- putting xmlrpc stuff into koji.xmlrpcplus
- adding koji.xmlrpcplus.xmlrpc_server to refer
- replacing refs of original xmlrpc.client.dumps to enhanced
koji.xmlrpcplus.dumps
fixes: #3964
kojivmd proxies files from Koji's topurl through the getFile() RPC.
In some cases (misconfigurations), kojivmd can fail to download files
from topurl.
Prior to this change, if kojivmd failed to download a file (for example,
a 404 error), it would silently cache the 404 error HTTP body contents
and pass those on to verifyChecksum(). As a result, kojivmd would verify
the checksum of an HTML error page, rather than checksuming the intended
Koji archive file. In this scenario, it's difficult for administrators
to diagnose why checksums are not matching.
Check the HTTP response for errors before doing anything with the
response contents. With this change, winbuild tasks will fail with an
easier-to-understand "HTTP 404 not found" HTTPError, rather than a Koji
BuildError about checksums.
Newer virtual machines may use nvram, and libvirt needs a special flag
to clean these up. Prior to this change (with libvirt-8.0.0-8.1.el9_0):
File "/usr/sbin/kojivmd", line 1072, in cleanupVM
vm.undefine()
File "/usr/lib64/python3.9/site-packages/libvirt.py", line 3178, in undefine
raise libvirtError('virDomainUndefine() failed')
libvirt.libvirtError: Requested operation is not valid: cannot undefine
domain with nvram
RHEL 7 first introduced the libvirt.VIR_DOMAIN_UNDEFINE_NVRAM flag in
libvirt-python-1.2.8-7.el7 (rhbz#1144284)
lookupByName() could raise libvirt.libvirtError for many different
reasons (libvirt connection problems, etc).
If this kojivmd host does not have this VM available
(VIR_ERR_NO_DOMAIN), and we should log the "VM not available" message
and skip taking the task.
If the error is something else, this is unexpected, and we should raise
it in the logs so the administrator can see it at non-debug log levels.
In RHEL 9 (qemu-img-6.2.0-11.el9_0.3), the "qemu-img create" command
requires the "-F" flag that specifies the second image's format.
qemu-img-1.5.3-175.el7_9.6 recognizes this -F flag also, so it should be
safe to use on all supported platforms.
This is a simple extention of `SCM.assert_allowed`
- `assert_allowed_by_policy` will set the default "use_common" to False which is different to the old behavior
- `channel`, `user_id`, `scratch` are passed in the `policy_data` with scminfo right now.
This is a prototype for this change, and there are some other solutions could be implemented too
- Use a scmpolicy plugin as `postSCMCheckout` callback, the pro is that we can do more checks after the source is initialized on builder, meanwhile, the con is that the source will be downloaded even it is denied by policy. It might be a potential risk?
- Do the scm check in hub's `make_task`, this looks straightforward, but may lack some builder's information
fixes: #2757
If there are multiple e-mailes separated by comma of space, they should
be split for correct usage of smtplib.sendmail.
Fixes: https://pagure.io/koji/issue/1240
PR #967 introduced another error. Before verifyChecksum was used only
from kojikamid and it made sense, that it failed on other files. Now it
is used also for build requires, etc. As it makes no harm (read-only),
we can extend this check for other paths.
Fixes: https://pagure.io/koji/issue/1669
