* [PATCH 1/3] bitbake: Add Azure Storage fetcher implementation
@ 2021-02-24 17:26 Alejandro Hernandez Samaniego
2021-02-24 17:26 ` [PATCH 2/3] docs: Add Az fetcher documentation Alejandro Hernandez Samaniego
2021-02-24 17:26 ` [PATCH 3/3] docs: Add AZ_SAS definition to glossary Alejandro Hernandez Samaniego
0 siblings, 2 replies; 3+ messages in thread
From: Alejandro Hernandez Samaniego @ 2021-02-24 17:26 UTC (permalink / raw)
To: bitbake-devel; +Cc: Alejandro Enedino Hernandez Samaniego
Allows bitbake to fetch from an Azure Storage account.
The fetcher submodule is compatible with the az:// URI protocol, its
functionality is based on bitbakes wget fetcher, superior in performance
to using a propietary tool like azcopy which can handle cloud storage
account operations with more functionality (that we dont need in a fetcher)
but less compatibility.
A sample URI uses can be defined in the following way:
SRC_URI = "az://<azure-storage-account>.blob.core.windows.net/<container>/foo.tar.xz"
This fetcher can easily be used with PREMIRRORS and SSTATE_MIRRORS, e.g.:
SSTATE_MIRRORS = "file://.* az://<azure-storage-account>.blob.core.windows.net/sstate-cache/PATH;downloadfilename=PATH \n"
PREMIRRORS_prepend = "\
git://.*/.* az://<azure-storage-account>.blob.core.windows.net/downloads/ \n \
ftp://.*/.* az://<azure-storage-account>.blob.core.windows.net/downloads/ \n \
http://.*/.* az://<azure-storage-account>.blob.core.windows.net/downloads/ \n \
https://.*/.* az://<azure-storage-account>.blob.core.windows.net/downloads/ \n \
"
Can also be used with non-public access Azure Storage accounts/containers via a
Shared Access Signature by declaring the AZ_SAS variable which will be
automatically used by the fetcher:
AZ_SAS="?sv=2000-01-01&ss=...&sig=somesignature"
Signed-off-by: Alejandro Enedino Hernandez Samaniego <alhe@linux.microsoft.com>
---
lib/bb/fetch2/__init__.py | 4 +-
lib/bb/fetch2/az.py | 93 +++++++++++++++++++++++++++++++++++++++
2 files changed, 96 insertions(+), 1 deletion(-)
create mode 100644 lib/bb/fetch2/az.py
diff --git a/lib/bb/fetch2/__init__.py b/lib/bb/fetch2/__init__.py
index 19169d78..cf0201c4 100644
--- a/lib/bb/fetch2/__init__.py
+++ b/lib/bb/fetch2/__init__.py
@@ -1243,7 +1243,7 @@ class FetchData(object):
if checksum_name in self.parm:
checksum_expected = self.parm[checksum_name]
- elif self.type not in ["http", "https", "ftp", "ftps", "sftp", "s3"]:
+ elif self.type not in ["http", "https", "ftp", "ftps", "sftp", "s3", "az"]:
checksum_expected = None
else:
checksum_expected = d.getVarFlag("SRC_URI", checksum_name)
@@ -1908,6 +1908,7 @@ from . import repo
from . import clearcase
from . import npm
from . import npmsw
+from . import az
methods.append(local.Local())
methods.append(wget.Wget())
@@ -1927,3 +1928,4 @@ methods.append(repo.Repo())
methods.append(clearcase.ClearCase())
methods.append(npm.Npm())
methods.append(npmsw.NpmShrinkWrap())
+methods.append(az.Az())
diff --git a/lib/bb/fetch2/az.py b/lib/bb/fetch2/az.py
new file mode 100644
index 00000000..3ccc594c
--- /dev/null
+++ b/lib/bb/fetch2/az.py
@@ -0,0 +1,93 @@
+"""
+BitBake 'Fetch' Azure Storage implementation
+
+"""
+
+# Copyright (C) 2021 Alejandro Hernandez Samaniego
+#
+# Based on bb.fetch2.wget:
+# Copyright (C) 2003, 2004 Chris Larson
+#
+# SPDX-License-Identifier: GPL-2.0-only
+#
+# Based on functions from the base bb module, Copyright 2003 Holger Schurig
+
+import shlex
+import os
+import bb
+from bb.fetch2 import FetchError
+from bb.fetch2 import logger
+from bb.fetch2.wget import Wget
+
+
+class Az(Wget):
+
+ def supports(self, ud, d):
+ """
+ Check to see if a given url can be fetched from Azure Storage
+ """
+ return ud.type in ['az']
+
+
+ def checkstatus(self, fetch, ud, d, try_again=True):
+
+ # checkstatus discards parameters either way, we need to do this before adding the SAS
+ ud.url = ud.url.replace('az://','https://').split(';')[0]
+
+ az_sas = d.getVar('AZ_SAS')
+ if az_sas and az_sas not in ud.url:
