launchpad-reviewers team mailing list archive
-
launchpad-reviewers team
-
Mailing list archive
-
Message #31358
[Merge] ~jugmac00/launchpad:add-basic-model-for-rock-recipes into launchpad:master
Jürgen Gmach has proposed merging ~jugmac00/launchpad:add-basic-model-for-rock-recipes into launchpad:master.
Commit message:
Add basic model for rock recipes
Requested reviews:
Launchpad code reviewers (launchpad-reviewers)
For more details, see:
https://code.launchpad.net/~jugmac00/launchpad/+git/launchpad/+merge/472407
This was modelled similar to https://git.launchpad.net/launchpad/commit/?id=6a4c0824b5847bbde072b1c782cbffecd5604e89 but both using updated API and Python syntax, as Python 2 has been dropped a while ago.
--
Your team Launchpad code reviewers is requested to review the proposed merge of ~jugmac00/launchpad:add-basic-model-for-rock-recipes into launchpad:master.
diff --git a/lib/lp/code/model/gitrepository.py b/lib/lp/code/model/gitrepository.py
index a1669be..28afbf3 100644
--- a/lib/lp/code/model/gitrepository.py
+++ b/lib/lp/code/model/gitrepository.py
@@ -126,6 +126,7 @@ from lp.registry.model.accesspolicy import (
)
from lp.registry.model.person import Person
from lp.registry.model.teammembership import TeamParticipation
+from lp.rocks.interfaces.rockrecipe import IRockRecipeSet
from lp.services.auth.model import AccessTokenTargetMixin
from lp.services.config import config
from lp.services.database import bulk
@@ -2004,6 +2005,15 @@ class GitRepository(
self,
)
)
+ if not getUtility(IRockRecipeSet).findByGitRepository(self).is_empty():
+ alteration_operations.append(
+ DeletionCallable(
+ None,
+ msg("Some rock recipes build from this repository."),
+ getUtility(IRockRecipeSet).detachFromGitRepository,
+ self,
+ )
+ )
return (alteration_operations, deletion_operations)
diff --git a/lib/lp/code/model/tests/test_gitrepository.py b/lib/lp/code/model/tests/test_gitrepository.py
index 7b70558..5f8f255 100644
--- a/lib/lp/code/model/tests/test_gitrepository.py
+++ b/lib/lp/code/model/tests/test_gitrepository.py
@@ -148,6 +148,7 @@ from lp.registry.interfaces.persondistributionsourcepackage import (
from lp.registry.interfaces.personociproject import IPersonOCIProjectFactory
from lp.registry.interfaces.personproduct import IPersonProductFactory
from lp.registry.tests.test_accesspolicy import get_policies_for_artifact
+from lp.rocks.interfaces.rockrecipe import ROCK_RECIPE_ALLOW_CREATE
from lp.services.auth.enums import AccessTokenScope
from lp.services.authserver.xmlrpc import AuthServerAPIView
from lp.services.config import config
@@ -1706,6 +1707,39 @@ class TestGitRepositoryDeletionConsequences(TestCaseWithFactory):
self.assertIsNone(recipe2.git_repository)
self.assertIsNone(recipe2.git_path)
+ def test_rock_recipe_requirements(self):
+ # If a repository is used by a rock recipe, the deletion
+ # requirements indicate this.
+ self.useFixture(FeatureFixture({ROCK_RECIPE_ALLOW_CREATE: "on"}))
+ [ref] = self.factory.makeGitRefs()
+ self.factory.makeRockRecipe(git_ref=ref)
+ self.assertEqual(
+ {
+ None: (
+ "alter",
+ _("Some rock recipes build from this repository."),
+ )
+ },
+ ref.repository.getDeletionRequirements(),
+ )
+
+ def test_rock_recipe_deletion(self):
+ # break_references allows deleting a repository used by a rock
+ # recipe.
+ self.useFixture(FeatureFixture({ROCK_RECIPE_ALLOW_CREATE: "on"}))
+ repository = self.factory.makeGitRepository()
+ [ref1, ref2] = self.factory.makeGitRefs(
+ repository=repository, paths=["refs/heads/1", "refs/heads/2"]
+ )
+ recipe1 = self.factory.makeRockRecipe(git_ref=ref1)
+ recipe2 = self.factory.makeRockRecipe(git_ref=ref2)
+ repository.destroySelf(break_references=True)
+ transaction.commit()
+ self.assertIsNone(recipe1.git_repository)
+ self.assertIsNone(recipe1.git_path)
+ self.assertIsNone(recipe2.git_repository)
+ self.assertIsNone(recipe2.git_path)
+
def test_ClearPrerequisiteRepository(self):
# ClearPrerequisiteRepository.__call__ must clear the prerequisite
# repository.
diff --git a/lib/lp/configure.zcml b/lib/lp/configure.zcml
index ab2b4b0..8592b8f 100644
--- a/lib/lp/configure.zcml
+++ b/lib/lp/configure.zcml
@@ -35,6 +35,7 @@
<include package="lp.testing" />
<include package="lp.testopenid" />
<include package="lp.registry" />
+ <include package="lp.rocks" />
<include package="lp.xmlrpc" />
<include file="permissions.zcml" />
diff --git a/lib/lp/registry/browser/personproduct.py b/lib/lp/registry/browser/personproduct.py
index 86c8f7d..b778a73 100644
--- a/lib/lp/registry/browser/personproduct.py
+++ b/lib/lp/registry/browser/personproduct.py
@@ -19,6 +19,7 @@ from lp.code.browser.vcslisting import PersonTargetDefaultVCSNavigationMixin
from lp.code.interfaces.branchnamespace import get_branch_namespace
from lp.registry.interfaces.personociproject import IPersonOCIProjectFactory
from lp.registry.interfaces.personproduct import IPersonProduct
+from lp.rocks.interfaces.rockrecipe import IRockRecipeSet
from lp.services.webapp import (
Navigation,
StandardLaunchpadFacets,
@@ -67,6 +68,12 @@ class PersonProductNavigation(
owner=self.context.person, project=self.context.product, name=name
)
+ @stepthrough("+rock")
+ def traverse_rock(self, name):
+ return getUtility(IRockRecipeSet).getByName(
+ owner=self.context.person, project=self.context.product, name=name
+ )
+
@implementer(IMultiFacetedBreadcrumb)
class PersonProductBreadcrumb(Breadcrumb):
diff --git a/lib/lp/rocks/__init__.py b/lib/lp/rocks/__init__.py
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/lib/lp/rocks/__init__.py
diff --git a/lib/lp/rocks/browser/configure.zcml b/lib/lp/rocks/browser/configure.zcml
new file mode 100644
index 0000000..20a2c89
--- /dev/null
+++ b/lib/lp/rocks/browser/configure.zcml
@@ -0,0 +1,16 @@
+<!-- Copyright 2024 Canonical Ltd. This software is licensed under the
+ GNU Affero General Public License version 3 (see the file LICENSE).
