This is an automated email from the ASF dual-hosted git repository.
sbp pushed a commit to branch sbp
in repository https://gitbox.apache.org/repos/asf/tooling-trusted-releases.git
The following commit(s) were added to refs/heads/sbp by this push:
new 5e8f907b Migrate revision creators that modify metadata
5e8f907b is described below
commit 5e8f907b3b8f59e8167343559725b32c0bef0b6e
Author: Sean B. Palmer <[email protected]>
AuthorDate: Wed Feb 18 16:42:16 2026 +0000
Migrate revision creators that modify metadata
---
atr/post/draft.py | 23 +++++++++++++++--------
atr/tasks/sbom.py | 33 +++++++++++++++++----------------
2 files changed, 32 insertions(+), 24 deletions(-)
diff --git a/atr/post/draft.py b/atr/post/draft.py
index 5568081b..b3a1e0cc 100644
--- a/atr/post/draft.py
+++ b/atr/post/draft.py
@@ -17,6 +17,8 @@
from __future__ import annotations
+from typing import TYPE_CHECKING
+
import aiofiles.os
import aioshutil
import asfquart.base as base
@@ -33,6 +35,9 @@ import atr.storage as storage
import atr.util as util
import atr.web as web
+if TYPE_CHECKING:
+ import pathlib
+
@post.committer("/compose/<project_name>/<version_name>")
@post.empty()
@@ -196,13 +201,11 @@ async def sbomgen(session: web.Committer, project_name:
str, version_name: str,
description = "SBOM generation through web interface"
async with storage.write(session) as write:
wacp = await write.as_project_committee_participant(project_name)
- async with wacp.revision.create_and_manage(
- project_name, version_name, session.uid,
description=description
- ) as creating:
- # Uses new_revision_number in a functional way
- path_in_new_revision = creating.interim_path / rel_path
+
+ async def modify(path: pathlib.Path, old_rev: sql.Revision | None)
-> None:
+ path_in_new_revision = path / rel_path
sbom_path_rel = rel_path.with_suffix(rel_path.suffix +
".cdx.json").name
- sbom_path_in_new_revision = creating.interim_path /
rel_path.parent / sbom_path_rel
+ sbom_path_in_new_revision = path / rel_path.parent /
sbom_path_rel
# Check that the source file exists in the new revision
if not await aiofiles.os.path.exists(path_in_new_revision):
@@ -214,17 +217,21 @@ async def sbomgen(session: web.Committer, project_name:
str, version_name: str,
raise base.ASFQuartException("SBOM file already exists",
errorcode=400)
# This shouldn't happen as we need a revision to kick the task
off from
- if creating.old is None:
+ if old_rev is None:
raise web.FlashError("Internal error: Revision not found")
# Create and queue the task, using paths within the new
revision
sbom_task = await wacp.sbom.generate_cyclonedx(
- project_name, version_name, creating.old.number,
path_in_new_revision, sbom_path_in_new_revision
+ project_name, version_name, old_rev.number,
path_in_new_revision, sbom_path_in_new_revision
)
success = await interaction.wait_for_task(sbom_task)
if not success:
raise web.FlashError("Internal error: SBOM generation
timed out")
+ await wacp.revision.create_revision(
+ project_name, version_name, session.uid,
description=description, modify=modify
+ )
+
except Exception as e:
log.exception("Error generating SBOM:")
await quart.flash(f"Error generating SBOM: {e!s}", "error")
diff --git a/atr/tasks/sbom.py b/atr/tasks/sbom.py
index 0ed004ab..9b242d0a 100644
--- a/atr/tasks/sbom.py
+++ b/atr/tasks/sbom.py
@@ -18,7 +18,8 @@
import asyncio
import json
import os
-from typing import TYPE_CHECKING, Any, Final
+import pathlib
+from typing import Any, Final
import aiofiles
import aiofiles.os
@@ -28,14 +29,12 @@ import atr.config as config
import atr.log as log
import atr.models.results as results
import atr.models.schema as schema
+import atr.models.sql as sql
import atr.sbom as sbom
import atr.storage as storage
import atr.tasks.checks as checks
import atr.util as util
-if TYPE_CHECKING:
- import pathlib
-
_CONFIG: Final = config.get()
@@ -100,10 +99,10 @@ async def augment(args: FileArgs) -> results.Results |
None:
description = "SBOM augmentation through web interface"
async with storage.write(args.asf_uid) as write:
wacp = await
write.as_project_committee_participant(args.project_name)
- async with wacp.revision.create_and_manage(
- args.project_name, args.version_name, args.asf_uid or
"unknown", description=description
- ) as creating:
- new_full_path = creating.interim_path / args.file_path
+
+ async def modify(path: pathlib.Path, _old_rev: sql.Revision |
None) -> None:
+ nonlocal new_full_path, new_full_path_str
+ new_full_path = path / args.file_path
new_full_path_str = str(new_full_path)
# Write to the new revision
log.info(f"Writing augmented SBOM to {new_full_path_str}")
@@ -111,8 +110,9 @@ async def augment(args: FileArgs) -> results.Results | None:
async with aiofiles.open(new_full_path, "w", encoding="utf-8")
as f:
await f.write(merged.dumps())
- if creating.new is None:
- raise RuntimeError("Internal error: New revision not found")
+ await wacp.revision.create_revision(
+ args.project_name, args.version_name, args.asf_uid or
"unknown", description=description, modify=modify
+ )
return results.SBOMAugment(
kind="sbom_augment",
@@ -168,10 +168,10 @@ async def osv_scan(args: FileArgs) -> results.Results |
None:
description = "SBOM vulnerability scan through web interface"
async with storage.write(args.asf_uid) as write:
wacp = await write.as_project_committee_participant(args.project_name)
- async with wacp.revision.create_and_manage(
- args.project_name, args.version_name, args.asf_uid or "unknown",
description=description
- ) as creating:
- new_full_path = creating.interim_path / args.file_path
+
+ async def modify(path: pathlib.Path, _old_rev: sql.Revision | None) ->
None:
+ nonlocal new_full_path, new_full_path_str
+ new_full_path = path / args.file_path
new_full_path_str = str(new_full_path)
# Write to the new revision
log.info(f"Writing updated SBOM to {new_full_path_str}")
@@ -179,8 +179,9 @@ async def osv_scan(args: FileArgs) -> results.Results |
None:
async with aiofiles.open(new_full_path, "w", encoding="utf-8") as
f:
await f.write(merged.dumps())
- if creating.new is None:
- raise RuntimeError("Internal error: New revision not found")
+ await wacp.revision.create_revision(
+ args.project_name, args.version_name, args.asf_uid or "unknown",
description=description, modify=modify
+ )
return results.SBOMOSVScan(
kind="sbom_osv_scan",
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
