Linaro Image Tools

Merge lp:~mabac/linaro-image-tools/chdir-for-hashverify into lp:linaro-image-tools/11.11

chdir-for-hashverify
Merge into trunk

Proposed by Mattias Backman on 2011-06-20

Status:	Merged
Approved by:	James Westby on 2011-06-21
Approved revision:	362
Merged at revision:	360
Proposed branch:	lp:~mabac/linaro-image-tools/chdir-for-hashverify
Merge into:	lp:linaro-image-tools/11.11
Diff against target:	175 lines (+73/-13) 5 files modified linaro-media-create (+6/-9) linaro_image_tools/cmd_runner.py (+2/-2) linaro_image_tools/tests/test_pyflakes.py (+2/-2) linaro_image_tools/tests/test_utils.py (+37/-0) linaro_image_tools/utils.py (+26/-0)
To merge this branch:	bzr merge lp:~mabac/linaro-image-tools/chdir-for-hashverify
Related bugs:	Link a bug report

Reviewer	Review Type	Date Requested	Status
James Westby (community)		2011-06-20	Approve on 2011-06-21
Review via email: mp+65221@code.launchpad.net

Description of the change

Hi,

This change makes sure that the sha1sums command in linaro-media-create is run from the directory of the hash file to be verified.

This is needed for instance for FetchImage which will pass the full path of the hash file to l-m-c. I have found no way to make sha1sums check for the files in anything but the current working dir.

The change is implemented by adding a WorkingDirChanger object that acts as a context manager (the thing with the __enter__ and __exit__ methods which should make sure that the old wd is restored just after the call to sha1sums.

Thanks,

Mattias

Revision history for this message

James Westby (james-w) wrote on 2011-06-20:

Hi Mattias,

Are you aware of the cwd argument to cmd_runner.run (via subprocess)?

Would that be suitable for changing the directory here?

Thanks,

James

Revision history for this message

Mattias Backman (mabac) wrote on 2011-06-21:

On Mon, Jun 20, 2011 at 10:21 PM, James Westby
<email address hidden> wrote:
> Hi Mattias,
>
> Are you aware of the cwd argument to cmd_runner.run (via subprocess)?
>
> Would that be suitable for changing the directory here?

That's exactly what I need. Thank you for pointing me to it!

lp:~mabac/linaro-image-tools/chdir-for-hashverify updated on 2011-06-21

359. By Mattias Backman on 2011-06-21: Add cwd parameter to cmd_runner.run() and use it for the sha1 verification in linaro-media-create.
360. By Mattias Backman on 2011-06-21: Move file verification from main into a utils function.
361. By Mattias Backman on 2011-06-21: Add basic tests for the file verification.
362. By Mattias Backman on 2011-06-21: Adjust pyflakes test to reflect that a source line has been added.

Revision history for this message

Mattias Backman (mabac) wrote on 2011-06-21:

Now, this uses the subprocess cwd parameter instead. I also moved most of the signature verification code into utils and added two basic tests for it.

Revision history for this message

James Westby (james-w) on 2011-06-21:

review: Approve

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk

Subscribers

People subscribed via source and target branches

to all changes:

