hlrs-software-stack/spack
7
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

init: replace spack.insecure global with spack.config.get

Browse source
This commit is contained in:
Todd Gamblin 2018-04-14 23:09:57 -07:00 committed by scheibelp
parent 863ccd5e94
commit 73ab0e5dd7
10 changed files with 116 additions and 43 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
lib/spack/spack/__init__.py
View file

@ -50,11 +50,6 @@
template_dirs = [canonicalize_path(x) for x in template_dirs] template_dirs = [canonicalize_path(x) for x in template_dirs]
#: If this is enabled, tools that use SSL should not verify
#: certifiates. e.g., curl should use the -k option.
insecure = not spack.config.get('config:verify_ssl', True)
#: Whether spack should allow installation of unsafe versions of software. #: Whether spack should allow installation of unsafe versions of software.
#: "Unsafe" versions are ones it doesn't have a checksum for. #: "Unsafe" versions are ones it doesn't have a checksum for.
do_checksum = spack.config.get('config:checksum', True) do_checksum = spack.config.get('config:checksum', True)

49
lib/spack/spack/config.py
View file

@ -53,6 +53,8 @@
import os import os
import re import re
import sys import sys
import multiprocessing
from contextlib import contextmanager
from six import string_types from six import string_types
from six import iteritems from six import iteritems
@ -103,6 +105,17 @@
('user', spack.paths.user_config_path) ('user', spack.paths.user_config_path)
) )
#: Hard-coded default values for some key configuration options.
#: This ensures that Spack will still work even if config.yaml in
#: the defaults scope is removed.
config_defaults = {
'config': {
'verify_ssl': True,
'checksum': True,
'dirty': False,
'build_jobs': multiprocessing.cpu_count(),
}
}
#: metavar to use for commands that accept scopes #: metavar to use for commands that accept scopes
#: this is shorter and more readable than listing all choices #: this is shorter and more readable than listing all choices
@ -206,9 +219,14 @@ class InternalConfigScope(ConfigScope):
config file settings are accessed the same way, and Spack can easily config file settings are accessed the same way, and Spack can easily
override settings from files. override settings from files.
""" """
def __init__(self, name): def __init__(self, name, data=None):
self.name = name self.name = name
self.sections = syaml.syaml_dict() self.sections = syaml.syaml_dict()
if data:
for section in data:
dsec = data[section]
_validate_section({section: dsec}, section_schemas[section])
self.sections[section] = syaml.syaml_dict({section: dsec})
def get_section_filename(self, section): def get_section_filename(self, section):
raise NotImplementedError( raise NotImplementedError(
@ -363,7 +381,6 @@ def get_config(self, section, scope=None):
continue continue
if section not in data: if section not in data:
tty.warn("Skipping bad configuration file: '%s'" % scope.path)
continue continue
merged_section = _merge_yaml(merged_section, data) merged_section = _merge_yaml(merged_section, data)
@ -438,6 +455,21 @@ def print_section(self, section):
raise ConfigError("Error reading configuration: %s" % section) raise ConfigError("Error reading configuration: %s" % section)
@contextmanager
def override(path, value):
"""Simple way to override config settings within a context."""
overrides = InternalConfigScope('overrides')
cfg = config()
cfg.push_scope(overrides)
cfg.set(path, value, scope='overrides')
yield cfg
scope = cfg.pop_scope()
assert scope is overrides
def config(): def config():
"""Singleton Configuration instance. """Singleton Configuration instance.
@ -451,16 +483,19 @@ def config():
""" """
global _configuration global _configuration
if not _configuration: if not _configuration:
# Each scope can have per-platfom overrides in subdirectories of the _configuration = Configuration()
# configuration directory.
# first do the builtin, hardcoded defaults
defaults = InternalConfigScope('_builtin', config_defaults)
_configuration.push_scope(defaults)
# Each scope can have per-platfom overrides in subdirectories
platform = spack.architecture.platform().name platform = spack.architecture.platform().name
_configuration = Configuration() # add each scope and its platform-specific directory
for name, path in configuration_paths: for name, path in configuration_paths:
# add the regular scope
_configuration.push_scope(ConfigScope(name, path)) _configuration.push_scope(ConfigScope(name, path))
# add platform-specific scope
plat_name = '%s/%s' % (name, platform) plat_name = '%s/%s' % (name, platform)
plat_path = os.path.join(path, platform) plat_path = os.path.join(path, platform)
_configuration.push_scope(ConfigScope(plat_name, plat_path)) _configuration.push_scope(ConfigScope(plat_name, plat_path))

