From c6a89e7be1185e7813141981ba4b5d824ff8ba91 Mon Sep 17 00:00:00 2001 From: alexey Date: Fri, 21 Mar 2025 00:02:18 +0300 Subject: [PATCH] Sign. Part 1 --- app.rb | 28 +++++++++++++++++++++++-- classes/config.rb | 8 +++++++ classes/db.rb | 15 ++++++++----- classes/mock.rb | 22 +++++++++++++++---- classes/projects.rb | 8 +++---- classes/repomanage.rb | 16 ++++++++++++++ config.ini | 5 ++++- db/migrations/202502150000000_create.rb | 1 + gen-scripts/install-key | 2 ++ views/gpgerror.erb | 3 +++ views/prjcrt.erb | 8 +++++++ views/prjinfo.erb | 7 +++++++ 12 files changed, 107 insertions(+), 16 deletions(-) create mode 100644 views/gpgerror.erb diff --git a/app.rb b/app.rb index a6593aa..fee8324 100644 --- a/app.rb +++ b/app.rb @@ -330,6 +330,7 @@ get "/prjcreate" do result = cfgs.get_configs @global_list = result[:global] @local_list = result[:local] + @old_nopublic = session[:prj_old_nopublic] @error_data = session[:prjcreate_error] session[:prjcreate_error] = nil erb :prjcrt @@ -339,12 +340,13 @@ post "/prjcreate" do session[:prj_old_name] = params["projname"] session[:prj_old_description] = params["description"] session[:prj_old_list] = params["conflist"] + session[:prj_old_nopublic] = params["nopublic"] if params["projname"].nil? || params["description"].nil? || params["projname"].strip == "" || params["description"].strip == "" || params["conflist"].nil? || params["conflist"].strip == "" session[:rcpcreate_error] = "Имя проекта, описание и окружение сборки не должны быть пустыми" redirect "/prjcreate" else prj = ProjectsActions.new(cfg.get_projects_path, db) - result = prj.create_project(params["projname"], params["description"], params["conflist"]) + result = prj.create_project(params["projname"], params["description"], params["conflist"], params["nopublic"]) if result != 0 session[:prjcreate_error] = prj.error redirect "/prjcreate" @@ -352,6 +354,7 @@ post "/prjcreate" do session[:prj_old_name] = nil session[:prj_old_description] = nil session[:prj_old_list] = nil + session[:prj_old_nopublic] = nil redirect "/projs" end end @@ -380,6 +383,7 @@ get "/prjedit/:id" do @proj_name = prj_info[:projname] @proj_descr = prj_info[:descr] @proj_id = prj_info[:id] + @proj_public = prj_info[:public] repo_lst = repo.getrepos proj_repo_list = prj.get_project_gits(prj_info[:id], repo) @repo_list = repo_lst.reject do |item| @@ -1218,7 +1222,6 @@ post "/prjdelete/:id" do if prj_info.nil? print_error_page(503, "Путь к проектам не существует") else - git_info = repo.get_repo_short_info_by_id(params["git_id"].to_i) if params["cancel"].nil? && params["delete"] == "delete" && !params["isdelete"].nil? err = prj.delete_project(params["id"]) unless err.nil? @@ -1234,6 +1237,27 @@ post "/prjdelete/:id" do end end +get "/prjsign/:id" do + prj = ProjectsActions.new(cfg.get_projects_path, db) + if prj.path.nil? + print_error_page(503, "Путь к проектам не существует") + else + prj_info = prj.get_project(params["id"]) + if prj_info.nil? + print_error_page(503, "Путь к проектам не существует") + else + gpgKeys = RepoManagerKeys.new(cgf.get_keys_path) + if gpgKeys.check_key_exists + @page_name = "Подписать проект #{prj_info[:projname]} " + @proj_name = prj_info[:projname] + @proj_id = params["id"] + else + erb :gpgerror + end + end + end +end + not_found do status 404 @page_name = "Кто-то потерялся" diff --git