github2gerrit 0.1.8__py3-none-any.whl → 0.1.9__py3-none-any.whl

github2gerrit/cli.py

@@ -3,13 +3,10 @@
 
 from __future__ import annotations
 
-import io
 import json
 import logging
 import os
-import shutil
 import tempfile
-import zipfile
 from collections.abc import Callable
 from concurrent.futures import ThreadPoolExecutor
 from concurrent.futures import as_completed
@@ -20,8 +17,6 @@ from typing import Protocol
 from typing import TypeVar
 from typing import cast
 from urllib.parse import urlparse
-from urllib.request import Request
-from urllib.request import urlopen
 
 import click
 import typer
@@ -295,11 +290,14 @@ def main(
     """
     Tool to convert GitHub pull requests into Gerrit changes
 
-    - Providing a URL to a pull request: converts that pull request into a Gerrit change
+    - Providing a URL to a pull request: converts that pull request
+      into a Gerrit change
 
-    - Providing a URL to a GitHub repository converts all open pull requests into Gerrit changes
+    - Providing a URL to a GitHub repository converts all open pull
+      requests into Gerrit changes
 
-    - No arguments for CI/CD environment; reads parameters from environment variables
+    - No arguments for CI/CD environment; reads parameters from
+      environment variables
     """
     # Override boolean parameters with properly parsed environment variables
     # This ensures that string "false" from GitHub Actions is handled correctly
@@ -361,15 +359,21 @@ def main(
     # URL mode handling
     if target_url:
         org, repo, pr = _parse_github_target(target_url)
+        log.debug("Parsed GitHub URL: org=%s, repo=%s, pr=%s", org, repo, pr)
         if org:
             os.environ["ORGANIZATION"] = org
+            log.debug("Set ORGANIZATION=%s", org)
         if org and repo:
-            os.environ["GITHUB_REPOSITORY"] = f"{org}/{repo}"
+            github_repo = f"{org}/{repo}"
+            os.environ["GITHUB_REPOSITORY"] = github_repo
+            log.debug("Set GITHUB_REPOSITORY=%s", github_repo)
         if pr:
             os.environ["PR_NUMBER"] = str(pr)
             os.environ["SYNC_ALL_OPEN_PRS"] = "false"
+            log.debug("Set PR_NUMBER=%s", pr)
         else:
             os.environ["SYNC_ALL_OPEN_PRS"] = "true"
+            log.debug("Set SYNC_ALL_OPEN_PRS=true")
         os.environ["G2G_TARGET_URL"] = "1"
     # Debug: Show environment at CLI startup
     log.debug("CLI startup environment check:")
@@ -748,6 +752,13 @@ def _prepare_local_checkout(workspace: Path, gh: GitHubContext, data: Inputs) ->
 
 def _fallback_to_api_archive(workspace: Path, gh: GitHubContext, data: Inputs, pr_num_str: str) -> None:
     """Fallback to GitHub API archive download for private repos."""
+    import io
+    import json
+    import shutil
+    import zipfile
+    from urllib.request import Request
+    from urllib.request import urlopen
+
     log.info("Attempting API archive fallback for PR #%s", pr_num_str)
 
     # Get GitHub token for authenticated requests

github2gerrit/config.py

@@ -131,6 +131,22 @@ def _coerce_value(raw: str) -> str:
     # like SSH keys or known_hosts entries can be specified inline using
     # '\n' or '\r\n' in configuration files.
     normalized_newlines = unquoted.replace("\\r\\n", "\n").replace("\\n", "\n").replace("\r\n", "\n")
+
+    # Additional sanitization for SSH private keys
+    if ("-----BEGIN" in normalized_newlines and "PRIVATE KEY-----" in normalized_newlines) or (
+        "ssh-" in normalized_newlines.lower() and "key" in normalized_newlines.lower()
+    ):
+        # Clean up SSH key formatting: remove extra whitespace, normalize line endings
+        lines = normalized_newlines.split("\n")
+        sanitized_lines = []
+        for line in lines:
+            cleaned = line.strip()
+            if cleaned:
+                # Remove any stray quotes that might have been embedded in the key content
+                cleaned = cleaned.replace('"', "").replace("'", "")
+                sanitized_lines.append(cleaned)
+        normalized_newlines = "\n".join(sanitized_lines)
+
     b = _normalize_bool_like(normalized_newlines)
     return b if b is not None else normalized_newlines
 
