pw_env_setup: check ACLs for all CIPD packages
Check ACLs for more CIPD packages, not just the top-level "pigweed"
directory. Since the check takes time just check the first three entries
in each file. Make the error message look a little more like other error
messages used by Pigweed.
Tried using 'cipd acl-check' but found issues where it would simply fail
on Windows without output.
Also roll CIPD.
Change-Id: I47a9dfb7ddad1450701e2938ac1d44fb0543ee65
Reviewed-on: https://pigweed-review.googlesource.com/c/pigweed/pigweed/+/13080
Reviewed-by: Wyatt Hepler <hepler@google.com>
Commit-Queue: Rob Mohr <mohrr@google.com>
diff --git a/pw_env_setup/py/pw_env_setup/cipd_setup/.cipd_version b/pw_env_setup/py/pw_env_setup/cipd_setup/.cipd_version
index a9c5643..37990e9 100644
--- a/pw_env_setup/py/pw_env_setup/cipd_setup/.cipd_version
+++ b/pw_env_setup/py/pw_env_setup/cipd_setup/.cipd_version
@@ -1 +1 @@
-git_revision:5c954fced159944c83cb9d17c5603f3110de744d
+git_revision:c3033615893f7bee937afa99c40a7adc85d7db1f
diff --git a/pw_env_setup/py/pw_env_setup/cipd_setup/.cipd_version.digests b/pw_env_setup/py/pw_env_setup/cipd_setup/.cipd_version.digests
index d896549..6b5b58b 100644
--- a/pw_env_setup/py/pw_env_setup/cipd_setup/.cipd_version.digests
+++ b/pw_env_setup/py/pw_env_setup/cipd_setup/.cipd_version.digests
@@ -1,21 +1,22 @@
# This file was generated by
#
# cipd selfupdate-roll -version-file .cipd_version \
-# -version git_revision:5c954fced159944c83cb9d17c5603f3110de744d
+# -version git_revision:c3033615893f7bee937afa99c40a7adc85d7db1f
#
# Do not modify manually. All changes will be overwritten.
# Use 'cipd selfupdate-roll ...' to modify.
-linux-386 sha256 38bf8965030ff29d1c16a4a1695851e40d4a4ac3490b2ff61389c74055fcbd9e
-linux-amd64 sha256 92c9a3fab27fb8fd12946f05d929ff14dafb41336ee39defbc1cc7ee35d96abc
-linux-arm64 sha256 ac61965aaa92f74e835d4482bcb8a84720b1af029554daa5ea487ed87dcd0dd4
-linux-armv6l sha256 52dd720de6930ee9cc1aeabc5933c408a24f787299e19830e24fc5b03cb6adcf
-linux-mips64 sha256 371612d3bdb0b871f7d4de40a07ba3a281a54a9f4df4303945fd9c3b9e3fc7d8
-linux-mips64le sha256 ff98998f8b6add1d77d7a36679a3f6d4ca71767aebdea50b9fb79b9334545a91
-linux-mipsle sha256 f554890e4f613c5ee0f640aa28ac97d99956fc757afb8f00c8f14671d63d46e7
-linux-ppc64 sha256 1c240f81b0a6559693aad3fa5e19f8800d79270411c1462d9e0a24fdc0b9c0f8
-linux-ppc64le sha256 967491b25f6ac45f0cf67abca30cdd1269170dbca51bb8a5f2ce9fd9436b2c63
-linux-s390x sha256 7bc684bf53d1ef6cba051aba67efaef686d102dff6b1ce3c0bbcebe908609536
-mac-amd64 sha256 6f7a0ab810a2d83d66febf6556a9ca6b9af571c385d96bd06dc62603fc49044b
-windows-386 sha256 093003875d0e4ae8a3a9ea9409aad20cce66d5ae0c570b28499e238cc9da4c7d
-windows-amd64 sha256 e605fe8befda0713c1d0f4575bd52abc8feaeaedc80036fa1f23dea87b7bee9e
+aix-ppc64 sha256 df6bf19e60cf062c0a9d186b0f6c9377c144af9af2511c62feb12166df658fa0
+linux-386 sha256 406a37dfc1e36495edcedb1fa58a101fc10369fccf88a1a68e89181b5b634069
+linux-amd64 sha256 f87c547d09c75eaac7aec940489ed4282988f0628cda232c36666bbd7f2ffcd3