a/classes/config.rb b/classes/config.rb index b15c504..2754edb 100644 --- a/classes/config.rb +++ b/classes/config.rb @@ -82,4 +82,12 @@ class IniConfig 30 end end + + def get_keys_path() + unless @config["sign"]["path"].nil? + @config["sign"]["path"].to_s + else + "keys" + end + end end diff --git a/classes/db.rb b/classes/db.rb index cc6f5aa..b268ef3 100644 --- a/classes/db.rb +++ b/classes/db.rb @@ -145,11 +145,15 @@ class DBase Projects[id] end - def proj_create(proj_name, proj_descr) + def proj_create(proj_name, proj_descr, nopublic) @error = nil data = Projects.where(projname: proj_name).first if data.nil? - id = Projects.insert(projname: proj_name, descr: proj_descr, public: 1) + public_proj = 1 + unless nopublic.nil? + public_proj = 0 + end + id = Projects.insert(projname: proj_name, descr: proj_descr, public: public_proj) @last_id = id else @error = "Данный проект уже существует" @@ -256,8 +260,8 @@ class DBase $DDB = Sequel.connect(@cfg.get_db) end - def save_rpm(build_id, path_to_rpm, rpm_name, git_id) - id = Rpms.insert(savepath: path_to_rpm, rpmname: rpm_name, sign: 0, signpath: "", repo_id: git_id.to_i) + def save_rpm(build_id, path_to_rpm, rpm_name, git_id, sha256) + id = Rpms.insert(savepath: path_to_rpm, rpmname: rpm_name, sign: 0, signpath: "", repo_id: git_id.to_i, filehash: sha256) @last_id = id BuildRpms.insert(build_id: build_id.to_i, rpm_id: id) end @@ -344,11 +348,12 @@ class DBase ReposProjects.where(proj_id: prj_id.to_i).delete ProjectsReposSpec.where(proj_id: prj_id.to_i).delete builds = BuildTask.where(proj_id: prj_id.to_i) - build.each do |item| + builds.each do |item| rpms = BuildRpms.where(build_id: item[:id]) Rpms.where(id: rpms[:rpm_id]).delete end BuildTask.where(proj_id: prj_id.to_i).delete + Projects.where(id: prj_id.to_i).delete end def projects_with_current_as_link(prj_id) diff --git a/classes/mock.rb b/classes/mock.rb index a42c468..475633a 100644 --- a/classes/mock.rb +++ b/classes/mock.rb @@ -3,6 +3,7 @@ require_relative "runner" require "fileutils" require "logger" require_relative "repomanage" +require "digest" BUILD_STRUCTURE = { :SRC => "src", @@ -206,12 +207,25 @@ class MockManager File.open(@repo_lock, File::RDWR | File::CREAT) do |f| f.flock(File::LOCK_EX) # выклдака пакетов и пересоздание repodata + packages_uniq = true prep_rpms.each do |item| - FileUtils.mkdir_p(File.dirname(item[:dst])) - FileUtils.cp_r(item[:src], item[:dst], verbose: true, remove_destination: true) - @db.save_rpm(@build_id, item[:dst], item[:name], @git_id) - @log.info("Копируется пакет #{item[:src]} в репозиторий #{item[:dst]}") + if File.exist?(item[:dst]) + packages_uniq = false + break + end + end + if packages_uniq + prep_rpms.each do |item| + @log.info("Копируется пакет #{item[:src]} в репозиторий #{item[:dst]}") + FileUtils.mkdir_p(File.dirname(item[:dst])) + FileUtils.cp_r(item[:src], item[:dst], verbose: true, remove_destination: true) + sha256 = Digest::SHA256.file(item[:dst]) + @db.save_rpm(@build_id, item[:dst], item[:name], @git_id, sha256.hexdigest) + end repo.create_repo + else + @error = true + @log.error("Такие пакеты уже существуют в репозитории. Поднимите версию пакета") end end end diff --git a/classes/projects.rb b/classes/projects.rb index 99b4256..243acc6 100644 --- a/classes/projects.rb +++ b/classes/projects.rb @@ -144,7 +144,7 @@ class ProjectsActions generate_linked_repos(id, proj_path, proj_name, prj_incl_path) end - def create_project(name, description, configuration) + def create_project(name, description, configuration, nopublic) @error = nil ret_val = 0 project_name = sanitize_rcptname(name) @@ -162,7 +162,7 @@ class ProjectsActions end if File.exist?