@@ -149,7 +165,7 @@ def _select_section(
 
 def _load_ini(path: Path) -> configparser.RawConfigParser:
     cp = configparser.RawConfigParser()
-    # Preserve option case; mypy requires a cast for attribute assignment
+    # Preserve option case; mypy requires a cast for attribute requirement
     cast(Any, cp).optionxform = str
     try:
         with path.open("r", encoding="utf-8") as fh:
@@ -162,6 +178,9 @@ def _load_ini(path: Path) -> configparser.RawConfigParser:
         # We collapse these into a single line with '\n' escapes so that
         # configparser can ingest them reliably; later, _coerce_value()
         # converts the escapes back to real newlines.
+        #
+        # We also handle SSH private keys and other multi-line values that
+        # might have formatting inconsistencies by sanitizing them.
         lines = raw_text.splitlines()
         out_lines: list[str] = []
         i = 0
@@ -171,6 +190,8 @@ def _load_ini(path: Path) -> configparser.RawConfigParser:
             if eq_idx != -1:
                 left = line[: eq_idx + 1]
                 rhs = line[eq_idx + 1 :].strip()
+
+                # Handle standard multi-line quoted values: key = "
                 if rhs == '"':
                     i += 1
                     block: list[str] = []
@@ -187,10 +208,64 @@ def _load_ini(path: Path) -> configparser.RawConfigParser:
                     else:
                         # No closing quote found; fall through
                         # and keep original line
+                        log.debug("Multi-line quote not properly closed for line: %s", line[:50])
                         out_lines.append(line)
                         continue
+
+                # Handle SSH private keys and other values that start with a quote
+                # but contain embedded content that might confuse configparser
+                elif rhs.startswith('"') and not rhs.endswith('"'):
+                    # This looks like a multi-line value that starts on the same line
+                    # Collect all content until we find a line ending with a quote
+                    content_lines = [rhs[1:]]  # Remove opening quote
+                    i += 1
+
+                    while i < len(lines):
+                        current_line = lines[i]
+                        if current_line.strip().endswith('"') and not current_line.strip().endswith('\\"'):
+                            # Found closing quote - remove it and add final line
+                            final_content = current_line.rstrip()
+                            if final_content.endswith('"'):
+                                final_content = final_content[:-1]
+                            if final_content:  # Only add if there's content after removing quote
+                                content_lines.append(final_content)
+                            break
+                        else:
+                            content_lines.append(current_line)
+                        i += 1
+
+                    # Join all content and sanitize for SSH keys
+                    full_content = "\\n".join(content_lines)
+
+                    # Special handling for SSH private keys - remove extra whitespace and line breaks
+                    key_name = left.split("=")[0].strip().upper()
+                    if "SSH" in key_name and "KEY" in key_name:
+                        # For SSH keys, clean up base64 content by removing whitespace within lines
+                        sanitized_lines = []
+                        for content_line in content_lines:
+                            cleaned = content_line.strip()
+                            # Preserve SSH key headers/footers but clean base64 content
+                            if cleaned.startswith("-----") or not cleaned:
+                                sanitized_lines.append(cleaned)
+                            else:
+                                # Remove any embedded quotes and whitespace from base64 content
+                                cleaned = cleaned.replace('"', "").replace("'", "").strip()
+                                if cleaned:
+                                    sanitized_lines.append(cleaned)
+                        full_content = "\\n".join(sanitized_lines)
+
+                    log.debug(
+                        "Processed multi-line value for key %s (length: %d)",
+                        left.split("=")[0].strip(),
+                        len(full_content),
+                    )
+                    out_lines.append(f'{left} "{full_content}"')
+                    i += 1
+                    continue
+
             out_lines.append(line)
             i += 1
+
         preprocessed = "\n".join(out_lines) + ("\n" if out_lines else "")
         cp.read_string(preprocessed)
     except FileNotFoundError:
@@ -272,6 +347,8 @@ def load_org_config(
 
     # Report unknown configuration keys to help users catch typos
     unknown_keys = set(normalized.keys()) - KNOWN_KEYS
+    log.debug("All parsed keys from config: %s", sorted(normalized.keys()))
+    log.debug("Known keys: %s", sorted(KNOWN_KEYS))
     if unknown_keys:
         log.warning(
             "Unknown configuration keys found in [%s]: %s. "

github2gerrit/core.py

@@ -30,10 +30,7 @@ import logging
 import os
 import re
 import shlex
-import shutil
-import socket
 import stat
-import tempfile
 import urllib.parse
 import urllib.request
 from collections.abc import Iterable
@@ -789,6 +786,8 @@ class Orchestrator:
 
     def _strategy_open_fchmod(self, key_path: Path, key_content: str) -> None:
         """Strategy: open with os.open and specific flags, then fchmod."""
+        import os
+        import stat
 
