Skip to content

Commit 61376de

Browse files
godofredocgodofredoc
authored
Generate local metadata even when not publishing. (#116087)
* Generate local metadata even when not publishing. For SLSA compliance we need to separate the fetch, compile and upload steps of release artifacts. Translating this to the packaging workflows the fetch step will checkout the prepare_package script at main ToT, the compile step generate the bundle archives and the recipes will upload the artifact bundles as part of the upload stage. This change adds functionality to generate both the release bundle and the updated metadata file in a way that both files can be uploaded as part of the upload stage. Bug: flutter/flutter#115487 * Address comments. * Update tests.
1 parent a2fd688 commit 61376de

File tree

2 files changed

+32
-13
lines changed

2 files changed

+32
-13
lines changed

dev/bots/prepare_package.dart

Lines changed: 22 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -637,6 +637,12 @@ class ArchivePublisher {
637637
dest: destGsPath,
638638
);
639639
assert(tempDir.existsSync());
640+
final String gcsPath = '$gsReleaseFolder/${getMetadataFilename(platform)}';
641+
await _publishMetadata(gcsPath);
642+
}
643+
644+
/// Downloads and updates the metadata file without publishing it.
645+
Future<void> generateLocalMetadata() async {
640646
await _updateMetadata('$gsReleaseFolder/${getMetadataFilename(platform)}');
641647
}
642648

@@ -705,6 +711,13 @@ class ArchivePublisher {
705711

706712
const JsonEncoder encoder = JsonEncoder.withIndent(' ');
707713
metadataFile.writeAsStringSync(encoder.convert(jsonData));
714+
}
715+
716+
/// Publishes the metadata file to GCS.
717+
Future<void> _publishMetadata(String gsPath) async {
718+
final File metadataFile = File(
719+
path.join(tempDir.absolute.path, getMetadataFilename(platform)),
720+
);
708721
await _cloudCopy(
709722
src: metadataFile.absolute.path,
710723
dest: gsPath,
@@ -899,15 +912,16 @@ Future<void> main(List<String> rawArguments) async {
899912
try {
900913
final Map<String, String> version = await creator.initializeRepo();
901914
final File outputFile = await creator.createArchive();
915+
final ArchivePublisher publisher = ArchivePublisher(
916+
tempDir,
917+
revision,
918+
branch,
919+
version,
920+
outputFile,
921+
dryRun,
922+
);
923+
await publisher.generateLocalMetadata();
902924
if (parsedArguments['publish'] as bool) {
903-
final ArchivePublisher publisher = ArchivePublisher(
904-
tempDir,
905-
revision,
906-
branch,
907-
version,
908-
outputFile,
909-
dryRun,
910-
);
911925
await publisher.publishArchive(parsedArguments['force'] as bool);
912926
}
913927
} on PreparePackageException catch (e) {

dev/bots/test/prepare_package_test.dart

Lines changed: 10 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -434,10 +434,10 @@ void main() {
434434
File(archivePath).writeAsStringSync('archive contents');
435435
final Map<String, List<ProcessResult>?> calls = <String, List<ProcessResult>?>{
436436
// This process fails because the file does NOT already exist
437+
'$gsutilCall -- cp $gsJsonPath $jsonPath': null,
437438
'$gsutilCall -- stat $gsArchivePath': <ProcessResult>[ProcessResult(0, 1, '', '')],
438439
'$gsutilCall -- rm $gsArchivePath': null,
439440
'$gsutilCall -- -h Content-Type:$archiveMime cp $archivePath $gsArchivePath': null,
440-
'$gsutilCall -- cp $gsJsonPath $jsonPath': null,
441441
'$gsutilCall -- rm $gsJsonPath': null,
442442
'$gsutilCall -- -h Content-Type:application/json -h Cache-Control:max-age=60 cp $jsonPath $gsJsonPath': null,
443443
};
@@ -461,6 +461,7 @@ void main() {
461461
platform: platform,
462462
);
463463
assert(tempDir.existsSync());
464+
await publisher.generateLocalMetadata();
464465
await publisher.publishArchive();
465466

