Refactor handling of content #148
Conversation
|
Hello @matejak! Thanks for updating this PR. We checked the lines you've touched for PEP 8 issues, and found:
Comment last updated at 2021-06-17 13:57:45 UTC |
|
Build finished. |
1 similar comment
|
Build finished. |
matejak
force-pushed
the
gathering_refactoring
branch
from
51b522f to
7abf7eb
Compare
|
Build finished. |
org_fedora_oscap/model.py
Outdated
| for net_prefix in data_fetch.NET_URL_PREFIXES) | ||
|
|
||
|
|
||
| class Model: |
There was a problem hiding this comment.
Please add documentation strings on classes and public methods.
org_fedora_oscap/model.py
Outdated
| self.content_uri_path = path | ||
| self.content_uri_scheme = scheme | ||
|
|
||
| def fetch_content(self, cert, what_if_fail): |
There was a problem hiding this comment.
What about merging it with fetch_files?
There was a problem hiding this comment.
That makes sense now, but what if you would like to introduce support for fetching tailoring? Then, it would make sense to keep those separately.
org_fedora_oscap/model.py
Outdated
| hash_obj) | ||
| if digest != fingerprint: | ||
| log.error( | ||
| "File {dest_filename} failed integrity check - assumed a " |
org_fedora_oscap/model.py
Outdated
| return content | ||
|
|
||
|
|
||
| class ObtainedContent: |
There was a problem hiding this comment.
I feel that it somehow overlaps with OSCAPData class (forms ks/oscap.py).
There was a problem hiding this comment.
This one aims to assist the gathered files discovery - files can be downloaded directly, or they can be extracted. This class enables a user to quickly understand what is available, and whether the current set of contents is usable for further processing.
| def test_fetch_local(tmp_path): | ||
| source_path = pathlib.Path(__file__).absolute() | ||
| dest_path = tmp_path / "dest" | ||
| data_fetch.fetch_data("file://" + str(source_path), dest_path) |
There was a problem hiding this comment.
So if I am an user when I run the installation where do I put the files or how do I pass files to Anaconda?
There was a problem hiding this comment.
You can use this only if those files are already there. I can imagine usage when the content filename is not guessed properly (e.g. RHEL8 vs RHV), or when the installation image contains the content as a specific location.
org_fedora_oscap/model.py
Outdated
| for net_prefix in data_fetch.NET_URL_PREFIXES) | ||
|
|
||
|
|
||
| class Model: |
There was a problem hiding this comment.
Can we think of a better name?
org_fedora_oscap/model.py
Outdated
| "Couldn't find a valid datastream or a valid XCCDF-OVAL file tuple " | ||
| "among the available content") | ||
| raise content_handling.ContentHandlingError(msg) | ||
| if elligible_main_content[0]: |
There was a problem hiding this comment.
this perhaps require a comment or better unpacking the tuple on line into 2 variables that would have good names and changing the condition.
There was a problem hiding this comment.
or one can avoid the tuple completely.
|
Build finished. |
matejak
force-pushed
the
gathering_refactoring
branch
from
78b0c76 to
15db68c
Compare
|
Build finished. |
matejak
force-pushed
the
gathering_refactoring
branch
from
15db68c to
f2a7550
Compare
|
Build finished. |
1 similar comment
|
Build finished. |
matejak
force-pushed
the
gathering_refactoring
branch
from
d3d3802 to
bd4d62e
Compare
|
Build finished. |
|
|
||
| class ContentBringer: | ||
| CONTENT_DOWNLOAD_LOCATION = pathlib.Path(common.INSTALLATION_CONTENT_DIR) | ||
| DEFAULT_CONTENT = f"{common.SSG_DIR}/{common.SSG_CONTENT}" |
There was a problem hiding this comment.
I would rename it to make it clear that it's the path to the datastream from the scap-security-guide RPM, eg. DEFAULT_SSG_DATA_STREAM_PATH.
| Args: | ||
| what_if_fail: Callback accepting exception as an argument that | ||
| should handle them in the calling layer. | ||
| cert: HTTPS certificates |
| msg = f"Couldn't find '{content_path}' among the available content" | ||
| else: | ||
| msg = ( | ||
| "File '{content_path}' is not a valid datastream " |
| f"When dealing with {attribute_name}, " | ||
| f"there was already the {old_value.name} when setting the new {new_value.name}") |
There was a problem hiding this comment.
