[gentoo-commits] proj/portage:master commit in: pym/portage/sync/modules/git/

public inbox for gentoo-commits@lists.gentoo.org
 help / color / mirror / Atom feed

From: "Zac Medico" <zmedico@gentoo.org>
To: gentoo-commits@lists.gentoo.org
Subject: [gentoo-commits] proj/portage:master commit in: pym/portage/sync/modules/git/
Date: Sun,  8 Jul 2018 21:17:44 +0000 (UTC)	[thread overview]
Message-ID: <1531084591.3cd8cf93abb6410cc877381531bb662a704dffa7.zmedico@gentoo> (raw)

commit:     3cd8cf93abb6410cc877381531bb662a704dffa7
Author:     Zac Medico <zmedico <AT> gentoo <DOT> org>
AuthorDate: Thu Jul  5 10:10:36 2018 +0000
Commit:     Zac Medico <zmedico <AT> gentoo <DOT> org>
CommitDate: Sun Jul  8 21:16:31 2018 +0000
URL:        https://gitweb.gentoo.org/proj/portage.git/commit/?id=3cd8cf93

GitSync: abort checkout for signature problem (bug 660372)

Fetch the upstream remote and use git merge to update the checkout
only after successful verification of the upstream head.

Suggested-by: Richard Freeman <rich0 <AT> gentoo.org>
Reviewed-by: Arfrever Frehtes Taifersar Arahesis <Arfrever <AT> Apache.Org>
Bug: https://bugs.gentoo.org/660372

 pym/portage/sync/modules/git/git.py | 39 ++++++++++++++++++++++++++++++++-----
 1 file changed, 34 insertions(+), 5 deletions(-)

diff --git a/pym/portage/sync/modules/git/git.py b/pym/portage/sync/modules/git/git.py
index 160137a6d..85a44289a 100644
--- a/pym/portage/sync/modules/git/git.py
+++ b/pym/portage/sync/modules/git/git.py
@@ -109,6 +109,7 @@ class GitSync(NewBase):
 		if not self.has_bin:
 			return (1, False)
 		git_cmd_opts = ""
+		quiet = self.settings.get("PORTAGE_QUIET") == "1"
 		if self.repo.module_specific_options.get('sync-git-env'):
 			shlexed_env = shlex_split(self.repo.module_specific_options['sync-git-env'])
 			env = dict((k, v) for k, _, v in (assignment.partition('=') for assignment in shlexed_env) if k)
@@ -123,7 +124,21 @@ class GitSync(NewBase):
 			git_cmd_opts += " --quiet"
 		if self.repo.module_specific_options.get('sync-git-pull-extra-opts'):
 			git_cmd_opts += " %s" % self.repo.module_specific_options['sync-git-pull-extra-opts']
-		git_cmd = "%s pull%s" % (self.bin_command, git_cmd_opts)
+
+		try:
+			remote_branch = portage._unicode_decode(
+				subprocess.check_output([self.bin_command, 'rev-parse',
+				'--abbrev-ref', '--symbolic-full-name', '@{upstream}'],
+				cwd=portage._unicode_encode(self.repo.location))).rstrip('\n')
+		except subprocess.CalledProcessError as e:
+			msg = "!!! git rev-parse error in %s" % self.repo.location
+			self.logger(self.xterm_titles, msg)
+			writemsg_level(msg + "\n", level=logging.ERROR, noiselevel=-1)
+			return (e.returncode, False)
+
+		git_cmd = "%s fetch %s%s" % (self.bin_command,
+			remote_branch.partition('/')[0], git_cmd_opts)
+
 		writemsg_level(git_cmd + "\n")
 
 		rev_cmd = [self.bin_command, "rev-list", "--max-count=1", "HEAD"]
@@ -133,20 +148,34 @@ class GitSync(NewBase):
 		exitcode = portage.process.spawn_bash("cd %s ; exec %s" % (
 				portage._shell_quote(self.repo.location), git_cmd),
 			**self.spawn_kwargs)
+
 		if exitcode != os.EX_OK:
-			msg = "!!! git pull error in %s" % self.repo.location
+			msg = "!!! git fetch error in %s" % self.repo.location
 			self.logger(self.xterm_titles, msg)
 			writemsg_level(msg + "\n", level=logging.ERROR, noiselevel=-1)
 			return (exitcode, False)
-		if not self.verify_head():
+
+		if not self.verify_head(revision='refs/remotes/%s^..' % remote_branch):
 			return (1, False)
 
