[pbs-devel] [pve-devel] [PATCH v6 proxmox-apt 04/11] add check_repositories function
Fabian Ebner
f.ebner at proxmox.com
Fri Jun 18 08:42:47 CEST 2021
Am 17.06.21 um 10:39 schrieb Wolfgang Bumiller:
> some non-blocking cleanups in case you do another version:
>
> On Fri, Jun 11, 2021 at 01:43:53PM +0200, Fabian Ebner wrote:
>> which checks for bad suites and official URIs.
>>
>> Signed-off-by: Fabian Ebner <f.ebner at proxmox.com>
>> ---
>>
>> Changes from v5:
>> * split out host_from_uri helper and also handle userinfo and port
>> * test an offical URI with port
>> * match all *.debian.org and *.proxmox.com as official to avoid (future)
>> false negatives.
>> * add bookworm and trixie codenames to the list of new_suites
>>
>> src/repositories/check.rs | 174 +++++++++++++++++++++-
>> src/repositories/mod.rs | 19 ++-
>> src/types.rs | 19 +++
>> tests/repositories.rs | 97 +++++++++++-
>> tests/sources.list.d.expected/bad.sources | 30 ++++
>> tests/sources.list.d/bad.sources | 29 ++++
>> 6 files changed, 364 insertions(+), 4 deletions(-)
>> create mode 100644 tests/sources.list.d.expected/bad.sources
>> create mode 100644 tests/sources.list.d/bad.sources
>>
>> diff --git a/src/repositories/check.rs b/src/repositories/check.rs
>> index a682b69..585c28d 100644
>> --- a/src/repositories/check.rs
>> +++ b/src/repositories/check.rs
>> @@ -1,6 +1,45 @@
>> use anyhow::{bail, Error};
>>
>> -use crate::types::{APTRepository, APTRepositoryFileType, APTRepositoryPackageType};
>> +use crate::types::{
>> + APTRepository, APTRepositoryFile, APTRepositoryFileType, APTRepositoryInfo,
>> + APTRepositoryPackageType,
>> +};
>> +
>> +/// Splits the suite into its base part and variant.
>> +fn suite_variant(suite: &str) -> (&str, &str) {
>> + let variants = ["-backports-sloppy", "-backports", "-updates", "/updates"];
>> +
>> + for variant in variants.iter() {
>> + if let Some(base) = suite.strip_suffix(variant) {
>> + return (base, variant);
>> + }
>> + }
>> +
>> + (suite, "")
>> +}
>> +
>> +/// Get the host part from a given URI.
>> +fn host_from_uri(uri: &str) -> Option<&str> {
>> + if let Some(begin) = uri.find("://") {
>
> You could shorten this via `?` (since the function itself also returns
> an `Option`):
>
> let begin = uri.find("://")?;
>
>> + let mut host = uri.split_at(begin + 3).1;
>> +
>> + if let Some(end) = host.find('/') {
>> + host = host.split_at(end).0;
>
> Personally I'd prefer `host = &host[..end]`, but it probably compiles to
> the same code in the end.
>
>> + }
>> +
>> + if let Some(begin) = host.find('@') {
>> + host = host.split_at(begin + 1).1;
>
> (Similarly: `host = &host[(begin + 1)..]`)
>
>> + }
>> +
>> + if let Some(end) = host.find(':') {
>> + host = host.split_at(end).0;
>> + }
>> +
>> + return Some(host);
>> + }
>> +
>> + None
>> +}
>>
>> impl APTRepository {
>> /// Makes sure that all basic properties of a repository are present and
>> @@ -102,4 +141,137 @@ impl APTRepository {
>> false
>> }
>> }
>> +
>> + /// Checks if old or unstable suites are configured and also that the
>> + /// `stable` keyword is not used.