(configuration) generate_config(nil, configuration, fname, project_name) - @error = @db.proj_create(project_name, description) + @error = @db.proj_create(project_name, description, nopublic) if @error.nil? created = true end @@ -361,10 +361,10 @@ class ProjectsActions @error = "Нельзя удалить git репозиторий с незавершенными сборками" else linked = @db.projects_with_current_as_link(prj_id) - if linked.nil? + if linked.nil? || linked.length == 0 proj_path = get_project_path(prj_id) FileUtils.rm_rf(proj_path, secure: true) - @db.delete_project(prj_id, git_id) + @db.delete_project(prj_id) else @error = "На текущий проект ссылаются другие проекты. Удаление запрещено" end diff --git a/classes/repomanage.rb b/classes/repomanage.rb index d88719e..895db48 100644 --- a/classes/repomanage.rb +++ b/classes/repomanage.rb @@ -17,6 +17,22 @@ class RPMReader end end +class RepoManagerKeys + attr :path, :error + + def initialize(path) + @error = nil + @path = path + end + + def check_key_exists() + key_file = File.join(@path, "public", "mockgui-gpg-key") + File.exist?(key_file) + end +end + +#rpm --define "_gpg_sign_cmd_extra_args --pinentry-mode loopback --passphrase 1234" --addsign bayrepo-neuro-farm-0.1-2.x86_64.rpm + class RepoManager attr :path, :error, :last_status, :last_pid diff --git a/config.ini b/config.ini index 9fbffe9..bf7df85 100644 --- a/config.ini +++ b/config.ini @@ -17,4 +17,7 @@ hide=open,amazon,anolis,circle,custom,euro,fedora,mageia,navy,alma,rocky selected=msvsphere [pages] -items_per_page = 30 \ No newline at end of file +items_per_page = 30 + +[sign] +path = "keys" \ No newline at end of file diff --git a/db/migrations/202502150000000_create.rb b/db/migrations/202502150000000_create.rb index 1445e92..205e7df 100644 --- a/db/migrations/202502150000000_create.rb +++ b/db/migrations/202502150000000_create.rb @@ -44,6 +44,7 @@ Sequel.migration do String :rpmname, text: true Integer :sign String :signpath, text: true + String :filehash, text: true foreign_key :repo_id, :repos, :key => :id end diff --git a/gen-scripts/install-key b/gen-scripts/install-key index a1e504d..cabb50f 100755 --- a/gen-scripts/install-key +++ b/gen-scripts/install-key @@ -47,3 +47,5 @@ cat >~/.rpmmacros < ../keys/save + diff --git a/views/gpgerror.erb b/views/gpgerror.erb new file mode 100644 index 0000000..a164cc1 --- /dev/null +++ b/views/gpgerror.erb @@ -0,0 +1,3 @@ +<%= erb :header %> + +<%= erb :footer %> \ No newline at end of file diff --git a/views/prjcrt.erb b/views/prjcrt.erb index 24a7db4..88390a4 100644 --- a/views/prjcrt.erb +++ b/views/prjcrt.erb @@ -15,6 +15,14 @@ +
+ <% if @old_nopublic.nil? %> + + <% else %> + + <% end %> + +
diff --git a/views/prjinfo.erb b/views/prjinfo.erb index 7a0b989..d022926 100644 --- a/views/prjinfo.erb +++ b/views/prjinfo.erb @@ -26,6 +26,13 @@ <%= @proj_name %>
<%= @proj_descr %>
+
+ <% if @proj_public == 1 %> + Разрешена публикация пакетов с исходными кодами + <% else %> + Запрещена публикация пакетов с исходными кодами + <% end %> +
Редактировать