         flags = os.O_WRONLY | os.O_CREAT | os.O_EXCL
         mode = stat.S_IRUSR | stat.S_IWUSR  # 0o600
@@ -802,6 +801,7 @@ class Orchestrator:
 
     def _strategy_umask_open(self, key_path: Path, key_content: str) -> None:
         """Strategy: set umask, create file, restore umask."""
+        import os
 
         original_umask = os.umask(0o077)  # Only owner can read/write
         try:
@@ -813,6 +813,8 @@ class Orchestrator:
 
     def _strategy_stat_constants(self, key_path: Path, key_content: str) -> None:
         """Strategy: use stat constants for permission setting."""
+        import os
+        import stat
 
         with open(key_path, "w", encoding="utf-8") as f:
             f.write(key_content)
@@ -824,9 +826,13 @@ class Orchestrator:
 
     def _create_key_in_memory_fs(self, key_path: Path, key_content: str) -> bool:
         """Fallback: try to create key in memory filesystem."""
+        import shutil
+        import tempfile
+
         try:
             # Try to create in memory filesystem if available
             # Use secure temporary directories
+            import tempfile
 
             temp_dir = tempfile.gettempdir()
             memory_dirs = [temp_dir]
@@ -2337,6 +2343,7 @@ class Orchestrator:
         - Verify GitHub token by fetching repository and PR metadata
         - Do NOT perform any write operations
         """
+        import socket
 
         log.info("Dry-run: starting preflight checks")
         if os.getenv("G2G_DRYRUN_DISABLE_NETWORK", "").strip().lower() in (

github2gerrit/duplicate_detection.py

@@ -289,6 +289,8 @@ class DuplicateDetector:
         Returns:
             Hex-encoded SHA256 hash string (first 16 characters for readability)
         """
+        import hashlib
+
         # Build hash input from stable, unique PR identifiers
         # Use server_url + repository + pr_number for global uniqueness
         hash_input = f"{gh.server_url}/{gh.repository}/pull/{gh.pr_number}"

github2gerrit/external_api.py

@@ -29,14 +29,12 @@ import functools
 import logging
 import random
 import socket
-import subprocess
 import time
 import urllib.error
 from collections.abc import Callable
 from dataclasses import dataclass
 from dataclasses import field
 from enum import Enum
-from pathlib import Path
 from typing import Any
 from typing import NoReturn
 from typing import TypeVar
@@ -443,6 +441,9 @@ def curl_download(
     Raises:
         RuntimeError: If curl command fails after retries
     """
+    import subprocess
+    from pathlib import Path
+
     if policy is None:
         policy = RetryPolicy(max_attempts=3, timeout=timeout)
 

github2gerrit/github_api.py

@@ -171,7 +171,9 @@ def build_client(token: str | None = None) -> GhClient:
 def get_repo_from_env(client: GhClient) -> GhRepository:
     """Return the repository object based on GITHUB_REPOSITORY."""
     full = _getenv_str("GITHUB_REPOSITORY")
+    log.debug("GITHUB_REPOSITORY environment variable: '%s'", full)
     if not full or "/" not in full:
+        log.error("Invalid GITHUB_REPOSITORY: '%s' (expected format: 'owner/repo')", full)
         raise ValueError(_MSG_BAD_GITHUB_REPOSITORY)
     repo = client.get_repo(full)
     return repo

github2gerrit/gitutils.py

@@ -11,10 +11,8 @@ from __future__ import annotations
 
 import logging
 import os
-import re
 import shlex
 import subprocess
-import tempfile
 import time
 from collections.abc import Callable
 from collections.abc import Iterable
@@ -483,7 +481,9 @@ def git_commit_amend(
     # Write message to a temp file to avoid shell-escaping issues
     tmp_path: Path | None = None
     if message is not None:
-        with tempfile.NamedTemporaryFile("w", delete=False, encoding="utf-8") as _tf:
+        import tempfile as _tempfile
+
+        with _tempfile.NamedTemporaryFile("w", delete=False, encoding="utf-8") as _tf:
             _tf.write(message)
             _tf.flush()
             tmp_path = Path(_tf.name)
@@ -493,6 +493,9 @@ def git_commit_amend(
     # Determine whether to add -s; only suppress if message already has a sign-off for current committer
     effective_signoff = bool(signoff)
     try:
+        import os
+        import re
+
         # Resolve committer email (prefer repo-local; fallback to global/env)
         committer_email = os.getenv("GIT_COMMITTER_EMAIL", "").strip()
         if not committer_email:
@@ -583,7 +586,9 @@ def git_commit_new(
     # Write message to a temp file to avoid shell-escaping issues
     tmp_path: Path | None = None
     if message is not None:
-        with tempfile.NamedTemporaryFile("w", delete=False, encoding="utf-8") as _tf:
+        import tempfile as _tempfile
+
+        with _tempfile.NamedTemporaryFile("w", delete=False, encoding="utf-8") as _tf:
             _tf.write(message)
             _tf.flush()
             tmp_path = Path(_tf.name)
@@ -593,6 +598,9 @@ def git_commit_new(
     # Determine whether to add -s; only suppress if message already has a sign-off for current committer
     effective_signoff = bool(signoff)
     try:
+        import os
+        import re
+
         # Resolve committer email (prefer repo-local; fallback to global/env)
         committer_email = os.getenv("GIT_COMMITTER_EMAIL", "").strip()
         if not committer_email:

{github2gerrit-0.1.8.dist-info → github2gerrit-0.1.9.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: github2gerrit
-Version: 0.1.8
+Version: 0.1.9
 Summary: Submit a GitHub pull request to a Gerrit repository.
 Author-email: Matthew Watkins <mwatkins@linuxfoundation.org>
 License-Expression: Apache-2.0
@@ -297,7 +297,7 @@ jobs:
     steps:
       - name: Submit PR to Gerrit
         id: g2g
-        uses: lfit/github2gerrit@main
+        uses: lfreleng-actions/github2gerrit-action@main
         with:
           SUBMIT_SINGLE_COMMITS: "false"
           USE_PR_AS_COMMIT: "false"
@@ -343,7 +343,7 @@ uv run github2gerrit
 uvx github2gerrit https://github.com/owner/repo/pull/123
 
 # Install from specific version/source
-uvx --from git+https://github.com/lfit/github2gerrit@main github2gerrit https://github.com/owner/repo/pull/123
+uvx --from git+https://github.com/lfreleng-actions/github2gerrit-action@main github2gerrit https://github.com/owner/repo/pull/123
 ```
 
 ### Available Options
@@ -524,7 +524,7 @@ jobs:
 
       - name: Submit PR to Gerrit (with explicit overrides)
         id: g2g
-        uses: lfit/github2gerrit@main
+        uses: lfreleng-actions/github2gerrit-action@main
         with:
           # Behavior
           SUBMIT_SINGLE_COMMITS: "false"
@@ -777,7 +777,7 @@ For CI/CD pipelines (like GitHub Actions), use `uvx` to install and run without
 uvx github2gerrit <PR_URL> --dry-run
 
 # Install from a specific version or source
-uvx --from git+https://github.com/lfit/github2gerrit@main github2gerrit <PR_URL>
+uvx --from git+https://github.com/lfreleng-actions/github2gerrit-action@main github2gerrit <PR_URL>
 
 # Run with specific Python version
 uvx --python 3.11 github2gerrit <PR_URL>

{github2gerrit-0.1.8.dist-info → github2gerrit-0.1.9.dist-info}/RECORD

@@ -1,14 +1,14 @@
 github2gerrit/__init__.py,sha256=N1Vj1HJ28LKCJLAynQdm5jFGQQAz9YSMzZhEfvbBgow,886
-github2gerrit/cli.py,sha256=j2jdsfO3WZqHF0UIINVWJrPzMUHtIwzGKmbAhvP1Q3c,45483
+github2gerrit/cli.py,sha256=ClwCOtMl9eecobeN6Bb1GFQ_E-kbILdxKFE89Vtvai4,45865
 github2gerrit/commit_normalization.py,sha256=u4AZigz3qOpz5XYpUOq3WUqsY-o08YrkgaT160eyIIs,16594
-github2gerrit/config.py,sha256=sTiujlOjCsJbaA-Ftr5XR--9nxs7XH8uEWD-IbGqLYk,17370
-github2gerrit/core.py,sha256=xSUBhB_xOpCrVbnNu2m1QqKrZJTa8zJrmEK28-ehqPg,105033
-github2gerrit/duplicate_detection.py,sha256=enzLMsMQOeB5yU_iEOfTN5oGuZ0LUZNENsQ4fFnKKRg,26520
-github2gerrit/external_api.py,sha256=ypMKGIsCAYTvP2u55l8X5eUC88T6EKvyZvlsAWRFVcU,17629
