Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Better package name matching for Nexus #1447

Merged
merged 2 commits into from
Apr 19, 2023
Merged

Better package name matching for Nexus #1447

Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
410f43a
allow upper case for cran pax, append _ to name
craddm Apr 18, 2023
9c2139e
Add is_cran argument to docstring
JimMadge Apr 19, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
16 changes: 10 additions & 6 deletions deployment/safe_haven_management_environment/cloud_init/resources/configure_nexus.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -588,33 +588,37 @@ def get_allowlists(pypi_package_file, cran_package_file):
cran_allowlist = []

if pypi_package_file:
pypi_allowlist = get_allowlist(pypi_package_file)
pypi_allowlist = get_allowlist(pypi_package_file, False)

if cran_package_file:
cran_allowlist = get_allowlist(cran_package_file)
cran_allowlist = get_allowlist(cran_package_file, True)

return (pypi_allowlist, cran_allowlist)


def get_allowlist(allowlist_path):
def get_allowlist(allowlist_path, is_cran):
"""
Read list of allowed packages from a file

Args:
allowlist_path: Path to the allowlist file
is_cran: True if the allowlist if for CRAN, False if it is for PyPI

Returns:
List of the package names specified in the file
"""
allowlist = []
with open(allowlist_path, "r") as allowlist_file:
# Sanitise package names
# - convert to lower case
# - convert to lower case if the package is on PyPI. Leave alone on CRAN to prevent issues with case-sensitivity
# - convert special characters to '-'
# - remove any blank entries, which act as a wildcard that would allow any package
special_characters = re.compile(r"[^0-9a-zA-Z]+")
for package_name in allowlist_file.readlines():
package_name = special_characters.sub("-", package_name.lower().strip())
if is_cran:
package_name = special_characters.sub("-", package_name.strip())
else:
package_name = special_characters.sub("-", package_name.lower().strip())
if package_name:
allowlist.append(package_name)
return allowlist
Expand Down Expand Up @@ -725,7 +729,7 @@ def recreate_privileges(tier, nexus_api, pypi_allowlist=[],
nexus_api,
name=f"cran-{package}",
description=f"allow access to {package} on CRAN",
expression=f'format == "r" and path=^"/src/contrib/{package}"',
expression=f'format == "r" and path=^"/src/contrib/{package}_"',
repo_type=_NEXUS_REPOSITORIES["cran_proxy"]["repo_type"],
repo=_NEXUS_REPOSITORIES["cran_proxy"]["name"]
)
Expand Down