From e50af2ece24031b171d02460ad504c538182595d Mon Sep 17 00:00:00 2001
From: Tristan Cacqueray <tdecacqu@redhat.com>
Date: Tue, 19 Sep 2017 14:18:28 +0000
Subject: [PATCH] SourceContext: add same_project comparison

The SourceContext equality check is using the in repository yaml path
which may differ for a single project, resulting in secrets being
incorrectly validated when they are defined in dedicated files.

This change adds a same_project method to validate secrets.

Change-Id: I5500e43faa3cbb7ed470575fe54cb66aed343b9a
---
 zuul/configloader.py | 2 +-
 zuul/model.py        | 7 +++++++
 2 files changed, 8 insertions(+), 1 deletion(-)

diff --git a/zuul/configloader.py b/zuul/configloader.py
index b70ea59027..7722a7e47f 100644
--- a/zuul/configloader.py
+++ b/zuul/configloader.py
@@ -513,7 +513,7 @@ class JobParser(object):
                 raise SecretNotFoundError(secret_name)
             if secret_name == 'zuul':
                 raise Exception("Secrets named 'zuul' are not allowed.")
-            if secret.source_context != job.source_context:
+            if not secret.source_context.isSameProject(job.source_context):
                 raise Exception(
                     "Unable to use secret %s.  Secrets must be "
                     "defined in the same project in which they "
diff --git a/zuul/model.py b/zuul/model.py
index 0e42368f65..4c5a51f62a 100644
--- a/zuul/model.py
+++ b/zuul/model.py
@@ -627,6 +627,13 @@ class SourceContext(object):
         return self.__class__(self.project, self.branch, self.path,
                               self.trusted)
 
+    def isSameProject(self, other):
+        if not isinstance(other, SourceContext):
+            return False
+        return (self.project == other.project and
+                self.branch == other.branch and
+                self.trusted == other.trusted)
+
     def __ne__(self, other):
         return not self.__eq__(other)