6
lib/spack/spack/fetch_strategy.py
View file

@ -244,7 +244,7 @@ def fetch(self):
self.url, self.url,
] ]
if spack.insecure: if not spack.config.get('config:verify_ssl'):
curl_args.append('-k') curl_args.append('-k')
if sys.stdout.isatty(): if sys.stdout.isatty():
@ -610,7 +610,7 @@ def git(self):
# If the user asked for insecure fetching, make that work # If the user asked for insecure fetching, make that work
# with git as well. # with git as well.
if spack.insecure: if not spack.config.get('config:verify_ssl'):
self._git.add_default_env('GIT_SSL_NO_VERIFY', 'true') self._git.add_default_env('GIT_SSL_NO_VERIFY', 'true')
return self._git return self._git
@ -899,7 +899,7 @@ def fetch(self):
args = ['clone'] args = ['clone']
if spack.insecure: if not spack.config.get('config:verify_ssl'):
args.append('--insecure') args.append('--insecure')
args.append(self.url) args.append(self.url)

3
lib/spack/spack/main.py
View file

@ -41,6 +41,7 @@
from llnl.util.tty.log import log_output from llnl.util.tty.log import log_output
import spack import spack
import spack.config
import spack.paths import spack.paths
from spack.error import SpackError from spack.error import SpackError
@ -357,7 +358,7 @@ def setup_main_options(args):
# If the user asked for it, don't check ssl certs. # If the user asked for it, don't check ssl certs.
if args.insecure: if args.insecure:
tty.warn("You asked for --insecure. Will NOT check SSL certificates.") tty.warn("You asked for --insecure. Will NOT check SSL certificates.")
spack.insecure = True spack.config.set('config:verify_ssl', False, scope='command_line')
# when to use color (takes always, auto, or never) # when to use color (takes always, auto, or never)
tty.color.set_color_when(args.color) tty.color.set_color_when(args.color)

39
lib/spack/spack/test/config.py
View file

@ -438,6 +438,45 @@ def test_internal_config_filename(config, write_config_file):
config.get_config_filename('command_line', 'config') config.get_config_filename('command_line', 'config')
def test_internal_config_from_data():
config = spack.config.Configuration()
# add an internal config initialized from an inline dict
config.push_scope(spack.config.InternalConfigScope('_builtin', {
'config': {
'verify_ssl': False,
'build_jobs': 6,
}
}))
assert config.get('config:verify_ssl', scope='_builtin') is False
assert config.get('config:build_jobs', scope='_builtin') == 6
assert config.get('config:verify_ssl') is False
assert config.get('config:build_jobs') == 6
# push one on top and see what happens.
config.push_scope(spack.config.InternalConfigScope('higher', {
'config': {
'checksum': True,
'verify_ssl': True,
}
}))
assert config.get('config:verify_ssl', scope='_builtin') is False
assert config.get('config:build_jobs', scope='_builtin') == 6
assert config.get('config:verify_ssl', scope='higher') is True
assert config.get('config:build_jobs', scope='higher') is None
assert config.get('config:verify_ssl') is True
assert config.get('config:build_jobs') == 6
assert config.get('config:checksum') is True
assert config.get('config:checksum', scope='_builtin') is None
assert config.get('config:checksum', scope='higher') is True
def test_keys_are_ordered(): def test_keys_are_ordered():
expected_order = ( expected_order = (

10
lib/spack/spack/test/git_fetch.py
View file

@ -25,8 +25,11 @@
import os import os
import pytest import pytest
import spack
from llnl.util.filesystem import working_dir, join_path, touch from llnl.util.filesystem import working_dir, join_path, touch
import spack
import spack.config
from spack.spec import Spec from spack.spec import Spec
from spack.version import ver from spack.version import ver
from spack.fetch_strategy import GitFetchStrategy from spack.fetch_strategy import GitFetchStrategy
@ -94,11 +97,8 @@ def test_fetch(type_of_test,
# Enter the stage directory and check some properties # Enter the stage directory and check some properties
with pkg.stage: with pkg.stage:
try: with spack.config.override('config:verify_ssl', secure):
spack.insecure = secure
pkg.do_stage() pkg.do_stage()
finally:
spack.insecure = False
with working_dir(pkg.stage.source_path): with working_dir(pkg.stage.source_path):
assert h('HEAD') == h(t.revision) assert h('HEAD') == h(t.revision)

