This is an automated email from the ASF dual-hosted git repository.
sbp pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tooling-atr-experiments.git
commit 0028648c2564da07fabac8461534e7c797924992
Author: Sean B. Palmer <s...@miscoranda.com>
AuthorDate: Wed Feb 19 20:25:48 2025 +0200
Add a file size field for artifacts
---
atr/db/models.py | 2 ++
atr/routes.py | 13 +++++++----
atr/templates/candidate-review.html | 4 ++++
docs/plan.html | 27 +++++++++++-----------
docs/plan.md | 11 ++++-----
...al_schema.py => b8dd95b83501_initial_schema.py} | 6 ++---
6 files changed, 36 insertions(+), 27 deletions(-)
diff --git a/atr/db/models.py b/atr/db/models.py
index 6b801b1..aa0e58b 100644
--- a/atr/db/models.py
+++ b/atr/db/models.py
@@ -145,6 +145,8 @@ class Package(SQLModel, table=True):
signature_sha3: str
# Uploaded timestamp
uploaded: datetime.datetime
+ # The size of the file in bytes
+ bytes_size: int
# Many-to-one: A package belongs to one release
release_key: str | None = Field(default=None,
foreign_key="release.storage_key")
diff --git a/atr/routes.py b/atr/routes.py
index 55127ae..ad60c3e 100644
--- a/atr/routes.py
+++ b/atr/routes.py
@@ -125,8 +125,8 @@ async def release_attach_post(session: ClientSession,
request: Request) -> Respo
# Save files using their hashes as filenames
uploads_path = Path(get_release_storage_dir())
- artifact_sha3 = await save_file_by_hash(uploads_path, artifact_file)
- signature_sha3 = await save_file_by_hash(uploads_path, signature_file)
+ artifact_sha3, artifact_size = await save_file_by_hash(uploads_path,
artifact_file)
+ signature_sha3, _ = await save_file_by_hash(uploads_path, signature_file)
# Check if these files are already attached to this release
async with get_session() as db_session:
@@ -158,6 +158,7 @@ async def release_attach_post(session: ClientSession,
request: Request) -> Respo
sha512=sha512,
release_key=release_key,
uploaded=datetime.datetime.now(datetime.UTC),
+ bytes_size=artifact_size,
)
db_session.add(package)
@@ -568,12 +569,13 @@ async def root_candidate_review() -> str:
return await render_template("candidate-review.html",
releases=user_releases)
-async def save_file_by_hash(base_dir: Path, file: FileStorage) -> str:
+async def save_file_by_hash(base_dir: Path, file: FileStorage) -> tuple[str,
int]:
"""
Save a file using its SHA3-256 hash as the filename.
- Returns the path where the file was saved and its hash.
+ Returns the hash and size in bytes of the saved file.
"""
sha3 = hashlib.sha3_256()
+ total_bytes = 0
# Create temporary file to stream to while computing hash
temp_path = base_dir / f"temp-{secrets.token_hex(8)}"
@@ -586,6 +588,7 @@ async def save_file_by_hash(base_dir: Path, file:
FileStorage) -> str:
if not chunk:
break
sha3.update(chunk)
+ total_bytes += len(chunk)
await f.write(chunk)
file_hash = sha3.hexdigest()
@@ -599,7 +602,7 @@ async def save_file_by_hash(base_dir: Path, file:
FileStorage) -> str:
# If file already exists, just remove the temp file
await aiofiles.os.remove(temp_path)
- return file_hash
+ return file_hash, total_bytes
except Exception as e:
if await aiofiles.os.path.exists(temp_path):
await aiofiles.os.remove(temp_path)
diff --git a/atr/templates/candidate-review.html
b/atr/templates/candidate-review.html
index 3f61da2..983d244 100644
--- a/atr/templates/candidate-review.html
+++ b/atr/templates/candidate-review.html
@@ -133,6 +133,10 @@
<th>Artifact Hash (SHA-512)</th>
<td>{{ package.sha512 }}</td>
</tr>
+ <tr>
+ <th>File Size</th>
+ <td>{{ package.bytes_size }} bytes</td>
+ </tr>
<tr>
<th>Signature Hash (SHA3-256)</th>
<td>{{ package.signature_sha3 }}</td>
diff --git a/docs/plan.html b/docs/plan.html
index fb5e91e..0320d87 100644
--- a/docs/plan.html
+++ b/docs/plan.html
@@ -5,18 +5,18 @@
<li>
<p>Enhance RC display</p>
<ul>
-<li>Replace raw file hashes with the original filenames in the UI</li>
-<li>Add file size and upload timestamp</li>
-<li>Improve the layout of file listings</li>
