Fix Conan package presenter to find correct files
What does this MR do?
When the Conan Package manager client makes a request to the GitLab Package registry to fetch a package (using conan install
), a sequence of requests is made:
- The client requests a list of URLs to download the package files
- The client requests a list of md5 hashes to verify against each downloaded file
- The client requests each file using the URLs returned in request 1
The logic to build the responses to request 1 and 2 resides in Packages::Conan::PackagePresenter
where #recipe_urls
and #package_urls
build the response to request 1, and #recipe_snapshot
and #package_snapshot
build the response to request 2.
A conan package is actually a series of packages that is grouped by a package recipe. Say I have package foo
, I may publish a Debug
build and a Release
build. Each build has it's own set of 3 files unique to the build. But both builds share a few files common to foo
called the recipe files
. The Debug
and Release
files have the same file names, so to differentiate between them a conan_package_reference
is used.
Currently, no matter which conan_package_reference
is requested, Packages::Conan::PackagePresenter
returns the first set of files it finds. This MR updates the presenter logic to find the files that match the conan_package_reference
supplied in the request params.
Screenshots
Does this MR meet the acceptance criteria?
Conformity
-
Changelog entry - [-] Documentation (if required)
-
Code review guidelines -
Merge request performance guidelines -
Style guides - [-] Database guides
-
Separation of EE specific content
Availability and Testing
-
Review and add/update tests for this feature/bug. Consider all test levels. See the Test Planning Process. - [-] Tested in all supported browsers
- [-] Informed Infrastructure department of a default or new setting change, if applicable per definition of done
Security
If this MR contains changes to processing or storing of credentials or tokens, authorization and authentication methods and other items described in the security review guidelines:
- [-] Label as security and @ mention
@gitlab-com/gl-security/appsec
- [-] The MR includes necessary changes to maintain consistency between UI, API, email, or other methods
- [-] Security reports checked/validated by a reviewer from the AppSec team
Related #208830 (closed)