If I provide an RPM containing multiple SCAP source data streams this causes the UI to crash. It's expected to fail in this situation, but it shouldn't crash.
However, providing https://github.com/OpenSCAP/oscap-anaconda-addon/blob/rhel8-branch/testing_files/separate-scap-files.zip causes the addon to crash as well because of CPE OVAL (ssg-rhel8-cpe-oval.xml) gets into a conflict with check OVAL (ssg-rhel8-oval.xml). I think it shouldn't happen, CPE OVAL checks can be a valid part of oscap evaluation.
tests/test_content_handling.py
Outdated
|
|
||
|
|
||
| def test_init_invalid_file_path(): | ||
| with pytest.raises(ch.DataStreamHandlingError) as excinfo: |
org_fedora_oscap/ks/oscap.py
Outdated
| progressQ.send_quit(1) | ||
| while True: | ||
| time.sleep(100000) | ||
| msg = ["Wrong configuration detected!"] |
There was a problem hiding this comment.
msgs would be a more descriptive name because this is a list
There was a problem hiding this comment.
Another weird thing is the absence of translations.
matejak
force-pushed
the
gathering_refactoring
branch
from
4ae7ab0 to
cea80b8
Compare
That function has the same interface as the remote fetching one.
sudo is only needed when RPMs are installed.
Notably introduced the _terminate function that extracts all the installation termination-related boilerplate.
The class unifies the content workflow between kickstart and GUI installations. It provides methods to work with the content in non-interactive and interactive modes using a system of callbacks.
Anaconda will want to perform fetch, but if we install via GUI, a fetch has already been performed, and the addon should be able to acknowledge the work that has been done on the GUI side.
- Added docstringsu - Improved naming. - Removed redundant arguments. - Split large method into two smaller.
matejak
force-pushed
the
gathering_refactoring
branch
from
cea80b8 to
01e7afd
Compare
org_fedora_oscap/gui/spokes/oscap.py
Outdated
|
|
||
| try: | ||
| if actually_fetched_content: | ||
| self.content_bringer.use_downloaded_content(content) | ||
| log.info(f"Opening SCAP content at {self._addon_data.preinst_content_path} with tailoring {self._addon_data.preinst_tailoring_path}") |
There was a problem hiding this comment.
I'm sorry but now I realized that self._addon_data.preinst_tailoring_path isn't set when tailoring isn't present so you would get: "Opening SCAP content at /tmp/bzfn with tailoring" in that situation which would be confusing for people reading the log.
Co-authored-by: Jan Černý <jcerny@redhat.com>
Tests became obsolete because of earlier refactoring.
- Multiple OVAL files in an archive cause no longer an error. - Multiple instances of other filetypes result in a content-related error. - Unexpected errors don't crash the addon.
- mock is part of the Python standard library. - scanner is used in unit tests.
matejak
force-pushed
the
gathering_refactoring
branch
from
3c32b4d to
1732af6
Compare
|
A new inspection was created. |
|
The inspection completed: 41 updated code elements |
This PR aims to process content in a way that is backend-agnostic, i.e. it can work for the automated kickstart installations as well as interactive ones. It is separated into multiple commits - most of them are small, but the main one is quite extensive.
The fetch is performed in a two-step manner that was present in the GUI code, when it is started in a separate thread, and then the processing code then waits for the fetching thread - this may be an overkill for a plain kickstart installation, but it doesn't cause any problems.
Interactions with the backend are performed by callbacks - at this time it is a possibility to report status, definition of what to do after fetching stops, and finally definition of how to handle errors by means of a function that accepts an exception instance.
The unified pipeline includes content fetching, fingerprint verification, file extraction and file identification.
A class containing a content set has been introduced - it contains a list of discovered files (fetched, present on the system, or extracted from an archive) that have been identified by the
oscapscanner. That class allows to work with the content more easily.