+-->
+
+<configure
+ xmlns="http://namespaces.zope.org/zope";
+ xmlns:browser="http://namespaces.zope.org/browser";
+ xmlns:i18n="http://namespaces.zope.org/i18n";
+ xmlns:lp="http://namespaces.canonical.com/lp";
+ i18n_domain="launchpad">
+ <lp:facet facet="overview">
+ <lp:url
+ for="lp.rocks.interfaces.rockrecipe.IRockRecipe"
+ urldata="lp.rocks.browser.rockrecipe.RockRecipeURL" />
+ </lp:facet>
+</configure>
diff --git a/lib/lp/rocks/browser/rockrecipe.py b/lib/lp/rocks/browser/rockrecipe.py
new file mode 100644
index 0000000..67164d6
--- /dev/null
+++ b/lib/lp/rocks/browser/rockrecipe.py
@@ -0,0 +1,34 @@
+# Copyright 2024 Canonical Ltd. This software is licensed under the
+# GNU Affero General Public License version 3 (see the file LICENSE).
+
+"""Rock recipe views."""
+
+__all__ = [
+ "RockRecipeURL",
+]
+
+from zope.component import getUtility
+from zope.interface import implementer
+
+from lp.registry.interfaces.personproduct import IPersonProductFactory
+from lp.services.webapp.interfaces import ICanonicalUrlData
+
+
+@implementer(ICanonicalUrlData)
+class RockRecipeURL:
+ """Rock recipe URL creation rules."""
+
+ rootsite = "mainsite"
+
+ def __init__(self, recipe):
+ self.recipe = recipe
+
+ @property
+ def inside(self):
+ owner = self.recipe.owner
+ project = self.recipe.project
+ return getUtility(IPersonProductFactory).create(owner, project)
+
+ @property
+ def path(self):
+ return "+rock/%s" % self.recipe.name
diff --git a/lib/lp/rocks/browser/tests/test_rockrecipe.py b/lib/lp/rocks/browser/tests/test_rockrecipe.py
new file mode 100644
index 0000000..229824d
--- /dev/null
+++ b/lib/lp/rocks/browser/tests/test_rockrecipe.py
@@ -0,0 +1,30 @@
+# Copyright 2024 Canonical Ltd. This software is licensed under the
+# GNU Affero General Public License version 3 (see the file LICENSE).
+
+"""Test rock recipe views."""
+
+from lp.rocks.interfaces.rockrecipe import ROCK_RECIPE_ALLOW_CREATE
+from lp.services.features.testing import FeatureFixture
+from lp.services.webapp import canonical_url
+from lp.testing import TestCaseWithFactory
+from lp.testing.layers import DatabaseFunctionalLayer
+
+
+class TestRockRecipeNavigation(TestCaseWithFactory):
+
+ layer = DatabaseFunctionalLayer
+
+ def setUp(self):
+ super().setUp()
+ self.useFixture(FeatureFixture({ROCK_RECIPE_ALLOW_CREATE: "on"}))
+
+ def test_canonical_url(self):
+ owner = self.factory.makePerson(name="person")
+ project = self.factory.makeProduct(name="project")
+ recipe = self.factory.makeRockRecipe(
+ registrant=owner, owner=owner, project=project, name="rock"
+ )
+ self.assertEqual(
+ "http://launchpad.test/~person/project/+rock/rock";,
+ canonical_url(recipe),
+ )
diff --git a/lib/lp/rocks/configure.zcml b/lib/lp/rocks/configure.zcml
new file mode 100644
index 0000000..aa2cdca
--- /dev/null
+++ b/lib/lp/rocks/configure.zcml
@@ -0,0 +1,43 @@
+<!-- Copyright 2024 Canonical Ltd. This software is licensed under the
+ GNU Affero General Public License version 3 (see the file LICENSE).
+-->
+
+<configure
+ xmlns="http://namespaces.zope.org/zope";
+ xmlns:browser="http://namespaces.zope.org/browser";
+ xmlns:i18n="http://namespaces.zope.org/i18n";
+ xmlns:lp="http://namespaces.canonical.com/lp";
+ xmlns:xmlrpc="http://namespaces.zope.org/xmlrpc";
+ i18n_domain="launchpad">
+
+ <lp:authorizations module=".security" />
+ <include package=".browser" />
+
+ <!-- RockRecipe -->
+ <class class="lp.rocks.model.rockrecipe.RockRecipe">
+ <require
+ permission="launchpad.View"
+ interface="lp.rocks.interfaces.rockrecipe.IRockRecipeView
+ lp.rocks.interfaces.rockrecipe.IRockRecipeEditableAttributes
+ lp.rocks.interfaces.rockrecipe.IRockRecipeAdminAttributes" />
+ <require
+ permission="launchpad.Edit"
+ interface="lp.rocks.interfaces.rockrecipe.IRockRecipeEdit"
+ set_schema="lp.rocks.interfaces.rockrecipe.IRockRecipeEditableAttributes" />
+ <require
+ permission="launchpad.Admin"
+ set_schema="lp.rocks.interfaces.rockrecipe.IRockRecipeAdminAttributes" />
+ </class>
+ <subscriber
+ for="lp.rocks.interfaces.rockrecipe.IRockRecipe
+ zope.lifecycleevent.interfaces.IObjectModifiedEvent"
+ handler="lp.rocks.model.rockrecipe.rock_recipe_modified" />
+
+ <!-- RockRecipeSet -->
+ <lp:securedutility
+ class="lp.rocks.model.rockrecipe.RockRecipeSet"
+ provides="lp.rocks.interfaces.rockrecipe.IRockRecipeSet">
+ <allow interface="lp.rocks.interfaces.rockrecipe.IRockRecipeSet" />
+ </lp:securedutility>
+
+</configure>
diff --git a/lib/lp/rocks/interfaces/rockrecipe.py b/lib/lp/rocks/interfaces/rockrecipe.py
new file mode 100644
index 0000000..c008351
--- /dev/null
+++ b/lib/lp/rocks/interfaces/rockrecipe.py
@@ -0,0 +1,385 @@
+# Copyright 2024 Canonical Ltd. This software is licensed under the
+# GNU Affero General Public License version 3 (see the file LICENSE).
