Add RPM registry (#23380)

Fixes #20751 This PR adds a RPM package registry. You can follow [this tutorial](https://opensource.com/article/18/9/how-build-rpm-packages) to build a *.rpm package for testing. This functionality is similar to the Debian registry (#22854) and therefore shares some methods. I marked this PR as blocked because it should be merged after #22854. ![grafik](https://user-images.githubusercontent.com/1666336/223806549-d8784fd9-9d79-46a2-9ae2-f038594f636a.png)
2023-05-05 22:33:37 +02:00 · 2023-05-05 22:33:37 +02:00 · 05209f0d1d
commit 05209f0d1d
parent 8f314c6793
29 changed files with 1998 additions and 43 deletions
--- a/modules/packages/rpm/metadata.go
+++ b/modules/packages/rpm/metadata.go
@ -0,0 +1,296 @@
+// Copyright 2023 The Gitea Authors. All rights reserved.
+// SPDX-License-Identifier: MIT
+
+package rpm
+
+import (
+	"fmt"
+	"io"
+	"strings"
+
+	"code.gitea.io/gitea/modules/timeutil"
+	"code.gitea.io/gitea/modules/validation"
+
+	"github.com/sassoftware/go-rpmutils"
+)
+
+const (
+	PropertyMetadata = "rpm.metdata"
+
+	SettingKeyPrivate = "rpm.key.private"
+	SettingKeyPublic  = "rpm.key.public"
+
+	RepositoryPackage = "_rpm"
+	RepositoryVersion = "_repository"
+)
+
+const (
+	// Can't use the syscall constants because they are not available for windows build.
+	sIFMT  = 0xf000
+	sIFDIR = 0x4000
+	sIXUSR = 0x40
+	sIXGRP = 0x8
+	sIXOTH = 0x1
+)
+
+// https://rpm-software-management.github.io/rpm/manual/spec.html
+// https://refspecs.linuxbase.org/LSB_3.1.0/LSB-Core-generic/LSB-Core-generic/pkgformat.html
+
+type Package struct {
+	Name            string
+	Version         string
+	VersionMetadata *VersionMetadata
+	FileMetadata    *FileMetadata
+}
+
+type VersionMetadata struct {
+	License     string `json:"license,omitempty"`
+	ProjectURL  string `json:"project_url,omitempty"`
+	Summary     string `json:"summary,omitempty"`
+	Description string `json:"description,omitempty"`
+}
+
+type FileMetadata struct {
+	Architecture  string `json:"architecture,omitempty"`
+	Epoch         string `json:"epoch,omitempty"`
+	Version       string `json:"version,omitempty"`
+	Release       string `json:"release,omitempty"`
+	Vendor        string `json:"vendor,omitempty"`
+	Group         string `json:"group,omitempty"`
+	Packager      string `json:"packager,omitempty"`
+	SourceRpm     string `json:"source_rpm,omitempty"`
+	BuildHost     string `json:"build_host,omitempty"`
+	BuildTime     uint64 `json:"build_time,omitempty"`
+	FileTime      uint64 `json:"file_time,omitempty"`
+	InstalledSize uint64 `json:"installed_size,omitempty"`
+	ArchiveSize   uint64 `json:"archive_size,omitempty"`
+
+	Provides  []*Entry `json:"provide,omitempty"`
+	Requires  []*Entry `json:"require,omitempty"`
+	Conflicts []*Entry `json:"conflict,omitempty"`
+	Obsoletes []*Entry `json:"obsolete,omitempty"`
+
+	Files []*File `json:"files,omitempty"`
+
+	Changelogs []*Changelog `json:"changelogs,omitempty"`
+}
+
+type Entry struct {
+	Name    string `json:"name" xml:"name,attr"`
+	Flags   string `json:"flags,omitempty" xml:"flags,attr,omitempty"`
+	Version string `json:"version,omitempty" xml:"ver,attr,omitempty"`
+	Epoch   string `json:"epoch,omitempty" xml:"epoch,attr,omitempty"`
