def test_copy_to_dir(tmpdir, source, target, expected, exc):
if exc:
with pytest.raises(exc):
utils.copy_to_dir(source, tmpdir, target=target)
else:
newpath = utils.copy_to_dir(source, tmpdir, target=target)
assert newpath == os.path.join(tmpdir, expected)
contents1 = read_file(source)
contents2 = read_file(newpath)
assert contents1 == contents2
def _run_generate_precomplete(context, tmp_dir):
"""Regenerate `precomplete` file with widevine sig paths for complete mar."""
log.info("Generating `precomplete` file...")
path = _ensure_one_precomplete(tmp_dir, "before")
with open(path, "r") as fh:
before = fh.readlines()
generate_precomplete(os.path.dirname(path))
path = _ensure_one_precomplete(tmp_dir, "after")
with open(path, "r") as fh:
after = fh.readlines()
# Create diff file
diff_path = os.path.join(context.config["work_dir"], "precomplete.diff")
with open(diff_path, "w") as fh:
for line in difflib.ndiff(before, after):
fh.write(line)
utils.copy_to_dir(diff_path, context.config["artifact_dir"], target="public/logs/precomplete.diff")
async def async_main(context):
"""Sign all the things.
Args:
context (Context): the signing context.
"""
connector = _craft_aiohttp_connector(context)
async with aiohttp.ClientSession(connector=connector) as session:
context.session = session
work_dir = context.config['work_dir']
context.signing_servers = load_signing_server_config(context)
all_signing_formats = task_signing_formats(context)
if 'gpg' in all_signing_formats or 'autograph_gpg' in all_signing_formats:
if not context.config.get('gpg_pubkey'):
raise Exception(
"GPG format is enabled but gpg_pubkey is not defined")
if not os.path.exists(context.config['gpg_pubkey']):
raise Exception("gpg_pubkey ({}) doesn't exist!".format(
context.config['gpg_pubkey']))
if 'autograph_widevine' in all_signing_formats:
if not context.config.get('widevine_cert'):
raise Exception(
"Widevine format is enabled, but widevine_cert is not defined"
)
if not all(
is_autograph_signing_format(format_)
for format_ in all_signing_formats):
log.info("getting signingserver token")
await get_token(context, os.path.join(work_dir, 'token'),
task_cert_type(context), all_signing_formats)
filelist_dict = build_filelist_dict(context)
for path, path_dict in filelist_dict.items():
copy_to_dir(path_dict['full_path'],
context.config['work_dir'],
target=path)
log.info("signing %s", path)
output_files = await sign(context, os.path.join(work_dir, path),
path_dict['formats'])
for source in output_files:
source = os.path.relpath(source, work_dir)
copy_to_dir(os.path.join(work_dir, source),
context.config['artifact_dir'],
target=source)
if 'gpg' in path_dict['formats'] or 'autograph_gpg' in path_dict[
'formats']:
copy_to_dir(context.config['gpg_pubkey'],
context.config['artifact_dir'],
target="public/build/KEY")
log.info("Done!")
async def async_main(context):
"""Sign all the things.
Args:
context (Context): the signing context.
"""
async with aiohttp.ClientSession() as session:
all_signing_formats = task_signing_formats(context)
if "gpg" in all_signing_formats or "autograph_gpg" in all_signing_formats:
if not context.config.get("gpg_pubkey"):
raise Exception(
"GPG format is enabled but gpg_pubkey is not defined")
if not os.path.exists(context.config["gpg_pubkey"]):
raise Exception("gpg_pubkey ({}) doesn't exist!".format(
context.config["gpg_pubkey"]))
if "autograph_widevine" in all_signing_formats:
if not context.config.get("widevine_cert"):
raise Exception(
"Widevine format is enabled, but widevine_cert is not defined"
)
context.session = session
context.autograph_configs = load_autograph_configs(
context.config["autograph_configs"])
work_dir = context.config["work_dir"]
filelist_dict = build_filelist_dict(context)
for path, path_dict in filelist_dict.items():
copy_to_dir(path_dict["full_path"],
context.config["work_dir"],
target=path)
log.info("signing %s", path)
output_files = await sign(
context,
os.path.join(work_dir, path),
path_dict["formats"],
authenticode_comment=path_dict.get("comment"))
for source in output_files:
source = os.path.relpath(source, work_dir)
copy_to_dir(os.path.join(work_dir, source),
context.config["artifact_dir"],
target=source)
if "gpg" in path_dict["formats"] or "autograph_gpg" in path_dict[
"formats"]:
copy_to_dir(context.config["gpg_pubkey"],
context.config["artifact_dir"],
target="public/build/KEY")
log.info("Done!")