+
+"""Rock recipe interfaces."""
+
+__all__ = [
+ "BadRockRecipeSource",
+ "BadRockRecipeSearchContext",
+ "ROCK_RECIPE_ALLOW_CREATE",
+ "ROCK_RECIPE_PRIVATE_FEATURE_FLAG",
+ "RockRecipeFeatureDisabled",
+ "RockRecipeNotOwner",
+ "RockRecipePrivacyMismatch",
+ "RockRecipePrivateFeatureDisabled",
+ "DuplicateRockRecipeName",
+ "IRockRecipe",
+ "IRockRecipeSet",
+ "NoSourceForRockRecipe",
+ "NoSuchRockRecipe",
+]
+
+import http.client
+
+from lazr.restful.declarations import error_status, exported
+from lazr.restful.fields import Reference, ReferenceChoice
+from zope.interface import Interface
+from zope.schema import Bool, Choice, Datetime, Dict, Int, List, Text, TextLine
+from zope.security.interfaces import Unauthorized
+
+from lp import _
+from lp.app.enums import InformationType
+from lp.app.errors import NameLookupFailed
+from lp.app.interfaces.informationtype import IInformationType
+from lp.app.validators.name import name_validator
+from lp.app.validators.path import path_does_not_escape
+from lp.code.interfaces.gitref import IGitRef
+from lp.code.interfaces.gitrepository import IGitRepository
+from lp.registry.interfaces.product import IProduct
+from lp.services.fields import PersonChoice, PublicPersonChoice
+from lp.snappy.validators.channels import channels_validator
+
+ROCK_RECIPE_ALLOW_CREATE = "rock.recipe.create.enabled"
+ROCK_RECIPE_PRIVATE_FEATURE_FLAG = "rock.recipe.allow_private"
+
+
+@error_status(http.client.UNAUTHORIZED)
+class RockRecipeFeatureDisabled(Unauthorized):
+ """Only certain users can create new rock recipes."""
+
+ def __init__(self):
+ super().__init__(
+ "You do not have permission to create new rock recipes."
+ )
+
+
+@error_status(http.client.UNAUTHORIZED)
+class RockRecipePrivateFeatureDisabled(Unauthorized):
+ """Only certain users can create private rock recipes."""
+
+ def __init__(self):
+ super().__init__(
+ "You do not have permission to create private rock recipes."
+ )
+
+
+@error_status(http.client.BAD_REQUEST)
+class DuplicateRockRecipeName(Exception):
+ """Raised for rock recipes with duplicate project/owner/name."""
+
+ def __init__(self):
+ super().__init__(
+ "There is already a rock recipe with the same project, owner, "
+ "and name."
+ )
+
+
+@error_status(http.client.UNAUTHORIZED)
+class RockRecipeNotOwner(Unauthorized):
+ """The registrant/requester is not the owner or a member of its team."""
+
+
+class NoSuchRockRecipe(NameLookupFailed):
+ """The requested rock recipe does not exist."""
+
+ _message_prefix = "No such rock recipe with this owner and project"
+
+
+@error_status(http.client.BAD_REQUEST)
+class NoSourceForRockRecipe(Exception):
+ """Rock recipes must have a source (Git branch)."""
+
+ def __init__(self):
+ super().__init__("New rock recipes must have a Git branch.")
+
+
+@error_status(http.client.BAD_REQUEST)
+class BadRockRecipeSource(Exception):
+ """The elements of the source for a rock recipe are inconsistent."""
+
+
+@error_status(http.client.BAD_REQUEST)
+class RockRecipePrivacyMismatch(Exception):
+ """Rock recipe privacy does not match its content."""
+
+ def __init__(self, message=None):
+ super().__init__(
+ message
+ or "Rock recipe contains private information and cannot be public."
+ )
+
+
+class BadRockRecipeSearchContext(Exception):
+ """The context is not valid for a rock recipe search."""
+
+
+class IRockRecipeView(Interface):
+ """`IRockRecipe` attributes that require launchpad.View permission."""
+
+ id = Int(title=_("ID"), required=True, readonly=True)
+
+ date_created = Datetime(
+ title=_("Date created"), required=True, readonly=True
+ )
+ date_last_modified = Datetime(
+ title=_("Date last modified"), required=True, readonly=True
+ )
+
+ registrant = PublicPersonChoice(
+ title=_("Registrant"),
+ required=True,
+ readonly=True,
+ vocabulary="ValidPersonOrTeam",
+ description=_("The person who registered this rock recipe."),
+ )
+
+ private = Bool(
+ title=_("Private"),
+ required=False,
+ readonly=False,
+ description=_("Whether this rock recipe is private."),
+ )
+
+ def getAllowedInformationTypes(user):
+ """Get a list of acceptable `InformationType`s for this rock recipe.
+
+ If the user is a Launchpad admin, any type is acceptable.
+ """
+
+ def visibleByUser(user):
+ """Can the specified user see this rock recipe?"""
+
+
+class IRockRecipeEdit(Interface):
+ """`IRockRecipe` methods that require launchpad.Edit permission."""
+
+ def destroySelf():
+ """Delete this rock recipe, provided that it has no builds."""
+
+
+class IRockRecipeEditableAttributes(Interface):
+ """`IRockRecipe` attributes that can be edited.
+
+ These attributes need launchpad.View to see, and launchpad.Edit to change.
+ """
+
+ owner = exported(
+ PersonChoice(
+ title=_("Owner"),
+ required=True,
+ readonly=False,
+ vocabulary="AllUserTeamsParticipationPlusSelf",
+ description=_("The owner of this rock recipe."),
+ )
+ )
+
+ project = ReferenceChoice(
+ title=_("The project that this rock recipe is associated with"),
+ schema=IProduct,
+ vocabulary="Product",
+ required=True,
+ readonly=False,
+ )
+
+ name = TextLine(
+ title=_("Rock recipe name"),
+ required=True,
+ readonly=False,
+ constraint=name_validator,
+ description=_("The name of the rock recipe."),
+ )
+
+ description = Text(
+ title=_("Description"),
+ required=False,
+ readonly=False,
+ description=_("A description of the rock recipe."),
+ )
+
+ git_repository = ReferenceChoice(
+ title=_("Git repository"),
+ schema=IGitRepository,
+ vocabulary="GitRepository",
+ required=False,
+ readonly=True,
+ description=_(
+ "A Git repository with a branch containing a rockcraft.yaml "
+ "recipe."
