[pbs-devel] [pve-devel] [PATCH v6 proxmox-apt 04/11] add check_repositories function

Fabian Ebner f.ebner at proxmox.com
Fri Jun 18 08:42:47 CEST 2021


Am 17.06.21 um 10:39 schrieb Wolfgang Bumiller:
> some non-blocking cleanups in case you do another version:
> 
> On Fri, Jun 11, 2021 at 01:43:53PM +0200, Fabian Ebner wrote:
>> which checks for bad suites and official URIs.
>>
>> Signed-off-by: Fabian Ebner <f.ebner at proxmox.com>
>> ---
>>
>> Changes from v5:
>>      * split out host_from_uri helper and also handle userinfo and port
>>      * test an offical URI with port
>>      * match all *.debian.org and *.proxmox.com as official to avoid (future)
>>        false negatives.
>>      * add bookworm and trixie codenames to the list of new_suites
>>
>>   src/repositories/check.rs                 | 174 +++++++++++++++++++++-
>>   src/repositories/mod.rs                   |  19 ++-
>>   src/types.rs                              |  19 +++
>>   tests/repositories.rs                     |  97 +++++++++++-
>>   tests/sources.list.d.expected/bad.sources |  30 ++++
>>   tests/sources.list.d/bad.sources          |  29 ++++
>>   6 files changed, 364 insertions(+), 4 deletions(-)
>>   create mode 100644 tests/sources.list.d.expected/bad.sources
>>   create mode 100644 tests/sources.list.d/bad.sources
>>
>> diff --git a/src/repositories/check.rs b/src/repositories/check.rs
>> index a682b69..585c28d 100644
>> --- a/src/repositories/check.rs
>> +++ b/src/repositories/check.rs
>> @@ -1,6 +1,45 @@
>>   use anyhow::{bail, Error};
>>   
>> -use crate::types::{APTRepository, APTRepositoryFileType, APTRepositoryPackageType};
>> +use crate::types::{
>> +    APTRepository, APTRepositoryFile, APTRepositoryFileType, APTRepositoryInfo,
>> +    APTRepositoryPackageType,
>> +};
>> +
>> +/// Splits the suite into its base part and variant.
>> +fn suite_variant(suite: &str) -> (&str, &str) {
>> +    let variants = ["-backports-sloppy", "-backports", "-updates", "/updates"];
>> +
>> +    for variant in variants.iter() {
>> +        if let Some(base) = suite.strip_suffix(variant) {
>> +            return (base, variant);
>> +        }
>> +    }
>> +
>> +    (suite, "")
>> +}
>> +
>> +/// Get the host part from a given URI.
>> +fn host_from_uri(uri: &str) -> Option<&str> {
>> +    if let Some(begin) = uri.find("://") {
> 
> You could shorten this via `?` (since the function itself also returns
> an `Option`):
> 
>      let begin = uri.find("://")?;
> 
>> +        let mut host = uri.split_at(begin + 3).1;
>> +
>> +        if let Some(end) = host.find('/') {
>> +            host = host.split_at(end).0;
> 
> Personally I'd prefer `host = &host[..end]`, but it probably compiles to
> the same code in the end.
> 
>> +        }
>> +
>> +        if let Some(begin) = host.find('@') {
>> +            host = host.split_at(begin + 1).1;
> 
> (Similarly: `host = &host[(begin + 1)..]`)
> 
>> +        }
>> +
>> +        if let Some(end) = host.find(':') {
>> +            host = host.split_at(end).0;
>> +        }
>> +
>> +        return Some(host);
>> +    }
>> +
>> +    None
>> +}
>>   
>>   impl APTRepository {
>>       /// Makes sure that all basic properties of a repository are present and
>> @@ -102,4 +141,137 @@ impl APTRepository {
>>               false
>>           }
>>       }
>> +
>> +    /// Checks if old or unstable suites are configured and also that the
>> +    /// `stable` keyword is not used.
>> +    fn check_suites(&self, add_info: &mut dyn FnMut(String, String)) {
>> +        let old_suites = [
>> +            "lenny",
>> +            "squeeze",
>> +            "wheezy",
>> +            "jessie",
>> +            "stretch",
>> +            "oldoldstable",
>> +            "oldstable",
>> +        ];
>> +
>> +        let next_suite = "bullseye";
>> +
>> +        let new_suites = [
>> +            "bookworm",
>> +            "trixie",
>> +            "testing",
>> +            "unstable",
>> +            "sid",
>> +            "experimental",
>> +        ];
>> +
>> +        if self
>> +            .types
>> +            .iter()
>> +            .any(|package_type| *package_type == APTRepositoryPackageType::Deb)
>> +        {
>> +            for suite in self.suites.iter() {
> 
> maybe cache `suite_variant(suite).0` at this point
> 
>      let variant = suite_variant(suite).0;
> 
>> +                if old_suites
>> +                    .iter()