+		merge_cmd = [self.bin_command, 'merge', 'refs/remotes/%s' % remote_branch]
+		if quiet:
+			merge_cmd.append('--quiet')
+		exitcode = subprocess.call(merge_cmd,
+			cwd=portage._unicode_encode(self.repo.location))
+
+		if exitcode != os.EX_OK:
+			msg = "!!! git merge error in %s" % self.repo.location
+			self.logger(self.xterm_titles, msg)
+			writemsg_level(msg + "\n", level=logging.ERROR, noiselevel=-1)
+			return (exitcode, False)
+
 		current_rev = subprocess.check_output(rev_cmd,
 			cwd=portage._unicode_encode(self.repo.location))
 
 		return (os.EX_OK, current_rev != previous_rev)
 
-	def verify_head(self):
+	def verify_head(self, revision='-1'):
 		if (self.repo.module_specific_options.get(
 				'sync-git-verify-commit-signature', 'false') != 'true'):
 			return True
@@ -180,7 +209,7 @@ class GitSync(NewBase):
 				env = os.environ.copy()
 				env['GNUPGHOME'] = openpgp_env.home
 
-			rev_cmd = [self.bin_command, "log", "--pretty=format:%G?", "-1"]
+			rev_cmd = [self.bin_command, "log", "--pretty=format:%G?", revision]
 			try:
 				status = (portage._unicode_decode(
 					subprocess.check_output(rev_cmd,

next             reply	other threads:[~2018-07-08 21:17 UTC|newest]

Thread overview: 20+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2018-07-08 21:17 Zac Medico [this message]
  -- strict thread matches above, loose matches on Subject: below --
2018-07-10  4:28 [gentoo-commits] proj/portage:master commit in: pym/portage/sync/modules/git/ Zac Medico
2018-07-08 22:18 Zac Medico
2018-03-21 18:26 Zac Medico
2018-02-05 18:44 Michał Górny
2017-08-09 20:56 Zac Medico
2017-08-09 20:39 Zac Medico
2017-02-25  0:25 Zac Medico
2016-11-07 22:16 Zac Medico
2016-11-03 20:05 Zac Medico
2016-10-30 21:23 Michał Górny
2016-09-22 21:45 Zac Medico
2016-07-18 16:32 Zac Medico
2016-07-14 18:41 Zac Medico
2015-11-07 21:28 Zac Medico
2015-09-04 17:27 Brian Dolbec
2015-01-18 18:04 Michał Górny
2014-12-04 20:16 Brian Dolbec
2014-12-04 20:04 [gentoo-commits] proj/portage:plugin-sync " Brian Dolbec
2014-12-04 20:16 ` [gentoo-commits] proj/portage:master " Brian Dolbec
2014-12-04 20:04 [gentoo-commits] proj/portage:plugin-sync " Brian Dolbec
2014-12-04 20:16 ` [gentoo-commits] proj/portage:master " Brian Dolbec

find likely ancestor, descendant, or conflicting patches for this message:
( dfblob:160137a6 dfblob:85a44289 )
 OR (
bs:"[gentoo-commits] proj/portage:master commit in: pym/portage/sync/modules/git/" )
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=1531084591.3cd8cf93abb6410cc877381531bb662a704dffa7.zmedico@gentoo \
    --to=zmedico@gentoo.org \
    --cc=gentoo-commits@lists.gentoo.org \
    --cc=gentoo-dev@lists.gentoo.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox