Skip to content

Commit

Permalink
again
Browse files Browse the repository at this point in the history
  • Loading branch information
@beckermr
beckermr committed Mar 14, 2020
1 parent ac4eea2 commit 79351c1
Showing 1 changed file with 68 additions and 74 deletions.
142 changes: 68 additions & 74 deletions conda_smithy/feedstock_tokens.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -136,31 +136,28 @@ def feedstock_token_exists(user, project, token_repo):
exists = False
failed = False
err_msg = None
with tempfile.TemporaryDirectory() as tmpdir:
with open(os.devnull, "w") as fp, redirect_stdout(fp), redirect_stderr(
fp
):
try:
# clone the repo
_token_repo = (
token_repo.replace("$GITHUB_TOKEN", github_token)
.replace("${GITHUB_TOKEN}", github_token)
.replace("$GH_TOKEN", github_token)
.replace("${GH_TOKEN}", github_token)
)
git.Repo.clone_from(_token_repo, tmpdir, depth=1)
token_file = os.path.join(
tmpdir,
"tokens",
project.replace("-feedstock", "") + ".json",
)
with tempfile.TemporaryDirectory() as tmpdir, open(
os.devnull, "w"
) as fp, redirect_stdout(fp), redirect_stderr(fp):
try:
# clone the repo
_token_repo = (
token_repo.replace("$GITHUB_TOKEN", github_token)
.replace("${GITHUB_TOKEN}", github_token)
.replace("$GH_TOKEN", github_token)
.replace("${GH_TOKEN}", github_token)
)
git.Repo.clone_from(_token_repo, tmpdir, depth=1)
token_file = os.path.join(
tmpdir, "tokens", project.replace("-feedstock", "") + ".json",
)

if os.path.exists(token_file):
exists = True
except Exception as e:
if "DEBUG_FEEDSTOCK_TOKENS" in os.environ:
raise e
failed = True
if os.path.exists(token_file):
exists = True
except Exception as e:
if "DEBUG_FEEDSTOCK_TOKENS" in os.environ:
raise e
failed = True

if failed:
if err_msg:
Expand Down Expand Up @@ -201,59 +198,56 @@ def register_feedstock_token(user, project, token_repo):

# capture stdout, stderr and suppress all exceptions so we don't
# spill tokens
with tempfile.TemporaryDirectory() as tmpdir:
with open(os.devnull, "w") as fp, redirect_stdout(fp), redirect_stderr(
fp
):
try:
feedstock_token, err_msg = read_feedstock_token(user, project)
if err_msg:
failed = True
raise RuntimeError(err_msg)

# clone the repo
_token_repo = (
token_repo.replace("$GITHUB_TOKEN", github_token)
.replace("${GITHUB_TOKEN}", github_token)
.replace("$GH_TOKEN", github_token)
.replace("${GH_TOKEN}", github_token)
)
repo = git.Repo.clone_from(_token_repo, tmpdir, depth=1)
token_file = os.path.join(
tmpdir,
"tokens",
project.replace("-feedstock", "") + ".json",
)
with tempfile.TemporaryDirectory() as tmpdir, open(
os.devnull, "w"
) as fp, redirect_stdout(fp), redirect_stderr(fp):
try:
feedstock_token, err_msg = read_feedstock_token(user, project)
if err_msg:
failed = True
raise RuntimeError(err_msg)

# don't overwrite existing tokens
# check again since there might be a race condition
if os.path.exists(token_file):
failed = True
err_msg = "Token for repo %s/%s already exists!" % (
user,
project,
)
raise RuntimeError(err_msg)
# clone the repo
_token_repo = (
token_repo.replace("$GITHUB_TOKEN", github_token)
.replace("${GITHUB_TOKEN}", github_token)
.replace("$GH_TOKEN", github_token)
.replace("${GH_TOKEN}", github_token)
)
repo = git.Repo.clone_from(_token_repo, tmpdir, depth=1)
token_file = os.path.join(
tmpdir, "tokens", project.replace("-feedstock", "") + ".json",
)

# salt, encrypt and write
salt = os.urandom(64)
salted_token = scrypt.hash(feedstock_token, salt, buflen=256)
data = {
"salt": salt.hex(),
"hashed_token": salted_token.hex(),
}
with open(token_file, "w") as fp:
json.dump(data, fp)

# push
repo.index.add(token_file)
repo.index.commit("added token for %s/%s" % (user, project))
repo.remote().pull(rebase=True)
repo.remote().push()
except Exception as e:
if "DEBUG_FEEDSTOCK_TOKENS" in os.environ:
raise e
# don't overwrite existing tokens
# check again since there might be a race condition
if os.path.exists(token_file):
failed = True
err_msg = "Token for repo %s/%s already exists!" % (
user,
project,
)
raise RuntimeError(err_msg)

# salt, encrypt and write
salt = os.urandom(64)
salted_token = scrypt.hash(feedstock_token, salt, buflen=256)
data = {
"salt": salt.hex(),
"hashed_token": salted_token.hex(),
}
with open(token_file, "w") as fp:
json.dump(data, fp)

# push
repo.index.add(token_file)
repo.index.commit("added token for %s/%s" % (user, project))
repo.remote().pull(rebase=True)
repo.remote().push()
except Exception as e:
if "DEBUG_FEEDSTOCK_TOKENS" in os.environ:
raise e
failed = True
if failed:
if err_msg:
raise RuntimeError(err_msg)
Expand Down

0 comments on commit 79351c1

Please sign in to comment.