This is an automated email from the ASF dual-hosted git repository. arm pushed a commit to branch trusted_publishing_validation in repository https://gitbox.apache.org/repos/asf/tooling-trusted-releases.git
commit 6efe7443cc0fbad97271d3d703ddd2e0decf1ae0 Author: Alastair McFarlane <[email protected]> AuthorDate: Tue Mar 31 15:14:44 2026 +0100 #961 - extract some of the validation for TP configuration into a shared helper --- atr/shared/projects.py | 13 +------------ atr/storage/writers/policy.py | 15 ++------------- atr/util.py | 20 +++++++++++++++++++- 3 files changed, 22 insertions(+), 26 deletions(-) diff --git a/atr/shared/projects.py b/atr/shared/projects.py index 41d7f757..03e4ec2d 100644 --- a/atr/shared/projects.py +++ b/atr/shared/projects.py @@ -242,18 +242,7 @@ class TrustedPublishingPolicyForm(form.Form): ): all_paths.extend(p.strip() for p in (raw or "").split("\n") if p.strip()) - if all_paths and (not github_repository_name): - raise ValueError("GitHub repository name is required when any workflow path is set.") - - if github_repository_branch and (not github_repository_name): - raise ValueError("GitHub repository name is required when a GitHub branch is set.") - - if github_repository_name and ("/" in github_repository_name): - raise ValueError("GitHub repository name must not contain a slash.") - - for p in all_paths: - if not p.startswith(".github/workflows/"): - raise ValueError("GitHub workflow paths must start with '.github/workflows/'.") + util.validate_trusted_publishing_constraints(github_repository_name, github_repository_branch, all_paths) return self diff --git a/atr/storage/writers/policy.py b/atr/storage/writers/policy.py index 3f5e3b05..97e6428c 100644 --- a/atr/storage/writers/policy.py +++ b/atr/storage/writers/policy.py @@ -27,6 +27,7 @@ import atr.db as db import atr.hashes as hashes import atr.models as models import atr.storage as storage +import atr.util as util if TYPE_CHECKING: import atr.shared as shared @@ -321,7 +322,6 @@ def _normalise_trusted_publishing_update( release_policy: models.sql.ReleasePolicy, values: dict[str, Any], ) -> dict[str, Any]: - # TODO: Ideally we would use this function in the form validation too normalised_values: dict[str, Any] = {} github_repository_name = release_policy.github_repository_name @@ -342,18 +342,7 @@ def _normalise_trusted_publishing_update( normalised_values[field] = paths all_paths.extend(paths) - if all_paths and (not github_repository_name): - raise ValueError("GitHub repository name is required when any workflow path is set.") - - if github_repository_branch and (not github_repository_name): - raise ValueError("GitHub repository name is required when a GitHub branch is set.") - - if github_repository_name and ("/" in github_repository_name): - raise ValueError("GitHub repository name must not contain a slash.") - - for path in all_paths: - if not path.startswith(".github/workflows/"): - raise ValueError("GitHub workflow paths must start with '.github/workflows/'.") + util.validate_trusted_publishing_constraints(github_repository_name, github_repository_branch, all_paths) return normalised_values diff --git a/atr/util.py b/atr/util.py index bcaf24a0..dd90de83 100644 --- a/atr/util.py +++ b/atr/util.py @@ -14,7 +14,6 @@ # KIND, either express or implied. See the License for the # specific language governing permissions and limitations # under the License. - import asyncio import base64 import binascii @@ -707,6 +706,25 @@ def match_ignore_pattern(pattern: str | None, value: str | None) -> bool: return matched +def validate_trusted_publishing_constraints( + github_repository_name: str | None, + github_repository_branch: str | None, + all_paths: list[str], +) -> None: + if all_paths and (not github_repository_name): + raise ValueError("GitHub repository name is required when any workflow path is set.") + + if github_repository_branch and (not github_repository_name): + raise ValueError("GitHub repository name is required when a GitHub branch is set.") + + if github_repository_name and ("/" in github_repository_name): + raise ValueError("GitHub repository name must not contain a slash.") + + for path in all_paths: + if not path.startswith(".github/workflows/"): + raise ValueError("GitHub workflow paths must start with '.github/workflows/'.") + + async def number_of_release_files(release: sql.Release) -> int: """Return the number of files in a release.""" if (path := paths.release_directory_revision(release)) is None: --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
