Problem/Motivation

found in #3277830: [DrupalCon] Automatic Updates beta test result

The temporary directory write issue in the container. It seems like the automatic_updates module tried to create a directory in the /tmp directory in the container and it was not able to do that. As a workaround, I changed the temporary directory for the Drupal site in settings.php using
$settings['file_temp_path'] = 'sites/default/files/tmp';

Right now we don't prevent but I could see there being complications. Basically file_temp_path could be anything and we might want some restrictions.

But re @travisCarden Composer Stager does support staging directory under the active directory https://www.drupal.org/project/automatic_updates/issues/3277830#comment-...

Proposed resolution

TBD

Remaining tasks

User interface changes

API changes

Data model changes

Issue fork automatic_updates-3299094

Command icon Show commands

Start within a Git clone of the project using the version control instructions.

Or, if you do not have SSH keys set up on git.drupalcode.org:

About issue forks

Comments

tedbow created an issue. See original summary.

tedbow credited AjitS.

tedbow’s picture

tedbow
he/him
Primary language English
Location Ithaca, NY, USA
commented
wim leers’s picture

wim leers
Location Ghent 🇧🇪🇪🇺
commented
Title: Should we prevent staging errors that are nested in the site directory » Should we prevent staging areas that are nested in the sites directory?

Is this what you meant?

Is this still relevant?

tedbow’s picture

tedbow
he/him
Primary language English
Location Ithaca, NY, USA
commented
Title: Should we prevent staging areas that are nested in the sites directory? » Should we prevent staging areas that are nested in the active Composer project directory?
Issue tags: +core-mvp, +sprint

Updated the title.

I think this is still relevant to at least figure out what we want to do.

I think we would do one of these.

  1. Make a validator that prevents the staging directory from being anywhere inside the active directory or
  2. Make a validator that prevents the staging directory from being anywhere inside the active directory except under an excluded path.

We could do 1 as an MVP and then come back later support number 2)

omkar.podey’s picture

omkar.podey commented
Assigned: Unassigned » omkar.podey
wim leers’s picture

wim leers
Location Ghent 🇧🇪🇪🇺
commented
Issue tags: +Needs tests

Perhaps stating the obvious, but this will needs tests 🤓

omkar.podey opened merge request !640

omkar.podey’s picture

omkar.podey commented

We may want to use realpath() for the staging_root and project_root, I'm not sure if we will hit that edge case wher staging root is something like vfs:root/active/../stage which means stage is not inside of active but the validator would think that for now.

omkar.podey’s picture

omkar.podey commented
Assigned: omkar.podey » Unassigned
Status: Active » Needs review
omkar.podey’s picture

omkar.podey commented
Assigned: Unassigned » wim leers
omkar.podey’s picture

omkar.podey commented
Assigned: wim leers » omkar.podey
Status: Needs review » Needs work
omkar.podey’s picture

omkar.podey commented
Assigned: omkar.podey » Unassigned
Status: Needs work » Needs review
omkar.podey’s picture

omkar.podey commented
Assigned: Unassigned » wim leers
wim leers’s picture

wim leers
Location Ghent 🇧🇪🇪🇺
commented
Assigned: wim leers » omkar.podey
Status: Needs review » Needs work
Issue tags: -Needs tests

7 remarks — 6 nits, 1 critical one about test coverage.

Already looking good though! 👍

omkar.podey’s picture

omkar.podey commented
Assigned: omkar.podey » Unassigned
Status: Needs work » Needs review
wim leers’s picture

wim leers
Location Ghent 🇧🇪🇪🇺
commented
Assigned: Unassigned » omkar.podey
Status: Needs review » Needs work

2 remarks on the MR. 99% done!

omkar.podey’s picture

omkar.podey commented
Assigned: omkar.podey » Unassigned
Status: Needs work » Needs review
wim leers’s picture

wim leers
Location Ghent 🇧🇪🇪🇺
commented
Status: Needs review » Reviewed & tested by the community

Perfect! 🤩

tedbow’s picture

tedbow
he/him
Primary language English
Location Ithaca, NY, USA
commented
Status: Reviewed & tested by the community » Needs work

Looks good. Just need to subscribe to StatusCheckEvent also

See MR comment and #3321684: Most validators that subscribe to PreCreate to check readiness to update should also subscribe to PreApply]

tedbow’s picture

tedbow
he/him
Primary language English
Location Ithaca, NY, USA
commented
Assigned: Unassigned » omkar.podey
Related issues: +#3321684: Most validators that subscribe to PreCreate to check readiness to update should also subscribe to PreApply
omkar.podey’s picture

omkar.podey commented
Assigned: omkar.podey » Unassigned
Status: Needs work » Needs review
wim leers’s picture

wim leers
Location Ghent 🇧🇪🇪🇺
commented
Status: Needs review » Reviewed & tested by the community

