forked from opensearch-project/opensearch-build
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathsign_artifacts.py
89 lines (70 loc) · 3.01 KB
/
sign_artifacts.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
#!/usr/bin/env python
# Copyright OpenSearch Contributors
# SPDX-License-Identifier: Apache-2.0
#
# The OpenSearch Contributors require contributions made to
# this file be licensed under the Apache-2.0 license or a
# compatible open source license.
import logging
import os
from abc import abstractmethod
from pathlib import Path
from typing import Any, List, Type
from manifests.build_manifest import BuildManifest
from sign_workflow.signer import Signer
from sign_workflow.signers import Signers
class SignArtifacts:
target: Path
component: str
artifact_type: str
signature_type: str
platform: str
signer: Signer
def __init__(self, target: Path, components: List[str], artifact_type: str, signature_type: str, platform: str, overwrite: bool) -> None:
self.target = target
self.components = components
self.artifact_type = artifact_type
self.signature_type = signature_type
self.platform = platform
self.signer = Signers.create(platform, overwrite)
@abstractmethod
def __sign__(self) -> None:
pass
def sign(self) -> None:
self.__sign__()
logging.info("Done.")
def __sign_artifacts__(self, artifacts: List[str], basepath: Path) -> None:
self.signer.sign_artifacts(artifacts, basepath, self.signature_type)
def __sign_artifact__(self, artifact: str, basepath: Path) -> None:
self.signer.sign_artifact(artifact, basepath, self.signature_type)
@classmethod
def __signer_class__(self, path: Path) -> Type[Any]:
if path.is_dir():
return SignExistingArtifactsDir
elif path.suffix == ".yml":
return SignWithBuildManifest
else:
return SignArtifactsExistingArtifactFile
@classmethod
def from_path(self, path: Path, components: List[str], artifact_type: str, signature_type: str, platform: str, overwrite: bool) -> Any:
klass = self.__signer_class__(path)
return klass(path, components, artifact_type, signature_type, platform, overwrite)
class SignWithBuildManifest(SignArtifacts):
def __sign__(self) -> None:
manifest = BuildManifest.from_file(self.target.open("r"))
basepath = self.target.parent
for component in manifest.components.select(focus=self.components):
logging.info(f"Signing {component.name}")
for component_artifact_type in component.artifacts:
if self.artifact_type and self.artifact_type != component_artifact_type:
continue
super().__sign_artifacts__(component.artifacts[component_artifact_type], basepath)
class SignArtifactsExistingArtifactFile(SignArtifacts):
def __sign__(self) -> None:
artifacts = self.target.name
basename = self.target.parent
super().__sign_artifact__(artifacts, basename)
class SignExistingArtifactsDir(SignArtifacts):
def __sign__(self) -> None:
for subdir, dirs, files in os.walk(self.target):
super().__sign_artifacts__(files, Path(subdir))