+	Release string `json:"release,omitempty" xml:"rel,attr,omitempty"`
+}
+
+type File struct {
+	Path         string `json:"path" xml:",chardata"`
+	Type         string `json:"type,omitempty" xml:"type,attr,omitempty"`
+	IsExecutable bool   `json:"is_executable" xml:"-"`
+}
+
+type Changelog struct {
+	Author string             `json:"author,omitempty" xml:"author,attr"`
+	Date   timeutil.TimeStamp `json:"date,omitempty" xml:"date,attr"`
+	Text   string             `json:"text,omitempty" xml:",chardata"`
+}
+
+// ParsePackage parses the RPM package file
+func ParsePackage(r io.Reader) (*Package, error) {
+	rpm, err := rpmutils.ReadRpm(r)
+	if err != nil {
+		return nil, err
+	}
+
+	nevra, err := rpm.Header.GetNEVRA()
+	if err != nil {
+		return nil, err
+	}
+
+	version := fmt.Sprintf("%s-%s", nevra.Version, nevra.Release)
+	if nevra.Epoch != "" && nevra.Epoch != "0" {
+		version = fmt.Sprintf("%s-%s", nevra.Epoch, version)
+	}
+
+	p := &Package{
+		Name:    nevra.Name,
+		Version: version,
+		VersionMetadata: &VersionMetadata{
+			Summary:     getString(rpm.Header, rpmutils.SUMMARY),
+			Description: getString(rpm.Header, rpmutils.DESCRIPTION),
+			License:     getString(rpm.Header, rpmutils.LICENSE),
+			ProjectURL:  getString(rpm.Header, rpmutils.URL),
+		},
+		FileMetadata: &FileMetadata{
+			Architecture:  nevra.Arch,
+			Epoch:         nevra.Epoch,
+			Version:       nevra.Version,
+			Release:       nevra.Release,
+			Vendor:        getString(rpm.Header, rpmutils.VENDOR),
+			Group:         getString(rpm.Header, rpmutils.GROUP),
+			Packager:      getString(rpm.Header, rpmutils.PACKAGER),
+			SourceRpm:     getString(rpm.Header, rpmutils.SOURCERPM),
+			BuildHost:     getString(rpm.Header, rpmutils.BUILDHOST),
+			BuildTime:     getUInt64(rpm.Header, rpmutils.BUILDTIME),
+			FileTime:      getUInt64(rpm.Header, rpmutils.FILEMTIMES),
+			InstalledSize: getUInt64(rpm.Header, rpmutils.SIZE),
+			ArchiveSize:   getUInt64(rpm.Header, rpmutils.SIG_PAYLOADSIZE),
+
+			Provides:   getEntries(rpm.Header, rpmutils.PROVIDENAME, rpmutils.PROVIDEVERSION, rpmutils.PROVIDEFLAGS),
+			Requires:   getEntries(rpm.Header, rpmutils.REQUIRENAME, rpmutils.REQUIREVERSION, rpmutils.REQUIREFLAGS),
+			Conflicts:  getEntries(rpm.Header, 1054 /*rpmutils.CONFLICTNAME*/, 1055 /*rpmutils.CONFLICTVERSION*/, 1053 /*rpmutils.CONFLICTFLAGS*/), // https://github.com/sassoftware/go-rpmutils/pull/24
+			Obsoletes:  getEntries(rpm.Header, rpmutils.OBSOLETENAME, rpmutils.OBSOLETEVERSION, rpmutils.OBSOLETEFLAGS),
+			Files:      getFiles(rpm.Header),
+			Changelogs: getChangelogs(rpm.Header),
+		},
+	}
+
+	if !validation.IsValidURL(p.VersionMetadata.ProjectURL) {
+		p.VersionMetadata.ProjectURL = ""
+	}
+
+	return p, nil
+}
+
+func getString(h *rpmutils.RpmHeader, tag int) string {
+	values, err := h.GetStrings(tag)
+	if err != nil || len(values) < 1 {
+		return ""
+	}
+	return values[0]
+}
+
+func getUInt64(h *rpmutils.RpmHeader, tag int) uint64 {
+	values, err := h.GetUint64s(tag)
+	if err != nil || len(values) < 1 {
+		return 0
+	}
+	return values[0]
+}
+
+func getEntries(h *rpmutils.RpmHeader, namesTag, versionsTag, flagsTag int) []*Entry {
+	names, err := h.GetStrings(namesTag)
+	if err != nil || len(names) == 0 {
+		return nil
+	}