+ ),
+ )
+
+ git_path = TextLine(
+ title=_("Git branch path"),
+ required=False,
+ readonly=False,
+ description=_(
+ "The path of the Git branch containing a rockcraft.yaml " "recipe."
+ ),
+ )
+
+ git_ref = Reference(
+ IGitRef,
+ title=_("Git branch"),
+ required=False,
+ readonly=False,
+ description=_("The Git branch containing a rockcraft.yaml recipe."),
+ )
+
+ build_path = TextLine(
+ title=_("Build path"),
+ description=_(
+ "Subdirectory within the branch containing rockcraft.yaml."
+ ),
+ constraint=path_does_not_escape,
+ required=False,
+ readonly=False,
+ )
+ information_type = Choice(
+ title=_("Information type"),
+ vocabulary=InformationType,
+ required=True,
+ readonly=False,
+ default=InformationType.PUBLIC,
+ description=_(
+ "The type of information contained in this rock recipe."
+ ),
+ )
+
+ auto_build = Bool(
+ title=_("Automatically build when branch changes"),
+ required=True,
+ readonly=False,
+ description=_(
+ "Whether this rock recipe is built automatically when the branch "
+ "containing its rockcraft.yaml recipe changes."
+ ),
+ )
+
+ auto_build_channels = Dict(
+ title=_("Source snap channels for automatic builds"),
+ key_type=TextLine(),
+ required=False,
+ readonly=False,
+ description=_(
+ "A dictionary mapping snap names to channels to use when building "
+ "this rock recipe. Currently only 'core', 'core18', 'core20', "
+ "and 'rockcraft' keys are supported."
+ ),
+ )
+
+ is_stale = Bool(
+ title=_("Rock recipe is stale and is due to be rebuilt."),
+ required=True,
+ readonly=True,
+ )
+
+ store_upload = Bool(
+ title=_("Automatically upload to store"),
+ required=True,
+ readonly=False,
+ description=_(
+ "Whether builds of this rock recipe are automatically uploaded "
+ "to the store."
+ ),
+ )
+
+ store_name = TextLine(
+ title=_("Registered store name"),
+ required=False,
+ readonly=False,
+ description=_("The registered name of this rock in the store."),
+ )
+
+ store_secrets = List(
+ value_type=TextLine(),
+ title=_("Store upload tokens"),
+ required=False,
+ readonly=False,
+ description=_(
+ "Serialized secrets issued by the store and the login service to "
+ "authorize uploads of this rock recipe."
+ ),
+ )
+
+ store_channels = List(
+ title=_("Store channels"),
+ required=False,
+ readonly=False,
+ constraint=channels_validator,
+ description=_(
+ "Channels to release this rock to after uploading it to the "
+ "store. A channel is defined by a combination of an optional "
+ "track, a risk, and an optional branch, e.g. "
+ "'2.1/stable/fix-123', '2.1/stable', 'stable/fix-123', or "
+ "'stable'."
+ ),
+ )
+
+
+class IRockRecipeAdminAttributes(Interface):
+ """`IRockRecipe` attributes that can be edited by admins.
+
+ These attributes need launchpad.View to see, and launchpad.Admin to change.
+ """
+
+ require_virtualized = Bool(
+ title=_("Require virtualized builders"),
+ required=True,
+ readonly=False,
+ description=_("Only build this rock recipe on virtual builders."),
+ )
+
+
+class IRockRecipe(
+ IRockRecipeView,
+ IRockRecipeEdit,
+ IRockRecipeEditableAttributes,
+ IRockRecipeAdminAttributes,
+ IInformationType,
+):
+ """A buildable rock recipe."""
+
+
+class IRockRecipeSet(Interface):
+ """A utility to create and access rock recipes."""
+
+ def new(
+ registrant,
+ owner,
+ project,
+ name,
+ description=None,
+ git_ref=None,
+ build_path=None,
+ require_virtualized=True,
+ information_type=InformationType.PUBLIC,
+ auto_build=False,
+ auto_build_channels=None,
+ store_upload=False,
+ store_name=None,
+ store_secrets=None,
+ store_channels=None,
+ date_created=None,
+ ):
+ """Create an `IRockRecipe`."""
+
+ def getByName(owner, project, name):
+ """Returns the appropriate `IRockRecipe` for the given objects."""
+
+ def isValidInformationType(information_type, owner, git_ref=None):
+ """Whether the information type context is valid."""
+
+ def findByGitRepository(repository, paths=None):
+ """Return all rock recipes for the given Git repository.
+
+ :param repository: An `IGitRepository`.
+ :param paths: If not None, only return rock recipes for one of
+ these Git reference paths.
+ """
+
+ def detachFromGitRepository(repository):
+ """Detach all rock recipes from the given Git repository.
+
+ After this, any rock recipes that previously used this repository
+ will have no source and so cannot dispatch new builds.
+ """
diff --git a/lib/lp/rocks/model/rockrecipe.py b/lib/lp/rocks/model/rockrecipe.py
new file mode 100644
index 0000000..b1c11b0
--- /dev/null
+++ b/lib/lp/rocks/model/rockrecipe.py
@@ -0,0 +1,356 @@
+# Copyright 2024 Canonical Ltd. This software is licensed under the
+# GNU Affero General Public License version 3 (see the file LICENSE).
+
+"""Rock recipes."""
+
+__all__ = [
+ "RockRecipe",
+]
+
+from datetime import timezone
+
+from storm.databases.postgres import JSON
+from storm.locals import Bool, DateTime, Int, Reference, Unicode
+from zope.component import getUtility
+from zope.interface import implementer
+from zope.security.proxy import removeSecurityProxy
+
+from lp.app.enums import (
+ FREE_INFORMATION_TYPES,
+ PUBLIC_INFORMATION_TYPES,
+ InformationType,
+)
+from lp.code.model.gitrepository import GitRepository
+from lp.registry.errors import PrivatePersonLinkageError
+from lp.registry.interfaces.person import validate_public_person
+from lp.rocks.interfaces.rockrecipe import (
+ ROCK_RECIPE_ALLOW_CREATE,
+ ROCK_RECIPE_PRIVATE_FEATURE_FLAG,
+ DuplicateRockRecipeName,
+ IRockRecipe,
+ IRockRecipeSet,
+ NoSourceForRockRecipe,
+ RockRecipeFeatureDisabled,
+ RockRecipeNotOwner,
+ RockRecipePrivacyMismatch,
+ RockRecipePrivateFeatureDisabled,
+)
+from lp.services.database.constants import DEFAULT, UTC_NOW
+from lp.services.database.enumcol import DBEnum
+from lp.services.database.interfaces import IPrimaryStore, IStore
+from lp.services.database.stormbase import StormBase
+from lp.services.features import getFeatureFlag
+
+
+def rock_recipe_modified(recipe, event):
+ """Update the date_last_modified property when a rock recipe is modified.