+ ud.url += az_sas
+
+ return Wget.checkstatus(self, fetch, ud, d, try_again)
+
+ # Override download method, include retries
+ def download(self, ud, d, retries=3):
+ """Fetch urls"""
+
+ # If were reaching the account transaction limit we might be refused a connection,
+ # retrying allows us to avoid false negatives since the limit changes over time
+ fetchcmd = self.basecmd + ' --retry-connrefused --waitretry=5'
+
+ # We need to provide a localpath to avoid wget using the SAS
+ # ud.localfile either has the downloadfilename or ud.path
+ localpath = os.path.join(d.getVar("DL_DIR"), ud.localfile)
+ bb.utils.mkdirhier(os.path.dirname(localpath))
+ fetchcmd += " -O %s" % shlex.quote(localpath)
+
+
+ if ud.user and ud.pswd:
+ fetchcmd += " --user=%s --password=%s --auth-no-challenge" % (ud.user, ud.pswd)
+
+ # Check if a Shared Access Signature was given and use it
+ az_sas = d.getVar('AZ_SAS')
+
+ if az_sas:
+ azuri = '%s%s%s%s' % ('https://', ud.host, ud.path, az_sas)
+ else:
+ azuri = '%s%s%s' % ('https://', ud.host, ud.path)
+
+ if os.path.exists(ud.localpath):
+ # file exists, but we didnt complete it.. trying again.
+ fetchcmd += d.expand(" -c -P ${DL_DIR} '%s'" % azuri)
+ else:
+ fetchcmd += d.expand(" -P ${DL_DIR} '%s'" % azuri)
+
+ try:
+ self._runwget(ud, d, fetchcmd, False)
+ except FetchError as e:
+ # Azure fails on handshake sometimes when using wget after some stress, producing a
+ # FetchError from the fetcher, if the artifact exists retyring should succeed
+ if 'Unable to establish SSL connection' in str(e):
+ logger.debug2('Unable to establish SSL connection: Retries remaining: %s, Retrying...' % retries)
+ self.download(ud, d, retries -1)
+
+ # Sanity check since wget can pretend it succeed when it didn't
+ # Also, this used to happen if sourceforge sent us to the mirror page
+ if not os.path.exists(ud.localpath):
+ raise FetchError("The fetch command returned success for url %s but %s doesn't exist?!" % (azuri, ud.localpath), azuri)
+
+ if os.path.getsize(ud.localpath) == 0:
+ os.remove(ud.localpath)
+ raise FetchError("The fetch of %s resulted in a zero size file?! Deleting and failing since this isn't right." % (azuri), azuri)
+
+ return True
--
2.25.1
^ permalink raw reply related [flat|nested] 3+ messages in thread
* [PATCH 2/3] docs: Add Az fetcher documentation
2021-02-24 17:26 [PATCH 1/3] bitbake: Add Azure Storage fetcher implementation Alejandro Hernandez Samaniego
@ 2021-02-24 17:26 ` Alejandro Hernandez Samaniego
2021-02-24 17:26 ` [PATCH 3/3] docs: Add AZ_SAS definition to glossary Alejandro Hernandez Samaniego
1 sibling, 0 replies; 3+ messages in thread
From: Alejandro Hernandez Samaniego @ 2021-02-24 17:26 UTC (permalink / raw)
To: bitbake-devel; +Cc: Alejandro Enedino Hernandez Samaniego
Signed-off-by: Alejandro Enedino Hernandez Samaniego <alhe@linux.microsoft.com>
---
.../bitbake-user-manual-fetching.rst | 28 +++++++++++++++++++
.../bitbake-user-manual-ref-variables.rst | 2 ++
2 files changed, 30 insertions(+)
diff --git a/doc/bitbake-user-manual/bitbake-user-manual-fetching.rst b/doc/bitbake-user-manual/bitbake-user-manual-fetching.rst
index 6760b108..e9a5f336 100644
--- a/doc/bitbake-user-manual/bitbake-user-manual-fetching.rst
+++ b/doc/bitbake-user-manual/bitbake-user-manual-fetching.rst
@@ -624,6 +624,34 @@ Here are some example URLs: ::
SRC_URI = "repo://REPOROOT;protocol=git;branch=some_branch;manifest=my_manifest.xml"
SRC_URI = "repo://REPOROOT;protocol=file;branch=some_branch;manifest=my_manifest.xml"
+.. _az-fetcher:
+
+Az Fetcher (``az://``)
+--------------------------
+
+This submodule fetches data from an
+`Azure Storage account <https://docs.microsoft.com/en-us/azure/storage/>`__ ,
+it inherits its functionality from the HTTP wget fetcher, but modifies its
+behavior to accomodate the usage of a
+`Shared Access Signature (SAS) <https://docs.microsoft.com/en-us/azure/storage/common/storage-sas-overview>`__
+for non-public data.
