Support on-demand content in repair_metadata

Author: jobselko

pulp_python/app/tasks/repair.py

@@ -2,12 +2,17 @@
 import uuid
 from gettext import gettext as _
 
+from requests.exceptions import RequestException
 from django.db.models.query import QuerySet
 from pulpcore.plugin.models import ProgressReport
 from pulpcore.plugin.util import get_domain
 
 from pulp_python.app.models import PythonPackageContent, PythonRepository
-from pulp_python.app.utils import artifact_to_python_content_data
+from pulp_python.app.utils import (
+    artifact_to_python_content_data,
+    fetch_json_release_metadata,
+    parse_metadata,
+)
 
 log = logging.getLogger(__name__)
 
@@ -47,23 +52,35 @@ def repair_metadata(content: QuerySet[PythonPackageContent]) -> int:
     Returns:
         int: The number of packages that were repaired.
     """
-    # TODO: Add on_demand content repair
-    immediate_content = content.filter(contentartifact__artifact__isnull=False)
+    immediate_content = (
+        content.filter(contentartifact__artifact__isnull=False)
+        .distinct()
+        .prefetch_related("_artifacts")
+    )
+    on_demand_content = (
+        content.filter(contentartifact__artifact__isnull=True)
+        .distinct()
+        .prefetch_related("contentartifact_set__remoteartifact_set")
+        .order_by("name")
+    )
     domain = get_domain()
 
     batch = []
     set_of_update_fields = set()
     total_repaired = 0
+    # Used in on-demand content to prevent redundant requests
+    pkg_name = None
+    json_data = None
 
     progress_report = ProgressReport(
         message="Repairing packages' metadata",
         code="repair.metadata",
-        total=immediate_content.count(),
+        total=content.count(),
     )
     progress_report.save()
     with progress_report:
         for package in progress_report.iter(
-            immediate_content.prefetch_related("_artifacts").iterator(chunk_size=1000)
+            immediate_content.iterator(chunk_size=1000)
         ):
             new_data = artifact_to_python_content_data(
                 package.filename, package._artifacts.get(), domain
@@ -82,6 +99,62 @@ def repair_metadata(content: QuerySet[PythonPackageContent]) -> int:
                 batch = []
                 set_of_update_fields.clear()
 
+        for package in progress_report.iter(
+            on_demand_content.iterator(chunk_size=1000)
+        ):
+            remote_artifacts = (
+                package.contentartifact_set.get().remoteartifact_set.all()
+            )
+            # Call the API only for new packages to prevent redundant requests
+            if pkg_name != package.name:
+                pkg_name = package.name
+                # We expect that PythonPackageContent always has correct name and version
+                try:
+                    json_data = fetch_json_release_metadata(
+                        package.name, package.version, remote_artifacts.get().remote
+                    )
+                except RequestException as exc:
+                    log.warning(
+                        _(
+                            "Could not fetch metadata for {} {} from PyPI. Error: {}"
+                        ).format(package.name, package.version, exc)
+                    )
+                    continue
+            # Extract data only for the specific distribution being checked
+            # We expect that RemoteArtifact always has correct sha256
+            dist_data = next(
+                (
+                    dist
+                    for ra in remote_artifacts
+                    for dist in json_data["urls"]
+                    if ra.sha256 == dist["digests"]["sha256"]
+                ),
+                None,
+            )
+            if not dist_data:
+                log.warning(
+                    _("No matching distribution for {} was found.").format(package.name)
+                )
+                continue
+
+            new_data = parse_metadata(json_data["info"], package.version, dist_data)
+            new_data.pop("url")  # belongs to RemoteArtifact, not PythonPackageContent
+            new_data["pulp_domain"] = domain
+            new_data["_pulp_domain"] = new_data["pulp_domain"]
+            changed = False
+            for field, value in new_data.items():
+                if getattr(package, field) != value:
+                    setattr(package, field, value)
+                    set_of_update_fields.add(field)
+                    changed = True
+            if changed:
+                batch.append(package)
+            if len(batch) == 1000:
+                total_repaired += len(batch)
+                PythonPackageContent.objects.bulk_update(batch, set_of_update_fields)
+                batch = []
+                set_of_update_fields.clear()
+
     if batch:
         total_repaired += len(batch)
         PythonPackageContent.objects.bulk_update(batch, set_of_update_fields)

pulp_python/app/utils.py

@@ -1,5 +1,6 @@
 import pkginfo
 import re
+import requests
 import shutil
 import tempfile
 import json
@@ -9,6 +10,7 @@
 from packaging.utils import canonicalize_name
 from packaging.requirements import Requirement
 from packaging.version import parse, InvalidVersion
+from pulpcore.plugin.models import Remote
 
 
 PYPI_LAST_SERIAL = "X-PYPI-LAST-SERIAL"
@@ -189,6 +191,19 @@ def artifact_to_python_content_data(filename, artifact, domain=None):
     return data
 
 
+def fetch_json_release_metadata(name: str, version: str, remote: Remote) -> dict:
+    """
+    Fetches metadata for a specific release from PyPI's JSON API. A release can contain
+    multiple distributions. See https://docs.pypi.org/api/json/#get-a-release for more details.
+
+    Returns dict containing "info", "last_serial", "urls", and "vulnerabilities" keys.
+    """
+    url = f"{remote.url}pypi/{name}/{version}/json"
+    response = requests.get(url, timeout=10)
+    response.raise_for_status()
+    return response.json()
+
+
 def python_content_to_json(base_path, content_query, version=None, domain=None):
     """
     Converts a QuerySet of PythonPackageContent into the PyPi JSON format

pulp_python/tests/functional/api/test_repair.py

@@ -32,6 +32,33 @@ def _create(artifact_filename, filename, content_data):
     return _create
 
