bitbake: hashserv: Support read-only server

The -r/--readonly argument is added to the bitbake-hashserv app. If this argument is given then clients may only perform read operations against the server. The read-only mode is implemented by simply not installing handlers for write operations, this keeps the permission model simple and reduces the risk of accidentally allowing write operations. As a sqlite database can be safely opened by multiple processes in parallel, it's possible to start two hashserv instances against a single database if you wish to export both a read-only port and a read-write port. (Bitbake rev: 492bb02eb0e071c792407ac3113f92492da1a9cc) Signed-off-by: Paul Barker <pbarker@konsulko.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2026-06-01 13:09:50 +00:00 · 2021-02-05 11:26:07 +00:00
parent f5188da2f1
commit 3b559bb16d
4 changed files with 53 additions and 12 deletions
@@ -112,6 +112,9 @@ class Stats(object):
 class ClientError(Exception):
    pass

+class ServerError(Exception):
+    pass
+
 def insert_task(cursor, data, ignore=False):
    keys = sorted(data.keys())
    query = '''INSERT%s INTO tasks_v2 (%s) VALUES (%s)''' % (
@@ -138,7 +141,7 @@ class ServerClient(object):
    FAST_QUERY = 'SELECT taskhash, method, unihash FROM tasks_v2 WHERE method=:method AND taskhash=:taskhash ORDER BY created ASC LIMIT 1'
    ALL_QUERY =  'SELECT *                         FROM tasks_v2 WHERE method=:method AND taskhash=:taskhash ORDER BY created ASC LIMIT 1'

-    def __init__(self, reader, writer, db, request_stats, backfill_queue, upstream):
+    def __init__(self, reader, writer, db, request_stats, backfill_queue, upstream, read_only):
        self.reader = reader
        self.writer = writer
        self.db = db
@@ -149,15 +152,19 @@ class ServerClient(object):

        self.handlers = {
            'get': self.handle_get,
-            'report': self.handle_report,
-            'report-equiv': self.handle_equivreport,
            'get-stream': self.handle_get_stream,
            'get-stats': self.handle_get_stats,
-            'reset-stats': self.handle_reset_stats,
            'chunk-stream': self.handle_chunk,
-            'backfill-wait': self.handle_backfill_wait,
        }

+        if not read_only:
+            self.handlers.update({
+                'report': self.handle_report,
+                'report-equiv': self.handle_equivreport,
+                'reset-stats': self.handle_reset_stats,
+                'backfill-wait': self.handle_backfill_wait,
+            })
+
    async def process_requests(self):
        if self.upstream is not None:
            self.upstream_client = await create_async_client(self.upstream)
@@ -455,7 +462,10 @@ class ServerClient(object):


 class Server(object):
-    def __init__(self, db, loop=None, upstream=None):
+    def __init__(self, db, loop=None, upstream=None, read_only=False):
+        if upstream and read_only:
+            raise ServerError("Read-only hashserv cannot pull from an upstream server")
+
        self.request_stats = Stats()
        self.db = db

@@ -467,6 +477,7 @@ class Server(object):
            self.close_loop = False

        self.upstream = upstream
+        self.read_only = read_only

        self._cleanup_socket = None

@@ -510,7 +521,7 @@ class Server(object):
    async def handle_client(self, reader, writer):
        # writer.transport.set_write_buffer_limits(0)
        try:
-            client = ServerClient(reader, writer, self.db, self.request_stats, self.backfill_queue, self.upstream)
+            client = ServerClient(reader, writer, self.db, self.request_stats, self.backfill_queue, self.upstream, self.read_only)
            await client.process_requests()
        except Exception as e:
            import traceback