Browse Source

Merge "CLI: fail if trying to enqueue/dequeue a change for the wrong project"

tags/3.7.0
Zuul 2 months ago
parent
commit
34629ff6d2
3 changed files with 77 additions and 1 deletions
  1. 66
    0
      tests/unit/test_scheduler.py
  2. 4
    1
      zuul/rpclistener.py
  3. 7
    0
      zuul/scheduler.py

+ 66
- 0
tests/unit/test_scheduler.py View File

@@ -3843,6 +3843,31 @@ class TestScheduler(ZuulTestCase):
3843 3843
         self.assertEqual(A.reported, 2)
3844 3844
         self.assertEqual(r, True)
3845 3845
 
3846
+    @simple_layout('layouts/three-projects.yaml')
3847
+    def test_client_enqueue_change_wrong_project(self):
3848
+        "Test that an enqueue fails if a change doesn't belong to the project"
3849
+        A = self.fake_gerrit.addFakeChange('org/project1', 'master', 'A')
3850
+        A.addApproval('Code-Review', 2)
3851
+        A.addApproval('Approved', 1)
3852
+
3853
+        B = self.fake_gerrit.addFakeChange('org/project2', 'master', 'B')
3854
+        B.addApproval('Code-Review', 2)
3855
+        B.addApproval('Approved', 1)
3856
+
3857
+        client = zuul.rpcclient.RPCClient('127.0.0.1',
3858
+                                          self.gearman_server.port)
3859
+        self.addCleanup(client.shutdown)
3860
+        with testtools.ExpectedException(
3861
+            zuul.rpcclient.RPCFailure,
3862
+            'Change 2,1 does not belong to project "org/project1"'):
3863
+            r = client.enqueue(tenant='tenant-one',
3864
+                               pipeline='gate',
3865
+                               project='org/project1',
3866
+                               trigger='gerrit',
3867
+                               change='2,1')
3868
+            self.assertEqual(r, False)
3869
+        self.waitUntilSettled()
3870
+
3846 3871
     def test_client_enqueue_ref(self):
3847 3872
         "Test that the RPC client can enqueue a ref"
3848 3873
         p = "review.example.com/org/project"
@@ -3949,6 +3974,47 @@ class TestScheduler(ZuulTestCase):
3949 3974
         self.executor_server.release()
3950 3975
         self.waitUntilSettled()
3951 3976
 
3977
+    @simple_layout('layouts/three-projects.yaml')
3978
+    def test_client_dequeue_wrong_project(self):
3979
+        "Test that dequeue fails if change and project do not match"
3980
+
3981
+        client = zuul.rpcclient.RPCClient('127.0.0.1',
3982
+                                          self.gearman_server.port)
3983
+        self.addCleanup(client.shutdown)
3984
+
3985
+        self.executor_server.hold_jobs_in_build = True
3986
+        A = self.fake_gerrit.addFakeChange('org/project1', 'master', 'A')
3987
+        B = self.fake_gerrit.addFakeChange('org/project1', 'master', 'B')
3988
+        C = self.fake_gerrit.addFakeChange('org/project1', 'master', 'C')
3989
+        D = self.fake_gerrit.addFakeChange('org/project2', 'master', 'D')
3990
+
3991
+        A.addApproval('Code-Review', 2)
3992
+        B.addApproval('Code-Review', 2)
3993
+        C.addApproval('Code-Review', 2)
3994
+        D.addApproval('Code-Review', 2)
3995
+
3996
+        self.fake_gerrit.addEvent(A.getPatchsetCreatedEvent(1))
3997
+        self.fake_gerrit.addEvent(B.getPatchsetCreatedEvent(1))
3998
+        self.fake_gerrit.addEvent(C.getPatchsetCreatedEvent(1))
3999
+        self.fake_gerrit.addEvent(D.getPatchsetCreatedEvent(1))
4000
+        self.waitUntilSettled()
4001
+
4002
+        with testtools.ExpectedException(
4003
+            zuul.rpcclient.RPCFailure,
4004
+            'Change 4,1 does not belong to project "org/project1"'):
4005
+            r = client.dequeue(
4006
+                tenant='tenant-one',
4007
+                pipeline='check',
4008
+                project='org/project1',
4009
+                change='4,1',
4010
+                ref=None)
4011
+            self.waitUntilSettled()
4012
+            self.assertEqual(r, False)
4013
+
4014
+        self.executor_server.hold_jobs_in_build = False
4015
+        self.executor_server.release()
4016
+        self.waitUntilSettled()
4017
+
3952 4018
     def test_client_dequeue_change_by_ref(self):
3953 4019
         "Test that the RPC client can dequeue a change by ref"
3954 4020
         # Test this on the periodic pipeline, where it makes most sense to

+ 4
- 1
zuul/rpclistener.py View File

@@ -228,7 +228,10 @@ class RPCListener(object):
228 228
         if not errors:
229 229
             event.change_number, event.patch_number = args['change'].split(',')
230 230
             try:
231
-                project.source.getChange(event, project)
231
+                ch = project.source.getChange(event, refresh=True)
232
+                if ch.project.name != project.name:
233
+                    errors += ('Change %s does not belong to project "%s", '
234
+                               % (args['change'], project.name))
232 235
             except Exception:
233 236
                 errors += 'Invalid change: %s\n' % (args['change'],)
234 237
 

+ 7
- 0
zuul/scheduler.py View File

@@ -942,6 +942,13 @@ class Scheduler(threading.Thread):
942 942
         pipeline = tenant.layout.pipelines[event.pipeline_name]
943 943
         (trusted, project) = tenant.getProject(event.project_name)
944 944
         change = project.source.getChange(event, project)
945
+        if change.project.name != project.name:
946
+            if event.change:
947
+                item = 'Change %s' % event.change
948
+            else:
949
+                item = 'Ref %s' % event.ref
950
+            raise Exception('%s does not belong to project "%s"'
951
+                            % (item, project.name))
945 952
         for shared_queue in pipeline.queues:
946 953
             for item in shared_queue.queue:
947 954
                 if (isinstance(item.change, model.Change) and

Loading…
Cancel
Save