 
+@pytest.fixture
+def create_content_remote(python_bindings):
+    def _create(filename, content_data, ra_sha256, remote):
+        commands = (
+            "from pulpcore.plugin.models import ContentArtifact, RemoteArtifact; "
+            "from pulpcore.plugin.util import extract_pk, get_url; "
+            "from pulp_python.app.models import PythonPackageContent, PythonRemote; "
+            f"c = PythonPackageContent(filename={filename!r}, **{content_data!r}); "
+            "c.save(); "
+            f"ca = ContentArtifact(content=c, relative_path={filename!r}); "
+            "ca.save(); "
+            f"r = PythonRemote.objects.get(pk=extract_pk({remote.pulp_href!r})); "
+            f"ra = RemoteArtifact(content_artifact=ca, remote=r, sha256={ra_sha256!r}); "
+            "ra.save(); "
+            "print(get_url(c))"
+        )
+        process = subprocess.run(
+            ["pulpcore-manager", "shell", "-c", commands], capture_output=True
+        )
+
+        assert process.returncode == 0
+        content_href = process.stdout.decode().strip()
+        return python_bindings.ContentPackagesApi.read(content_href)
+
+    return _create
+
+
 @pytest.fixture
 def move_to_repository(python_bindings, monitor_task):
     def _move(repo_href, content_hrefs):
@@ -84,6 +111,7 @@ def test_metadata_repair_command(
 
 def test_metadata_repair_endpoint(
     create_content_direct,
+    delete_orphans_pre,
     download_python_file,
     monitor_task,
     move_to_repository,
@@ -124,3 +152,96 @@ def test_metadata_repair_endpoint(
     assert content.packagetype == "sdist"
     assert content.requires_python == ">=2.7,!=3.0.*,!=3.1.*,!=3.2.*,!=3.3.*"
     assert content.author == ""
+
+
+def test_metadata_repair_endpoint_on_demand(
+    create_content_remote,
+    delete_orphans_pre,
+    monitor_task,
+    move_to_repository,
+    python_bindings,
+    python_remote_factory,
+    python_repo_factory,
+):
+    """
+    Test repairing of package metadata via `Repositories.repair_metadata` endpoint
+    when only RemoteArtifacts are present.
+    """
+    # 1. Set up tested data
+    python_remote = python_remote_factory()
+    python_repo = python_repo_factory(remote=python_remote)
+
+    scipy_filename_1 = "scipy-1.1.0.tar.gz"
+    scipy_sha256_1 = "878352408424dffaa695ffedf2f9f92844e116686923ed9aa8626fc30d32cfd1"
+    scipy_data_1 = {
+        "name": "scipy",
+        "version": "1.1.0",
+        # Wrong metadata
+        "author": "ME",
+        "packagetype": "bdist",
+        "requires_python": ">=3.8",
+        "sha256": scipy_sha256_1,
+    }
+
+    scipy_filename_2 = "scipy-1.1.0-cp36-none-win32.whl"
+    scipy_sha256_2 = "0e9bb7efe5f051ea7212555b290e784b82f21ffd0f655405ac4f87e288b730b3"
+    scipy_data_2 = scipy_data_1.copy()
+    scipy_data_2["sha256"] = scipy_sha256_2
+
+    celery_filename = "celery-2.4.1.tar.gz"
+    celery_sha256 = "c77652ca179d14473975822dbfb1b5dab950c88c171ef6bc2257ddb9066e6790"
+    celery_data = {
+        "name": "celery",
+        "version": "2.4.1",
+        # Wrong metadata
+        "author": "ME",
+        "packagetype": "bdist",
+        "requires_python": ">=3.8",
+    }
+
+    # 2. Create content and store its href
+    content_hrefs = {}
+    for filename, data, sha256 in [
+        (scipy_filename_1, scipy_data_1, scipy_sha256_1),
+        (scipy_filename_2, scipy_data_2, scipy_sha256_2),
+        (celery_filename, celery_data, celery_sha256),
+    ]:
+        content = create_content_remote(filename, data, sha256, python_remote)
+        for field, test_value in data.items():
+            assert getattr(content, field) == test_value
+            content_hrefs[filename] = content.pulp_href
+    move_to_repository(python_repo.pulp_href, list(content_hrefs.values()))
+
+    # 3. Repair metadata
+    response = python_bindings.RepositoriesPythonApi.repair_metadata(
+        python_repo.pulp_href
+    )
+    monitor_task(response.task)
+
+    # 4. Check newly created metadata
+    new_metadata = [
+        (
+            "scipy-1.1.0.tar.gz",
+            "",
+            "scipy",
+            "sdist",
+            ">=2.7,!=3.0.*,!=3.1.*,!=3.2.*,!=3.3.*",
+            "1.1.0",
+        ),
+        (
+            "scipy-1.1.0-cp36-none-win32.whl",
+            "",
+            "scipy",
+            "bdist_wheel",
+            ">=2.7,!=3.0.*,!=3.1.*,!=3.2.*,!=3.3.*",
+            "1.1.0",
+        ),
+        ("celery-2.4.1.tar.gz", "Ask Solem", "celery", "sdist", "", "2.4.1"),
+    ]
+    for filename, author, name, packagetype, requires_python, version in new_metadata:
+        new_content = python_bindings.ContentPackagesApi.read(content_hrefs[filename])
+        assert new_content.author == author
+        assert new_content.name == name
+        assert new_content.packagetype == packagetype
+        assert new_content.requires_python == requires_python
+        assert new_content.version == version