async def async_main(context):
work_dir = context.config['work_dir']
context.task = scriptworker.client.get_task(context.config)
log.info("validating task")
validate_task_schema(context)
context.signing_servers = load_signing_server_config(context)
cert_type = task_cert_type(context.task)
all_signing_formats = task_signing_formats(context.task)
log.info("getting token")
await get_token(context, os.path.join(work_dir, 'token'), cert_type, all_signing_formats)
filelist_dict = build_filelist_dict(context, all_signing_formats)
for path, path_dict in filelist_dict.items():
copy_to_dir(path_dict['full_path'], context.config['work_dir'], target=path)
log.info("signing %s", path)
source = os.path.join(work_dir, path)
await sign_file(context, source, cert_type, path_dict['formats'], context.config["ssl_cert"])
sigfiles = detached_sigfiles(path, path_dict['formats'])
copy_to_dir(source, context.config['artifact_dir'], target=path)
for sigpath in sigfiles:
copy_to_dir(os.path.join(work_dir, sigpath), context.config['artifact_dir'], target=sigpath)
log.info("Done!")
def test_copy_to_dir_no_copy():
assert (utils.copy_to_dir(SERVER_CONFIG_PATH,
os.path.dirname(SERVER_CONFIG_PATH)) is None)
async def async_main(context):
"""Sign all the things.
Args:
context (Context): the signing context.
"""
connector = _craft_aiohttp_connector(context)
# Create a session for talking to the legacy signing servers in order to
# generate a signing token
async with aiohttp.ClientSession(connector=connector) as session:
context.session = session
work_dir = context.config["work_dir"]
context.signing_servers = load_signing_server_config(context)
all_signing_formats = task_signing_formats(context)
if "gpg" in all_signing_formats or "autograph_gpg" in all_signing_formats:
if not context.config.get("gpg_pubkey"):
raise Exception("GPG format is enabled but gpg_pubkey is not defined")
if not os.path.exists(context.config["gpg_pubkey"]):
raise Exception(
"gpg_pubkey ({}) doesn't exist!".format(
context.config["gpg_pubkey"]
)
)
if "autograph_widevine" in all_signing_formats:
if not context.config.get("widevine_cert"):
raise Exception(
"Widevine format is enabled, but widevine_cert is not defined"
)
if not all(
is_autograph_signing_format(format_) for format_ in all_signing_formats
):
log.info("getting signingserver token")
await get_token(
context,
os.path.join(work_dir, "token"),
task_cert_type(context),
all_signing_formats,
)
# Create a new session to talk to autograph
async with aiohttp.ClientSession() as session:
context.session = session
filelist_dict = build_filelist_dict(context)
for path, path_dict in filelist_dict.items():
copy_to_dir(path_dict["full_path"], context.config["work_dir"], target=path)
log.info("signing %s", path)
output_files = await sign(
context, os.path.join(work_dir, path), path_dict["formats"]
)
for source in output_files:
source = os.path.relpath(source, work_dir)
copy_to_dir(
os.path.join(work_dir, source),
context.config["artifact_dir"],
target=source,
)
if "gpg" in path_dict["formats"] or "autograph_gpg" in path_dict["formats"]:
copy_to_dir(
context.config["gpg_pubkey"],
context.config["artifact_dir"],
target="public/build/KEY",
)
log.info("Done!")