+
+ This method is registered as a subscriber to `IObjectModifiedEvent`
+ events on rock recipes.
+ """
+ removeSecurityProxy(recipe).date_last_modified = UTC_NOW
+
+
+@implementer(IRockRecipe)
+class RockRecipe(StormBase):
+ """See `IRockRecipe`."""
+
+ __storm_table__ = "RockRecipe"
+
+ id = Int(primary=True)
+
+ date_created = DateTime(
+ name="date_created", tzinfo=timezone.utc, allow_none=False
+ )
+ date_last_modified = DateTime(
+ name="date_last_modified", tzinfo=timezone.utc, allow_none=False
+ )
+
+ registrant_id = Int(name="registrant", allow_none=False)
+ registrant = Reference(registrant_id, "Person.id")
+
+ def _validate_owner(self, attr, value):
+ if not self.private:
+ try:
+ validate_public_person(self, attr, value)
+ except PrivatePersonLinkageError:
+ raise RockRecipePrivacyMismatch(
+ "A public rock recipe cannot have a private owner."
+ )
+ return value
+
+ owner_id = Int(name="owner", allow_none=False, validator=_validate_owner)
+ owner = Reference(owner_id, "Person.id")
+
+ project_id = Int(name="project", allow_none=False)
+ project = Reference(project_id, "Product.id")
+
+ name = Unicode(name="name", allow_none=False)
+
+ description = Unicode(name="description", allow_none=True)
+
+ def _validate_git_repository(self, attr, value):
+ if not self.private and value is not None:
+ if IStore(GitRepository).get(GitRepository, value).private:
+ raise RockRecipePrivacyMismatch(
+ "A public rock recipe cannot have a private repository."
+ )
+ return value
+
+ git_repository_id = Int(
+ name="git_repository",
+ allow_none=True,
+ validator=_validate_git_repository,
+ )
+ git_repository = Reference(git_repository_id, "GitRepository.id")
+
+ git_path = Unicode(name="git_path", allow_none=True)
+
+ build_path = Unicode(name="build_path", allow_none=True)
+
+ require_virtualized = Bool(name="require_virtualized")
+
+ def _valid_information_type(self, attr, value):
+ if not getUtility(IRockRecipeSet).isValidInformationType(
+ value, self.owner, self.git_ref
+ ):
+ raise RockRecipePrivacyMismatch
+ return value
+
+ information_type = DBEnum(
+ enum=InformationType,
+ default=InformationType.PUBLIC,
+ name="information_type",
+ validator=_valid_information_type,
+ allow_none=False,
+ )
+
+ auto_build = Bool(name="auto_build", allow_none=False)
+
+ auto_build_channels = JSON("auto_build_channels", allow_none=True)
+
+ is_stale = Bool(name="is_stale", allow_none=False)
+
+ store_upload = Bool(name="store_upload", allow_none=False)
+
+ store_name = Unicode(name="store_name", allow_none=True)
+
+ store_secrets = JSON("store_secrets", allow_none=True)
+
+ _store_channels = JSON("store_channels", allow_none=True)
+
+ def __init__(
+ self,
+ registrant,
+ owner,
+ project,
+ name,
+ description=None,
+ git_ref=None,
+ build_path=None,
+ require_virtualized=True,
+ information_type=InformationType.PUBLIC,
+ auto_build=False,
+ auto_build_channels=None,
+ store_upload=False,
+ store_name=None,
+ store_secrets=None,
+ store_channels=None,
+ date_created=DEFAULT,
+ ):
+ """Construct a `RockRecipe`."""
+ if not getFeatureFlag(ROCK_RECIPE_ALLOW_CREATE):
+ raise RockRecipeFeatureDisabled()
+ super().__init__()
+
+ # Set this first for use by other validators.
+ self.information_type = information_type
+
+ self.date_created = date_created
+ self.date_last_modified = date_created
+ self.registrant = registrant
+ self.owner = owner
+ self.project = project
+ self.name = name
+ self.description = description
+ self.git_ref = git_ref
+ self.build_path = build_path
+ self.require_virtualized = require_virtualized
+ self.auto_build = auto_build
+ self.auto_build_channels = auto_build_channels
+ self.store_upload = store_upload
+ self.store_name = store_name
+ self.store_secrets = store_secrets
+ self.store_channels = store_channels
+
+ def __repr__(self):
+ return "<RockRecipe ~%s/%s/+rock/%s>" % (
+ self.owner.name,
+ self.project.name,
+ self.name,
+ )
+
+ @property
+ def private(self):
+ """See `IRockRecipe`."""
+ return self.information_type not in PUBLIC_INFORMATION_TYPES
+
+ @property
+ def git_ref(self):
+ """See `IRockRecipe`."""
+ if self.git_repository is not None:
+ return self.git_repository.getRefByPath(self.git_path)
+ else:
+ return None
+
+ @git_ref.setter
+ def git_ref(self, value):
+ """See `IRockRecipe`."""
+ if value is not None:
+ self.git_repository = value.repository
+ self.git_path = value.path
+ else:
+ self.git_repository = None
+ self.git_path = None
+
+ @property
+ def store_channels(self):
+ """See `IRockRecipe`."""
+ return self._store_channels or []
+
+ @store_channels.setter
+ def store_channels(self, value):
+ """See `IRockRecipe`."""
+ self._store_channels = value or None
+
+ def getAllowedInformationTypes(self, user):
+ """See `IRockRecipe`."""
+ # XXX jugmac00 2024-08-29: Only allow free information types until
+ # we have more privacy infrastructure in place.
+ return FREE_INFORMATION_TYPES
+
+ def visibleByUser(self, user):
+ """See `IRockRecipe`."""
+ if self.information_type in PUBLIC_INFORMATION_TYPES:
+ return True
+ # XXX jugmac00 2024-08-29: Finish implementing this once we have
+ # more privacy infrastructure.
+ return False
+
+ def destroySelf(self):
+ """See `IRockRecipe`."""