10
lib/spack/spack/test/hg_fetch.py
View file

@ -25,8 +25,11 @@
import os import os
import pytest import pytest
import spack
from llnl.util.filesystem import working_dir, join_path, touch from llnl.util.filesystem import working_dir, join_path, touch
import spack
import spack.config
from spack.spec import Spec from spack.spec import Spec
from spack.version import ver from spack.version import ver
from spack.util.executable import which from spack.util.executable import which
@ -66,11 +69,8 @@ def test_fetch(
# Enter the stage directory and check some properties # Enter the stage directory and check some properties
with pkg.stage: with pkg.stage:
try: with spack.config.override('config:verify_ssl', secure):
spack.insecure = secure
pkg.do_stage() pkg.do_stage()
finally:
spack.insecure = False
with working_dir(pkg.stage.source_path): with working_dir(pkg.stage.source_path):
assert h() == t.revision assert h() == t.revision

10
lib/spack/spack/test/svn_fetch.py
View file

@ -25,8 +25,11 @@
import os import os
import pytest import pytest
import spack
from llnl.util.filesystem import join_path, touch, working_dir from llnl.util.filesystem import join_path, touch, working_dir
import spack
import spack.config
from spack.spec import Spec from spack.spec import Spec
from spack.version import ver from spack.version import ver
from spack.util.executable import which from spack.util.executable import which
@ -66,11 +69,8 @@ def test_fetch(
# Enter the stage directory and check some properties # Enter the stage directory and check some properties
with pkg.stage: with pkg.stage:
try: with spack.config.override('config:verify_ssl', secure):
spack.insecure = secure
pkg.do_stage() pkg.do_stage()
finally:
spack.insecure = False
with working_dir(pkg.stage.source_path): with working_dir(pkg.stage.source_path):
assert h() == t.revision assert h() == t.revision

6
lib/spack/spack/test/url_fetch.py
View file

@ -28,6 +28,7 @@
from llnl.util.filesystem import working_dir, is_exe from llnl.util.filesystem import working_dir, is_exe
import spack import spack
import spack.config
from spack.fetch_strategy import from_list_url, URLFetchStrategy from spack.fetch_strategy import from_list_url, URLFetchStrategy
from spack.spec import Spec from spack.spec import Spec
from spack.version import ver from spack.version import ver
@ -67,11 +68,8 @@ def test_fetch(
# Enter the stage directory and check some properties # Enter the stage directory and check some properties
with pkg.stage: with pkg.stage:
try: with spack.config.override('config:verify_ssl', secure):
spack.insecure = secure
pkg.do_stage() pkg.do_stage()
finally:
spack.insecure = False
with working_dir(pkg.stage.source_path): with working_dir(pkg.stage.source_path):
assert os.path.exists('configure') assert os.path.exists('configure')

21
lib/spack/spack/util/web.py
View file

@ -49,8 +49,12 @@ class HTMLParseError(Exception):
import llnl.util.tty as tty import llnl.util.tty as tty
import spack import spack.config
import spack.cmd
import spack.url
import spack.stage
import spack.error import spack.error
import spack.util.crypto
from spack.util.compression import ALLOWED_ARCHIVE_TYPES from spack.util.compression import ALLOWED_ARCHIVE_TYPES
@ -111,18 +115,19 @@ def _spider(url, visited, root, depth, max_depth, raise_on_error):
try: try:
context = None context = None
if sys.version_info < (2, 7, 9) or \ verify_ssl = spack.config.get('config:verify_ssl')
((3,) < sys.version_info < (3, 4, 3)): pyver = sys.version_info
if not spack.insecure: if (pyver < (2, 7, 9) or (3,) < pyver < (3, 4, 3)):
if verify_ssl:
tty.warn("Spack will not check SSL certificates. You need to " tty.warn("Spack will not check SSL certificates. You need to "
"update your Python to enable certificate " "update your Python to enable certificate "
"verification.") "verification.")
else: elif verify_ssl:
# We explicitly create default context to avoid error described in # We explicitly create default context to avoid error described in
# https://blog.sucuri.net/2016/03/beware-unverified-tls-certificates-php-python.html # https://blog.sucuri.net/2016/03/beware-unverified-tls-certificates-php-python.html
context = ssl._create_unverified_context() \ context = ssl.create_default_context()
if spack.insecure \ else:
else ssl.create_default_context() context = ssl._create_unverified_context()
# Make a HEAD request first to check the content type. This lets # Make a HEAD request first to check the content type. This lets
# us ignore tarballs and gigantic files. # us ignore tarballs and gigantic files.