+github2gerrit/config.py,sha256=uRVVcofzojTayA8AyM_3rgSFsV0fWGjixWmK48aZsRA,21471
+github2gerrit/core.py,sha256=Mjo_TNocFE5HDmRTxh54LEHAEw5y1u6lc1qItEZ76GA,105180
+github2gerrit/duplicate_detection.py,sha256=5j6EDz2P3GnnT2JkR1tGbzWCjA6TV0l5VjsEMs-tfCM,26544
+github2gerrit/external_api.py,sha256=EVHh__v6lRq_ojpBI_nkGZ31AQSZ9NG8tDqVUid23XY,17638
 github2gerrit/gerrit_rest.py,sha256=NmC95hb2hLpnko8Uu3OwPEKktNv-k3qrmuA7A2q-H0Y,10562
 github2gerrit/gerrit_urls.py,sha256=pw4rjIQeQ-i-vbPqsOZjZpdz7FO03pnMUMWc8L9Mcic,12893
-github2gerrit/github_api.py,sha256=1cTZMunDx6_oLNR3Z__ya6vsw0_PFS5ww3jQla5SVFA,8229
-github2gerrit/gitutils.py,sha256=7E-bYux4E-5IJMSxYx8U0sKzD-wkn3QyEfZ7SGHkGrY,25803
+github2gerrit/github_api.py,sha256=6S9DRt-Dza78cgxQwZ3_ujI0yPPozDGBIKnYgHan760,8388
+github2gerrit/gitutils.py,sha256=3ob1K7dlKeWYYYOPXIIJ56p2N49lm1yj8XHHg2zSlhw,25929
 github2gerrit/models.py,sha256=sRS4rPMF_wjV19HMFTzhHXFMfsLFzm9TFb1JydJsSyQ,1875
 github2gerrit/pr_content_filter.py,sha256=w4MqSZ4uLX-3Da1DL_A56zVQa7xJ4h5jHMNteOOG2AE,16896
 github2gerrit/similarity.py,sha256=xPqdypI-Fmpeb74K4lcqZBxj17i8avS_x73dXckeicA,15268
@@ -16,9 +16,9 @@ github2gerrit/ssh_agent_setup.py,sha256=fvKuMdF9Hv5ioaSu_alzLcjeoQLGGFRLS2wb46Kd
 github2gerrit/ssh_common.py,sha256=f0QQmnj6yIW74N3ZjGkYmJryEstjEOmq41EIXOZdGTM,8102
 github2gerrit/ssh_discovery.py,sha256=zH0tX9VN1pn8DLM1J9QQquoKBhA9gk5drXHvMSHNNLg,13021
 github2gerrit/utils.py,sha256=ADE5YZe1h3PB3cgfxbsCuYU-Xs-1CMHrDHxfIdariFE,3369
-github2gerrit-0.1.8.dist-info/licenses/LICENSE,sha256=xx0jnfkXJvxRnG63LTGOxlggYnIysveWIZ6H3PNdCrQ,11357
-github2gerrit-0.1.8.dist-info/METADATA,sha256=XMojs1cbwj9CPacFK6YDE3TczE5s4tE4YFPKZXGUUIY,30930
-github2gerrit-0.1.8.dist-info/WHEEL,sha256=_zCd3N1l69ArxyTb8rzEoP9TpbYXkqRFSNOD5OuxnTs,91
-github2gerrit-0.1.8.dist-info/entry_points.txt,sha256=MxN2_liIKo3-xJwtAulAeS5GcOS6JS96nvwOQIkP3W8,56
-github2gerrit-0.1.8.dist-info/top_level.txt,sha256=bWTYXjvuu4sSU90KLT1JlnjD7xV_iXZ-vKoulpjLTy8,14
-github2gerrit-0.1.8.dist-info/RECORD,,
+github2gerrit-0.1.9.dist-info/licenses/LICENSE,sha256=xx0jnfkXJvxRnG63LTGOxlggYnIysveWIZ6H3PNdCrQ,11357
+github2gerrit-0.1.9.dist-info/METADATA,sha256=QlTEhsWuTU9Yxim1Z__-aMr6GcGWmBzpcczbqzEyBNU,31006
+github2gerrit-0.1.9.dist-info/WHEEL,sha256=_zCd3N1l69ArxyTb8rzEoP9TpbYXkqRFSNOD5OuxnTs,91
+github2gerrit-0.1.9.dist-info/entry_points.txt,sha256=MxN2_liIKo3-xJwtAulAeS5GcOS6JS96nvwOQIkP3W8,56
+github2gerrit-0.1.9.dist-info/top_level.txt,sha256=bWTYXjvuu4sSU90KLT1JlnjD7xV_iXZ-vKoulpjLTy8,14
+github2gerrit-0.1.9.dist-info/RECORD,,