Alexander Sack

James Tunnicliffe

Linaro Infrastructure

Matt Waddel

Mattias Backman

Ricardo Salveti

Tom Gall

Torez Smith

 === modified file 'linaro-media-create'
 --- linaro-media-create	2011-06-17 12:47:16 +0000
 +++ linaro-media-create	2011-06-21 09:23:27 +0000
@@ -22,7 +22,6 @@
  import os
  import sys
  import tempfile
--import subprocess
  from linaro_image_tools import cmd_runner
@@ -43,7 +42,11 @@
      unpack_binary_tarball,
+     )
  from linaro_image_tools.media_create import get_args_parser
--from linaro_image_tools.utils import ensure_command, is_arm_host
++from linaro_image_tools.utils import (
++    ensure_command,
++    is_arm_host,
++    verify_file_integrity,
++    )
  # Just define the global variables
  TMP_DIR = None
@@ -105,15 +108,9 @@
      ensure_required_commands(args)
      sig_file_list = args.hwpacksigs[:]
--    verified_files = []
      if args.binarysig is not None:
          sig_file_list.append(args.binarysig)
--    for sig_file in sig_file_list:
--        hash_file = sig_file[0:-len('.asc')]
--        cmd_runner.run(['gpg', '--verify', sig_file]).wait()
--        sha1sums_out, _ = cmd_runner.run(['sha1sum', '-c', hash_file],
--                                         stdout=subprocess.PIPE).communicate()
--        verified_files.extend(sha1sums_out.replace(': OK', '').splitlines())
++    verified_files = verify_file_integrity(sig_file_list)
      for verified_file in verified_files:
          print 'Hash verification of file %s OK.' % verified_file
 === modified file 'linaro_image_tools/cmd_runner.py'
 --- linaro_image_tools/cmd_runner.py	2011-04-04 10:38:07 +0000
 +++ linaro_image_tools/cmd_runner.py	2011-06-21 09:23:27 +0000
@@ -36,7 +36,7 @@
  def run(args, as_root=False, chroot=None, stdin=None, stdout=None,
--        stderr=None):
++        stderr=None, cwd=None):
      """Run the given command as a sub process.
      Return a Popen instance.
@@ -60,7 +60,7 @@
          as_root = True
      if as_root and os.getuid() != 0:
          args = SUDO_ARGS + args
--    return Popen(args, stdin=stdin, stdout=stdout, stderr=stderr)
++    return Popen(args, stdin=stdin, stdout=stdout, stderr=stderr, cwd=cwd)
  class Popen(subprocess.Popen):
 === modified file 'linaro_image_tools/tests/test_pyflakes.py'
 --- linaro_image_tools/tests/test_pyflakes.py	2011-05-10 15:43:32 +0000
 +++ linaro_image_tools/tests/test_pyflakes.py	2011-06-21 09:23:27 +0000
@@ -29,8 +29,8 @@
          (stdout, stderr) = proc.communicate()
          stdout = stdout.splitlines()
          stdout.sort()
--        expected = ["./linaro_image_tools/utils.py:26: redefinition of "
--                        "unused 'CommandNotFound' from line 24" ]
++        expected = ["./linaro_image_tools/utils.py:27: redefinition of "
++                        "unused 'CommandNotFound' from line 25" ]
          self.assertEquals(expected, stdout)
          self.assertEquals('', stderr)
 === modified file 'linaro_image_tools/tests/test_utils.py'
 --- linaro_image_tools/tests/test_utils.py	2011-03-24 18:41:59 +0000
 +++ linaro_image_tools/tests/test_utils.py	2011-06-21 09:23:27 +0000
@@ -35,12 +35,49 @@
      install_package_providing,
      preferred_tools_dir,
      UnableToFindPackageProvidingCommand,
++    verify_file_integrity,
+     )
  sudo_args = " ".join(cmd_runner.SUDO_ARGS)
++class TestVerifyFileIntegrity(TestCaseWithFixtures):
++
++    filenames_in_shafile = ['verified-file1', 'verified-file2']
++
++    class MockCmdRunnerPopen(object):
++        def __call__(self, cmd, *args, **kwargs):
++            self.returncode = 0
++            return self
++
++        def communicate(self, input=None):
++            self.wait()
++            return ': OK\n'.join(
++                TestVerifyFileIntegrity.filenames_in_shafile) + ': OK\n', ''
++
++        def wait(self):
++            return self.returncode
++
++    def test_verify_files(self):
++        fixture = self.useFixture(MockCmdRunnerPopenFixture())
++        hash_filename = "dummy-file.txt"
++        signature_filename = hash_filename + ".asc"
++        verify_file_integrity([signature_filename])
++        self.assertEqual(
++            ['gpg --verify %s' % signature_filename,
++             'sha1sum -c %s' % hash_filename],
++            fixture.mock.commands_executed)
++
++    def test_verify_files_returns_files(self):
++        self.useFixture(MockSomethingFixture(cmd_runner, 'Popen',
++                                             self.MockCmdRunnerPopen()))
++        hash_filename = "dummy-file.txt"
++        signature_filename = hash_filename + ".asc"
++        verified_files = verify_file_integrity([signature_filename])
++        self.assertEqual(self.filenames_in_shafile, verified_files)
++
++
  class TestEnsureCommand(TestCaseWithFixtures):
      install_pkg_providing_called = False
 === modified file 'linaro_image_tools/utils.py'
 --- linaro_image_tools/utils.py	2011-05-10 15:42:59 +0000
 +++ linaro_image_tools/utils.py	2011-06-21 09:23:27 +0000
@@ -19,6 +19,7 @@
  import os
  import platform
++import subprocess
  try:
      from CommandNotFound import CommandNotFound
@@ -28,6 +29,31 @@
  from linaro_image_tools import cmd_runner
++def verify_file_integrity(sig_file_list):
++    """Verify a list of signature files.
++
++    The parameter is a list of filenames of gpg signature files which will be
++    verified using gpg. For each of the files it is assumed that there is an
++    sha1 hash file with the same file name minus the '.asc' extension.
++
++    Each of the sha1 files will be checked using sha1sums. All files listed in
++    the sha1 hash file must be found in the same directory as the hash file.
++    """
++    verified_files = []
++    for sig_file in sig_file_list:
++        hash_file = sig_file[0:-len('.asc')]
++        cmd_runner.run(['gpg', '--verify', sig_file]).wait()
++        if os.path.dirname(hash_file) == '':
++            sha_cwd = None
++        else:
++            sha_cwd = os.path.dirname(hash_file)
++        sha1sums_out, _ = cmd_runner.run(['sha1sum', '-c', hash_file],
++                                         stdout=subprocess.PIPE, cwd=sha_cwd
++                                         ).communicate()
++        verified_files.extend(sha1sums_out.replace(': OK', '').splitlines())
++    return verified_files
++
++
  def install_package_providing(command):
      """Install a package which provides the given command.

Linaro Image Tools

Merge lp:~mabac/linaro-image-tools/chdir-for-hashverify into lp:linaro-image-tools/11.11

Commit message

Description of the change

Preview Diff

Subscribers