feat(tvix/nar-bridge): stop parsing nixbase32 manually, validate
We have nixhash.FromHashTypeAndDigest now. Also, run Validate() on the PathInfo received from the remote PathInfoService. Change-Id: I14db0d9356c539c084afc9dd712314b56da2587e Reviewed-on: https://cl.tvl.fyi/c/depot/+/9652 Tested-by: BuildkiteCI Reviewed-by: Brian McGee <brian@bmcgee.ie>
This commit is contained in:
parent
98c17147c6
commit
673f5febbb
2 changed files with 24 additions and 10 deletions
|
@ -10,7 +10,6 @@ import (
|
||||||
"code.tvl.fyi/tvix/nar-bridge/pkg/importer"
|
"code.tvl.fyi/tvix/nar-bridge/pkg/importer"
|
||||||
"github.com/go-chi/chi/v5"
|
"github.com/go-chi/chi/v5"
|
||||||
nixhash "github.com/nix-community/go-nix/pkg/hash"
|
nixhash "github.com/nix-community/go-nix/pkg/hash"
|
||||||
"github.com/nix-community/go-nix/pkg/nixbase32"
|
|
||||||
"github.com/sirupsen/logrus"
|
"github.com/sirupsen/logrus"
|
||||||
log "github.com/sirupsen/logrus"
|
log "github.com/sirupsen/logrus"
|
||||||
)
|
)
|
||||||
|
@ -101,11 +100,8 @@ func registerNarPut(s *Server) {
|
||||||
}
|
}
|
||||||
|
|
||||||
// Compare the nar hash specified in the URL with the one that has been
|
// Compare the nar hash specified in the URL with the one that has been
|
||||||
// calculated while processing the NAR file
|
// calculated while processing the NAR file.
|
||||||
// TODO: bump go-nix and remove the parsing
|
narHash, err := nixhash.FromHashTypeAndDigest(0x12, narSha256)
|
||||||
narHash, err := nixhash.ParseNixBase32(
|
|
||||||
"sha256:" + nixbase32.EncodeToString(narSha256),
|
|
||||||
)
|
|
||||||
if err != nil {
|
if err != nil {
|
||||||
panic("must parse nixbase32")
|
panic("must parse nixbase32")
|
||||||
}
|
}
|
||||||
|
|
|
@ -51,11 +51,29 @@ func renderNarinfo(
|
||||||
return fmt.Errorf("unable to get pathinfo: %w", err)
|
return fmt.Errorf("unable to get pathinfo: %w", err)
|
||||||
}
|
}
|
||||||
|
|
||||||
// TODO: don't parse
|
log = log.WithField("pathInfo", pathInfo)
|
||||||
narHash, err := nixhash.ParseNixBase32("sha256:" + nixbase32.EncodeToString(pathInfo.GetNarinfo().GetNarSha256()))
|
|
||||||
|
// The PathInfo received needs to be valid, and contain a NARInfo field.
|
||||||
|
if _, err := pathInfo.Validate(); err != nil {
|
||||||
|
log.WithError(err).Error("unable to validate PathInfo")
|
||||||
|
|
||||||
|
return fmt.Errorf("unable to validate PathInfo: %w", err)
|
||||||
|
}
|
||||||
|
|
||||||
|
// Ensure the PathInfo contains a NARInfo field
|
||||||
|
if pathInfo.GetNarinfo() == nil {
|
||||||
|
log.Error("PathInfo doesn't contain Narinfo field")
|
||||||
|
|
||||||
|
return fmt.Errorf("PathInfo doesn't contain Narinfo field")
|
||||||
|
}
|
||||||
|
|
||||||
|
// extract the NARHash
|
||||||
|
narHash, err := nixhash.FromHashTypeAndDigest(0x12, pathInfo.GetNarinfo().GetNarSha256())
|
||||||
if err != nil {
|
if err != nil {
|
||||||
// TODO: return proper error
|
// TODO: replace with panic once we use cl/9649
|
||||||
return fmt.Errorf("No usable NarHash found in PathInfo")
|
|
||||||
|
log.WithError(err).Error("invalid NarHash in PathInfo")
|
||||||
|
return fmt.Errorf("invalid NarHash in PathInfo")
|
||||||
}
|
}
|
||||||
|
|
||||||
// add things to the lookup table, in case the same process didn't handle the NAR hash yet.
|
// add things to the lookup table, in case the same process didn't handle the NAR hash yet.
|
||||||
|
|
Loading…
Reference in a new issue