improved metadata safety when sealing -- always needs to refresh

2025-03-26 01:18:09 -04:00 · 2025-03-26 01:18:09 -04:00 · 15360edc42
parent 1d34a62e38
commit 15360edc42
2 changed files with 30 additions and 19 deletions
--- a/modules/build/include/sealing.hpp
+++ b/modules/build/include/sealing.hpp
@ -25,6 +25,7 @@
 #include <archive_entry.h>
 #include <fcntl.h>
 #include <unistd.h>
+#include <metadata.hpp>

 /**
 * @brief First phase of sealing a package stage directory
@ -57,12 +58,12 @@ int seal_final_package(const std::string &stage_dir, const std::string &output_d
 * Extracts a sealed package file back to its original stage directory structure
 * by expanding the gzipped tarballs.
 *
- * @param package_filepath Path to the sealed package file
+ * @param package_path Path to the sealed package file
 * @param output_dir Path to extract the package stage to
 * @param force Whether to force the operation even if warnings occur
 * @return 0 on success, non-zero on failure
 */
-int unseal_package(const std::string& package_filepath, const std::string& output_dir, bool force);
+int unseal_package(const std::string& package_path, const std::string& output_dir, bool force);


 /**
--- a/modules/build/src/sealing.cpp
+++ b/modules/build/src/sealing.cpp
@ -1,5 +1,6 @@
 #include "sealing.hpp"

+
 bool file_already_compressed(const std::string& path)
 {
    // Convert string to filesystem path
@ -430,50 +431,59 @@ bool smart_compress_component( const std::filesystem::path& stage_dir, const std
    return true;
 }

-int seal_stage_components( const std::string& stage_dir, bool force )
+
+int seal_stage_components(const std::string& stage_dir, bool force)
 {
-    dpm_log(LOG_INFO, ("Sealing package stage: " + stage_dir).c_str());
+    dpm_con(LOG_INFO, ("Sealing package stage: " + stage_dir).c_str());
+
+    // First refresh the metadata to ensure it's up-to-date
+    dpm_con(LOG_INFO, "Refreshing metadata before sealing...");
+    bool metadata_refresh_result = metadata_refresh_dynamic_files(stage_dir);
+    if (!metadata_refresh_result) {
+        dpm_con(LOG_ERROR, "Failed to refresh metadata files before sealing. Aborting.");
+        return 1;
+    }

    // Verify the stage directory structure
-    std::filesystem::path stage_path( stage_dir );
+    std::filesystem::path stage_path(stage_dir);

-    if (! smart_compress_component( stage_dir, "contents" ) ) {
-        dpm_log(LOG_FATAL, ("Failed to compress contents: " + stage_dir).c_str() );
+    if (!smart_compress_component(stage_dir, "contents")) {
+        dpm_con(LOG_FATAL, ("Failed to compress contents: " + stage_dir).c_str());
        return 1;
    }

-    if (! smart_compress_component( stage_dir, "hooks" ) ) {
-        dpm_log(LOG_FATAL, ("Failed to compress hooks: " + stage_dir).c_str() );
+    if (!smart_compress_component(stage_dir, "hooks")) {
+        dpm_con(LOG_FATAL, ("Failed to compress hooks: " + stage_dir).c_str());
        return 1;
    }

-    if (! smart_compress_component( stage_dir, "metadata" ) ) {
-        dpm_log(LOG_FATAL, ("Failed to compress metadata: " + stage_dir).c_str() );
+    if (!smart_compress_component(stage_dir, "metadata")) {
+        dpm_con(LOG_FATAL, ("Failed to compress metadata: " + stage_dir).c_str());
        return 1;
    }

    // Handle signatures component - check if it's an empty directory
-    if ( std::filesystem::is_directory( stage_path / "signatures" ) ) {
+    if (std::filesystem::is_directory(stage_path / "signatures")) {
        bool signatures_empty = true;

        // Check if signatures directory is empty
-        for ( const auto& entry : std::filesystem::directory_iterator( stage_path / "signatures" ) ) {
+        for (const auto& entry : std::filesystem::directory_iterator(stage_path / "signatures")) {
            signatures_empty = false;
            break;
        }

-        if ( signatures_empty ) {
-            dpm_log(LOG_INFO, "Signatures directory is empty, not compressing.");
+        if (signatures_empty) {
+            dpm_con(LOG_INFO, "Signatures directory is empty, not compressing.");
        } else {
-            dpm_log(LOG_INFO, "Compressing signatures component.");
-            if (! smart_compress_component( stage_dir, "signatures" ) ) {
-                dpm_log(LOG_FATAL, ("Failed to compress signatures: " + stage_dir).c_str() );
+            dpm_con(LOG_INFO, "Compressing signatures component.");
+            if (!smart_compress_component(stage_dir, "signatures")) {
+                dpm_con(LOG_FATAL, ("Failed to compress signatures: " + stage_dir).c_str());
                return 1;
            }
        }
    }

-    dpm_log(LOG_INFO, "Package stage sealed successfully.");
+    dpm_con(LOG_INFO, "Package stage sealed successfully.");
    return 0;
 }