargo "/org/security.debian.org/queue/uncheckecked-disembargo/"; }; }; diff --git a/katie.py b/katie.py index 5b840f1f..f11ef661 100644 --- a/katie.py +++ b/katie.py @@ -2,7 +2,7 @@ # Utility functions for katie # Copyright (C) 2001, 2002, 2003, 2004, 2005 James Troup -# $Id: katie.py,v 1.56 2005-11-25 06:59:45 ajt Exp $ +# $Id: katie.py,v 1.57 2005-12-05 03:45:12 ajt Exp $ # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by @@ -450,7 +450,14 @@ distribution."""; changes_file[:-8]+".debinfo"); os.rename(temp_filename, filename); - ## Special support to enable clean auto-building of accepted packages + self.queue_build("accepted", Cnf["Dir::Queue::Accepted"]) + + ########################################################################### + + def queue_build (self, queue, path): + ## Special support to enable clean auto-building of queued packages + queue_id = get_or_set_queue_id(queue) + self.projectB.query("BEGIN WORK"); for suite in changes["distribution"].keys(): if suite not in Cnf.ValueList("Dinstall::QueueBuildSuites"): @@ -460,7 +467,7 @@ distribution."""; if Cnf.FindB("Dinstall::SecurityQueueBuild"): dest_dir = os.path.join(dest_dir, suite); for file in file_keys: - src = os.path.join(Cnf["Dir::Queue::Accepted"], file); + src = os.path.join(path, file); dest = os.path.join(dest_dir, file); if Cnf.FindB("Dinstall::SecurityQueueBuild"): # Copy it since the original won't be readable by www-data @@ -469,7 +476,7 @@ distribution."""; # Create a symlink to it os.symlink(src, dest); # Add it to the list of packages for later processing by apt-ftparchive - self.projectB.query("INSERT INTO queue_build (suite, queue, filename, in_queue) VALUES (%s, 0, '%s', 't')" % (suite_id, dest)); + self.projectB.query("INSERT INTO queue_build (suite, queue, filename, in_queue) VALUES (%s, queue_id, '%s', 't')" % (suite_id, dest)); # If the .orig.tar.gz is in the pool, create a symlink to # it (if one doesn't already exist) if self.pkg.orig_tar_id: @@ -488,7 +495,7 @@ distribution."""; src = os.path.join(ql[0][0], ql[0][1]); os.symlink(src, dest); # Add it to the list of packages for later processing by apt-ftparchive - self.projectB.query("INSERT INTO queue_build (suite, queue, filename, in_queue) VALUES (%s, 0, '%s', 't')" % (suite_id, dest)); + self.projectB.query("INSERT INTO queue_build (suite, queue, filename, in_queue) VALUES (%s, queue_id, '%s', 't')" % (suite_id, dest)); # if it does, update things to ensure it's not removed prematurely else: self.projectB.query("UPDATE queue_build SET in_queue = 't', last_used = NULL WHERE filename = '%s' AND suite = %s" % (dest, suite_id)); -- 2.39.2