+
+Such functionality is set by the variable:
+
+- :term:`AZ_SAS`: The Azure Storage Shared Access Signature provides secure
+ delegate access to resources, if this variable is set, the Az Fetcher will
+ use it when fetching artifacts from the cloud.
+
+You can specify the AZ_SAS variable as shown below: ::
+
+ AZ_SAS = "se=2021-01-01&sp=r&sv=2018-11-09&sr=c&skoid=<skoid>&sig=<signature>"
+
+Here is an example URL: ::
+
+ SRC_URI = "az://<azure-storage-account>.blob.core.windows.net/<foo_container>/<bar_file>"
+
+It can also be used when setting mirrors definitions using the :term:`PREMIRRORS` variable.
+
Other Fetchers
--------------
diff --git a/doc/bitbake-user-manual/bitbake-user-manual-ref-variables.rst b/doc/bitbake-user-manual/bitbake-user-manual-ref-variables.rst
index 6469f9d1..1cb4b1d6 100644
--- a/doc/bitbake-user-manual/bitbake-user-manual-ref-variables.rst
+++ b/doc/bitbake-user-manual/bitbake-user-manual-ref-variables.rst
@@ -1303,6 +1303,8 @@ overview of their function and contents.
- ``svn://`` : Fetches files from a Subversion (``svn``) revision
control repository.
+ - ``az://`` : Fetches files from an Azure Storage account using HTTPS.
+
Here are some additional options worth mentioning:
- ``unpack`` : Controls whether or not to unpack the file if it is
--
2.25.1
^ permalink raw reply related [flat|nested] 3+ messages in thread
* [PATCH 3/3] docs: Add AZ_SAS definition to glossary
2021-02-24 17:26 [PATCH 1/3] bitbake: Add Azure Storage fetcher implementation Alejandro Hernandez Samaniego
2021-02-24 17:26 ` [PATCH 2/3] docs: Add Az fetcher documentation Alejandro Hernandez Samaniego
@ 2021-02-24 17:26 ` Alejandro Hernandez Samaniego
1 sibling, 0 replies; 3+ messages in thread
From: Alejandro Hernandez Samaniego @ 2021-02-24 17:26 UTC (permalink / raw)
To: bitbake-devel; +Cc: Alejandro Enedino Hernandez Samaniego
Signed-off-by: Alejandro Enedino Hernandez Samaniego <alhe@linux.microsoft.com>
---
.../bitbake-user-manual-ref-variables.rst | 13 +++++++++++++
1 file changed, 13 insertions(+)
diff --git a/doc/bitbake-user-manual/bitbake-user-manual-ref-variables.rst b/doc/bitbake-user-manual/bitbake-user-manual-ref-variables.rst
index 1cb4b1d6..d8c88c61 100644
--- a/doc/bitbake-user-manual/bitbake-user-manual-ref-variables.rst
+++ b/doc/bitbake-user-manual/bitbake-user-manual-ref-variables.rst
@@ -39,6 +39,19 @@ overview of their function and contents.
when specified allows for the Git binary from the host to be used
rather than building ``git-native``.
+ :term:`AZ_SAS`
+ Azure Storage Shared Access Signature, when using the
+ :ref:`Azure Storage fetcher <bitbake-user-manual/bitbake-user-manual-fetching:fetchers>`
+ This variable can be defined to be used by the fetcher to authenticate
+ and gain access to non-public artifacts.
+ ::
+
+ AZ_SAS = ""se=2021-01-01&sp=r&sv=2018-11-09&sr=c&skoid=<skoid>&sig=<signature>""
+
+ For more information see Microsoft's Azure Storage documentation at
+ https://docs.microsoft.com/en-us/azure/storage/common/storage-sas-overview
+
+
:term:`B`
The directory in which BitBake executes functions during a recipe's
build process.
--
2.25.1
^ permalink raw reply related [flat|nested] 3+ messages in thread
end of thread, other threads:[~2021-02-24 17:27 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2021-02-24 17:26 [PATCH 1/3] bitbake: Add Azure Storage fetcher implementation Alejandro Hernandez Samaniego
2021-02-24 17:26 ` [PATCH 2/3] docs: Add Az fetcher documentation Alejandro Hernandez Samaniego
2021-02-24 17:26 ` [PATCH 3/3] docs: Add AZ_SAS definition to glossary Alejandro Hernandez Samaniego
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.