app/services/packages/maven/find_or_create_package_service.rb


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79

# frozen_string_literal: true
module Packages
  module Maven
    class FindOrCreatePackageService < BaseService
      SNAPSHOT_TERM = '-SNAPSHOT'

      def execute
        package =
          ::Packages::Maven::PackageFinder.new(params[:path], current_user, project: project)
                                          .execute

        unless Namespace::PackageSetting.duplicates_allowed?(package)
          return ServiceResponse.error(message: 'Duplicate package is not allowed') if target_package_is_duplicate?(package)
        end

        unless package
          # Maven uploads several files during `mvn deploy` in next order:
          #   - my-company/my-app/1.0-SNAPSHOT/my-app.jar
          #   - my-company/my-app/1.0-SNAPSHOT/my-app.pom
          #   - my-company/my-app/1.0-SNAPSHOT/maven-metadata.xml
          #   - my-company/my-app/maven-metadata.xml
          #
          # The last xml file does not have VERSION in URL because it contains
          # information about all versions. When uploading such file, we create
          # a package with a version set to `nil`. The xml file with a version
          # is only created and uploaded for snapshot versions.
          #
          # Gradle has a different upload order:
          #   - my-company/my-app/1.0-SNAPSHOT/maven-metadata.xml
          #   - my-company/my-app/1.0-SNAPSHOT/my-app.jar
          #   - my-company/my-app/1.0-SNAPSHOT/my-app.pom
          #   - my-company/my-app/maven-metadata.xml
          #
          # The first upload has to create the proper package (the one with the version set).
          if params[:file_name] == Packages::Maven::Metadata.filename && !params[:path]&.ends_with?(SNAPSHOT_TERM)
            package_name = params[:path]
            version = nil
          else
            package_name, _, version = params[:path].rpartition('/')
          end

          package_params = {
            name: package_name,
            path: params[:path],
            status: params[:status],
            version: version
          }

          package =
            ::Packages::Maven::CreatePackageService.new(project, current_user, package_params)
                                                   .execute
        end

        package.build_infos.safe_find_or_create_by!(pipeline: params[:build].pipeline) if params[:build].present?

        ServiceResponse.success(payload: { package: package })
      end

      private

      def extname(filename)
        return if filename.blank?

        File.extname(filename)
      end

      def target_package_is_duplicate?(package)
        # duplicate metadata files can be uploaded multiple times
        return false if package.version.nil?

        package
          .package_files
          .map { |file| extname(file.file_name) }
          .compact
          .include?(extname(params[:file_name]))
      end
    end
  end
end