deps fixes

basic/srv/vm/mgr/pkgmgr.py

@@ -1,8 +1,10 @@
 # -*- coding: utf-8 -*-
 
 import json
+import os
 import requests
 import shutil
+import subprocess
 import tempfile
 
 from cryptography.exceptions import InvalidSignature
@@ -20,6 +22,7 @@ class PackageManager:
         # Load JSON configuration
         with open(CONF_FILE, 'r') as f:
             self.conf = json.load(f)
+        self.repo_url = self.conf['host']['repo']
         self.online_packages = {}
 
     def save_conf(self):
@@ -29,9 +32,8 @@ class PackageManager:
 
     def get_online_packages(self):
         # Fetches and verifies online packages. Can raise InvalidSignature
-        repo_url = self.conf['host']['repo']
-        packages = requests.get('{}/packages'.format(repo_url)).content
-        packages_sig = requests.get('{}/packages.sig'.format(repo_url)).content
+        packages = requests.get('{}/packages'.format(self.repo_url)).content
+        packages_sig = requests.get('{}/packages.sig'.format(self.repo_url)).content
         with open(PUB_FILE, 'rb') as f:
             pub_key = load_pem_public_key(f.read(), default_backend())
         pub_key.verify(packages_sig, packages, ec.ECDSA(hashes.SHA512()))
@@ -47,20 +49,21 @@ class PackageManager:
 
     def download_package(self, name):
         # Downloads, verifies, unpacks and sets up a package
-        local_archive = tempfile.mkstemp('.tar.xz')
+        tmp_archive = tempfile.mkstemp('.tar.xz')[1]
         r = requests.get('{}/{}.tar.xz'.format(self.repo_url, name), auth=('test', 'txUqqZLaM.Z;3E2E'), stream=True) # TODO: Remove the testing password
-        with open(local_archive, 'wb') as f:
-            for chunk in r.iter_content(chunk_size=65536): 
+        with open(tmp_archive, 'wb') as f:
+            for chunk in r.iter_content(chunk_size=65536):
                 if chunk:
                     f.write(chunk)
         # Verify hash
-        if self.online_packages[name]['sha512'] != hash_file(local_archive):
+        if self.online_packages[name]['sha512'] != hash_file(tmp_archive):
             raise InvalidSignature(name)
         # Unpack
-        subprocess.run(['tar', 'xJf', local_archive], cwd=LXC_ROOT)
-        os.unlink(local_archive)
+        subprocess.run(['tar', 'xJf', tmp_archive], cwd=LXC_ROOT)
+        os.unlink(tmp_archive)
 
-    def register_package(self, name, metadata):
+    def register_package(self, name):
+        metadata = self.online_packages[name]
         self.conf['packages'][name] = {
             'version': metadata['version'],
         }
@@ -84,9 +87,10 @@ class PackageManager:
             shutil.rmtree(setup_dir)
 
     def get_deps(self, name):
-        deps = self.online_packages[name]['deps'] + [name]
+        deps = self.online_packages[name]['deps'].copy()
         for dep in deps:
             deps[:0] = [d for d in self.get_deps(dep) if d not in deps]
+        deps.append(name)
         return deps
 
 def hash_file(file_path):

zz-extra/lxc-pack

@@ -54,6 +54,7 @@ def pack(pkg_file):
         with open(packages_file, 'r') as f:
             packages = json.load(f)
     packages[pkg_name] = meta
+    packages[pkg_name]['sha512'] = hash_file(xz_path)
     with open(packages_file, 'w') as f:
         json.dump(packages, f, sort_keys=True, indent=4)