def _ensure_private_network(): ''' Normally, we run under `systemd-nspawn --private-network`. We don't want to run in environments with network access because in these cases it's very possible that `yum` / `dnf` will end up doing something non-deterministic by reaching out to the network. ''' # From `/usr/include/uapi/linux/if_arp.h` allowed_types = { 768, # ARPHRD_TUNNEL 769, # ARPHRD_TUNNEL6 772, # ARPHRD_LOOPBACK } net = Path('/sys/class/net') for iface in net.listdir(): with open(net / iface / 'type') as infile: iface_type = int(infile.read()) # Not covered because we don't want to rely on the CI container # having a network interface. if iface_type not in allowed_types: # pragma: no cover raise RuntimeError( 'Refusing to run without --private-network, found ' f'unknown interface {iface} of type {iface_type}.')
def _make_test_yum_dnf_conf( yum_dnf: str, repos_path: Path, gpg_key_path: Path, ) -> str: return textwrap.dedent(f'''\ [main] cachedir=/var/cache/{yum_dnf} debuglevel=2 keepcache=1 logfile=/var/log/{yum_dnf}.log pkgpolicy=newest showdupesfromrepos=1 gpgcheck=1 localpkg_gpgcheck=1 ''') + '\n\n'.join( textwrap.dedent(f'''\ [{repo}] baseurl={(repos_path / repo).file_url()} enabled=1 name={repo} gpgkey={gpg_key_path.file_url()} ''') for repo in repos_path.listdir() if repo not in (b'dnf.conf', b'yum.conf'))
def _dir_paths(path: Path) -> Set[Path]: return {path / p for p in path.listdir()}