Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

ngclient: throws securesystemslib errors

See original GitHub issue

If ngclient fails to write a target file to disk, we let securesystemslib.exceptions.StorageError propagate.

This seems like a bug: we should either handle this error, or possibly not use the securesystemslib.util.persist_temp_file() at all (it’s not super useful to us as we’re not using the storage abstraction and the rest is a few lines of code that actually hides the error we’d really like to get: OSError which we already use for metadata files in the same situation).

Issue Analytics

State:
Created 2 years ago
Comments:5 (4 by maintainers)

Top GitHub Comments

2reactions

joshuaglcommented, Jan 21, 2022

Filesystem abstraction was implemented for repository related code, I agree with the assertion that this seems unnecessary in the context of the client. Simpler use of standard file move methods seems like a reasonable decision.

Separately, it would be worth investigating whether the write/flush/fsync in securesystemslib is even necessary for the modern Python versions we support (it was copy/pasted from old code and written when we were supporting Python 2.7). The Python standard library is constantly evolving and, for example, since Python 3.8 a file copy may happen entirely within the OS kernel (avoiding user space buffers).

2reactions

jkucommented, Jan 21, 2022

in context of this issue and target persistence: I wanted to say that it seems like it’s not actually critical how target files are written to disk. A plain shutil.copyfileobj() instead of persist_temp_file() seems fine to me (and I’ll always prefer simplicity…).

If someone has a counter argument to that I’d be interested in hearing it.