+	flags, err := h.GetUint64s(flagsTag)
+	if err != nil || len(flags) == 0 {
+		return nil
+	}
+	versions, err := h.GetStrings(versionsTag)
+	if err != nil || len(versions) == 0 {
+		return nil
+	}
+	if len(names) != len(flags) || len(names) != len(versions) {
+		return nil
+	}
+
+	entries := make([]*Entry, 0, len(names))
+	for i := range names {
+		e := &Entry{
+			Name: names[i],
+		}
+
+		flags := flags[i]
+		if (flags&rpmutils.RPMSENSE_GREATER) != 0 && (flags&rpmutils.RPMSENSE_EQUAL) != 0 {
+			e.Flags = "GE"
+		} else if (flags&rpmutils.RPMSENSE_LESS) != 0 && (flags&rpmutils.RPMSENSE_EQUAL) != 0 {
+			e.Flags = "LE"
+		} else if (flags & rpmutils.RPMSENSE_GREATER) != 0 {
+			e.Flags = "GT"
+		} else if (flags & rpmutils.RPMSENSE_LESS) != 0 {
+			e.Flags = "LT"
+		} else if (flags & rpmutils.RPMSENSE_EQUAL) != 0 {
+			e.Flags = "EQ"
+		}
+
+		version := versions[i]
+		if version != "" {
+			parts := strings.Split(version, "-")
+
+			versionParts := strings.Split(parts[0], ":")
+			if len(versionParts) == 2 {
+				e.Version = versionParts[1]
+				e.Epoch = versionParts[0]
+			} else {
+				e.Version = versionParts[0]
+				e.Epoch = "0"
+			}
+
+			if len(parts) > 1 {
+				e.Release = parts[1]
+			}
+		}
+
+		entries = append(entries, e)
+	}
+	return entries
+}
+
+func getFiles(h *rpmutils.RpmHeader) []*File {
+	baseNames, _ := h.GetStrings(rpmutils.BASENAMES)
+	dirNames, _ := h.GetStrings(rpmutils.DIRNAMES)
+	dirIndexes, _ := h.GetUint32s(rpmutils.DIRINDEXES)
+	fileFlags, _ := h.GetUint32s(rpmutils.FILEFLAGS)
+	fileModes, _ := h.GetUint32s(rpmutils.FILEMODES)
+
+	files := make([]*File, 0, len(baseNames))
+	for i := range baseNames {
+		if len(dirIndexes) <= i {
+			continue
+		}
+		dirIndex := dirIndexes[i]
+		if len(dirNames) <= int(dirIndex) {
+			continue
+		}
+
+		var fileType string
+		var isExecutable bool
+		if i < len(fileFlags) && (fileFlags[i]&rpmutils.RPMFILE_GHOST) != 0 {
+			fileType = "ghost"
+		} else if i < len(fileModes) {
+			if (fileModes[i] & sIFMT) == sIFDIR {
+				fileType = "dir"
+			} else {
+				mode := fileModes[i] & ^uint32(sIFMT)
+				isExecutable = (mode&sIXUSR) != 0 || (mode&sIXGRP) != 0 || (mode&sIXOTH) != 0
+			}
+		}
+
+		files = append(files, &File{
+			Path:         dirNames[dirIndex] + baseNames[i],
+			Type:         fileType,
+			IsExecutable: isExecutable,
+		})
+	}
+
+	return files
+}
+
+func getChangelogs(h *rpmutils.RpmHeader) []*Changelog {
+	texts, err := h.GetStrings(rpmutils.CHANGELOGTEXT)
+	if err != nil || len(texts) == 0 {
+		return nil
+	}
+	authors, err := h.GetStrings(rpmutils.CHANGELOGNAME)
+	if err != nil || len(authors) == 0 {
+		return nil
+	}
+	times, err := h.GetUint32s(rpmutils.CHANGELOGTIME)
+	if err != nil || len(times) == 0 {
+		return nil
+	}
+	if len(texts) != len(authors) || len(texts) != len(times) {
+		return nil
+	}
+
+	changelogs := make([]*Changelog, 0, len(texts))
+	for i := range texts {
+		changelogs = append(changelogs, &Changelog{
+			Author: authors[i],
+			Date:   timeutil.TimeStamp(times[i]),
+			Text:   texts[i],
+		})
+	}
+	return changelogs
+}
--- a/modules/packages/rpm/metadata_test.go
+++ b/modules/packages/rpm/metadata_test.go
@ -0,0 +1,163 @@
+// Copyright 2023 The Gitea Authors. All rights reserved.
+// SPDX-License-Identifier: MIT
+
+package rpm
+
+import (
+	"bytes"
+	"compress/gzip"
+	"encoding/base64"
+	"testing"
+
+	"github.com/stretchr/testify/assert"
+)
+
+func TestParsePackage(t *testing.T) {
+	base64RpmPackageContent := `H4sICFayB2QCAGdpdGVhLXRlc3QtMS4wLjItMS14ODZfNjQucnBtAO2YV4gTQRjHJzl7wbNhhxVF
+VNwk2zd2PdvZ9Sxnd3Z3NllNsmF3o6congVFsWFHRWwIImIXfRER0QcRfPBJEXvvBQvWSfZTT0VQ
+8TF/MuU33zcz3+zOJGEe73lyuQBRBWKWRzDrEddjuVAkxLMc+lsFUOWfm5bvvReAalWECg/TsivU
+dyKa0U61aVnl6wj0Uxe4nc8F92hZiaYE8CO/P0r7/Quegr0c7M/AvoCaGZEIWNGUqMHrhhGROIUT
+Zc7gOAOraoQzCNZ0WdU0HpEI5jiB4zlek3gT85wqCBomhomxoGCs8wImWMImbxqKgXVNUKKaqShR
+STKVKK9glFUNcf2g+/t27xs16v5x/eyOKftVGlIhyiuvvPLKK6+88sorr7zyyiuvvPKCO5HPnz+v
+pGVhhXsTsFVeSstuWR9anwU+Bk3Vch5wTwL3JkHg+8C1gR8A169wj1KdpobAj4HbAT+Be5VewE+h
+fz/g52AvBX4N9vHAb4AnA7+F8ePAH8BuA38ELgf+BLzQ50oIeBlw0OdAOXAlP57AGuCsbwGtbgCu
+DrwRuAb4bwau6T/PwFbgWsDXgWuD/y3gOmC/B1wI/Bi4AcT3Arih3z9YCNzI9w9m/YKUG4Nd9N9z
+pSZgHwrcFPgccFt//OADGE+F/q+Ao+D/FrijzwV1gbv4/QvaAHcFDgF3B5aB+wB3Be7rz1dQCtwP
+eDxwMcw3GbgU7AasdwzYE8DjwT4L/CeAvRx4IvBCYA3iWQds+FzpDjABfghsAj8BTgA/A/b8+StX
+A84A1wKe5s9fuRB4JpzHZv55rL8a/Dv49vpn/PErR4BvQX8Z+Db4l2W5CH2/f0W5+1fEoeFDBzFp
+rE/FMcK4mWQSOzN+aDOIqztW2rPsFKIyqh7sQERR42RVMSKihnzVHlQ8Ag0YLBYNEIajkhmuR5Io
+7nlpt2M4nJs0ZNkoYaUyZahMlSfJImr1n1WjFVNCPCaTZgYNGdGL8YN2mX8WHfA/C7ViHJK0pxHG
+SrkeTiSI4T+7ubf85yrzRCQRQ5EVxVAjvIBVRY/KRFAVReIkhfARSddNSceayQkGliIKb0q8RAxJ
+5QWNVxHIsW3Pz369bw+5jh5y0klE9Znqm0dF57b0HbGy2A5lVUBTZZrqZjdUjYoprFmpsBtHP5d0
+ISltS2yk2mHuC4x+lgJMhgnidvuqy3b0suK0bm+tw3FMxI2zjm7/fA0MtQhplX2s7nYLZ2ZC0yg
+CxJZDokhORTJlrlcCvG5OieGBERlVCs7CfuS6WzQ/T2j+9f92BWxTFEcp2IkYccYGp2LYySEfreq
+irue4WRF5XkpKovw2wgpq2rZBI8bQZkzxEkiYaNwxnXCCVvHidzIiB3CM2yMYdNWmjDsaLovaE4c
+x3a6mLaTxB7rEj3jWN4M2p7uwPaa1GfI8BHFfcZMKhkycnhR7y781/a+A4t7FpWWTupRUtKbegwZ
+XMKwJinTSe70uhRcj55qNu3YHtE922Fdz7FTMTq9Q3TbMdiYrrPudMvT44S6u2miu138eC0tTN9D
+2CFGHHtQsHHsGCRFDFbXuT9wx6mUTZfseydlkWZeJkW6xOgYjqXT+LA7I6XHaUx2xmUzqelWymA9
+rCXI9+D1BHbjsITssqhBNysw0tOWjcpmIh6+aViYPfftw8ZSGfRVPUqKiosZj5R5qGmk/8AjjRbZ
