New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add new boolean property anchor_package_regex to resource apt_package resource #13873
Conversation
8eb97a9
to
2a1cb47
Compare
2a1cb47
to
c8b5be4
Compare
c8b5be4
to
649c024
Compare
…ge. For apt-cache command the name of the package is searched as a regex due to which it tries to implicitly install all the packages whose name would contain the passed name string as a substring. This causes issues for people which who not want this to happen. Hence we add this new property, which will be false by default for backword compatibility. Users can set it to true in their recipe if they want the package name to be exactly matched instead * Add documentation changes for apt_package resource Signed-off-by: Neha Pansare <neha.pansare@progress.com>
649c024
to
782b344
Compare
Kudos, SonarCloud Quality Gate passed! 0 Bugs No Coverage information |
@@ -75,6 +90,10 @@ class AptPackage < Chef::Resource::Package | |||
description: "A Hash of response file variables in the form of {'VARIABLE' => 'VALUE'}.", | |||
default: {}, desired_state: false | |||
|
|||
property :anchor_package_regex, [TrueClass, FalseClass], | |||
introduced: "18.3", | |||
description: "A Boolean flag that allows (`false`) or prevents (`true`) apt_package from matching the named package with packages by regular expression if it can't find a package with the exact same name.", |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
description: "A Boolean flag that allows (`false`) or prevents (`true`) apt_package from matching the named package with packages by regular expression if it can't find a package with the exact same name.", | |
description: "A Boolean flag that wraps a package name in regex anchors to help prevent `apt_package` from installing packages with similar names.", |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
How does this prevent this? What do true and false do?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Because the regex anchors specify that the regex pattern must include the entire package name.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The larger description above provides lots of other context. But anything treated like a regular expression means it'll match substrings, so "apache" which would match "apache-mycoolthing" or whatever. This is the short-description, suggestions welcome
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This PR was merged with this change as well, and the description is not accurate as it stands. It claims it's not a regex anymore, but it still is, it's just an anchored one. If someone passes in foo.*bar that'll still work.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Code is all great now - but the documentation was misleading, requested some changes.
What's wrong with it? |
@IanMadd Their suggestions |
@IanMadd Just wanted to follow up on this PR. Is there anything pending from documentation perspective on this PR? @johnmccrae |
If it can't find a package with the exact same name, it will treat the package name as regex string and match with any package that matches that regex. | ||
This may lead Chef Infra Client to install one or more packages with names that match that regex. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
https://developers.google.com/style/word-list#regex
If it can't find a package with the exact same name, it will treat the package name as regex string and match with any package that matches that regex. | |
This may lead Chef Infra Client to install one or more packages with names that match that regex. | |
If it can't find a package with the exact same name, it will treat the package name as regular expression string and match with any package that matches that regular expression. | |
This may lead Chef Infra Client to install one or more packages with names that match that regular expression. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This pr was merged without this change. Addressing that in a separate pr #13991
Signed-off-by: John McCrae <john.mccrae@progress.com>
Signed-off-by: John McCrae <john.mccrae@progress.com>
Kudos, SonarCloud Quality Gate passed! 0 Bugs No Coverage information |
Had to add a last minute gem update and rebase to get the PR to pull in the correct versions of some things. The error in the unit test is known and will be forward-ported from chef-17. #13926 |
Description
Add new boolean property
anchor_package_regex
to resourceapt_package
.For
apt-cache
command the name of the package is searched as a regex due to which it tries to implicitly install all the packages whose name would contain the passed name string as a substring.This causes issues for people which who not want this to happen. Hence we add this new property, which will be
false
by default for backward compatibility. Users can set it totrue
in their recipe if they want the package name to be exactly matched instead. (i.e anchored with^...$
)Documentation pr chef/chef-web-docs#4156
Related Issue
#12944
Types of changes
Checklist: