Enforce one platform policy for GardenLinux canonical names

Signed-off-by: Tobias Wolf <[email protected]>
On-behalf-of: SAP <[email protected]>

Author: NotTheEvilOne

src/gardenlinux/features/cname.py

@@ -51,15 +51,15 @@ def __init__(self, cname, arch=None, commit_hash=None, version=None):
         self._commit_id = None
         self._feature_elements_cached = None
         self._feature_flags_cached = None
-        self._feature_platforms_cached = None
+        self._feature_platform_cached = None
         self._feature_set_cached = None
         self._flavor = None
         self._version = None
 
         commit_id_or_hash = None
 
         re_match = re.match(
-            "([a-zA-Z0-9]+([\\_\\-][a-zA-Z0-9]+)*?)(-([a-z0-9]+)(-([a-z0-9.]+)-([a-z0-9]+))*)?$",
+            "([a-zA-Z0-9]+([\\_\\-][a-zA-Z0-9]+)*?)(-([a-z0-9]+)(-([a-z0-9\\.\\+~]+)-([a-z0-9]+))*)?$",
             cname,
         )
 
@@ -83,7 +83,7 @@ def __init__(self, cname, arch=None, commit_hash=None, version=None):
         if self._version is None and version is not None:
             # Support version values formatted as <version>-<commit_hash>
             if commit_hash is None:
-                re_match = re.match("([a-z0-9.]+)(-([a-z0-9]+))?$", version)
+                re_match = re.match("([a-z0-9\\.\\+~]+)(-([a-z0-9]+))?$", version)
                 assert re_match, f"Not a valid version {version}"
 
                 commit_id_or_hash = re_match[3]
@@ -117,7 +117,7 @@ def cname(self) -> str:
         :return: (str) CName
         :since:  0.7.0
         """
-        assert self._flavor is not None, "CName flavor is not set!"
+
         cname = self._flavor
 
         if self._arch is not None:
@@ -233,10 +233,13 @@ def feature_set_platform(self) -> str:
         :since:  0.11.0
         """
 
-        if self._feature_platforms_cached is not None:
-            return ",".join(self._feature_platforms_cached)
+        if self._feature_platform_cached is not None:
+            return self._feature_platform_cached
+
+        platforms = Parser().filter_as_dict(self.flavor)["platform"]
+        assert len(platforms) < 2, "Only one platform is supported"
 
-        return ",".join(Parser().filter_as_dict(self.flavor)["platform"])
+        return platforms[0]
 
     @property
     def release_metadata_string(self) -> str:
@@ -248,10 +251,11 @@ def release_metadata_string(self) -> str:
         """
 
         features = Parser().filter_as_dict(self.flavor)
+        assert len(features["platform"]) == 1, "Only one platform is supported"
 
         elements = ",".join(features["element"])
         flags = ",".join(features["flag"])
-        platforms = ",".join(features["platform"])
+        platform = features["platform"][0]
 
         metadata = f"""
 ID={GL_RELEASE_ID}
@@ -264,7 +268,7 @@ def release_metadata_string(self) -> str:
 BUG_REPORT_URL="{GL_BUG_REPORT_URL}"
 GARDENLINUX_CNAME="{self.cname}"
 GARDENLINUX_FEATURES="{self.feature_set}"
-GARDENLINUX_FEATURES_PLATFORMS="{platforms}"
+GARDENLINUX_FEATURES_PLATFORMS="{platform}"
 GARDENLINUX_FEATURES_ELEMENTS="{elements}"
 GARDENLINUX_FEATURES_FLAGS="{flags}"
 GARDENLINUX_VERSION="{self.version}"
@@ -282,24 +286,9 @@ def platform(self) -> str:
         :return: (str) Feature set platforms
         :since:  0.7.0
         """
-        assert self._flavor is not None, "Flavor not set!"
 
