mirrors/gstreamer
mirrors/gstreamer
1
1
Fork 0
mirror of https://gitlab.freedesktop.org/gstreamer/gstreamer.git synced 2025-01-31 11:32:38 +00:00
Code Issues 1 Projects Releases Wiki Activity

build_manifest.py: Prefer a custom token if set

Browse source 
In order to be able to query the Gitlab Group API we need to be
authenticated. CI_JOB_TOKEN for public jobs has a non-meaningfull
value which does not actually authenticate the Runner to the
intance.
This commit is contained in:
Jordan Petridis 2018-10-30 21:00:48 +02:00
parent 02b57af288
commit b5b71baddb
No known key found for this signature in database
GPG key ID: 902CC06D159744F5
2 changed files with 33 additions and 13 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
.gitlab-ci.yml
View file

@ -12,4 +12,4 @@ test manifest:
artifacts: artifacts:
reports: reports:
junit: junit:
- "junit.xml" - "junit.xml"

44
gitlab/build_manifest.py
View file

@ -40,29 +40,36 @@ def preserve_ci_vars(func):
"""Preserve the original CI Variable values""" """Preserve the original CI Variable values"""
def wrapper(): def wrapper():
try: try:
token = os.environ["CI_JOB_TOKEN"]
url = os.environ["CI_PROJECT_URL"] url = os.environ["CI_PROJECT_URL"]
user = os.environ["GITLAB_USER_LOGIN"] user = os.environ["GITLAB_USER_LOGIN"]
except KeyError: except KeyError:
token = "invalid"
url = "invalid" url = "invalid"
user = "" user = ""
private = os.getenv("READ_PROJECTS_TOKEN", default=None)
if not private:
os.environ["READ_PROJECTS_TOKEN"] = "FOO"
func() func()
os.environ["CI_JOB_TOKEN"] = token
os.environ["CI_PROJECT_URL"] = url os.environ["CI_PROJECT_URL"] = url
os.environ["GITLAB_USER_LOGIN"] = user os.environ["GITLAB_USER_LOGIN"] = user
if private:
os.environ["READ_PROJECTS_TOKEN"] = private
# if it was set after
elif os.getenv("READ_PROJECTS_TOKEN", default=None):
del os.environ["READ_PROJECTS_TOKEN"]
return wrapper return wrapper
def request_raw(path: str, token: str, project_url: str) -> List[Dict[str, str]]: def request_raw(path: str, headers: Dict[str, str], project_url: str) -> List[Dict[str, str]]:
gitlab_header: Dict[str, str] = {'JOB_TOKEN': token }
base_url: str = get_hostname(project_url) base_url: str = get_hostname(project_url)
url: str = f"https://{base_url}/api/v4/{path}" url: str = f"https://{base_url}/api/v4/{path}"
print(f"GET {url}") print(f"GET {url}")
resp = requests.get(url, headers=gitlab_header) print(f"Headers: {headers}")
resp = requests.get(url, headers=headers)
print(f"Request returned: {resp.status_code}") print(f"Request returned: {resp.status_code}")
if not resp.ok: if not resp.ok:
@ -72,11 +79,24 @@ def request_raw(path: str, token: str, project_url: str) -> List[Dict[str, str]]
def request(path: str) -> List[Dict[str, str]]: def request(path: str) -> List[Dict[str, str]]:
# mock: "xxxxxxxxxxxxxxxxxxxx" # Check if there is a custom token set
token: str = os.environ["CI_JOB_TOKEN"] # API calls to Group namespaces need to be authenticated
# regardless if the group/projects are public or not.
# CI_JOB_TOKEN has an actuall value only for private jobs
# and that's also an Gitlab EE feature.
# Which means no matter what we need to give the runner
# an actuall token if we want to query even the public
# gitlab.fd.o/gstreamer group
try:
headers: Dict[str, str] = {'Private-Token': os.environ["READ_PROJECTS_TOKEN"] }
except KeyError:
print("Custom token was not set, group api querries will fail")
# JOB_TOKEN is the default placeholder of CI_JOB_TOKEN
headers: Dict[str, str] = {'JOB_TOKEN': "xxxxxxxxxxxxxxxxxxxx" }
# mock: "https://gitlab.freedesktop.org/gstreamer/gstreamer" # mock: "https://gitlab.freedesktop.org/gstreamer/gstreamer"
project_url: str = os.environ['CI_PROJECT_URL'] project_url: str = os.environ['CI_PROJECT_URL']
return request_raw(path, token, project_url) return request_raw(path, headers, project_url)
def request_wrap(path: str) -> List[Dict[str, str]]: def request_wrap(path: str) -> List[Dict[str, str]]:
@ -102,8 +122,8 @@ def get_project_branch(project_id: int, name: str) -> Dict[str, str]:
@preserve_ci_vars @preserve_ci_vars
def test_get_project_branch(): def test_get_project_branch():
id = 1353 id = 1353
os.environ["CI_JOB_TOKEN"] = "xxxxxxxxxxxxxxxxxxxx"
os.environ["CI_PROJECT_URL"] = "https://gitlab.freedesktop.org/gstreamer/gst-plugins-good" os.environ["CI_PROJECT_URL"] = "https://gitlab.freedesktop.org/gstreamer/gst-plugins-good"
del os.environ["READ_PROJECTS_TOKEN"]
twelve = get_project_branch(id, '1.12') twelve = get_project_branch(id, '1.12')
assert twelve is not None assert twelve is not None
@ -129,8 +149,8 @@ def search_user_namespace(user: str, project: str) -> Dict[str, str]:
@preserve_ci_vars @preserve_ci_vars
def test_search_user_namespace(): def test_search_user_namespace():
os.environ["CI_JOB_TOKEN"] = "xxxxxxxxxxxxxxxxxxxx"
os.environ["CI_PROJECT_URL"] = "https://gitlab.freedesktop.org/alatiera/gst-plugins-good" os.environ["CI_PROJECT_URL"] = "https://gitlab.freedesktop.org/alatiera/gst-plugins-good"
del os.environ["READ_PROJECTS_TOKEN"]
user = "alatiera" user = "alatiera"
gst = search_user_namespace("alatiera", "gstreamer") gst = search_user_namespace("alatiera", "gstreamer")
@ -232,9 +252,9 @@ def find_repository_sha(module: str, branchname: str) -> Tuple[str, str]:
@preserve_ci_vars @preserve_ci_vars
def test_find_repository_sha(): def test_find_repository_sha():
os.environ["CI_JOB_TOKEN"] = "xxxxxxxxxxxxxxxxxxxx"
os.environ["CI_PROJECT_URL"] = "https://gitlab.freedesktop.org/gstreamer/gst-plugins-good" os.environ["CI_PROJECT_URL"] = "https://gitlab.freedesktop.org/gstreamer/gst-plugins-good"
os.environ["GITLAB_USER_LOGIN"] = "alatiera" os.environ["GITLAB_USER_LOGIN"] = "alatiera"
del os.environ["READ_PROJECTS_TOKEN"]
# This should find the repository in the user namespace # This should find the repository in the user namespace
remote, git_ref = find_repository_sha("gst-plugins-good", "1.2") remote, git_ref = find_repository_sha("gst-plugins-good", "1.2")