[Launchpad-reviewers] [Merge] lp:~cjwatson/launchpad/snap-allow-network into lp:launchpad

2018-04-14 Thread noreply 
The proposal to merge lp:~cjwatson/launchpad/snap-allow-network into 
lp:launchpad has been updated.

Status: Needs review => Merged

For more details, see:
https://code.launchpad.net/~cjwatson/launchpad/snap-allow-network/+merge/336924
-- 
Your team Launchpad code reviewers is subscribed to branch lp:launchpad.

___
Mailing list: https://launchpad.net/~launchpad-reviewers
Post to : launchpad-reviewers@lists.launchpad.net
Unsubscribe : https://launchpad.net/~launchpad-reviewers
More help   : https://help.launchpad.net/ListHelp

Re: [Launchpad-reviewers] [Merge] lp:~cjwatson/launchpad/snap-allow-network into lp:launchpad

2018-04-04 Thread William Grant 
Review: Approve code


-- 
https://code.launchpad.net/~cjwatson/launchpad/snap-allow-network/+merge/336924
Your team Launchpad code reviewers is subscribed to branch lp:launchpad.

___
Mailing list: https://launchpad.net/~launchpad-reviewers
Post to : launchpad-reviewers@lists.launchpad.net
Unsubscribe : https://launchpad.net/~launchpad-reviewers
More help   : https://help.launchpad.net/ListHelp

[Launchpad-reviewers] [Merge] lp:~cjwatson/launchpad/snap-allow-network into lp:launchpad

2018-04-04 Thread Colin Watson 
The proposal to merge lp:~cjwatson/launchpad/snap-allow-network into 
lp:launchpad has been updated.

Commit message changed to:

Add Snap.allow_internet: if false, do not dispatch a proxy token to builds of 
that snap.

For more details, see:
https://code.launchpad.net/~cjwatson/launchpad/snap-allow-network/+merge/336924
-- 
Your team Launchpad code reviewers is requested to review the proposed merge of 
lp:~cjwatson/launchpad/snap-allow-network into lp:launchpad.

___
Mailing list: https://launchpad.net/~launchpad-reviewers
Post to : launchpad-reviewers@lists.launchpad.net
Unsubscribe : https://launchpad.net/~launchpad-reviewers
More help   : https://help.launchpad.net/ListHelp

[Launchpad-reviewers] [Merge] lp:~cjwatson/launchpad/snap-allow-network into lp:launchpad

2018-02-09 Thread Colin Watson 
The proposal to merge lp:~cjwatson/launchpad/snap-allow-network into 
lp:launchpad has been updated.

Description changed to:

This will allow snaps that are intended to be delivered with Ubuntu images to 
be restricted to build from only resources on Launchpad, and thus be 
reproducible, supportable, etc.

Requires 
https://code.launchpad.net/~cjwatson/launchpad/db-snap-allow-network/+merge/336923.

For more details, see:
https://code.launchpad.net/~cjwatson/launchpad/snap-allow-network/+merge/336924
-- 
Your team Launchpad code reviewers is requested to review the proposed merge of 
lp:~cjwatson/launchpad/snap-allow-network into lp:launchpad.

___
Mailing list: https://launchpad.net/~launchpad-reviewers
Post to : launchpad-reviewers@lists.launchpad.net
Unsubscribe : https://launchpad.net/~launchpad-reviewers
More help   : https://help.launchpad.net/ListHelp

[Launchpad-reviewers] [Merge] lp:~cjwatson/launchpad/snap-allow-network into lp:launchpad

2018-01-31 Thread Colin Watson 
Colin Watson has proposed merging lp:~cjwatson/launchpad/snap-allow-network 
into lp:launchpad.

Commit message:
Add Snap.allow_network: if false, do not dispatch a proxy token to builds of 
that snap.

Requested reviews:
  Launchpad code reviewers (launchpad-reviewers)

For more details, see:
https://code.launchpad.net/~cjwatson/launchpad/snap-allow-network/+merge/336924

This will allow snaps that are intended to be delivered with Ubuntu images to 
be restricted to build from only resources on Launchpad, and thus be 
reproducible, supportable, etc.
-- 
Your team Launchpad code reviewers is requested to review the proposed merge of 
lp:~cjwatson/launchpad/snap-allow-network into lp:launchpad.
=== modified file 'lib/lp/scripts/garbo.py'
--- lib/lp/scripts/garbo.py	2016-11-12 21:02:10 +
+++ lib/lp/scripts/garbo.py	2018-01-31 14:51:33 +
@@ -1,4 +1,4 @@
-# Copyright 2009-2016 Canonical Ltd.  This software is licensed under the
+# Copyright 2009-2018 Canonical Ltd.  This software is licensed under the
 # GNU Affero General Public License version 3 (see the file LICENSE).
 
