Symlink support
- added some security checks so that symlinks can be supported - also some code quality changes
This commit is contained in:
parent
f2cb5fd8d3
commit
9d8b6f41b4
|
@ -1,5 +1,5 @@
|
|||
from os import listdir
|
||||
from os.path import exists, isfile, join, islink
|
||||
from os import getcwd, listdir
|
||||
from os.path import exists, isfile, islink, join, realpath
|
||||
import requests
|
||||
import re
|
||||
from subprocess import Popen, PIPE
|
||||
|
@ -69,14 +69,23 @@ def list_jobs(directory=".buildbot"):
|
|||
flag = False
|
||||
for fname in files:
|
||||
filepath = join(directory, item, fname)
|
||||
# must exist
|
||||
if not exists(filepath):
|
||||
continue
|
||||
if islink(filepath) or not isfile(filepath):
|
||||
# must be a file
|
||||
if not isfile(filepath):
|
||||
flag = True
|
||||
break
|
||||
# symlink OK as long as it points to files within the repo
|
||||
if islink(filepath) \
|
||||
and not realpath(filepath).startswith(getcwd()):
|
||||
flag = True
|
||||
break
|
||||
if flag:
|
||||
continue
|
||||
if (exists(join(directory, item, 'Dockerfile')) and exists(join(directory, item, 'build.sh'))) or exists(join(directory, item, 'test.sh')):
|
||||
if (exists(join(directory, item, 'Dockerfile'))
|
||||
and exists(join(directory, item, 'build.sh'))) \
|
||||
or exists(join(directory, item, 'test.sh')):
|
||||
results.append(item)
|
||||
return results
|
||||
|
||||
|
@ -90,7 +99,8 @@ def get_revision(branch):
|
|||
|
||||
def _get_dockerfile_contents(dockerfile):
|
||||
"""
|
||||
Read contents of a Dockerfile and add extra contents for the given os_codename
|
||||
Read contents of a Dockerfile and add buildbot worker bootstrap
|
||||
for a given os_codename
|
||||
"""
|
||||
os_codename = 'bionic'
|
||||
res = ""
|
||||
|
@ -117,7 +127,8 @@ def _get_dockerfile_contents(dockerfile):
|
|||
return res + dockerfile_extra_contents[os_codename]
|
||||
|
||||
|
||||
def trigger_child_hooks(buildbotUrl: str, repository, branch, revision, directory=".buildbot"):
|
||||
def trigger_child_hooks(buildbotUrl: str, repository, branch, revision,
|
||||
directory=".buildbot"):
|
||||
request_url = buildbotUrl + ty
|
||||
# List all jobs in the directory
|
||||
jobs = list_jobs(directory)
|
||||
|
@ -126,7 +137,7 @@ def trigger_child_hooks(buildbotUrl: str, repository, branch, revision, director
|
|||
"X-Multibuild-Trigger": get_secret(),
|
||||
"Accept": "text/plain",
|
||||
}
|
||||
#revision = get_revision(branch)
|
||||
# revision = get_revision(branch)
|
||||
|
||||
# Check if build.sh or test.sh exists in each of the jobs
|
||||
for job in jobs:
|
||||
|
@ -160,8 +171,10 @@ def trigger_child_hooks(buildbotUrl: str, repository, branch, revision, director
|
|||
"project": "/".join(repository.split("/")[-2:]),
|
||||
}
|
||||
|
||||
retval = requests.post(request_url, headers=request_headers, json=request_data)
|
||||
print("Triggered job for {} on {}: {}".format(job, request_url, retval.text))
|
||||
retval = requests.post(request_url, headers=request_headers,
|
||||
json=request_data)
|
||||
print("Triggered job for {} on {}: {}".format(job, request_url,
|
||||
retval.text))
|
||||
|
||||
|
||||
if __name__ == "__main__":
|
||||
|
|
Loading…
Reference in New Issue
Block a user