From 9b0c4942bfa942ea33c91d0428964e89b2a9aa98 Mon Sep 17 00:00:00 2001
From: rfaircloth-splunk <rfaircloth@splunk.com>
Date: Sat, 12 Jun 2021 07:55:07 -0400
Subject: [PATCH] feat: Improve pip packaging

Address several issues with vendoring python deps caused by newer versions of pip
* Ensure pip bootstrap components are not included in the package
* Remove dual py2/py3 suport
* Ensure no lib object has +x
---
 splunk_add_on_ucc_framework/__init__.py | 43 +++++++++++++++----------
 1 file changed, 26 insertions(+), 17 deletions(-)

diff --git a/splunk_add_on_ucc_framework/__init__.py b/splunk_add_on_ucc_framework/__init__.py
index 20c07c1a7..c7a5a761d 100644
--- a/splunk_add_on_ucc_framework/__init__.py
+++ b/splunk_add_on_ucc_framework/__init__.py
@@ -26,6 +26,9 @@
 import argparse
 import json
 from defusedxml import cElementTree as defused_et
+from pathlib import Path
+import stat
+
 from .uccrestbuilder.global_config import (
     GlobalConfigBuilderSchema,
     GlobalConfigPostProcessor,
@@ -299,23 +302,29 @@ def _install_libs(requirements, ucc_target, installer="python3"):
     else:
         logging.info(f"  Not using common requirements")    
 
-    if os.path.exists(os.path.join(path,"lib","py2", "requirements.txt")):
-        logging.info(f"  Uses py2 requirements")    
-        _install_libs(requirements=os.path.join(path,"lib","py2", "requirements.txt"), installer="python2", ucc_target=os.path.join(ucc_lib_target, "py2"))
-    elif os.path.exists(os.path.join(os.path.abspath(os.path.join(path, os.pardir)), "requirements_py2.txt")):
-        logging.info(f"  Uses py2 requirements")    
-        _install_libs(requirements=os.path.join(os.path.abspath(os.path.join(path, os.pardir)), "requirements_py2.txt"), installer="python2", ucc_target=os.path.join(ucc_lib_target, "py2"))        
-    else:
-        logging.info(f"  Not using py2 requirements")    
-
-    if os.path.exists(os.path.join(path, "lib","py3","requirements.txt")):
-        logging.info(f"  Uses py3 requirements")            
-        _install_libs(requirements=os.path.join(path,"lib", "py3","requirements.txt"), ucc_target=os.path.join(ucc_lib_target, "py3"))
-    elif os.path.exists(os.path.join(os.path.abspath(os.path.join(path, os.pardir)), "requirements_py3.txt")):
-        logging.info(f"  Uses py3 requirements")    
-        _install_libs(requirements=os.path.join(os.path.abspath(os.path.join(path, os.pardir)), "requirements_py3.txt"), installer="python3", ucc_target=os.path.join(ucc_lib_target, "py2"))        
-    else:
-        logging.info(f"  Not using py3 requirements")    
+
+    #Prevent certain packages from being included pip could be dangerous others are just wasted space
+    noshipdirs = ['setuptools', 'bin', 'pip', 'distribute', 'wheel']
+    p = Path(ucc_lib_target)
+    try:
+        for nsd in noshipdirs:
+            for o in p.glob(nsd + '*'):
+                if o.is_dir():
+                    shutil.rmtree(o)
+    except FileNotFoundError:
+        pass
+
+    #Remove execute bit from any object in lib
+    NO_USER_EXEC = ~stat.S_IEXEC
+    NO_GROUP_EXEC = ~stat.S_IXGRP
+    NO_OTHER_EXEC = ~stat.S_IXOTH
+    NO_EXEC = NO_USER_EXEC & NO_GROUP_EXEC & NO_OTHER_EXEC
+
+    for o in p.rglob("*"):
+        if not o.is_dir() and os.access(o, os.X_OK):
+            logging.info(f"  fixing {o} execute bit")   
+            current_permissions = stat.S_IMODE(os.lstat(o).st_mode)
+            os.chmod(o, current_permissions & NO_EXEC)
 
 
 def remove_files(path):