+ IStore(RockRecipe).remove(self)
+
+
+@implementer(IRockRecipeSet)
+class RockRecipeSet:
+ """See `IRockRecipeSet`."""
+
+ def new(
+ self,
+ registrant,
+ owner,
+ project,
+ name,
+ description=None,
+ git_ref=None,
+ build_path=None,
+ require_virtualized=True,
+ information_type=InformationType.PUBLIC,
+ auto_build=False,
+ auto_build_channels=None,
+ store_upload=False,
+ store_name=None,
+ store_secrets=None,
+ store_channels=None,
+ date_created=DEFAULT,
+ ):
+ """See `ICharmRecipeSet`."""
+ if not registrant.inTeam(owner):
+ if owner.is_team:
+ raise RockRecipeNotOwner(
+ "%s is not a member of %s."
+ % (registrant.displayname, owner.displayname)
+ )
+ else:
+ raise RockRecipeNotOwner(
+ "%s cannot create charm recipes owned by %s."
+ % (registrant.displayname, owner.displayname)
+ )
+
+ if git_ref is None:
+ raise NoSourceForRockRecipe
+ if self.getByName(owner, project, name) is not None:
+ raise DuplicateRockRecipeName
+
+ # The relevant validators will do their own checks as well, but we
+ # do a single up-front check here in order to avoid an
+ # IntegrityError due to exceptions being raised during object
+ # creation and to ensure that everything relevant is in the Storm
+ # cache.
+ if not self.isValidInformationType(information_type, owner, git_ref):
+ raise RockRecipePrivacyMismatch
+ store = IPrimaryStore(RockRecipe)
+ recipe = RockRecipe(
+ registrant,
+ owner,
+ project,
+ name,
+ description=description,
+ git_ref=git_ref,
+ build_path=build_path,
+ require_virtualized=require_virtualized,
+ information_type=information_type,
+ auto_build=auto_build,
+ auto_build_channels=auto_build_channels,
+ store_upload=store_upload,
+ store_name=store_name,
+ store_secrets=store_secrets,
+ store_channels=store_channels,
+ date_created=date_created,
+ )
+ store.add(recipe)
+
+ return recipe
+
+ def getByName(self, owner, project, name):
+ """See `ICharmRecipeSet`."""
+ return (
+ IStore(RockRecipe)
+ .find(RockRecipe, owner=owner, project=project, name=name)
+ .one()
+ )
+
+ def isValidInformationType(self, information_type, owner, git_ref=None):
+ """See `ICharmRecipeSet`."""
+ private = information_type not in PUBLIC_INFORMATION_TYPES
+ if private:
+ # If appropriately enabled via feature flag.
+ if not getFeatureFlag(ROCK_RECIPE_PRIVATE_FEATURE_FLAG):
+ raise RockRecipePrivateFeatureDisabled
+ return True
+
+ # Public rock recipes with private sources are not allowed.
+ if git_ref is not None and git_ref.private:
+ return False
+
+ # Public rock recipes owned by private teams are not allowed.
+ if owner is not None and owner.private:
+ return False
+
+ return True
+
+ def findByGitRepository(self, repository, paths=None):
+ """See `ICharmRecipeSet`."""
+ clauses = [RockRecipe.git_repository == repository]
+ if paths is not None:
+ clauses.append(RockRecipe.git_path.is_in(paths))
+ # XXX jugmac00 2024-08-29: Check permissions once we have some
+ # privacy infrastructure.
+ return IStore(RockRecipe).find(RockRecipe, *clauses)
+
+ def detachFromGitRepository(self, repository):
+ """See `ICharmRecipeSet`."""
+ self.findByGitRepository(repository).set(
+ git_repository_id=None, git_path=None, date_last_modified=UTC_NOW
+ )
diff --git a/lib/lp/rocks/security.py b/lib/lp/rocks/security.py
new file mode 100644
index 0000000..7160fb2
--- /dev/null
+++ b/lib/lp/rocks/security.py
@@ -0,0 +1,51 @@
+# Copyright 2009-2024 Canonical Ltd. This software is licensed under the
+# GNU Affero General Public License version 3 (see the file LICENSE).
+
+"""Security adapters for the rocks package."""
+
+__all__ = []
+
+from lp.app.security import AuthorizationBase
+from lp.rocks.interfaces.rockrecipe import IRockRecipe
+
+
+class ViewRockRecipe(AuthorizationBase):
+ """Private rock recipes are only visible to their owners and admins."""
+
+ permission = "launchpad.View"
+ usedfor = IRockRecipe
+
+ def checkAuthenticated(self, user):
+ return self.obj.visibleByUser(user.person)
+
+ def checkUnauthenticated(self):
+ return self.obj.visibleByUser(None)
+
+
+class EditRockRecipe(AuthorizationBase):
+ permission = "launchpad.Edit"
+ usedfor = IRockRecipe
+
+ def checkAuthenticated(self, user):
+ return (
+ user.isOwner(self.obj) or user.in_commercial_admin or user.in_admin
+ )
+
+
+class AdminRockRecipe(AuthorizationBase):
+ """Restrict changing build settings on rock recipes.
+
+ The security of the non-virtualised build farm depends on these
+ settings, so they can only be changed by "PPA"/commercial admins, or by
+ "PPA" self admins on charm recipes that they can already edit.
+ """
+
+ permission = "launchpad.Admin"
+ usedfor = IRockRecipe
+
+ def checkAuthenticated(self, user):
+ if user.in_ppa_admin or user.in_commercial_admin or user.in_admin:
+ return True
+ return user.in_ppa_self_admins and EditRockRecipe(
+ self.obj
+ ).checkAuthenticated(user)
diff --git a/lib/lp/rocks/tests/__init__.py b/lib/lp/rocks/tests/__init__.py
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/lib/lp/rocks/tests/__init__.py
diff --git a/lib/lp/rocks/tests/test_rockrecipe.py b/lib/lp/rocks/tests/test_rockrecipe.py
new file mode 100644
index 0000000..8069c3a
--- /dev/null
+++ b/lib/lp/rocks/tests/test_rockrecipe.py
@@ -0,0 +1,260 @@
+# Copyright 2024 Canonical Ltd. This software is licensed under the
+# GNU Affero General Public License version 3 (see the file LICENSE).
+
+"""Test rock recipes."""
