`deserialize_one` attempts to parse `Message:`
Foxboron opened this issue · comments
Description of issue or feature request:
deserialize_one
attempts to parse the Message:
field in the test suite in develop
during test_bad_target
and fails to do so. Should be easy to replicate with tox -e py37
Current behavior:
message_str
Message: In-toto verification for '/home/fox/Git/prosjekter/master/apt-transport-in-toto/tests/data/bad/final-product_0.0.0.0-0_all.deb' failed, reason was: 'DISALLOW *.deb' matched the following artifacts: ['final-product_0.0.0.0-0_all.deb']
Full trace for 'expected_materials' of item 'verify-reprobuilds':
Available materials (used for queue):
['final-product_0.0.0.0-0_all.deb']
Available products:
['final-product_0.0.0.0-0_all.deb']
Queue after 'MATCH *.deb WITH PRODUCTS FROM rebuild':
['final-product_0.0.0.0-0_all.deb']
We are failing the check in the loop as the .splitlines()
will provide lines with only one string.
if len(header_field_parts) < 2:
raise Exception("Invalid header field: {}, message was:\n{}"
.format(line, message_str))
Traceback:
Traceback (most recent call last):
File "/home/fox/Git/prosjekter/master/apt-transport-in-toto/tests/test_intoto.py", line 215, in test_bad_target
acquire_args={"filename": FINAL_PRODUCT_PATH_BAD})
File "/home/fox/Git/prosjekter/master/apt-transport-in-toto/tests/test_intoto.py", line 148, in mock_apt
return intoto.deserialize_one(intoto.read_one(intoto_proc.stdout))
File "/home/fox/Git/prosjekter/master/apt-transport-in-toto/intoto.py", line 334, in deserialize_one
.format(line, message_str))
Exception: Invalid header field: ['final-product_0.0.0.0-0_all.deb'], message was:
400 URI Failure
Message: In-toto verification for '/home/fox/Git/prosjekter/master/apt-transport-in-toto/tests/data/bad/final-product_0.0.0.0-0_all.deb' failed, reason was: 'DISALLOW *.deb' matched the following artifacts: ['final-product_0.0.0.0-0_all.deb']
Full trace for 'expected_materials' of item 'verify-reprobuilds':
Available materials (used for queue):
['final-product_0.0.0.0-0_all.deb']
Available products:
['final-product_0.0.0.0-0_all.deb']
Queue after 'MATCH *.deb WITH PRODUCTS FROM rebuild':
['final-product_0.0.0.0-0_all.deb']
Expected behavior:
I'm a little bit unsure if the error is that we are unable to parse Message:
or if the fact that we have in-toto failure messages in Message:
.
Thanks for catching this, @Foxboron! The problem seems to be that in the latest in-toto version we have nicely formatted multi-line error messages for rule verification errors, which the transport just relays to apt, which in turn breaks the lined-based message parsing...
I'll follow up with a PR that encodes the error message.
Awesome :)