Code Review / releng-anteater.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | review | tree
raw | inline | side by side
Implements full path for hash checks of binaries
[releng-anteater.git] / anteater / src / patch_scan.py
diff --git a/anteater/src/patch_scan.py b/anteater/src/patch_scan.py
index 083639f..3d29c65 100644 (file)
--- a/anteater/src/patch_scan.py
+++ b/anteater/src/patch_scan.py
@@ -47,7 +47,10 @@ def prepare_patchset(project, patchset):
     file_audit_list, file_audit_project_list = lists.file_audit_list(project)
 
     # Get file content black list and project waivers
-    master_list, project_list_re = lists.file_content_list(project)
+    master_list, ignore_list = lists.file_content_list(project)
+
+    # Get File Ignore Lists
+    file_ignore = lists.file_ignore()
 
     # Get Licence Lists
     licence_ext = lists.licence_extensions()
@@ -66,8 +69,8 @@ def prepare_patchset(project, patchset):
         # Perform binary and file / content checks
         scan_patch(project, patch_file, binary_list,
                    file_audit_list, file_audit_project_list,
-                   master_list, project_list_re, licence_ext,
-                   licence_ignore)
+                   master_list, ignore_list, licence_ext,
+                   file_ignore, licence_ignore)
 
     # Process each file in patch set using waivers generated above
     # Process final result
@@ -76,12 +79,13 @@ def prepare_patchset(project, patchset):
 
 def scan_patch(project, patch_file, binary_list, file_audit_list,
                file_audit_project_list, master_list,
-               project_list_re, licence_ext, licence_ignore):
+               ignore_list, licence_ext, file_ignore, licence_ignore):
     """ Scan actions for each commited file in patch set """
     global failure
     if is_binary(patch_file):
         hashlist = get_lists.GetLists()
-        binary_hash = hashlist.binary_hash(project, patch_file)
+        split_path = patch_file.split(project + '/', 1)[-1]
+        binary_hash = hashlist.binary_hash(project, split_path)
         if not binary_list.search(patch_file):
             with open(patch_file, 'rb') as afile:
                 buf = afile.read()
@@ -99,6 +103,9 @@ def scan_patch(project, patch_file, binary_list, file_audit_list,
                     as gate_report:
                 gate_report.write('Non Whitelisted Binary file: {0}\n'.
                                   format(patch_file))
+                gate_report.write('Submit patch with the following hash: {0}\n'.
+                                  format(hasher.hexdigest()))
+
     else:
         # Check file names / extensions
         if file_audit_list.search(patch_file) and not \
@@ -122,12 +129,13 @@ def scan_patch(project, patch_file, binary_list, file_audit_list,
         except IOError:
             file_exists = False
 
-        if file_exists:
+        if file_exists and not patch_file.endswith(tuple(file_ignore)):
             for line in lines:
                 for key, value in master_list.iteritems():
                     regex = value['regex']
                     desc = value['desc']
-                    if re.search(regex, line) and not re.search(project_list_re, line):
+                    if re.search(regex, line) and not re.search(
+                            ignore_list, line):
                         logger.error('File contains violation: %s', patch_file)
                         logger.error('Flagged Content: %s', line.rstrip())
                         logger.error('Matched Regular Exp: %s', regex)