+
+from zope.component import getUtility
+from zope.security.proxy import removeSecurityProxy
+
+from lp.app.enums import InformationType
+from lp.rocks.interfaces.rockrecipe import (
+ ROCK_RECIPE_ALLOW_CREATE,
+ IRockRecipe,
+ IRockRecipeSet,
+ NoSourceForRockRecipe,
+ RockRecipeFeatureDisabled,
+ RockRecipePrivateFeatureDisabled,
+)
+from lp.services.database.constants import ONE_DAY_AGO, UTC_NOW
+from lp.services.features.testing import FeatureFixture
+from lp.services.webapp.snapshot import notify_modified
+from lp.testing import TestCaseWithFactory, admin_logged_in, person_logged_in
+from lp.testing.layers import DatabaseFunctionalLayer, LaunchpadZopelessLayer
+
+
+class TestRockRecipeFeatureFlags(TestCaseWithFactory):
+
+ layer = LaunchpadZopelessLayer
+
+ def test_feature_flag_disabled(self):
+ # Without a feature flag, we wil not create any rock recipes.
+ self.assertRaises(
+ RockRecipeFeatureDisabled, self.factory.makeRockRecipe
+ )
+
+ def test_private_feature_flag_disabled(self):
+ # Without a private feature flag, we will not create new private
+ # rock recipes.
+ self.useFixture(FeatureFixture({ROCK_RECIPE_ALLOW_CREATE: "on"}))
+ self.assertRaises(
+ RockRecipePrivateFeatureDisabled,
+ self.factory.makeRockRecipe,
+ information_type=InformationType.PROPRIETARY,
+ )
+
+
+class TestRockRecipe(TestCaseWithFactory):
+
+ layer = DatabaseFunctionalLayer
+
+ def setUp(self):
+ super().setUp()
+ self.useFixture(FeatureFixture({ROCK_RECIPE_ALLOW_CREATE: "on"}))
+
+ def test_implements_interfaces(self):
+ # RockRecipe implements IRockRecipe.
+ recipe = self.factory.makeRockRecipe()
+ with admin_logged_in():
+ self.assertProvides(recipe, IRockRecipe)
+
+ def test___repr__(self):
+ # RockRecipe objects have an informative __repr__.
+ recipe = self.factory.makeRockRecipe()
+ self.assertEqual(
+ "<RockRecipe ~%s/%s/+rock/%s>"
+ % (recipe.owner.name, recipe.project.name, recipe.name),
+ repr(recipe),
+ )
+
+ def test_initial_date_last_modified(self):
+ # The initial value of date_last_modified is date_created.
+ recipe = self.factory.makeRockRecipe(date_created=ONE_DAY_AGO)
+ self.assertEqual(recipe.date_created, recipe.date_last_modified)
+
+ def test_modifiedevent_sets_date_last_modified(self):
+ # When a RockRecipe receives an object modified event, the last
+ # modified date is set to UTC_NOW.
+ recipe = self.factory.makeRockRecipe(date_created=ONE_DAY_AGO)
+ with notify_modified(removeSecurityProxy(recipe), ["name"]):
+ pass
+ self.assertSqlAttributeEqualsDate(
+ recipe, "date_last_modified", UTC_NOW
+ )
+
+ def test_delete_without_builds(self):
+ # A rock recipe with no builds can be deleted.
+ owner = self.factory.makePerson()
+ project = self.factory.makeProduct()
+ recipe = self.factory.makeRockRecipe(
+ registrant=owner, owner=owner, project=project, name="condemned"
+ )
+ self.assertIsNotNone(
+ getUtility(IRockRecipeSet).getByName(owner, project, "condemned")
+ )
+ with person_logged_in(recipe.owner):
+ recipe.destroySelf()
+ self.assertIsNone(
+ getUtility(IRockRecipeSet).getByName(owner, project, "condemned")
+ )
+
+
+class TestRockRecipeSet(TestCaseWithFactory):
+
+ layer = DatabaseFunctionalLayer
+
+ def setUp(self):
+ super().setUp()
+ self.useFixture(FeatureFixture({ROCK_RECIPE_ALLOW_CREATE: "on"}))
+
+ def test_class_implements_interfaces(self):
+ # The RockRecipeSet class implements IRockRecipeSet.
+ self.assertProvides(getUtility(IRockRecipeSet), IRockRecipeSet)
+
+ def makeRockRecipeComponents(self, git_ref=None):
+ """Return a dict of values that can be used to make a rock recipe.
+
+ Suggested use: provide as kwargs to IRockRecipeSet.new.
+
+ :param git_ref: An `IGitRef`, or None.
+ """
+ registrant = self.factory.makePerson()
+ components = {
+ "registrant": registrant,
+ "owner": self.factory.makeTeam(owner=registrant),
+ "project": self.factory.makeProduct(),
+ "name": self.factory.getUniqueUnicode("rock-name"),
+ }
+ if git_ref is None:
+ git_ref = self.factory.makeGitRefs()[0]
+ components["git_ref"] = git_ref
+ return components
+
+ def test_creation_git(self):
+ # The metadata entries supplied when a rock recipe is created for a
+ # Git branch are present on the new object.
+ [ref] = self.factory.makeGitRefs()
+ components = self.makeRockRecipeComponents(git_ref=ref)
+ recipe = getUtility(IRockRecipeSet).new(**components)
+ self.assertEqual(components["registrant"], recipe.registrant)
+ self.assertEqual(components["owner"], recipe.owner)
+ self.assertEqual(components["project"], recipe.project)
+ self.assertEqual(components["name"], recipe.name)
+ self.assertEqual(ref.repository, recipe.git_repository)
+ self.assertEqual(ref.path, recipe.git_path)
+ self.assertEqual(ref, recipe.git_ref)
+ self.assertIsNone(recipe.build_path)
+ self.assertFalse(recipe.auto_build)
+ self.assertIsNone(recipe.auto_build_channels)
+ self.assertTrue(recipe.require_virtualized)
+ self.assertFalse(recipe.private)
+ self.assertFalse(recipe.store_upload)
+ self.assertIsNone(recipe.store_name)
+ self.assertIsNone(recipe.store_secrets)
+ self.assertEqual([], recipe.store_channels)
+
+ def test_creation_no_source(self):
+ # Attempting to create a rock recipe without a Git repository
+ # fails.
