Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add more HOMEBREW_FORBIDDEN_* configuration #17037

Merged
merged 1 commit into from Apr 8, 2024
Merged

Add more HOMEBREW_FORBIDDEN_* configuration #17037

merged 1 commit into from Apr 8, 2024

Conversation

MikeMcQuaid
Copy link
Member

@MikeMcQuaid MikeMcQuaid commented Apr 5, 2024
edited

We already had HOMEBREW_FORBIDDEN_LICENSES but this PR adds HOMEBREW_FORBIDDEN_CASKS, HOMEBREW_FORBIDDEN_FORMULAE and HOMEBREW_FORBIDDEN_TAPS for also forbidding those.

Relatedly, add HOMEBREW_FORBIDDEN_OWNER and HOMEBREW_FORBIDDEN_OWNER_CONTACT to allow customising these messages.

There were no existing tests for HOMEBREW_FORBIDDEN_LICENSES so have added more tests for all of these checks.

@MikeMcQuaid MikeMcQuaid requested review from a team April 6, 2024 13:05
@apainintheneck
Copy link
Contributor

I assume this is related to https://github.com/Workbrew/ somehow since it seems like a few more configuration settings that would only be useful for security-conscious ops teams to toggle in a corporate environment. Could you maybe explain what types of problems you're trying to solve here with these new forbidden environment variables?

I took a quick glance at the code and I feel like the logic could probably be shared more between casks and formula which would make this more maintainable going forward.

@MikeMcQuaid
Copy link
Member Author

Could you maybe explain what types of problems you're trying to solve here with these new forbidden environment variables?

Essentially the same as HOMEBREW_FORBIDDEN_LICENSES: the ability to restrict installation of packages based on user, prefix or systemwide configuration.

I took a quick glance at the code and I feel like the logic could probably be shared more between casks and formula which would make this more maintainable going forward.

I'm actually not convinced. I did try this because, yes, the code looks similar, but the cask and formula logic (and formula/license/tap logic) ends up being just different enough that a shared abstraction here ends up having more conditionals and being harder to read.

If you have more specific requests or suggestions: I'd love to hear them.

@MikeMcQuaid
Copy link
Member Author

Autogenerated files check / autogenerated (pull_request) 🔴

Note: this is not relevant to this PR and is being fixed in #17045 (see context in #17038)

Bo98
Bo98 reviewed Apr 8, 2024
View reviewed changes
Library/Homebrew/cask/installer.rb Outdated Show resolved Hide resolved
Library/Homebrew/formula_installer.rb Outdated Show resolved Hide resolved
@Bo98
Copy link
Member

Bo98 commented Apr 8, 2024
edited

I'm actually not convinced. I did try this because, yes, the code looks similar, but the cask and formula logic (and formula/license/tap logic) ends up being just different enough that a shared abstraction here ends up having more conditionals and being harder to read.

Yeah cask and formula logic being separate makes sense. The general problem of formula/cask duplication something I hope to refactor at some point where time allows (not just the forbidden stuff).

Within the individual installers themselves, we could potentially refactor a little bit. E.g. we have this basic flow in all three formula installer checks:

unless ignore_deps?
  compute_dependencies.each do |(dep, _options)|
    yield dep
  end
end

return if only_deps?

yield formula

@Bo98
Copy link
Member

Bo98 commented Apr 8, 2024

For taps specifically, a tap allowlist probably makes more sense than a denylist.

@MikeMcQuaid
Copy link
Member Author

For taps specifically, a tap allowlist probably makes more sense than a denylist.

@Bo98 I think we'll want to have both (and they'll be able to share some logic).

I'd rather hold off adding a allowlist for now (at least in this PR) but 👍🏻 to doing so in future.

@MikeMcQuaid MikeMcQuaid requested a review from Bo98 April 8, 2024 13:46
@MikeMcQuaid @Bo98
Add more HOMEBREW_FORBIDDEN_* configuration
1474806 
We already had `HOMEBREW_FORBIDDEN_LICENSES` but this commit adds
`HOMEBREW_FORBIDDEN_CASKS`, `HOMEBREW_FORBIDDEN_FORMULAE` and
`HOMEBREW_FORBIDDEN_TAPS` for also forbidding those.

Relatedly, add `HOMEBREW_FORBIDDEN_OWNER` and
`HOMEBREW_FORBIDDEN_OWNER_CONTACT` to allow customising these
messages.

There were no existing tests for `HOMEBREW_FORBIDDEN_LICENSES` so have
added more tests for all of these checks.

Co-authored-by: Bo Anderson <mail@boanderson.me>
p-linnane
p-linnane approved these changes Apr 8, 2024
View reviewed changes
Copy link
Member

@p-linnane p-linnane left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Makes sense to me. It's good to have this level of granular control.

@MikeMcQuaid MikeMcQuaid merged commit 3c910b9 into master Apr 8, 2024
26 checks passed
@MikeMcQuaid MikeMcQuaid deleted the more_forbidden branch April 8, 2024 16:33
apainintheneck
apainintheneck reviewed Apr 9, 2024
View reviewed changes
Library/Homebrew/cask/installer.rb
Comment on lines +579 to +587
forbidden_taps = Homebrew::EnvConfig.forbidden_taps
return if forbidden_taps.blank?

forbidden_taps_set = Set.new(forbidden_taps.split.filter_map do |tap|
Tap.fetch(tap)
rescue Tap::InvalidNameError
opoo "Invalid tap name in `HOMEBREW_FORBIDDEN_TAPS`: #{tap}"
nil
end)
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

In terms of logic that could be shared between casks and formulae right now, this bit could be moved to a Tap.forbidden method or something similar.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It would also be possible to have method that takes a list of casks or formulae and returns the first invalid one by tap, cask, formula or license.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

In terms of logic that could be shared between casks and formulae right now, this bit could be moved to a Tap.forbidden method or something similar.

Could be but feels overkill on Rule Of 3: https://en.wikipedia.org/wiki/Rule_of_three_(computer_programming)

It would also be possible to have method that takes a list of casks or formulae and returns the first invalid one by tap, cask, formula or license.

It would be possible but I'm not convinced it would be more readable.

Library/Homebrew/cask/installer.rb
Comment on lines +622 to +623
forbidden_formulae = Set.new(Homebrew::EnvConfig.forbidden_formulae.to_s.split)
forbidden_casks = Set.new(Homebrew::EnvConfig.forbidden_casks.to_s.split)
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nit: This logic could potentially exist in Homebrew::EnvConfig too.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I prefer to keep logic out of EnvConfig when possible.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@apainintheneck apainintheneck apainintheneck left review comments

@p-linnane p-linnane p-linnane approved these changes

@carlocab carlocab Awaiting requested review from carlocab

@Bo98 Bo98 Awaiting requested review from Bo98

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
4 participants
@MikeMcQuaid @apainintheneck @Bo98 @p-linnane