+<li>[DONE] Augment raw file hashes with the original filenames in the UI</li>
+<li>[DONE] Add file size and upload timestamp</li>
+<li>[DONE] Improve the layout of file listings</li>
+<li>Potentially add the option to upload package artifacts without
signatures</li>
<li>Show validation status indicators</li>
</ul>
</li>
<li>
<p>Improve key management interface</p>
<ul>
+<li>[DONE] Display which PMCs are using each key</li>
<li>Add key expiration warnings</li>
-<li>Display which PMCs are using each key</li>
-<li>Improve key selection during RC creation</li>
</ul>
</li>
<li>
@@ -34,6 +34,7 @@
<li>Add developer RC download buttons with clear verification instructions</li>
<li>Check RC file naming conventions</li>
<li>Display vote status and timeline</li>
+<li>Add ability to sign artifact hashes on the platform using JS</li>
</ul>
<h2>Task scheduler</h2>
<p>We aim to work on the task scheduler in parallel with the UX improvements
above. Artifact validation and the release status dashboard are dependent on
tasks, which are managed by the task scheduler.</p>
@@ -93,6 +94,14 @@
<h2>Advanced RC validation</h2>
<ol>
<li>
+<p>Reproducible build verification</p>
+<ul>
+<li>Accept upload of binary artifact builds</li>
+<li>Compare built built artifacts with any existing provided binary
artifacts</li>
+<li>Give a detailed report of differences between user provided builds</li>
+</ul>
+</li>
+<li>
<p>Dependency analysis</p>
<ul>
<li>Parse and validate dependency licenses</li>
@@ -110,14 +119,6 @@
<li>Support test distribution channels</li>
</ul>
</li>
-<li>
-<p>Reproducible build verification</p>
-<ul>
-<li>Track builds of binary artifacts from source release</li>
-<li>Compare built artifacts with the provided binaries</li>
-<li>Give a detailed report of the build and the differences</li>
-</ul>
-</li>
</ol>
<h2>Process automation</h2>
<p>These are long term implementation requirements.</p>
diff --git a/docs/plan.md b/docs/plan.md
index 85ecb60..da04d74 100644
--- a/docs/plan.md
+++ b/docs/plan.md
@@ -5,16 +5,15 @@ This is a rough plan of immediate tasks. The priority of
these tasks may change,
## UX improvements
1. Enhance RC display
- - Add the option to upload package artifacts without signatures
- - Replace raw file hashes with the original filenames in the UI
- - Add file size and upload timestamp
- - Improve the layout of file listings
+ - [DONE] Augment raw file hashes with the original filenames in the UI
+ - [DONE] Add file size and upload timestamp
+ - [DONE] Improve the layout of file listings
+ - Potentially add the option to upload package artifacts without signatures
- Show validation status indicators
2. Improve key management interface
+ - [DONE] Display which PMCs are using each key
- Add key expiration warnings
- - Display which PMCs are using each key
- - Improve key selection during RC creation
3. Release status dashboard
- Add progress indicators for release phases
diff --git a/migrations/versions/1779875a3f38_initial_schema.py
b/migrations/versions/b8dd95b83501_initial_schema.py
similarity index 84%
rename from migrations/versions/1779875a3f38_initial_schema.py
rename to migrations/versions/b8dd95b83501_initial_schema.py
index 0210d4c..bc0deed 100644
--- a/migrations/versions/1779875a3f38_initial_schema.py
+++ b/migrations/versions/b8dd95b83501_initial_schema.py
@@ -1,15 +1,15 @@
"""initial_schema
-Revision ID: 1779875a3f38
+Revision ID: b8dd95b83501
Revises:
-Create Date: 2025-02-19 19:55:33.587351
+Create Date: 2025-02-19 20:20:11.349128
"""
from collections.abc import Sequence
# revision identifiers, used by Alembic.
-revision: str = "1779875a3f38"
+revision: str = "b8dd95b83501"
down_revision: str | None = None
branch_labels: str | Sequence[str] | None = None
depends_on: str | Sequence[str] | None = None
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tooling.apache.org
For additional commands, e-mail: dev-h...@tooling.apache.org