>> +                    .any(|base_suite| suite_variant(suite).0 == *base_suite)
> 
> ^ then this could be
> 
>      if old_suites.contains(&variant) {
> 
> I think
> 
>> +                {
>> +                    add_info(
>> +                        "warning".to_string(),
>> +                        format!("old suite '{}' configured!", suite),
>> +                    );
>> +                }
>> +
>> +                if suite_variant(suite).0 == next_suite {
>> +                    add_info(
>> +                        "ignore-pre-upgrade-warning".to_string(),
>> +                        format!("suite '{}' should not be used in production!", suite),
>> +                    );
>> +                }
>> +
>> +                if new_suites
>> +                    .iter()
>> +                    .any(|base_suite| suite_variant(suite).0 == *base_suite)
> 
> ^ same
> 
>> +                {
>> +                    add_info(
>> +                        "warning".to_string(),
>> +                        format!("suite '{}' should not be used in production!", suite),
>> +                    );
>> +                }
>> +
>> +                if suite_variant(suite).0 == "stable" {
>> +                    add_info(
>> +                        "warning".to_string(),
>> +                        "use the name of the stable distribution instead of 'stable'!".to_string(),
>> +                    );
>> +                }
>> +            }
>> +        }
>> +    }
>> +
>> +    /// Checks if an official host is configured in the repository.
>> +    fn check_uris(&self) -> Option<(String, String)> {
>> +        let official_host = |domains: &Vec<&str>| match domains.split_last() {
> 
> Drop this entire beast (see below), but as a review of it:
> You can use the slice[1] & rest[2] pattern syntax here:
> 
>      #[allow(clippy::match_like_matches_macro)]
>      match domains[..] { // the `[..]` part is required here
>          [.., "proxmox", "com"] => true,
>          [.., "debian", "org"] => true,
>          _ => false,
>      }
> 
> Or more concise (but I do find the above a bit quicker to glance over,
> hence the 'clippy' hint ;-) ):
> 
>      matches!(domains[..], [.., "proxmox", "com"] | [.., "debian", "org"]);
> 
> [1] https://doc.rust-lang.org/reference/patterns.html#slice-patterns
> [2] https://doc.rust-lang.org/reference/patterns.html#rest-patterns
> 
>> +            Some((last, rest)) => match rest.split_last() {
>> +                Some((second_to_last, _rest)) => {
>> +                    (*last == "org" && *second_to_last == "debian")
>> +                        || (*last == "com" && *second_to_last == "proxmox")
>> +                }
>> +                None => false,
>> +            },
>> +            None => false,
>> +        };
>> +
>> +        for uri in self.uris.iter() {
>> +            if let Some(host) = host_from_uri(uri) {
>> +                let domains = host.split('.').collect();
> 
> ^ But instead of building a vector here, why not just do:
> 
>      if host == "proxmox.com" || host.ends_with(".proxmox.com")
>          || host == "debian.org" || host.ends_with(".debian.org")
>      {
>          ...
>      }
> 

Misses FQDNs? Thanks for the tips, I was not aware that one can do 
tail-matching with the matches! macro.

>> +
>> +                if official_host(&domains) {
>> +                    return Some(("badge".to_string(), "official host name".to_string()));
>> +                }
>> +            }
>> +        }
>> +
>> +        None
>> +    }
>> +}
>> +
>> +impl APTRepositoryFile {
>> +    /// Checks if old or unstable suites are configured and also that the
>> +    /// `stable` keyword is not used.
>> +    pub fn check_suites(&self) -> Vec<APTRepositoryInfo> {
>> +        let mut infos = vec![];
>> +
>> +        for (n, repo) in self.repositories.iter().enumerate() {
>> +            let mut add_info = |kind, message| {
>> +                infos.push(APTRepositoryInfo {
>> +                    path: self.path.clone(),
>> +                    number: n + 1,
>> +                    kind,
>> +                    message,
>> +                })
>> +            };
>> +            repo.check_suites(&mut add_info);
> 
> ^ minor nit:
> the `check_suites` you're calling here is only called at this one spot
> and private, so personally I'd prefer an `impl FnMut` or generic over a
> trait object, (also you could inline the closure here)
> 





More information about the pbs-devel mailing list