 """Database garbage collection."""
@@ -41,6 +41,7 @@
 Or,
 Row,
 SQL,
+Update,
 )
 from storm.info import ClassAlias
 from storm.store import EmptyResultSet
@@ -1603,6 +1604,32 @@
 transaction.commit()
 
 
+class SnapAllowNetworkPopulator(TunableLoop):
+"""Populates Snap.allow_network with True."""
+
+maximum_chunk_size = 5000
+
+def __init__(self, log, abort_time=None):
+super(SnapAllowNetworkPopulator, self).__init__(log, abort_time)
+self.start_at = 1
+self.store = IMasterStore(Snap)
+
+def findSnaps(self):
+return self.store.find(
+Snap,
+Snap.id >= self.start_at,
+Snap._allow_network == None).order_by(Snap.id)
+
+def isDone(self):
+return self.findSnaps().is_empty()
+
+def __call__(self, chunk_size):
+ids = [snap.id for snap in self.findSnaps()]
+self.store.execute(Update(
+{Snap._allow_network: True}, where=Snap.id.is_in(ids), table=Snap))
+transaction.commit()
+
+
 class BaseDatabaseGarbageCollector(LaunchpadCronScript):
 """Abstract base class to run a collection of TunableLoops."""
 script_name = None  # Script name for locking and database user. Override.
@@ -1893,6 +1920,7 @@
 ProductVCSPopulator,
 RevisionAuthorEmailLinker,
 ScrubPOFileTranslator,
+SnapAllowNetworkPopulator,
 SnapBuildJobPruner,
 SnapStoreSeriesPopulator,
 SuggestiveTemplatesCacheUpdater,

=== modified file 'lib/lp/scripts/tests/test_garbo.py'
--- lib/lp/scripts/tests/test_garbo.py	2018-01-02 10:54:31 +
+++ lib/lp/scripts/tests/test_garbo.py	2018-01-31 14:51:33 +
@@ -1,4 +1,4 @@
-# Copyright 2009-2016 Canonical Ltd.  This software is licensed under the
+# Copyright 2009-2018 Canonical Ltd.  This software is licensed under the
 # GNU Affero General Public License version 3 (see the file LICENSE).
 
 """Test the database garbage collector."""
@@ -15,6 +15,7 @@
 from StringIO import StringIO
 import time
 
+from psycopg2 import IntegrityError
 from pytz import UTC
 from storm.exceptions import LostObjectError
 from storm.expr import (
@@ -1553,6 +1554,34 @@
 # Snaps with more than one possible store series are untouched.
 self.assertIsNone(snaps[5].store_series)
 
+def test_SnapAllowNetworkPopulator(self):
+switch_dbuser('testadmin')
+old_snaps = [self.factory.makeSnap() for _ in range(2)]
+for snap in old_snaps:
+removeSecurityProxy(snap)._allow_network = None
+try:
+Store.of(old_snaps[0]).flush()
+except IntegrityError:
+# Now enforced by DB NOT NULL constraint; backfilling is no
+# longer necessary.
+return
+allow_network_snaps = [
+self.factory.makeSnap(allow_network=True) for _ in range(2)]
+disallow_network_snaps = [
+self.factory.makeSnap(allow_network=False) for _ in range(2)]
+transaction.commit()
+
+self.runDaily()
+
+# Old snaps are backfilled.
+for snap in old_snaps:
+self.assertIs(True, removeSecurityProxy(snap)._allow_network)
+# Other snaps are left alone.
+for snap in allow_network_snaps:
+self.assertIs(True, removeSecurityProxy(snap)._allow_network)
+for snap in disallow_network_snaps:
+self.assertIs(False, removeSecurityProxy(snap)._allow_network)
+
 
 class TestGarboTasks(TestCaseWithFactory):
 layer = LaunchpadZopelessLayer

=== modified file 'lib/lp/snappy/browser/snap.py'
--- lib/lp/snappy/browser/snap.py	2017-03-27 19:28:36 +
+++ lib/lp/snappy/browser/snap.py	2018-01-31 14:51:33 +
@@ -1,4 +1,4 @@
-# Copyright 2015-2017 Canonical Ltd.  This software is licensed under the
+# Copyright 2015-2018 Canonical Ltd.  This software is licensed under the