+ registrant = self.factory.makePerson()
+ self.assertRaises(
+ NoSourceForRockRecipe,
+ getUtility(IRockRecipeSet).new,
+ registrant,
+ registrant,
+ self.factory.makeProduct(),
+ self.factory.getUniqueUnicode("rock-name"),
+ )
+
+ def test_getByName(self):
+ owner = self.factory.makePerson()
+ project = self.factory.makeProduct()
+ project_recipe = self.factory.makeRockRecipe(
+ registrant=owner, owner=owner, project=project, name="proj-rock"
+ )
+ self.factory.makeRockRecipe(
+ registrant=owner, owner=owner, name="proj-rock"
+ )
+
+ self.assertEqual(
+ project_recipe,
+ getUtility(IRockRecipeSet).getByName(owner, project, "proj-rock"),
+ )
+
+ def test_findByGitRepository(self):
+ # IRockRecipeSet.findByGitRepository returns all rock recipes with
+ # the given Git repository.
+ repositories = [self.factory.makeGitRepository() for i in range(2)]
+ recipes = []
+ for repository in repositories:
+ for _ in range(2):
+ [ref] = self.factory.makeGitRefs(repository=repository)
+ recipes.append(self.factory.makeRockRecipe(git_ref=ref))
+ recipe_set = getUtility(IRockRecipeSet)
+ self.assertContentEqual(
+ recipes[:2], recipe_set.findByGitRepository(repositories[0])
+ )
+ self.assertContentEqual(
+ recipes[2:], recipe_set.findByGitRepository(repositories[1])
+ )
+
+ def test_findByGitRepository_paths(self):
+ # IRockRecipeSet.findByGitRepository can restrict by reference
+ # paths.
+ repositories = [self.factory.makeGitRepository() for i in range(2)]
+ recipes = []
+ for repository in repositories:
+ for _ in range(3):
+ [ref] = self.factory.makeGitRefs(repository=repository)
+ recipes.append(self.factory.makeRockRecipe(git_ref=ref))
+ recipe_set = getUtility(IRockRecipeSet)
+ self.assertContentEqual(
+ [], recipe_set.findByGitRepository(repositories[0], paths=[])
+ )
+ self.assertContentEqual(
+ [recipes[0]],
+ recipe_set.findByGitRepository(
+ repositories[0], paths=[recipes[0].git_ref.path]
+ ),
+ )
+ self.assertContentEqual(
+ recipes[:2],
+ recipe_set.findByGitRepository(
+ repositories[0],
+ paths=[recipes[0].git_ref.path, recipes[1].git_ref.path],
+ ),
+ )
+
+ def test_detachFromGitRepository(self):
+ # IRockRecipeSet.detachFromGitRepository clears the given Git
+ # repository from all rock recipes.
+ repositories = [self.factory.makeGitRepository() for i in range(2)]
+ recipes = []
+ paths = []
+ refs = []
+ for repository in repositories:
+ for _ in range(2):
+ [ref] = self.factory.makeGitRefs(repository=repository)
+ paths.append(ref.path)
+ refs.append(ref)
+ recipes.append(
+ self.factory.makeRockRecipe(
+ git_ref=ref, date_created=ONE_DAY_AGO
+ )
+ )
+ getUtility(IRockRecipeSet).detachFromGitRepository(repositories[0])
+ self.assertEqual(
+ [None, None, repositories[1], repositories[1]],
+ [recipe.git_repository for recipe in recipes],
+ )
+ self.assertEqual(
+ [None, None, paths[2], paths[3]],
+ [recipe.git_path for recipe in recipes],
+ )
+ self.assertEqual(
+ [None, None, refs[2], refs[3]],
+ [recipe.git_ref for recipe in recipes],
+ )
+ for recipe in recipes[:2]:
+ self.assertSqlAttributeEqualsDate(
+ recipe, "date_last_modified", UTC_NOW
+ )
diff --git a/lib/lp/testing/factory.py b/lib/lp/testing/factory.py
index 6cdf9b4..9be2aad 100644
--- a/lib/lp/testing/factory.py
+++ b/lib/lp/testing/factory.py
@@ -208,6 +208,7 @@ from lp.registry.model.karma import KarmaTotalCache
from lp.registry.model.milestone import Milestone
from lp.registry.model.packaging import Packaging
from lp.registry.model.suitesourcepackage import SuiteSourcePackage
+from lp.rocks.interfaces.rockrecipe import IRockRecipeSet
from lp.services.auth.interfaces import IAccessTokenSet
from lp.services.auth.utils import create_access_token_secret
from lp.services.compat import message_as_bytes
@@ -6887,6 +6888,79 @@ class LaunchpadObjectFactory(ObjectFactory):
date_created=date_created,
)
+ def makeRockRecipe(
+ self,
+ registrant=None,
+ owner=None,
+ project=None,
+ name=None,
+ description=None,
+ git_ref=None,
+ build_path=None,
+ require_virtualized=True,
+ information_type=InformationType.PUBLIC,
+ auto_build=False,
+ auto_build_channels=None,
+ is_stale=None,
+ store_upload=False,
+ store_name=None,
+ store_secrets=None,
+ store_channels=None,
+ date_created=DEFAULT,
+ ):
+ """Make a new rock recipe."""
+ if registrant is None:
+ registrant = self.makePerson()
+ private = information_type not in PUBLIC_INFORMATION_TYPES
+ if owner is None:
+ # Private rock recipes cannot be owned by non-moderated teams.
+ membership_policy = (
+ TeamMembershipPolicy.OPEN
+ if private
+ else TeamMembershipPolicy.MODERATED
+ )
+ owner = self.makeTeam(
+ registrant, membership_policy=membership_policy
+ )
+ if project is None:
+ branch_sharing_policy = (
+ BranchSharingPolicy.PUBLIC
+ if not private
+ else BranchSharingPolicy.PROPRIETARY
+ )
+ project = self.makeProduct(
+ owner=registrant,
+ registrant=registrant,
+ information_type=information_type,
+ branch_sharing_policy=branch_sharing_policy,
+ )
+ if name is None:
+ name = self.getUniqueUnicode("rock-name")
+ if git_ref is None:
+ git_ref = self.makeGitRefs()[0]
+ recipe = getUtility(IRockRecipeSet).new(
+ registrant=registrant,
+ owner=owner,
+ project=project,
+ name=name,
+ description=description,
+ git_ref=git_ref,
+ build_path=build_path,
+ require_virtualized=require_virtualized,
+ information_type=information_type,
+ auto_build=auto_build,
+ auto_build_channels=auto_build_channels,
+ store_upload=store_upload,
+ store_name=store_name,
+ store_secrets=store_secrets,
+ store_channels=store_channels,
+ date_created=date_created,
+ )
+ if is_stale is not None:
+ removeSecurityProxy(recipe).is_stale = is_stale
+ IStore(recipe).flush()
+ return recipe
+
def makeCIBuild(
self,
git_repository=None,
