charm-tools icon indicating copy to clipboard operation
charm-tools copied to clipboard

Published 20 hours ago verified publisher icon juju

"charm build" includes .swp files in compose charm

Open mhilton opened this issue 6 years ago • 3 comments

Otherwise, if you have a feature request or issue with any other charm command please delete the above and continue below

Checklist

  • [X] Confirmed this is an issue with charm-tools, not charmstore-client
  • [ ] Provide versions of tools used
  • [ ] Described the feature or ways to replicate the issue

From @jacekn (https://github.com/juju/charmstore-client/issues/142)

I have a layer with revision history in git. I have the following line in the .gitignore: *.swp

I edited my charm, checked "git status" and it was clean, I then composed the charm and I ended up with .prometheus.py.swp in the composed charm directory.

This is slightly embarrassing but there are situations where behavior like this is be dangerous. It's not uncommon for developers to have secrets.cfg stanzas in their .gitignore and keep secrets inside secrets.cfg. If "charm build" does not take .gitignore into account the developer can end up pushing secrets to the charmstore.

Could charm tools be improved to catch problems like this?

mhilton avatar Jul 11 '18 15:07 mhilton

charm build supports .gitignore-style ignores in layer.yaml and has some defaults, but they don't include *.swp. I think this used to be documented somewhere but I can't find it now.

It might also be reasonable to include the contents of .gitignore automatically, but that might break some charms. Perhaps an option to control it?

johnsca avatar Jul 11 '18 21:07 johnsca

Can confirm, this also impacts charm-proof, as I was unable to build a charm where a .README.md.swp was present in the root of the charm's repository, with the following traceback:

I think ignoring *.swp by default is a very safe default to add, which would address this problem in both cases, so long as charm-proofalso respected the ignores.

Traceback (most recent call last):
  File "/snap/charm/357/bin/charm-proof", line 11, in <module>
    load_entry_point('charm-tools==2.6.1', 'console_scripts', 'charm-proof')()
  File "/snap/charm/357/lib/python3.6/site-packages/charmtools/proof.py", line 71, i
n main
    lint, exit_code = proof(args_.charm_name, args_.bundle, args_.debug)
  File "/snap/charm/357/lib/python3.6/site-packages/charmtools/proof.py", line 65, i
n proof
    lint, err_code = c.proof()
  File "/snap/charm/357/lib/python3.6/site-packages/charmtools/charms.py", line 380,
 in proof
    readme_content = r.read()
  File "/snap/charm/357/usr/lib/python3.6/codecs.py", line 321, in decode
    (result, consumed) = self._buffer_decode(data, self.errors, final)
UnicodeDecodeError: 'utf-8' codec can't decode byte 0xe6 in position 16: invalid continuation byte

digitalrane avatar Sep 11 '19 22:09 digitalrane

Waking this back up, as we've hit the same issue. You can't charm build (due to proof failure) if you've got any README file open. Still an issue in snap charm 2.7.3

afreiberger avatar Mar 24 '20 21:03 afreiberger