From 2f96f32a70f6ed975758e2bbcd88fa5f3ee95615 Mon Sep 17 00:00:00 2001 From: Scott Worley Date: Tue, 7 Apr 2020 16:53:21 -0700 Subject: [PATCH] Start --- pinch.py | 171 +++++++++++++++++++++++++++++++++++++++++++++++++++++++ test.sh | 21 +++++++ 2 files changed, 192 insertions(+) create mode 100644 pinch.py create mode 100755 test.sh diff --git a/pinch.py b/pinch.py new file mode 100644 index 0000000..f974d1c --- /dev/null +++ b/pinch.py @@ -0,0 +1,171 @@ +import filecmp +import functools +import hashlib +import operator +import os +import os.path +import shutil +import tempfile +import urllib.parse +import urllib.request +import xml.dom.minidom + +from typing import ( + Any, + Dict, + Iterable, + List, + Sequence, + Tuple, +) + + +class VerificationError(Exception): + pass + + +class Verification: + + def __init__(self) -> None: + self.line_length = 0 + + def status(self, s: str) -> None: + print(s, end=' ', flush=True) + self.line_length += 1 + len(s) # Unicode?? + + @staticmethod + def _color(s: str, c: int) -> str: + return '\033[%2dm%s\033[00m' % (c, s) + + def result(self, r: bool) -> None: + message, color = {True: ('OK ', 92), False: ('FAIL', 91)}[r] + length = len(message) + cols = shutil.get_terminal_size().columns + pad = (cols - (self.line_length + length)) % cols + print(' ' * pad + self._color(message, color)) + self.line_length = 0 + if not r: + raise VerificationError() + + def check(self, s: str, r: bool) -> None: + self.status(s) + self.result(r) + + def ok(self) -> None: + self.result(True) + + +def compare(a: str, + b: str) -> Tuple[Sequence[str], + Sequence[str], + Sequence[str]]: + + def throw(error: OSError) -> None: + raise error + + def join(x: str, y: str) -> str: + return y if x == '.' else os.path.join(x, y) + + def recursive_files(d: str) -> Iterable[str]: + all_files: List[str] = [] + for path, dirs, files in os.walk(d, onerror=throw): + rel = os.path.relpath(path, start=d) + all_files.extend(join(rel, f) for f in files) + for dir_or_link in dirs: + if os.path.islink(join(path, dir_or_link)): + all_files.append(join(rel, dir_or_link)) + return all_files + + def exclude_dot_git(files: Iterable[str]) -> Iterable[str]: + return (f for f in files if not f.startswith('.git/')) + + files = functools.reduce( + operator.or_, (set( + exclude_dot_git( + recursive_files(x))) for x in [a, b])) + return filecmp.cmpfiles(a, b, files, shallow=False) + + +def fetch(v: Verification, channel_url: str) -> Dict[str, Any]: + info: Dict[str, Any] = {'url': channel_url} + v.status('Fetching channel') + request = urllib.request.urlopen( + 'https://channels.nixos.org/nixos-20.03', timeout=10) + info['channel_html'] = request.read() + info['forwarded_url'] = request.geturl() + v.result(request.status == 200) + v.check('Got forwarded', info['url'] != info['forwarded_url']) + return info + + +def parse(v: Verification, info: Dict[str, Any]) -> None: + v.status('Parsing channel description as XML') + d = xml.dom.minidom.parseString(info['channel_html']) + v.ok() + + v.status('Extracting git commit') + git_commit_node = d.getElementsByTagName('tt')[0] + info['git_commit'] = git_commit_node.firstChild.nodeValue + v.ok() + v.status('Verifying git commit label') + v.result(git_commit_node.previousSibling.nodeValue == 'Git commit ') + + v.status('Parsing table') + info['table'] = {} + for row in d.getElementsByTagName('tr')[1:]: + name = row.childNodes[0].firstChild.firstChild.nodeValue + url = row.childNodes[0].firstChild.getAttribute('href') + size = int(row.childNodes[1].firstChild.nodeValue) + digest = row.childNodes[2].firstChild.firstChild.nodeValue + info['table'][name] = {'url': url, 'digest': digest, 'size': size} + v.ok() + + +def fetch_resources(v: Verification, info: Dict[str, Any]) -> None: + + for resource in ['git-revision', 'nixexprs.tar.xz']: + fields = info['table'][resource] + v.status('Fetching resource "%s"' % resource) + url = urllib.parse.urljoin(info['forwarded_url'], fields['url']) + request = urllib.request.urlopen(url, timeout=10) + if fields['size'] < 4096: + fields['content'] = request.read() + else: + with tempfile.NamedTemporaryFile(suffix='.nixexprs.tar.xz', delete=False) as tmp_file: + shutil.copyfileobj(request, tmp_file) + fields['file'] = tmp_file.name + v.result(request.status == 200) + v.status('Verifying digest for "%s"' % resource) + if fields['size'] < 4096: + actual_hash = hashlib.sha256(fields['content']).hexdigest() + else: + hasher = hashlib.sha256() + with open(fields['file'], 'rb') as f: + # pylint: disable=cell-var-from-loop + for block in iter(lambda: f.read(4096), b''): + hasher.update(block) + actual_hash = hasher.hexdigest() + v.result(actual_hash == fields['digest']) + v.check('Verifying git commit on main page matches git commit in table', + info['table']['git-revision']['content'].decode() == info['git_commit']) + + +def extract_channel(v: Verification, info: Dict[str, Any]) -> None: + with tempfile.TemporaryDirectory() as d: + v.status('Extracting nixexprs.tar.xz') + shutil.unpack_archive(info['table']['nixexprs.tar.xz']['file'], d) + v.ok() + v.status('Removing temporary directory') + v.ok() + + +def main() -> None: + v = Verification() + info = fetch(v, 'https://channels.nixos.org/nixos-20.03') + parse(v, info) + fetch_resources(v, info) + extract_channel(v, info) + print(info) + + +main() diff --git a/test.sh b/test.sh new file mode 100755 index 0000000..cea63ba --- /dev/null +++ b/test.sh @@ -0,0 +1,21 @@ +#!/bin/sh + +set -e + +PARALLELISM=4 + +find . -name '*.py' -print0 | xargs -0 mypy --strict --ignore-missing-imports + +find . -name '*_test.py' -print0 | xargs -0 -r -n1 python3 + +find . -name '*.py' -print0 | xargs -0 pylint --reports=n --persistent=n --ignore-imports=y -d invalid-name,missing-docstring + +formatting_needs_fixing=$( + find . -name '*.py' -print0 | + xargs -P "$PARALLELISM" -0 -n1 autopep8 --diff -aaaaaaaaaaaaaaaaaaaaaaaaaaaaaa +) +if [[ "$formatting_needs_fixing" ]];then + echo "Formatting needs fixing:" + echo "$formatting_needs_fixing" + exit 1 +fi -- 2.44.1