Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package obs-service-cargo_audit for
openSUSE:Factory checked in at 2021-06-09 21:52:49
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/obs-service-cargo_audit (Old)
and /work/SRC/openSUSE:Factory/.obs-service-cargo_audit.new.32437 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "obs-service-cargo_audit"
Wed Jun 9 21:52:49 2021 rev:4 rq:898570 version:0.1.4~git0.a3c7623
Changes:
--------
---
/work/SRC/openSUSE:Factory/obs-service-cargo_audit/obs-service-cargo_audit.changes
2021-06-04 00:33:45.348904540 +0200
+++
/work/SRC/openSUSE:Factory/.obs-service-cargo_audit.new.32437/obs-service-cargo_audit.changes
2021-06-09 21:53:15.322576691 +0200
@@ -1,0 +2,7 @@
+Tue Jun 08 03:56:02 UTC 2021 - wbr...@suse.de
+
+- Update to version v0.1.4~git0.a3c7623:
+ * Add a default srcdir parameter to cargo_audit, and make
+ do_scan able to unpack and scan sources
+
+-------------------------------------------------------------------
Old:
----
obs-service-cargo_audit-0.1.3~git0.4f7c8fc.tar.gz
New:
----
obs-service-cargo_audit-0.1.4~git0.a3c7623.tar.gz
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ obs-service-cargo_audit.spec ++++++
--- /var/tmp/diff_new_pack.tgKj5R/_old 2021-06-09 21:53:15.774577496 +0200
+++ /var/tmp/diff_new_pack.tgKj5R/_new 2021-06-09 21:53:15.774577496 +0200
@@ -22,7 +22,7 @@
License: MPL-2.0
Group: Development/Tools/Building
URL: https://github.com/openSUSE/obs-service-%{service}
-Version: 0.1.3~git0.4f7c8fc
+Version: 0.1.4~git0.a3c7623
Release: 0
Source: %{name}-%{version}.tar.gz
BuildRequires: python3
++++++ _service ++++++
--- /var/tmp/diff_new_pack.tgKj5R/_old 2021-06-09 21:53:15.802577547 +0200
+++ /var/tmp/diff_new_pack.tgKj5R/_new 2021-06-09 21:53:15.802577547 +0200
@@ -3,7 +3,7 @@
<param
name="url">https://github.com/openSUSE/obs-service-cargo_audit.git</param>
<param name="versionformat">@PARENT_TAG@~git@TAG_OFFSET@.%h</param>
<param name="scm">git</param>
- <param name="revision">v0.1.3</param>
+ <param name="revision">v0.1.4</param>
<param name="match-tag">v*</param>
<param name="versionrewrite-pattern">v(\d+\.\d+\.\d+)</param>
<param name="versionrewrite-replacement">\1</param>
++++++ obs-service-cargo_audit-0.1.3~git0.4f7c8fc.tar.gz ->
obs-service-cargo_audit-0.1.4~git0.a3c7623.tar.gz ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/obs-service-cargo_audit-0.1.3~git0.4f7c8fc/cargo_audit
new/obs-service-cargo_audit-0.1.4~git0.a3c7623/cargo_audit
--- old/obs-service-cargo_audit-0.1.3~git0.4f7c8fc/cargo_audit 2021-06-02
06:54:54.000000000 +0200
+++ new/obs-service-cargo_audit-0.1.4~git0.a3c7623/cargo_audit 2021-06-08
05:53:44.000000000 +0200
@@ -41,7 +41,7 @@
parser = argparse.ArgumentParser(
description=description,
formatter_class=argparse.RawDescriptionHelpFormatter
)
-parser.add_argument("--srcdir")
+parser.add_argument("--srcdir", default=os.getcwd())
parser.add_argument("--lockfile", default=None)
# We always ignore this parameter.
parser.add_argument("--outdir")
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/obs-service-cargo_audit-0.1.3~git0.4f7c8fc/do_scan.py
new/obs-service-cargo_audit-0.1.4~git0.a3c7623/do_scan.py
--- old/obs-service-cargo_audit-0.1.3~git0.4f7c8fc/do_scan.py 2021-06-02
06:54:54.000000000 +0200
+++ new/obs-service-cargo_audit-0.1.4~git0.a3c7623/do_scan.py 2021-06-08
05:53:44.000000000 +0200
@@ -2,6 +2,7 @@
import subprocess
import os
import xml.etree.ElementTree as ET
+import tarfile
WHATDEPENDS = ["osc", "whatdependson", "openSUSE:Factory", "rust", "standard",
"x86_64"]
@@ -64,26 +65,50 @@
print(f"???? -- services failed")
print(e.stdout)
+def do_unpack_scan(pkgname):
+ tgt_dir = f"openSUSE:Factory/{pkgname}"
+ # List everything in the folder.
+ content = os.listdir(tgt_dir)
+ # Find anything that contains .tar
+ # Exclude vendor.tar.*
+ maybe_src = [x for x in content if '.tar' in x and 'vendor' not in x]
+ # Attempt to unpack it into the directory.
+ for src in maybe_src:
+ print(f"Unpacking assumed source tar {src} to {tgt_dir}")
+ with tarfile.open(f"{tgt_dir}/{src}", "r:*") as tar:
+ tar.extractall(path=tgt_dir)
+ # Now do osc service lr cargo_audit to run manually.
+ try:
+ out = subprocess.check_output(["osc", "service", "lr", "cargo_audit"],
cwd=f"openSUSE:Factory/{pkgname}", encoding='UTF-8', stderr=subprocess.STDOUT)
+ print(f"??? -- passed")
+ except subprocess.CalledProcessError as e:
+ print(f"???? -- services failed")
+ print(e.stdout)
+
if __name__ == '__main__':
depends = list_whatdepends()
# For testing, we hardcode the list for dev.
- # depends = ['kanidm', 'librsvg', 'rust-cbindgen']
+ depends = ['kanidm', 'librsvg', 'rust-cbindgen']
# Check them out, or update if they exist.
auditable_depends = []
+ unpack_depends = []
for pkgname in depends:
print("---")
checkout_or_update(pkgname)
- # do they have cargo_audit as a service?
+ # do they have cargo_audit as a service?
has_audit = does_have_cargo_audit(pkgname)
if not has_audit:
print(f"??????
https://build.opensuse.org/package/show/openSUSE:Factory/{pkgname} missing
cargo_audit service")
print(f"??????
https://build.opensuse.org/package/users/openSUSE:Factory/{pkgname}";)
- # subprocess.check_call(["osc", "maintainer",
f"openSUSE:Factory/{pkgname}"])
+ # If not, we should contact the developers to add this. We can
attempt to unpack
+ # and run a scan still though.
+ unpack_depends.append(pkgname)
else:
# If they do, run services. We may not know what they need for
this to work, so we
- # have to run the full stack.
+ # have to run the full stack, but at the least, the developer
probably has this
+ # working.
auditable_depends.append(pkgname)
for pkgname in auditable_depends:
@@ -91,5 +116,10 @@
print(f"???? running services for {pkgname} ...")
do_services(pkgname)
+ for pkgname in unpack_depends:
+ print("---")
+ print(f"???? unpacking and scanning {pkgname} ...")
+ do_unpack_scan(pkgname)
+
print("--- complete")
