Skip to content
This repository was archived by the owner on Jul 30, 2024. It is now read-only.

Commit 5b7c001

Browse files
authored
Merge pull request #455 from NuGet/dev
[ReleasePrep][2018.05.30]RI of dev into master
2 parents e8d3b10 + 766497b commit 5b7c001

44 files changed

Lines changed: 2657 additions & 658 deletions

File tree

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

src/NuGet.Services.Validation.Orchestrator/IValidationOutcomeProcessor.cs

Lines changed: 3 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -19,7 +19,9 @@ public interface IValidationOutcomeProcessor
1919
/// </summary>
2020
/// <param name="validationSet">Current state of validation set</param>
2121
/// <param name="package">Package information from Gallery DB</param>
22+
/// <param name="currentCallStats">Contains information about what happened during current message processing in
23+
/// the validation set processor.</param>
2224
/// <returns>A task that completes when the outcome has been processed</returns>
23-
Task ProcessValidationOutcomeAsync(PackageValidationSet validationSet, Package package);
25+
Task ProcessValidationOutcomeAsync(PackageValidationSet validationSet, Package package, ValidationSetProcessorResult currentCallStats);
2426
}
2527
}

src/NuGet.Services.Validation.Orchestrator/IValidationSetProcessor.cs

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -17,7 +17,7 @@ public interface IValidationSetProcessor
1717
/// </summary>
1818
/// <param name="validationSet">Validation set to work with. Any validation updates would be reflected in that object upon return.</param>
1919
/// <param name="package">Gallery DB package information</param>
20-
/// <returns>Task object representing async operation</returns>
21-
Task ProcessValidationsAsync(PackageValidationSet validationSet, Package package);
20+
/// <returns>Information about what happened during processing of the message.</returns>
21+
Task<ValidationSetProcessorResult> ProcessValidationsAsync(PackageValidationSet validationSet, Package package);
2222
}
2323
}

src/NuGet.Services.Validation.Orchestrator/Job.cs

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -159,6 +159,7 @@ private void ConfigureJobServices(IServiceCollection services, IConfigurationRoo
159159
services.Configure<SmtpConfiguration>(configurationRoot.GetSection(SmtpConfigurationSectionName));
160160
services.Configure<EmailConfiguration>(configurationRoot.GetSection(EmailConfigurationSectionName));
161161
services.Configure<ScanAndSignConfiguration>(configurationRoot.GetSection(ScanAndSignSectionName));
162+
services.Configure<ScanAndSignEnqueuerConfiguration>(configurationRoot.GetSection(ScanAndSignSectionName));
162163

163164
services.AddTransient<ConfigurationValidator>();
164165
services.AddTransient<OrchestrationRunner>();

src/NuGet.Services.Validation.Orchestrator/NuGet.Services.Validation.Orchestrator.csproj

Lines changed: 1 addition & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -67,9 +67,7 @@
6767
<Compile Include="PackageSigning\ProcessSignature\PackageSignatureProcessor.cs" />
6868
<Compile Include="PackageSigning\ProcessSignature\ProcessSignatureConfiguration.cs" />
6969
<Compile Include="PackageSigning\ProcessSignature\ProcessSignatureEnqueuer.cs" />
70-
<Compile Include="PackageSigning\ScanAndSign\IScanAndSignEnqueuer.cs" />
7170
<Compile Include="PackageSigning\ScanAndSign\ScanAndSignConfiguration.cs" />
72-
<Compile Include="PackageSigning\ScanAndSign\ScanAndSignEnqueuer.cs" />
7371
<Compile Include="PackageSigning\ScanAndSign\ScanAndSignProcessor.cs" />
7472
<Compile Include="PackageSigning\ValidateCertificate\IValidateCertificateEnqueuer.cs" />
7573
<Compile Include="PackageSigning\ValidateCertificate\PackageCertificatesValidator.cs" />
@@ -88,6 +86,7 @@
8886
<Compile Include="Configuration\ValidationConfigurationItem.cs" />
8987
<Compile Include="ValidationFailureBehavior.cs" />
9088
<Compile Include="ValidationPackageFileService.cs" />
89+
<Compile Include="ValidationSetProcessorResult.cs" />
9190
<Compile Include="Vcs\IPackageCriteria.cs" />
9291
<Compile Include="Vcs\IPackageCriteriaEvaluator.cs" />
9392
<Compile Include="Vcs\PackageCriteriaEvaluator.cs" />

src/NuGet.Services.Validation.Orchestrator/PackageSigning/ProcessSignature/PackageSignatureValidator.cs

Lines changed: 33 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -5,9 +5,11 @@
55
using System.Linq;
66
using System.Threading.Tasks;
77
using Microsoft.Extensions.Logging;
8+
using Microsoft.Extensions.Options;
89
using NuGet.Jobs.Validation;
910
using NuGet.Jobs.Validation.PackageSigning.Storage;
1011
using NuGet.Jobs.Validation.Storage;
12+
using NuGet.Services.Validation.Orchestrator.PackageSigning.ScanAndSign;
1113
using NuGet.Services.Validation.Orchestrator.Telemetry;
1214

1315
namespace NuGet.Services.Validation.PackageSigning.ProcessSignature
@@ -22,13 +24,15 @@ public class PackageSignatureValidator : BaseSignatureProcessor, IValidator
2224
private readonly IValidatorStateService _validatorStateService;
2325
private readonly IProcessSignatureEnqueuer _signatureVerificationEnqueuer;
2426
private readonly ISimpleCloudBlobProvider _blobProvider;
27+
private readonly ScanAndSignConfiguration _config;
2528
private readonly ITelemetryService _telemetryService;
2629
private readonly ILogger<PackageSignatureValidator> _logger;
2730

2831
public PackageSignatureValidator(
2932
IValidatorStateService validatorStateService,
3033
IProcessSignatureEnqueuer signatureVerificationEnqueuer,
3134
ISimpleCloudBlobProvider blobProvider,
35+
IOptionsSnapshot<ScanAndSignConfiguration> configAccessor,
3236
ITelemetryService telemetryService,
3337
ILogger<PackageSignatureValidator> logger)
3438
: base(validatorStateService, signatureVerificationEnqueuer, blobProvider, telemetryService, logger)
@@ -38,6 +42,13 @@ public PackageSignatureValidator(
3842
_blobProvider = blobProvider ?? throw new ArgumentNullException(nameof(blobProvider));
3943
_telemetryService = telemetryService ?? throw new ArgumentNullException(nameof(telemetryService));
4044
_logger = logger ?? throw new ArgumentNullException(nameof(logger));
45+
46+
if (configAccessor?.Value == null)
47+
{
48+
throw new ArgumentException($"{nameof(ScanAndSignConfiguration)} is required", nameof(configAccessor));
49+
}
50+
51+
_config = configAccessor.Value;
4152
}
4253

4354
/// <summary>
@@ -66,14 +77,29 @@ private IValidationResult Validate(IValidationResult result)
6677
/// All signature validation issues should be caught and handled by the processor.
6778
if (result.Status == ValidationStatus.Failed || result.NupkgUrl != null)
6879
{
69-
_logger.LogCritical(
70-
"Unexpected validation result in package signature validator. This may be caused by an invalid repository " +
71-
"signature. Status = {ValidationStatus}, Nupkg URL = {NupkgUrl}, validation issues = {Issues}",
72-
result.Status,
73-
result.NupkgUrl,
74-
result.Issues.Select(i => i.IssueCode));
80+
if (_config.RepositorySigningEnabled)
81+
{
82+
_logger.LogCritical(
83+
"Unexpected validation result in package signature validator. This may be caused by an invalid repository " +
84+
"signature. Throwing an exception to force this validation to dead-letter. " +
85+
"Status = {ValidationStatus}, Nupkg URL = {NupkgUrl}, validation issues = {Issues}",
86+
result.Status,
87+
result.NupkgUrl,
88+
result.Issues.Select(i => i.IssueCode));
89+
90+
throw new InvalidOperationException("Package signature validator has an unexpected validation result");
91+
}
92+
else
93+
{
94+
_logger.LogInformation(
95+
"Ignoring invalid validation result in package signature validator as repository signing is disabled. " +
96+
"Status = {ValidationStatus}, Nupkg URL = {NupkgUrl}, validation issues = {Issues}",
97+
result.Status,
98+
result.NupkgUrl,
99+
result.Issues.Select(i => i.IssueCode));
75100

76-
throw new InvalidOperationException("Package signature validator has an unexpected validation result");
101+
return ValidationResult.Succeeded;
102+
}
77103
}
78104

79105
/// Suppress all validation issues. The <see cref="PackageSignatureProcessor"/> should

src/NuGet.Services.Validation.Orchestrator/PackageSigning/ScanAndSign/IScanAndSignEnqueuer.cs

Lines changed: 0 additions & 17 deletions
This file was deleted.

src/NuGet.Services.Validation.Orchestrator/PackageSigning/ScanAndSign/ScanAndSignConfiguration.cs

Lines changed: 13 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -1,8 +1,8 @@
11
// Copyright (c) .NET Foundation. All rights reserved.
22
// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
33

4-
using System;
54
using NuGet.Jobs.Configuration;
5+
using NuGet.Services.Validation.Vcs;
66

77
namespace NuGet.Services.Validation.Orchestrator.PackageSigning.ScanAndSign
88
{
@@ -14,8 +14,18 @@ public class ScanAndSignConfiguration
1414
public ServiceBusConfiguration ServiceBus { get; set; }
1515

1616
/// <summary>
17-
/// The visibility delay to apply to Service Bus messages requesting a new validation.
17+
/// The criteria used to determine if a package should be submitted scanning.
1818
/// </summary>
19-
public TimeSpan? MessageDelay { get; set; }
19+
public PackageCriteria PackageCriteria { get; set; } = new PackageCriteria();
20+
21+
/// <summary>
22+
/// If true, packages with no repository signatures will be repository signed.
23+
/// </summary>
24+
public bool RepositorySigningEnabled { get; set; }
25+
26+
/// <summary>
27+
/// The service index URL that should be stamped on repository signatures.
28+
/// </summary>
29+
public string V3ServiceIndexUrl { get; set; }
2030
}
2131
}

src/NuGet.Services.Validation.Orchestrator/PackageSigning/ScanAndSign/ScanAndSignEnqueuer.cs

Lines changed: 0 additions & 55 deletions
This file was deleted.

0 commit comments

Comments
 (0)