466467
final File releaseFile = File(jsonPath);
@@ -534,10 +535,10 @@ void main() {
534535
File(archivePath).writeAsStringSync('archive contents');
535536
final Map<String, List<ProcessResult>?> calls = <String, List<ProcessResult>?>{
536537
// This process fails because the file does NOT already exist
538+
'$gsutilCall -- cp $gsJsonPath $jsonPath': null,
537539
'$gsutilCall -- stat $gsArchivePath': <ProcessResult>[ProcessResult(0, 1, '', '')],
538540
'$gsutilCall -- rm $gsArchivePath': null,
539541
'$gsutilCall -- -h Content-Type:$archiveMime cp $archivePath $gsArchivePath': null,
540-
'$gsutilCall -- cp $gsJsonPath $jsonPath': null,
541542
'$gsutilCall -- rm $gsJsonPath': null,
542543
'$gsutilCall -- -h Content-Type:application/json -h Cache-Control:max-age=60 cp $jsonPath $gsJsonPath': null,
543544
};
@@ -561,6 +562,7 @@ void main() {
561562
platform: platform,
562563
);
563564
assert(tempDir.existsSync());
565+
await publisher.generateLocalMetadata();
564566
await publisher.publishArchive();
565567

566568
final File releaseFile = File(jsonPath);
@@ -598,10 +600,10 @@ void main() {
598600
File(archivePath).writeAsStringSync('archive contents');
599601
final Map<String, List<ProcessResult>?> calls = <String, List<ProcessResult>?>{
600602
// This process fails because the file does NOT already exist
603+
'$gsutilCall -- cp $gsJsonPath $jsonPath': null,
601604
'$gsutilCall -- stat $gsArchivePath': <ProcessResult>[ProcessResult(0, 1, '', '')],
602605
'$gsutilCall -- rm $gsArchivePath': null,
603606
'$gsutilCall -- -h Content-Type:$archiveMime cp $archivePath $gsArchivePath': null,
604-
'$gsutilCall -- cp $gsJsonPath $jsonPath': null,
605607
'$gsutilCall -- rm $gsJsonPath': null,
606608
'$gsutilCall -- -h Content-Type:application/json -h Cache-Control:max-age=60 cp $jsonPath $gsJsonPath': null,
607609
};
@@ -625,6 +627,7 @@ void main() {
625627
platform: platform,
626628
);
627629
assert(tempDir.existsSync());
630+
await publisher.generateLocalMetadata();
628631
await publisher.publishArchive();
629632

630633
final File releaseFile = File(jsonPath);
@@ -678,10 +681,10 @@ void main() {
678681
File(archivePath).writeAsStringSync('archive contents');
679682
final Map<String, List<ProcessResult>?> calls = <String, List<ProcessResult>?>{
680683
// This process fails because the file does NOT already exist
684+
'$gsutilCall -- cp $gsJsonPath $jsonPath': null,
681685
'$gsutilCall -- stat $gsArchivePath': <ProcessResult>[ProcessResult(0, 1, '', '')],
682686
'$gsutilCall -- rm $gsArchivePath': null,
683687
'$gsutilCall -- -h Content-Type:$archiveMime cp $archivePath $gsArchivePath': null,
684-
'$gsutilCall -- cp $gsJsonPath $jsonPath': null,
685688
'$gsutilCall -- rm $gsJsonPath': null,
686689
'$gsutilCall -- -h Content-Type:application/json -h Cache-Control:max-age=60 cp $jsonPath $gsJsonPath': null,
687690
};
@@ -705,6 +708,7 @@ void main() {
705708
platform: platform,
706709
);
707710
assert(tempDir.existsSync());
711+
await publisher.generateLocalMetadata();
708712
await publisher.publishArchive();
709713

710714
final File releaseFile = File(jsonPath);
@@ -799,14 +803,15 @@ void main() {
799803
File(jsonPath).writeAsStringSync(releasesJson);
800804
File(archivePath).writeAsStringSync('archive contents');
801805
final Map<String, List<ProcessResult>?> calls = <String, List<ProcessResult>?>{
806+
'$gsutilCall -- cp $gsJsonPath $jsonPath': null,
802807
'$gsutilCall -- rm $gsArchivePath': null,
803808
'$gsutilCall -- -h Content-Type:$archiveMime cp $archivePath $gsArchivePath': null,
804-
'$gsutilCall -- cp $gsJsonPath $jsonPath': null,
805809
'$gsutilCall -- rm $gsJsonPath': null,
806810
'$gsutilCall -- -h Content-Type:application/json -h Cache-Control:max-age=60 cp $jsonPath $gsJsonPath': null,
807811
};
808812
processManager.addCommands(convertResults(calls));
809813
assert(tempDir.existsSync());
814+
await publisher.generateLocalMetadata();
810815
await publisher.publishArchive(true);
811816
});
812817
});

0 commit comments

Comments
 (0)