268a4cc8 addressed #20 👍

@tedbow: do we want add a kernel test that checks that all validators subscribing to PreCreateEvent also subscribe to StatusCheckEvent except for the few that we know don't need it? That would prevent regressions. Could be a nice & simple follow-up 😊

tedbow’s picture

tedbow
he/him
Primary language English
Location Ithaca, NY, USA
commented
Status: Reviewed & tested by the community » Needs work

Thanks for queuing up the extra tests. setting back to Needs work to fix the test failures

omkar.podey’s picture

omkar.podey commented

Yeah it fails because D9 doesn't support Symfony 5.4 (where the new class Symfony\Component\Filesystem\Path was introduced), probably need to make a helper method.

omkar.podey’s picture

omkar.podey commented
Assigned: Unassigned » omkar.podey
wim leers’s picture

wim leers
Location Ghent 🇧🇪🇪🇺
commented

Error: Class 'Symfony\Component\Filesystem\Path' not found
😱

Looks like this does not exist in Drupal 9.4 or 9.5 …😬 which means we cannot use Path::canonicalize().

This is why:

$ git d 9.5.0 10.0.0 -- composer.json  | grep filesystem
-        "symfony/filesystem": "^4.4",
+        "symfony/filesystem": "^6.2",

🤔

wim leers’s picture

wim leers
Location Ghent 🇧🇪🇪🇺
commented

That method was added in https://github.com/symfony/filesystem/commit/d5ca5f7080a759dcb65300a55d5.... I propose to copy it verbatim into our code and just remove that in #3321474: Adopt PHP 8.1-only capabilities such as constructor property promotion + drop BC layers, where we will require Drupal >=10 anyway 🤓

omkar.podey’s picture

omkar.podey commented
Assigned: omkar.podey » wim leers
Status: Needs work » Needs review

Do we also want to copy over the test ? , and i am disabling phpcs and cspell checks on the Path class.

omkar.podey’s picture

omkar.podey commented

Still need to add a @todo to be removed in 8.x-3.x

omkar.podey’s picture

omkar.podey commented
Assigned: wim leers » omkar.podey
Status: Needs review » Needs work
omkar.podey’s picture

omkar.podey commented
Assigned: omkar.podey » wim leers
Status: Needs work » Needs review
wim leers’s picture

wim leers
Location Ghent 🇧🇪🇪🇺
commented
Assigned: wim leers » Unassigned
Status: Needs review » Reviewed & tested by the community

Nits only, fixed those, RTBC! 😊

wim leers’s picture

wim leers
Location Ghent 🇧🇪🇪🇺
commented
Title: Should we prevent staging areas that are nested in the active Composer project directory? » Prevent staging areas that nested in the active Composer project directory
wim leers’s picture

wim leers
Location Ghent 🇧🇪🇪🇺
commented
Related issues: +#3321474: Adopt PHP 8.1-only capabilities such as constructor property promotion + drop BC layers

Updated #3321474 for #28: #3321474-9: Adopt PHP 8.1-only capabilities such as constructor property promotion + drop BC layers.

tedbow’s picture

tedbow
he/him
Primary language English
Location Ithaca, NY, USA
commented
Status: Reviewed & tested by the community » Needs work

Looks pretty good!

Just a couple MR comments

wim leers’s picture

wim leers
Location Ghent 🇧🇪🇪🇺
commented
Assigned: Unassigned » omkar.podey

+1 for @tedbow's remarks, and found one more edge case to worry about.

wim leers’s picture

wim leers
Location Ghent 🇧🇪🇪🇺
commented
Related issues: +#3328234: Improve test DX *and* confidence: stop using VFS 
InvalidArgumentException: project_root and staging_root need to be absolute paths.

🤣

That's because now you've added proper validation, so the vfs:// test cases are no longer accepted. Until we move away from VFS entirely in #3328234: Improve test DX *and* confidence: stop using VFS, you'll need to change it to if (str_starts_with('vfs://'…) || Path::isAbsolute(…)) { … } 🤓

omkar.podey’s picture

omkar.podey commented
Assigned: omkar.podey » Unassigned
Status: Needs work » Needs review
wim leers’s picture

wim leers
Location Ghent 🇧🇪🇪🇺
commented
Assigned: Unassigned » omkar.podey
Status: Needs review » Needs work

One last nit!

omkar.podey’s picture

omkar.podey commented
Assigned: omkar.podey » wim leers
Status: Needs work » Needs review
wim leers’s picture

wim leers
Location Ghent 🇧🇪🇪🇺
commented
Assigned: wim leers » Unassigned
Status: Needs review » Reviewed & tested by the community

Ready! 🚢 Just have comment nits (mostly relating to #3328234: Improve test DX *and* confidence: stop using VFS), will apply those.

  • tedbow committed ec1c1e6a on 8.x-2.x authored by omkar.podey 
    Issue #3299094 by omkar.podey, Wim Leers, tedbow, AjitS: Prevent staging...
tedbow’s picture

tedbow
he/him
Primary language English
Location Ithaca, NY, USA
commented
Status: Reviewed & tested by the community » Fixed

Thanks! 🎉

Status: Fixed » Closed (fixed)

Automatically closed - issue fixed for 2 weeks with no activity.