         return self.feature_set_platform
 
-    @property
-    def platforms(self) -> List[str]:
-        """
-        Returns the platforms for the cname parsed.
-
-        :return: (str) Platforms
-        :since:  0.11.0
-        """
-
-        if self._feature_platforms_cached is not None:
-            return self._feature_platforms_cached
-
-        return Parser().filter_as_dict(self.flavor)["platform"]
-
     @property
     def version(self) -> Optional[str]:
         """
@@ -395,9 +384,10 @@ def load_from_release_file(self, release_file: PathLike | str) -> None:
             UNNAMED_SECTION, "GARDENLINUX_FEATURES_FLAGS"
         ).split(",")
 
-        self._feature_platforms_cached = release_config.get(
-            UNNAMED_SECTION, "GARDENLINUX_FEATURES_PLATFORMS"
-        ).split(",")
+        platforms = release_config.get(UNNAMED_SECTION, "GARDENLINUX_FEATURES_PLATFORMS").split(",")
+        assert len(platforms) < 2, "Only one platform is supported"
+
+        self._feature_platform_cached = platforms[0]
 
     def save_to_release_file(
         self, release_file: PathLike | str, overwrite: Optional[bool] = False

src/gardenlinux/s3/s3_artifacts.py

@@ -172,7 +172,7 @@ def upload_from_directory(
             secureboot = "_trustedboot" in feature_list
 
         metadata = {
-            "platform": cname_object.platform,
+            "platform": cname_object.feature_set_platform,
             "architecture": cname_object.arch,
             "base_image": None,
             "build_committish": commit_hash,
@@ -220,7 +220,7 @@ def upload_from_directory(
 
             s3_tags = {
                 "architecture": re_object.sub("+", cname_object.arch),
-                "platform": re_object.sub("+", cname_object.platform),
+                "platform": re_object.sub("+", cname_object.feature_set_platform),
                 "version": re_object.sub("+", cname_object.version),
                 "committish": commit_hash,
                 "md5sum": md5sum,

tests/s3/conftest.py

@@ -22,9 +22,9 @@ class S3Env:
 
 
 def make_cname(
-    flavor: str = "kvm-container",
+    flavor: str = "container",
     arch: str = "amd64",
-    version: str = "1234.1",
+    version: str = "1234.1~post1",
     commit: str = "abc123",
 ) -> str:
     """

tests/s3/test_s3_artifacts.py

@@ -9,7 +9,7 @@
 from gardenlinux.s3.s3_artifacts import S3Artifacts
 
 RELEASE_DATA = """
-    GARDENLINUX_VERSION = 1234.1
+    GARDENLINUX_VERSION = 1234.1~post1
     GARDENLINUX_COMMIT_ID = abc123
     GARDENLINUX_COMMIT_ID_LONG = abc123long
     GARDENLINUX_FEATURES = _usi,_trustedboot
@@ -124,7 +124,7 @@ def test_upload_from_directory_success(s3_setup):
         Bucket=env.bucket_name, Key=f"objects/{env.cname}/{env.cname}-file1"
     )
     tags = {tag["Key"]: tag["Value"] for tag in raw_tags_response["TagSet"]}
-    assert tags["platform"] == "container+kvm"
+    assert tags["version"] == "1234.1+post1"
 
 
 def test_upload_from_directory_with_delete(s3_setup):
@@ -192,6 +192,24 @@ def test_upload_from_directory_invalid_dir_raises(s3_setup):
         artifacts.upload_from_directory(env.cname, "/invalid/path")
 
 
+def test_upload_from_directory_not_only_one_platform(s3_setup):
+    """
+    RuntimeError if more than one platform is in release file.
+    """
+    # Arrange
+    env = s3_setup
+    cname = "container-kvm-amd64-1234.1~post1-abc123"
+
+    release_path = env.tmp_path / f"{cname}.release"
+    release_path.write_text(RELEASE_DATA)
+
+    artifacts = S3Artifacts(env.bucket_name)
+
+    # Act / Assert
+    with pytest.raises(AssertionError, match="Only one platform is supported"):
+        artifacts.upload_from_directory(cname, env.tmp_path)
+
+
 def test_upload_from_directory_version_mismatch_raises(s3_setup):
     """
     RuntimeError if version in release file does not match cname.