Skip to content

Commit

Permalink
(maint) Handle an invalid mirror gracefully
Browse files Browse the repository at this point in the history
Because the HTTP source's valid_url? check was always returning truthy before, a mirror URL to a file would always seem to be valid, even if it wasn't. Now that 9995d5e fixed it, a Vanagon::Error would get thrown saying it was an unknown file type. This means that fetch_url would never get called since this exception in fetch_mirrors would be unhandled.

This handles that particular error, and continues to throw other Vanagon::Error types, as they usually indicate a problem with the definition of the component or some other type of fatal error. Additionally, this changes the catching of RuntimeError to StandardError, so that we can handle issues talking to the particular URL, such as OpenSSL errors.
  • Loading branch information
Nick Burgan-Illig committed Aug 28, 2023
1 parent 544a2c7 commit 8d4a9ee
Show file tree
Hide file tree
Showing 3 changed files with 16 additions and 4 deletions.
2 changes: 2 additions & 0 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,8 @@ This project adheres to [Semantic Versioning](https://semver.org).
This changelog adheres to [Keep a CHANGELOG](https://keepachangelog.com).

## [Unreleased]
### Fixed
- (maint) Handle an invalid mirror gracefully

## [0.39.1] - release 2023-08-25
### Fixed
Expand Down
11 changes: 9 additions & 2 deletions lib/vanagon/component.rb
Original file line number Diff line number Diff line change
Expand Up @@ -260,14 +260,21 @@ def fetch_mirrors(options)
VanagonLogger.info %(Attempting to fetch from mirror URL "#{mirror}")
@source = Vanagon::Component::Source.source(mirror, **options)
return true if source.fetch
rescue Vanagon::InvalidSource
# This means that the URL was not a git repo or a valid downloadable file,
# which means either the URL is incorrect, or we don't have access to that
# resource. Return false, so that the pkg.url value can be used instead.
VanagonLogger.error %(Invalid source "#{mirror}")
rescue SocketError
# SocketError means that there was no DNS/name resolution
# for whatever remote protocol the mirror tried to use.
VanagonLogger.error %(Unable to resolve mirror URL "#{mirror}")
rescue RuntimeError
rescue StandardError
# Source retrieval does not consistently return a meaningful
# namespaced error message, which means we're brute-force rescuing
# RuntimeError. Not a good look, and we should fix this.
# StandardError. Also, we want to handle other unexpected things when
# we try reaching out to the URL, so that we can gracefully return
# false and fall back to fetching the pkg.url value instead.
VanagonLogger.error %(Unable to retrieve mirror URL "#{mirror}")
end
end
Expand Down
7 changes: 5 additions & 2 deletions lib/vanagon/component/source.rb
Original file line number Diff line number Diff line change
Expand Up @@ -3,8 +3,11 @@
require 'vanagon/component/source/http'
require 'vanagon/component/source/git'
require 'vanagon/component/source/local'
require 'vanagon/errors'

class Vanagon
class InvalidSource < Vanagon::Error
end
class Component
class Source
SUPPORTED_PROTOCOLS = %w[file http https git].freeze
Expand Down Expand Up @@ -55,8 +58,8 @@ def source(uri_instance, **options) # rubocop:disable Metrics/AbcSize
end

# Unknown source type!
raise Vanagon::Error,
"Unknown file type: '#{uri}'; cannot continue"
raise Vanagon::InvalidSource,
"Source is invalid or of an unknown type: '#{uri}'; cannot continue"
end

def determine_source_type(uri)
Expand Down

0 comments on commit 8d4a9ee

Please sign in to comment.