+d8b3vvngdPHx3HvMeCarIk7VVSwbgoZVkceEVyOmyUmGxBGNYDVKSFSOGlIkGqWnUZFkiY/wsmhK
+Mu0UFYgZ/bYnuvn/vz4wtCz8qMwsHUvP0PX3tbYFUctAPdrY6tiiDtcCddDECahx7SuVNP5dpmb5
+9tMDyaXb7OAlk5acuPn57ss9mw6Wym0m1Fq2cej7tUt2LL4/b8enXU2fndk+fvv57ndnt55/cQob
+7tpp/pEjDS7cGPZ6BY430+7danDq6f42Nw49b9F7zp6BiKpJb9s5P0AYN2+L159cnrur636rx+v1
+7ae1K28QbMMcqI8CqwIrgwg9nTOp8Oj9q81plUY7ZuwXN8Vvs8wbAAA=`
+	rpmPackageContent, err := base64.StdEncoding.DecodeString(base64RpmPackageContent)
+	assert.NoError(t, err)
+
+	zr, err := gzip.NewReader(bytes.NewReader(rpmPackageContent))
+	assert.NoError(t, err)
+
+	p, err := ParsePackage(zr)
+	assert.NotNil(t, p)
+	assert.NoError(t, err)
+
+	assert.Equal(t, "gitea-test", p.Name)
+	assert.Equal(t, "1.0.2-1", p.Version)
+	assert.NotNil(t, p.VersionMetadata)
+	assert.NotNil(t, p.FileMetadata)
+
+	assert.Equal(t, "MIT", p.VersionMetadata.License)
+	assert.Equal(t, "https://gitea.io", p.VersionMetadata.ProjectURL)
+	assert.Equal(t, "RPM package summary", p.VersionMetadata.Summary)
+	assert.Equal(t, "RPM package description", p.VersionMetadata.Description)
+
+	assert.Equal(t, "x86_64", p.FileMetadata.Architecture)
+	assert.Equal(t, "0", p.FileMetadata.Epoch)
+	assert.Equal(t, "1.0.2", p.FileMetadata.Version)
+	assert.Equal(t, "1", p.FileMetadata.Release)
+	assert.Empty(t, p.FileMetadata.Vendor)
+	assert.Equal(t, "KN4CK3R", p.FileMetadata.Packager)
+	assert.Equal(t, "gitea-test-1.0.2-1.src.rpm", p.FileMetadata.SourceRpm)
+	assert.Equal(t, "e44b1687d04b", p.FileMetadata.BuildHost)
+	assert.EqualValues(t, 1678225964, p.FileMetadata.BuildTime)
+	assert.EqualValues(t, 1678225964, p.FileMetadata.FileTime)
+	assert.EqualValues(t, 13, p.FileMetadata.InstalledSize)
+	assert.EqualValues(t, 272, p.FileMetadata.ArchiveSize)
+	assert.Empty(t, p.FileMetadata.Conflicts)
+	assert.Empty(t, p.FileMetadata.Obsoletes)
+
+	assert.ElementsMatch(
+		t,
+		[]*Entry{
+			{
+				Name:    "gitea-test",
+				Flags:   "EQ",
+				Version: "1.0.2",
+				Epoch:   "0",
+				Release: "1",
+			},
+			{
+				Name:    "gitea-test(x86-64)",