>> + fn check_suites(&self, add_info: &mut dyn FnMut(String, String)) {
>> + let old_suites = [
>> + "lenny",
>> + "squeeze",
>> + "wheezy",
>> + "jessie",
>> + "stretch",
>> + "oldoldstable",
>> + "oldstable",
>> + ];
>> +
>> + let next_suite = "bullseye";
>> +
>> + let new_suites = [
>> + "bookworm",
>> + "trixie",
>> + "testing",
>> + "unstable",
>> + "sid",
>> + "experimental",
>> + ];
>> +
>> + if self
>> + .types
>> + .iter()
>> + .any(|package_type| *package_type == APTRepositoryPackageType::Deb)
>> + {
>> + for suite in self.suites.iter() {
>
> maybe cache `suite_variant(suite).0` at this point
>
> let variant = suite_variant(suite).0;
>
>> + if old_suites
>> + .iter()
>> + .any(|base_suite| suite_variant(suite).0 == *base_suite)
>
> ^ then this could be
>
> if old_suites.contains(&variant) {
>
> I think
>
>> + {
>> + add_info(
>> + "warning".to_string(),
>> + format!("old suite '{}' configured!", suite),
>> + );
>> + }
>> +
>> + if suite_variant(suite).0 == next_suite {
>> + add_info(
>> + "ignore-pre-upgrade-warning".to_string(),
>> + format!("suite '{}' should not be used in production!", suite),
>> + );
>> + }
>> +
>> + if new_suites
>> + .iter()
>> + .any(|base_suite| suite_variant(suite).0 == *base_suite)
>
> ^ same
>
>> + {
>> + add_info(
>> + "warning".to_string(),
>> + format!("suite '{}' should not be used in production!", suite),
>> + );
>> + }
>> +
>> + if suite_variant(suite).0 == "stable" {
>> + add_info(
>> + "warning".to_string(),
>> + "use the name of the stable distribution instead of 'stable'!".to_string(),
>> + );
>> + }
>> + }
>> + }
>> + }
>> +
>> + /// Checks if an official host is configured in the repository.
>> + fn check_uris(&self) -> Option<(String, String)> {
>> + let official_host = |domains: &Vec<&str>| match domains.split_last() {
>
> Drop this entire beast (see below), but as a review of it:
> You can use the slice[1] & rest[2] pattern syntax here:
>
> #[allow(clippy::match_like_matches_macro)]
> match domains[..] { // the `[..]` part is required here
> [.., "proxmox", "com"] => true,
> [.., "debian", "org"] => true,
> _ => false,
> }
>
> Or more concise (but I do find the above a bit quicker to glance over,
> hence the 'clippy' hint ;-) ):
>
> matches!(domains[..], [.., "proxmox", "com"] | [.., "debian", "org"]);
>
> [1] https://doc.rust-lang.org/reference/patterns.html#slice-patterns
> [2] https://doc.rust-lang.org/reference/patterns.html#rest-patterns
>
>> + Some((last, rest)) => match rest.split_last() {
>> + Some((second_to_last, _rest)) => {
>> + (*last == "org" && *second_to_last == "debian")
>> + || (*last == "com" && *second_to_last == "proxmox")
>> + }
>> + None => false,
>> + },
>> + None => false,
>> + };
>> +
>> + for uri in self.uris.iter() {
>> + if let Some(host) = host_from_uri(uri) {
>> + let domains = host.split('.').collect();
>
> ^ But instead of building a vector here, why not just do:
>
> if host == "proxmox.com" || host.ends_with(".proxmox.com")
> || host == "debian.org" || host.ends_with(".debian.org")
> {
> ...
> }
>
Misses FQDNs? Thanks for the tips, I was not aware that one can do
tail-matching with the matches! macro.
>> +
>> + if official_host(&domains) {
>> + return Some(("badge".to_string(), "official host name".to_string()));
>> + }
>> + }
>> + }
>> +
>> + None
>> + }
>> +}
>> +
>> +impl APTRepositoryFile {
>> + /// Checks if old or unstable suites are configured and also that the
>> + /// `stable` keyword is not used.
>> + pub fn check_suites(&self) -> Vec<APTRepositoryInfo> {
>> + let mut infos = vec![];
>> +
>> + for (n, repo) in self.repositories.iter().enumerate() {
>> + let mut add_info = |kind, message| {
>> + infos.push(APTRepositoryInfo {
>> + path: self.path.clone(),
>> + number: n + 1,
>> + kind,
>> + message,
>> + })
>> + };
>> + repo.check_suites(&mut add_info);
>
> ^ minor nit:
> the `check_suites` you're calling here is only called at this one spot
> and private, so personally I'd prefer an `impl FnMut` or generic over a
> trait object, (also you could inline the closure here)
>
More information about the pbs-devel
mailing list