It that "git status" will not detect some repo issues, these are only
found after a fetch. When this condition is detected save the repo
state and report that the repo is corrupt and invalid.
Signed-off-by: Eric Callahan <arksine.code@gmail.com>
I'm playing with using git submodules to track my entire printer config,
and moonraker only works with separate clones as is. Using `.exists()`
instead of `.is_dir()` allows moonraker to control the submodules.
Signed-off-by: Franklyn Tackitt <git@frank.af>
Query the detected url and make sure it redirects to the
expected url. This closes a security vulnerability
where a remote could be changed to an arbitrary repo's url.
The `moved_origin` option is no longer necessary, however it
is currently used as an additional check. In the future it will be
deprecated.
Signed-off-by: Eric Callahan <arksine.code@gmail.com>
Close a security hole where an attacker could overwrite an existing repo
with any remote and run malicious code through an update.
Signed-off-by: Eric Callahan <arksine.code@gmail.com>
Use git for-each-ref to retreive tags and their associated commit
hashes. This allows us to limit the amount of tags to 10 and
simplifies the code as the returned objects are already dereferenced.
Signed-off-by: Eric Callahan <arksine.code@gmail.com>
Don't require the `app_params` argument, instead dynamically
generate the configuration from a dict. This simiplifies AppDeploy
initialization as the internally generated configurations can be
read in the same way as those supplied in moonraker.conf.
Signed-off-by: Eric Callahan <arksine.code@gmail.com>
Shallow clones don't report the tag in git describe, so use
git rev-list to extract the tag and prepend it to the version
string.
Signed-off-by: Eric Callahan <arksine.code@gmail.com>
All calls to update now return a boolean value. When performing a full upate this return value is used to
check if Moonraker should wait for Klippy to reconnect.
Signed-off-by: Eric Callahan <arksine.code@gmail.com>
Transion away from Tornado's wrappers, as their implementation of
"wait()" can be confusing. Some of tornado's methods require that
you specify a delay in seconds, others requrire that you specify a
timeout relative to the Unix epoch.
Signed-off-by: Eric Callahan <arksine.code@gmail.com>
This is the first step toward creating mutliple methods for deployment. This patch creates a base class for all deployment objects and a base class for application deployment. The git functionality has moved to its own module.
Signed-off-by: Eric Callahan <arksine.code@gmail.com>
