Add new boolean property anchor_package_regex to resource apt_package resource #13873
Conversation
neha-p6
changed the title
neha-p6
force-pushed
the
neha-p6/apt_pkg_query
branch
from
8eb97a9
to
2a1cb47
Compare
neha-p6
changed the title
jaymzh
added
the
Status: Waiting on Contributor
neha-p6
changed the title
neha-p6
force-pushed
the
neha-p6/apt_pkg_query
branch
from
2a1cb47
to
c8b5be4
Compare
neha-p6
force-pushed
the
neha-p6/apt_pkg_query
branch
from
c8b5be4
to
649c024
Compare
…ge. For apt-cache command the name of the package is searched as a regex due to which it tries to implicitly install all the packages whose name would contain the passed name string as a substring. This causes issues for people which who not want this to happen. Hence we add this new property, which will be false by default for backword compatibility. Users can set it to true in their recipe if they want the package name to be exactly matched instead * Add documentation changes for apt_package resource Signed-off-by: Neha Pansare <neha.pansare@progress.com>
neha-p6
force-pushed
the
neha-p6/apt_pkg_query
branch
from
649c024
to
782b344
Compare
|
Kudos, SonarCloud Quality Gate passed!
|
| @@ -75,6 +90,10 @@ class AptPackage < Chef::Resource::Package | |||
| description: "A Hash of response file variables in the form of {'VARIABLE' => 'VALUE'}.", | |||
| default: {}, desired_state: false | |||
|
|
|||
| property :anchor_package_regex, [TrueClass, FalseClass], | |||
| introduced: "18.3", | |||
| description: "A Boolean flag that allows (`false`) or prevents (`true`) apt_package from matching the named package with packages by regular expression if it can't find a package with the exact same name.", | |||
There was a problem hiding this comment.
| description: "A Boolean flag that allows (`false`) or prevents (`true`) apt_package from matching the named package with packages by regular expression if it can't find a package with the exact same name.", | |
| description: "A Boolean flag that wraps a package name in regex anchors to help prevent `apt_package` from installing packages with similar names.", |
There was a problem hiding this comment.
How does this prevent this? What do true and false do?
There was a problem hiding this comment.
Because the regex anchors specify that the regex pattern must include the entire package name.
There was a problem hiding this comment.
The larger description above provides lots of other context. But anything treated like a regular expression means it'll match substrings, so "apache" which would match "apache-mycoolthing" or whatever. This is the short-description, suggestions welcome
There was a problem hiding this comment.
This PR was merged with this change as well, and the description is not accurate as it stands. It claims it's not a regex anymore, but it still is, it's just an anchored one. If someone passes in foo.*bar that'll still work.
What's wrong with it? |
@IanMadd Their suggestions |
|
@IanMadd Just wanted to follow up on this PR. Is there anything pending from documentation perspective on this PR? @johnmccrae |
| If it can't find a package with the exact same name, it will treat the package name as regex string and match with any package that matches that regex. | ||
| This may lead Chef Infra Client to install one or more packages with names that match that regex. |
There was a problem hiding this comment.
https://developers.google.com/style/word-list#regex
| If it can't find a package with the exact same name, it will treat the package name as regex string and match with any package that matches that regex. | |
| This may lead Chef Infra Client to install one or more packages with names that match that regex. | |
| If it can't find a package with the exact same name, it will treat the package name as regular expression string and match with any package that matches that regular expression. | |
| This may lead Chef Infra Client to install one or more packages with names that match that regular expression. |
There was a problem hiding this comment.
This pr was merged without this change. Addressing that in a separate pr #13991
Signed-off-by: John McCrae <john.mccrae@progress.com>
Signed-off-by: John McCrae <john.mccrae@progress.com>
|
Kudos, SonarCloud Quality Gate passed!
|
|
Had to add a last minute gem update and rebase to get the PR to pull in the correct versions of some things. The error in the unit test is known and will be forward-ported from chef-17. #13926 |
Description
Add new boolean property
anchor_package_regexto resourceapt_package.For
apt-cachecommand the name of the package is searched as a regex due to which it tries to implicitly install all the packages whose name would contain the passed name string as a substring.This causes issues for people which who not want this to happen. Hence we add this new property, which will be
falseby default for backward compatibility. Users can set it totruein their recipe if they want the package name to be exactly matched instead. (i.e anchored with^...$)Documentation pr chef/chef-web-docs#4156
Related Issue
#12944
Types of changes
Checklist: