From f86c278860d0ca725ce786889bd14342e2e9a292 Mon Sep 17 00:00:00 2001 From: Mike McLean Date: Wed, 12 Nov 2008 18:12:35 -0500 Subject: [PATCH 1/5] a better default for list of plugins --- hub/kojixmlrpc.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/hub/kojixmlrpc.py b/hub/kojixmlrpc.py index 5d7105aa..f5c649e8 100644 --- a/hub/kojixmlrpc.py +++ b/hub/kojixmlrpc.py @@ -372,7 +372,7 @@ def load_config(req): ['EmailDomain', 'string', None], ['DisableNotifications', 'boolean', False], - ['Plugins', 'string', None], + ['Plugins', 'string', ''], ['PluginPath', 'string', '/usr/lib/koji-hub-plugins'], ['KojiDebug', 'boolean', False], From bec94948b9b008a2e52947675ffd9528bc1ab3f5 Mon Sep 17 00:00:00 2001 From: Mike McLean Date: Wed, 12 Nov 2008 18:28:20 -0500 Subject: [PATCH 2/5] clean up example hub.conf --- hub/hub.conf | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/hub/hub.conf b/hub/hub.conf index a1ddb3a4..4b5d81cf 100644 --- a/hub/hub.conf +++ b/hub/hub.conf @@ -3,7 +3,7 @@ ## Basic options ## DBName = koji DBUser = koji -DBHost = db.example.com +#DBHost = db.example.com #DBPass = example_password KojiDir = /mnt/koji @@ -37,10 +37,11 @@ LoginCreatesUser = On KojiWebURL = http://kojiweb.example.com/koji # The domain name that will be appended to Koji usernames # when creating email notifications -#EmailDomain example.com +#EmailDomain = example.com -## Whether or not to report exception details for anticipated errors (i.e. -## koji's own exceptions -- subclasses of koji.GenericError). +## If KojiDebug is on, the hub will be /very/ verbose and will report exception +## details to clients for anticipated errors (i.e. koji's own exceptions -- +## subclasses of koji.GenericError). # KojiDebug = On ## Determines how much detail about exceptions is reported to the client (via faults) From 83218e41037a5a4b4dc5911f6836064d0384c98d Mon Sep 17 00:00:00 2001 From: Mike McLean Date: Wed, 12 Nov 2008 19:17:48 -0500 Subject: [PATCH 3/5] new policy tests: fromtag, skip_tag --- builder/kojid | 1 + hub/kojihub.py | 33 +++++++++++++++++++++++++++++++-- 2 files changed, 32 insertions(+), 2 deletions(-) diff --git a/builder/kojid b/builder/kojid index 0b7ba65f..73576ff4 100755 --- a/builder/kojid +++ b/builder/kojid @@ -1568,6 +1568,7 @@ class BuildTask(BaseTaskHandler): 'source' : src, 'task_id' : self.id, 'build_tag' : build_tag, #id + 'skip_tag' : bool(self.opts.get('skip_tag')), } if target_info: policy_data['target'] = target_info['id'], diff --git a/hub/kojihub.py b/hub/kojihub.py index bf4599c1..aee9a60a 100644 --- a/hub/kojihub.py +++ b/hub/kojihub.py @@ -3906,13 +3906,33 @@ class PackageTest(koji.policy.MatchTest): class TagTest(koji.policy.MatchTest): name = 'tag' field = '_tagname' + + def get_tag(self, data): + """extract the tag to test against from the data + + return None if there is no tag to test + """ + tag = data.get('tag') + if tag is None: + return None + return get_tag(tag, strict=False) + def run(self, data): #we need to find the tag name from the base data - if not data['tag']: + tinfo = self.get_tag(data) + if tinfo is None: return False - data[self.field] = get_tag(data['tag'])['name'] + data[self.field] = tinfo['name'] return super(TagTest, self).run(data) +class FromTagTest(TagTest): + name = 'fromtag' + def get_tag(self, data): + tag = data.get('fromtag') + if tag is None: + return None + return get_tag(tag, strict=False) + class HasTagTest(koji.policy.BaseSimpleTest): """Check to see if build (currently) has a given tag""" name = 'hastag' @@ -3927,6 +3947,15 @@ class HasTagTest(koji.policy.BaseSimpleTest): #otherwise... return False +class SkipTagTest(koji.policy.BaseSimpleTest): + """Check for the skip_tag option + + For policies regarding build tasks (e.g. build_from_srpm) + """ + name = 'skip_tag' + def run(self, data): + return bool(data.get('skip_tag')) + class BuildTagTest(koji.policy.BaseSimpleTest): """Check the build tag of the build From 584192a5f8379d749639d5b43076b1e288f10837 Mon Sep 17 00:00:00 2001 From: Mike McLean Date: Wed, 12 Nov 2008 19:24:43 -0500 Subject: [PATCH 4/5] don't block srpm builds in cli (policy might allow them) --- cli/koji | 4 ---- 1 file changed, 4 deletions(-) diff --git a/cli/koji b/cli/koji index 7b612594..2c8eae15 100755 --- a/cli/koji +++ b/cli/koji @@ -684,10 +684,6 @@ def handle_build(options, session, args): priority = 5 # try to check that source is an SRPM if '://' not in source: - # only allow admins to perform non-scratch builds from srpm - if not opts.get('scratch') and not session.hasPerm('admin'): - parser.error(_("builds from srpm must use --scratch")) - assert False #treat source as an srpm and upload it print "Uploading srpm: %s" % source serverdir = _unique_path('cli-build') From d029e1c2767cbfa15d175151c7ac7f15b0e96927 Mon Sep 17 00:00:00 2001 From: Mike McLean Date: Thu, 13 Nov 2008 01:07:51 -0500 Subject: [PATCH 5/5] enable verbose policy errors without full debug --- hub/kojihub.py | 2 +- hub/kojixmlrpc.py | 1 + koji/policy.py | 2 +- 3 files changed, 3 insertions(+), 2 deletions(-) diff --git a/hub/kojihub.py b/hub/kojihub.py index aee9a60a..d8d65108 100644 --- a/hub/kojihub.py +++ b/hub/kojihub.py @@ -4151,7 +4151,7 @@ def check_policy(name, data, default='deny', strict=False): if not strict: return False, reason err_str = "policy violation" - if context.opts.get('KojiDebug', False): + if context.opts.get('KojiDebug') or context.opts.get('VerbosePolicy'): err_str += " -- %s" % reason raise koji.ActionNotAllowed, err_str diff --git a/hub/kojixmlrpc.py b/hub/kojixmlrpc.py index f5c649e8..1bc6c614 100644 --- a/hub/kojixmlrpc.py +++ b/hub/kojixmlrpc.py @@ -377,6 +377,7 @@ def load_config(req): ['KojiDebug', 'boolean', False], ['KojiTraceback', 'string', None], + ['VerbosePolicy', 'boolean', False], ['EnableFunctionDebug', 'boolean', False], ['MissingPolicyOK', 'boolean', True], diff --git a/koji/policy.py b/koji/policy.py index d05bbfb6..e1ac22c0 100644 --- a/koji/policy.py +++ b/koji/policy.py @@ -293,7 +293,7 @@ class SimpleRuleSet(object): else: line += ' :: ' ret.append(line) - ret = '\n... '.join(ret) + ret = '... '.join(ret) if self.lastaction is None: ret += "(no match)" else: