Merge pull request #511 from NuGet/dev

[ReleasePrep][2018.08.02]RI of dev into master

Author: loic-sharma

NuGet.Jobs.sln

@@ -149,6 +149,8 @@ Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "Validation.Symbols", "src\V
 EndProject
 Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "Validation.Symbols.Tests", "tests\Validation.Symbols.Tests\Validation.Symbols.Tests.csproj", "{640D29AB-4D1B-4FC7-AE67-AD12EE5AC503}"
 EndProject
+Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "Validation.Symbols.Core.Tests", "tests\Validation.Symbols.Core.Tests\Validation.Symbols.Core.Tests.csproj", "{9ED642DF-4623-4EB2-8B72-52C6489BF9D6}"
+EndProject
 Global
 	GlobalSection(SolutionConfigurationPlatforms) = preSolution
 		Debug|Any CPU = Debug|Any CPU
@@ -393,6 +395,10 @@ Global
 		{640D29AB-4D1B-4FC7-AE67-AD12EE5AC503}.Debug|Any CPU.Build.0 = Debug|Any CPU
 		{640D29AB-4D1B-4FC7-AE67-AD12EE5AC503}.Release|Any CPU.ActiveCfg = Release|Any CPU
 		{640D29AB-4D1B-4FC7-AE67-AD12EE5AC503}.Release|Any CPU.Build.0 = Release|Any CPU
+		{9ED642DF-4623-4EB2-8B72-52C6489BF9D6}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
+		{9ED642DF-4623-4EB2-8B72-52C6489BF9D6}.Debug|Any CPU.Build.0 = Debug|Any CPU
+		{9ED642DF-4623-4EB2-8B72-52C6489BF9D6}.Release|Any CPU.ActiveCfg = Release|Any CPU
+		{9ED642DF-4623-4EB2-8B72-52C6489BF9D6}.Release|Any CPU.Build.0 = Release|Any CPU
 	EndGlobalSection
 	GlobalSection(SolutionProperties) = preSolution
 		HideSolutionNode = FALSE
@@ -457,6 +463,7 @@ Global
 		{21C0A0EE-8696-4013-950F-D6495D0C6E40} = {6A776396-02B1-475D-A104-26940ADB04AB}
 		{2DD07A73-8C88-4429-BB24-C2813586EF92} = {678D7B14-F8BC-4193-99AF-2EE8AA390A02}
 		{640D29AB-4D1B-4FC7-AE67-AD12EE5AC503} = {6A776396-02B1-475D-A104-26940ADB04AB}
+		{9ED642DF-4623-4EB2-8B72-52C6489BF9D6} = {6A776396-02B1-475D-A104-26940ADB04AB}
 	EndGlobalSection
 	GlobalSection(ExtensibilityGlobals) = postSolution
 		SolutionGuid = {284A7AC3-FB43-4F1F-9C9C-2AF0E1F46C2B}

src/NuGet.Services.Validation.Orchestrator/NuGet.Services.Validation.Orchestrator.csproj

@@ -57,8 +57,11 @@
     <Compile Include="IPackageStatusProcessor.cs" />
     <Compile Include="Symbols\ISymbolsMessageEnqueuer.cs" />
     <Compile Include="Symbols\SymbolsMessageEnqueuer.cs" />
+    <Compile Include="Symbols\SymbolsIngesterConfiguration.cs" />
+    <Compile Include="Symbols\SymbolsIngester.cs" />
     <Compile Include="Symbols\SymbolsValidator.cs" />
     <Compile Include="Symbols\SymbolsValidationConfiguration.cs" />
+    <Compile Include="UsernameHelper.cs" />
     <Compile Include="ValidatingEntitites\IValidatingEntity.cs" />
     <Compile Include="IValidationOutcomeProcessor.cs" />
     <Compile Include="IValidationPackageFileService.cs" />

src/NuGet.Services.Validation.Orchestrator/PackageSigning/ProcessSignature/BaseSignatureProcessor.cs

@@ -4,7 +4,6 @@
 using System;
 using System.Threading.Tasks;
 using Microsoft.Extensions.Logging;
-using NuGet.Jobs.Validation;
 using NuGet.Jobs.Validation.Storage;
 using NuGet.Services.Validation.Orchestrator.Telemetry;
 

src/NuGet.Services.Validation.Orchestrator/PackageSigning/ProcessSignature/PackageSignatureValidator.cs

@@ -8,8 +8,10 @@
 using Microsoft.Extensions.Options;
 using NuGet.Jobs.Validation;
 using NuGet.Jobs.Validation.Storage;
+using NuGet.Services.Validation.Orchestrator;
 using NuGet.Services.Validation.Orchestrator.PackageSigning.ScanAndSign;
 using NuGet.Services.Validation.Orchestrator.Telemetry;
+using NuGetGallery;
 
 namespace NuGet.Services.Validation.PackageSigning.ProcessSignature
 {
@@ -23,6 +25,7 @@ public class PackageSignatureValidator : BaseSignatureProcessor, IValidator
         private readonly IValidatorStateService _validatorStateService;
         private readonly IProcessSignatureEnqueuer _signatureVerificationEnqueuer;
         private readonly ISimpleCloudBlobProvider _blobProvider;
+        private readonly ICorePackageService _packages;
         private readonly ScanAndSignConfiguration _config;
         private readonly ITelemetryService _telemetryService;
         private readonly ILogger<PackageSignatureValidator> _logger;
@@ -31,6 +34,7 @@ public PackageSignatureValidator(
             IValidatorStateService validatorStateService,
             IProcessSignatureEnqueuer signatureVerificationEnqueuer,
             ISimpleCloudBlobProvider blobProvider,
+            ICorePackageService packages,
             IOptionsSnapshot<ScanAndSignConfiguration> configAccessor,
             ITelemetryService telemetryService,
             ILogger<PackageSignatureValidator> logger)
@@ -39,6 +43,7 @@ public PackageSignatureValidator(
             _validatorStateService = validatorStateService ?? throw new ArgumentNullException(nameof(validatorStateService));
             _signatureVerificationEnqueuer = signatureVerificationEnqueuer ?? throw new ArgumentNullException(nameof(signatureVerificationEnqueuer));
             _blobProvider = blobProvider ?? throw new ArgumentNullException(nameof(blobProvider));
+            _packages = packages ?? throw new ArgumentNullException(nameof(packages));
             _telemetryService = telemetryService ?? throw new ArgumentNullException(nameof(telemetryService));
             _logger = logger ?? throw new ArgumentNullException(nameof(logger));
 
@@ -60,45 +65,57 @@ public override async Task<IValidationResult> GetResultAsync(IValidationRequest
         {
             var result = await base.GetResultAsync(request);
 
-            return Validate(result);
+            return Validate(request, result);
         }
 
         public override async Task<IValidationResult> StartAsync(IValidationRequest request)
         {
             var result = await base.StartAsync(request);
 
-            return Validate(result);
+            return Validate(request, result);
         }
 
-        private IValidationResult Validate(IValidationResult result)
+        private IValidationResult Validate(IValidationRequest request, IValidationResult result)
         {
             /// The package signature validator runs after the <see cref="PackageSignatureProcessor" />.
             /// All signature validation issues should be caught and handled by the processor.
             if (result.Status == ValidationStatus.Failed || result.NupkgUrl != null)
             {
-                if (_config.RepositorySigningEnabled)
+                if (!_config.RepositorySigningEnabled)
                 {
-                    _logger.LogCritical(
-                        "Unexpected validation result in package signature validator. This may be caused by an invalid repository " +
-                        "signature. Throwing an exception to force this validation to dead-letter. " +
+                    _logger.LogInformation(
+                        "Ignoring invalid validation result in package signature validator as repository signing is disabled. " +
                         "Status = {ValidationStatus}, Nupkg URL = {NupkgUrl}, validation issues = {Issues}",
                         result.Status,
                         result.NupkgUrl,
                         result.Issues.Select(i => i.IssueCode));
 
-                    throw new InvalidOperationException("Package signature validator has an unexpected validation result");
+                    return ValidationResult.Succeeded;
                 }
-                else
+
+                // TODO: Remove this.
+                // See: https://github.com/NuGet/Engineering/issues/1592
+                if (HasOwnerWithInvalidUsername(request))
                 {
-                    _logger.LogInformation(
-                        "Ignoring invalid validation result in package signature validator as repository signing is disabled. " +
+                    _logger.LogWarning(
+                        "Ignoring invalid validation result in package signature validator as the package has an owner with an invalid username. " +
                         "Status = {ValidationStatus}, Nupkg URL = {NupkgUrl}, validation issues = {Issues}",
                         result.Status,
                         result.NupkgUrl,
                         result.Issues.Select(i => i.IssueCode));
 
                     return ValidationResult.Succeeded;
                 }
+
+                _logger.LogCritical(
+                    "Unexpected validation result in package signature validator. This may be caused by an invalid repository " +
+                    "signature. Throwing an exception to force this validation to dead-letter. " +
+                    "Status = {ValidationStatus}, Nupkg URL = {NupkgUrl}, validation issues = {Issues}",
+                    result.Status,
+                    result.NupkgUrl,
+                    result.Issues.Select(i => i.IssueCode));
+
+                throw new InvalidOperationException("Package signature validator has an unexpected validation result");
             }
 
             /// Suppress all validation issues. The <see cref="PackageSignatureProcessor"/> should
@@ -116,5 +133,32 @@ private IValidationResult Validate(IValidationResult result)
 
             return result;
         }
+
+        private bool HasOwnerWithInvalidUsername(IValidationRequest request)
+        {
+            var registration = _packages.FindPackageRegistrationById(request.PackageId);
+
+            if (registration == null)
+            {
+                _logger.LogError("Attempted to validate package that has no package registration");
+
+                throw new InvalidOperationException($"Registration for package id {request.PackageId} does not exist");
+            }
+
+            var owners = registration.Owners.Select(o => o.Username).ToList();
+
+            if (owners.Any(UsernameHelper.IsInvalid))
+            {
+                _logger.LogWarning(
+                    "Package {PackageId} {PackageVersion} has an owner with an invalid username. {Owners}",
+                    request.PackageId,
+                    request.PackageVersion,
+                    owners);
+
+                return true;
+            }
+
+            return false;
+        }
     }
 }

src/NuGet.Services.Validation.Orchestrator/PackageSigning/ScanAndSign/ScanAndSignProcessor.cs

@@ -20,8 +20,6 @@ namespace NuGet.Services.Validation.Orchestrator.PackageSigning.ScanAndSign
     [ValidatorName(ValidatorName.ScanAndSign)]
     public class ScanAndSignProcessor : IProcessor
     {
-        private const string UsernameRegex = @"^[A-Za-z0-9][A-Za-z0-9_\.-]+[A-Za-z0-9]$";
-
         private readonly IValidationEntitiesContext _validationContext;
         private readonly IValidatorStateService _validatorStateService;
         private readonly ICorePackageService _packageService;
@@ -218,7 +216,9 @@ private async Task<bool> ShouldRepositorySignAsync(IValidationRequest request, L
                 return false;
             }
 
-            if (owners.Any(IsInvalidUsername))
+            // TODO: Remove this check.
+            // See: https://github.com/NuGet/Engineering/issues/1582
+            if (owners.Any(UsernameHelper.IsInvalid))
             {
                 _logger.LogWarning(
                     "Package {PackageId} {PackageVersion} has an owner with an invalid username. Scanning instead of signing. {Owners}",
@@ -248,10 +248,5 @@ private List<string> FindPackageOwners(IValidationRequest request)
                 .Select(o => o.Username)
                 .ToList();
         }
-
-        private bool IsInvalidUsername(string username)
-        {
-            return !Regex.IsMatch(username, UsernameRegex, RegexOptions.None, TimeSpan.FromSeconds(5));
-        }
     }
 }

src/NuGet.Services.Validation.Orchestrator/Symbols/SymbolsIngester.cs

@@ -0,0 +1,107 @@
+// Copyright (c) .NET Foundation. All rights reserved.
+// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
+
+using System;
+using System.Threading.Tasks;
+using Microsoft.Extensions.Logging;
+using NuGet.Jobs.Validation;
+using NuGet.Jobs.Validation.Symbols.Core;
+using NuGet.Services.Validation.Orchestrator;
+using NuGet.Services.Validation.Orchestrator.Telemetry;
+
+namespace NuGet.Services.Validation.Symbols
+{
+    [ValidatorName(ValidatorName.SymbolsIngester)]
+    public class SymbolsIngester : BaseValidator, IValidator
+    {
+        private readonly ISymbolsValidationEntitiesService _symbolsValidationEntitiesService;
+        private readonly ISymbolsMessageEnqueuer _symbolMessageEnqueuer;
+        private readonly ITelemetryService _telemetryService;
+        private readonly ILogger<SymbolsIngester> _logger;
+
+        public SymbolsIngester(
+            ISymbolsValidationEntitiesService symbolsValidationEntitiesService,
+            ISymbolsMessageEnqueuer symbolMessageEnqueuer,
+            ITelemetryService telemetryService,
+            ILogger<SymbolsIngester> logger)
+        {
+            _symbolsValidationEntitiesService = symbolsValidationEntitiesService ?? throw new ArgumentNullException(nameof(symbolsValidationEntitiesService));
+            _symbolMessageEnqueuer = symbolMessageEnqueuer ?? throw new ArgumentNullException(nameof(symbolMessageEnqueuer));
+            _telemetryService = telemetryService ?? throw new ArgumentNullException(nameof(telemetryService));
+            _logger = logger ?? throw new ArgumentNullException(nameof(logger));
+        }
+
+        public async Task<IValidationResult> GetResultAsync(IValidationRequest request)
+        {
+            if (request == null)
+            {
+                throw new ArgumentNullException(nameof(request));
+            }
+
+            var result = SymbolsValidationEntitiesService.ConvertToIValidationResult(await _symbolsValidationEntitiesService.GetSymbolsServerRequestAsync(request));
+            _logger.LogInformation(
+                    "Symbols status {Status} for PackageId: {PackageId}, PackageNormalizedVersion {PackageNormalizedVersion}, SymbolsPackageKey {SymbolsPackageKey} ",
+                    result.Status,
+                    request.PackageId,
+                    request.PackageVersion,
+                    request.PackageKey);
+
+            return result;
+        }
+
+        /// <summary>
+        /// The pattern used for the StartAsync:
+        /// 1. Check if an ingestion for the specific symbols package key was already started
+        /// 2. Only if a ingestion was not started queue the message to be processed.
+        /// 3. After the message is queued, update the SymbolServerRequests table.
+        /// </summary>
+        /// <param name="request">The request to be sent to the ingester job queue.</param>
+        /// <returns>The operation status as <see cref="IValidationResult"/>.</returns>
+        public async Task<IValidationResult> StartAsync(IValidationRequest request)
+        {
+            if (request == null)
+            {
+                throw new ArgumentNullException(nameof(request));
+            }
+
+            var result = SymbolsValidationEntitiesService.ConvertToIValidationResult(await _symbolsValidationEntitiesService.GetSymbolsServerRequestAsync(request));
+
+            if (result.Status != ValidationStatus.NotStarted)
+            {
+                _logger.LogWarning(
+                    "Symbol ingestion for {PackageId} {PackageNormalizedVersion} {SymbolsPackageKey} has already started.",
+                    request.PackageId,
+                    request.PackageVersion,
+                    request.PackageKey);
+
+                return result;
+            }
+
+            _telemetryService.TrackSymbolsMessageEnqueued(ValidatorName.SymbolsIngester, request.ValidationId);
+            await _symbolMessageEnqueuer.EnqueueSymbolsValidationMessageAsync(request);
+
+            var newSymbolsRequest = SymbolsValidationEntitiesService.CreateFromValidationRequest(request, SymbolsPackageIngestRequestStatus.Ingesting);
+            var savedSymbolRequest = await _symbolsValidationEntitiesService.AddSymbolsServerRequestAsync(newSymbolsRequest);
+            
+            if(savedSymbolRequest.RequestStatusKey != SymbolsPackageIngestRequestStatus.Ingesting)
+            {
+                _logger.LogWarning(
+                 "The symbols ingestion request already in the database. RequestStatus:{Status} for {PackageId} {PackageNormalizedVersion} {SymbolsPackageKey}.",
+                 newSymbolsRequest.RequestStatusKey,
+                 request.PackageId,
+                 request.PackageVersion,
+                 request.PackageKey);
+            }
+            else
+            {
+                _logger.LogInformation(
+                 "The symbols ingestion request added to the database. RequestStatus:{Status} for {PackageId} {PackageNormalizedVersion} {SymbolsPackageKey}.",
+                 newSymbolsRequest.RequestStatusKey,
+                 request.PackageId,
+                 request.PackageVersion,
+                 request.PackageKey);
+            }
+            return SymbolsValidationEntitiesService.ConvertToIValidationResult(savedSymbolRequest);
+        }
+    }
+}

src/NuGet.Services.Validation.Orchestrator/Symbols/SymbolsIngesterConfiguration.cs

@@ -0,0 +1,9 @@
+// Copyright (c) .NET Foundation. All rights reserved.
+// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
+
+namespace NuGet.Services.Validation.Symbols
+{
+    public class SymbolsIngesterConfiguration : SymbolsValidationConfiguration
+    {
+    }
+}

src/NuGet.Services.Validation.Orchestrator/UsernameHelper.cs

@@ -0,0 +1,21 @@
+// Copyright (c) .NET Foundation. All rights reserved.
+// Licensed under the Apache License, Version 2.0. See License.txt in the project root for license information.
+
+using System;
+using System.Text.RegularExpressions;
+
+namespace NuGet.Services.Validation.Orchestrator
+{
+    // TODO: Remove this type.
+    // See: https://github.com/NuGet/Engineering/issues/1582
+    // See: https://github.com/NuGet/Engineering/issues/1592
+    public static class UsernameHelper
+    {
+        private const string UsernameRegex = @"^[A-Za-z0-9][A-Za-z0-9_\.-]+[A-Za-z0-9]$";
+
+        public static bool IsInvalid(string username)
+        {
+            return !Regex.IsMatch(username, UsernameRegex, RegexOptions.None, TimeSpan.FromSeconds(5));
+        }
+    }
+}

src/Validation.Common.Job/Validation.Common.Job.csproj

@@ -100,7 +100,7 @@
       <Version>2.27.0</Version>
     </PackageReference>
     <PackageReference Include="NuGet.Services.ServiceBus">
-      <Version>2.27.0</Version>
+      <Version>2.28.0-master-36259</Version>
     </PackageReference>
     <PackageReference Include="NuGet.Services.Sql">
       <Version>2.27.0</Version>
@@ -109,7 +109,7 @@
       <Version>2.27.0</Version>
     </PackageReference>
     <PackageReference Include="NuGet.Services.Validation">
-      <Version>2.27.0</Version>
+      <Version>2.28.0-master-36259</Version>
     </PackageReference>
     <PackageReference Include="NuGet.Services.Validation.Issues">
       <Version>2.27.0</Version>

src/Validation.Common.Job/Validation.Common.Job.nuspec

@@ -18,10 +18,10 @@
       <dependency id="NuGet.Packaging" version="4.8.0-preview4.5289" />
       <dependency id="NuGet.Services.Configuration" version="2.27.0" />
       <dependency id="NuGet.Services.Logging" version="2.27.0" />
-      <dependency id="NuGet.Services.ServiceBus" version="2.27.0" />
+      <dependency id="NuGet.Services.ServiceBus" version="2.28.0-master-36259" />
       <dependency id="NuGet.Services.Sql" version="2.27.0" />
       <dependency id="NuGet.Services.Storage" version="2.27.0" />
-      <dependency id="NuGet.Services.Validation" version="2.27.0" />
+      <dependency id="NuGet.Services.Validation" version="2.28.0-master-36259" />
       <dependency id="NuGet.Services.Validation.Issues" version="2.27.0" />
       <dependency id="NuGetGallery.Core" version="4.4.5-master-36524" />
       <dependency id="Serilog" version="2.5.0" />