+				Flags:   "EQ",
+				Version: "1.0.2",
+				Epoch:   "0",
+				Release: "1",
+			},
+		},
+		p.FileMetadata.Provides,
+	)
+	assert.ElementsMatch(
+		t,
+		[]*Entry{
+			{
+				Name: "/bin/sh",
+			},
+			{
+				Name: "/bin/sh",
+			},
+			{
+				Name: "/bin/sh",
+			},
+			{
+				Name:    "rpmlib(CompressedFileNames)",
+				Flags:   "LE",
+				Version: "3.0.4",
+				Epoch:   "0",
+				Release: "1",
+			},
+			{
+				Name:    "rpmlib(FileDigests)",
+				Flags:   "LE",
+				Version: "4.6.0",
+				Epoch:   "0",
+				Release: "1",
+			},
+			{
+				Name:    "rpmlib(PayloadFilesHavePrefix)",
+				Flags:   "LE",
+				Version: "4.0",
+				Epoch:   "0",
+				Release: "1",
+			},
+			{
+				Name:    "rpmlib(PayloadIsXz)",
+				Flags:   "LE",
+				Version: "5.2",
+				Epoch:   "0",
+				Release: "1",
+			},
+		},
+		p.FileMetadata.Requires,
+	)
+	assert.ElementsMatch(
+		t,
+		[]*File{
+			{
+				Path:         "/usr/local/bin/hello",
+				IsExecutable: true,
+			},
+		},
+		p.FileMetadata.Files,
+	)
+	assert.ElementsMatch(
+		t,
+		[]*Changelog{
+			{
+				Author: "KN4CK3R <dummy@gitea.io>",
+				Date:   1678276800,
+				Text:   "- Changelog message.",
+			},
+		},
+		p.FileMetadata.Changelogs,
+	)
+}
--- a/modules/setting/packages.go
+++ b/modules/setting/packages.go
@ -38,6 +38,7 @@ var (
 		LimitSizeNuGet       int64
 		LimitSizePub         int64
 		LimitSizePyPI        int64
+		LimitSizeRpm         int64
 		LimitSizeRubyGems    int64
 		LimitSizeSwift       int64
 		LimitSizeVagrant     int64
@ -82,6 +83,7 @@ func loadPackagesFrom(rootCfg ConfigProvider) {
 	Packages.LimitSizeNuGet = mustBytes(sec, "LIMIT_SIZE_NUGET")
 	Packages.LimitSizePub = mustBytes(sec, "LIMIT_SIZE_PUB")
 	Packages.LimitSizePyPI = mustBytes(sec, "LIMIT_SIZE_PYPI")
+	Packages.LimitSizeRpm = mustBytes(sec, "LIMIT_SIZE_RPM")
 	Packages.LimitSizeRubyGems = mustBytes(sec, "LIMIT_SIZE_RUBYGEMS")
 	Packages.LimitSizeSwift = mustBytes(sec, "LIMIT_SIZE_SWIFT")
 	Packages.LimitSizeVagrant = mustBytes(sec, "LIMIT_SIZE_VAGRANT")