+linux-arm64 sha256 a172f66db1e5951173282b4d5a00ca78c6c19b98aa4025356ca555d802562d18
+linux-armv6l sha256 8bbda6a984e0f386d899da2da5b94d4601dc19a1ceeb42b6e691c2844ff6c1ce
+linux-mips64 sha256 60f7961bdfab674fd84680e74c42c8b305ff7ee98d1eb626ac36fc327c8654c2
+linux-mips64le sha256 58e9df2ec3544124747b56699787210aded97d7ccd2459ec877753a32070dd18
+linux-mipsle sha256 2a5e019011ba90b8e94a5cc9b2bd82f34d193e3c51f8548d8a5b87b526fc0e83
+linux-ppc64 sha256 7fbf4080e68ff4eda82a8a62da1645bda265bc6c1bef034c76e3848244223a5d
+linux-ppc64le sha256 7a474bb3661c88d1f326a51f99f8e0dc7f832bfd404615f8a6be162ce1840dc0
+linux-s390x sha256 4aafb01114114395510d2e95e175198e7335247c49ed37ad334526815e3eca05
+mac-amd64 sha256 50d685478353f3243b79a318130c8cd1dd1074fc5a9b84c8bbd14546dfe9288a
+windows-386 sha256 642cb36aac344a94092bc15662c6a43117a2db9e0d2befdc0dc63e14518ec07d
+windows-amd64 sha256 e30a7b981ffab1d54fb1395c2ac183811c1aa17e57a649f877da99a1cfa72176
diff --git a/pw_env_setup/py/pw_env_setup/cipd_setup/update.py b/pw_env_setup/py/pw_env_setup/cipd_setup/update.py
index 73ec2b7..3196662 100755
--- a/pw_env_setup/py/pw_env_setup/cipd_setup/update.py
+++ b/pw_env_setup/py/pw_env_setup/cipd_setup/update.py
@@ -48,6 +48,7 @@
)
parser.add_argument('--package-file',
dest='package_files',
+ metavar='PACKAGE_FILE',
action='append')
parser.add_argument('--cipd',
default=os.path.join(script_root, 'wrapper.py'))
@@ -59,9 +60,22 @@
return parser.parse_args(argv)
-def check_auth(cipd, paths=('pigweed', )):
+def check_auth(cipd, package_files):
"""Check have access to CIPD pigweed directory."""
+ paths = []
+ for package_file in package_files:
+ with open(package_file, 'r') as ins:
+ # This is an expensive RPC, so only check the first few entries
+ # in each file.
+ for i, entry in enumerate(json.load(ins)):
+ if i >= 3:
+ break
+ parts = entry['path'].split('/')
+ while '${' in parts[-1]:
+ parts.pop(-1)
+ paths.append('/'.join(parts))
+
try:
subprocess.check_output([cipd, 'auth-info'], stderr=subprocess.STDOUT)
logged_in = True
@@ -74,17 +88,17 @@
output = subprocess.check_output([cipd, 'ls', path],
stderr=subprocess.STDOUT).decode()
if 'No matching packages' in output:
- print()
- print('=' * 60, file=sys.stderr)
+ stderr = lambda *args: print(*args, file=sys.stderr)
+ stderr()
+ stderr('=' * 60)
+ stderr('ERROR: no access to CIPD path "{}"'.format(path))
if logged_in:
- print('ERROR: no access to CIPD path "{}":'.format(path),
- file=sys.stderr)
+ stderr('Your account does not have access to this path')
else:
- print('ERROR: no access to CIPD path "{}", try logging in '
- 'with this command:'.format(path),
- file=sys.stderr)
- print(cipd, 'auth-login', file=sys.stderr)
- print('=' * 60, file=sys.stderr)
+ stderr('Try logging in with this command:')
+ stderr()
+ stderr(' {} auth-login'.format(cipd))
+ stderr('=' * 60)
return False
return True
@@ -117,7 +131,7 @@
):
"""Grab the tools listed in ensure_files."""
- if not check_auth(cipd):
+ if not check_auth(cipd, package_files):
return False
# TODO(mohrr) use os.makedirs(..., exist_ok=True).
