Refactor chrome/installer/mac/signing in preparation for updater reuse.

The main thing here is to move get_parts into the parts.py.

Bug: 926234
Change-Id: Icf7d9129281ef45438d1dfa27c992c011d0306bb
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2016972
Auto-Submit: Joshua Pawlicki <waffles@chromium.org>
Commit-Queue: Robert Sesek <rsesek@chromium.org>
Reviewed-by: Robert Sesek <rsesek@chromium.org>
Cr-Commit-Position: refs/heads/master@{#737374}

chrome/installer/mac/BUILD.gn

@@ -113,6 +113,7 @@ group("mac_signing_tests") {
            "signing/model_test.py",
            "signing/modification_test.py",
            "signing/notarize_test.py",
+           "signing/parts_test.py",
            "signing/pipeline_test.py",
            "signing/run_mac_signing_tests.py",
            "signing/signing_test.py",

chrome/installer/mac/mac_signing_sources.gni

@@ -10,6 +10,7 @@ mac_signing_sources = [
   "signing/model.py",
   "signing/modification.py",
   "signing/notarize.py",
+  "signing/parts.py",
   "signing/pipeline.py",
   "signing/signing.py",
 ]

chrome/installer/mac/signing/modification.py

@@ -10,7 +10,7 @@ be modified or renamed to support side-by-side channel installs.
 
 import os.path
 
-from . import commands, signing
+from . import commands, parts
 
 _CF_BUNDLE_EXE = 'CFBundleExecutable'
 _CF_BUNDLE_ID = 'CFBundleIdentifier'
@@ -145,7 +145,7 @@ def _process_entitlements(paths, dist, config):
 
     entitlements_names = [
         part.entitlements
-        for part in signing.get_parts(config).values()
+        for part in parts.get_parts(config).values()
         if part.entitlements
     ]
     for entitlements_name in entitlements_names:

chrome/installer/mac/signing/pipeline.py

@@ -11,7 +11,7 @@ The pipeline module orchestrates the entire signing process, which includes:
 
 import os.path
 
-from . import commands, model, modification, notarize, signing
+from . import commands, model, modification, notarize, parts, signing
 
 
 def _customize_and_sign_chrome(paths, dist_config, dest_dir, signed_frameworks):
@@ -74,13 +74,13 @@ def _customize_and_sign_chrome(paths, dist_config, dest_dir, signed_frameworks):
                         actual_framework_change_count,
                         signed_framework_change_count))
 
-        signing.sign_chrome(paths, dist_config, sign_framework=False)
+        parts.sign_chrome(paths, dist_config, sign_framework=False)
     else:
         unsigned_framework_path = os.path.join(paths.work,
                                                'modified_unsigned_framework')
         commands.copy_dir_overwrite_and_count_changes(
             work_dir_framework_path, unsigned_framework_path, dry_run=False)
-        signing.sign_chrome(paths, dist_config, sign_framework=True)
+        parts.sign_chrome(paths, dist_config, sign_framework=True)
         actual_framework_change_count = commands.copy_dir_overwrite_and_count_changes(
             work_dir_framework_path, unsigned_framework_path, dry_run=True)
         if signed_frameworks is not None:
@@ -101,11 +101,10 @@ def _staple_chrome(paths, dist_config):
         paths: A |model.Paths| object.
         dist_config: A |config.CodeSignConfig| for the customized product.
     """
-    parts = signing.get_parts(dist_config)
     # Only staple the signed, bundled executables.
     part_paths = [
         part.path
-        for part in parts.values()
+        for part in parts.get_parts(dist_config).values()
         # TODO(https://crbug.com/979725): Reinstate .xpc bundle stapling once
         # the signing environment is on a macOS release that supports
         # Xcode 10.2 or newer.
@@ -382,7 +381,7 @@ def _package_installer_tools(paths, config):
     """
     DIFF_TOOLS = 'diff_tools'
 
-    tools_to_sign = signing.get_installer_tools(config)
+    tools_to_sign = parts.get_installer_tools(config)
     chrome_tools = (
         'keystone_install.sh',) if config.is_chrome_branded() else ()
     other_tools = (
@@ -430,7 +429,7 @@ def _intermediate_work_dir_name(dist_config):
     return dist_config.packaging_basename
 
 
-def sign_all(orig_paths,
+def sign_chrome(orig_paths,
              config,
              disable_packaging=False,
              do_notarization=True,

chrome/installer/mac/signing/pipeline_test.py

@@ -55,9 +55,9 @@ def _get_adjacent_item(l, o):
                   'copy_dir_overwrite_and_count_changes', 'run_command',
                   'make_dir', 'shutil', 'write_file', 'set_executable')
     })
-@mock.patch.multiple(
-    'signing.signing',
-    **{m: mock.DEFAULT for m in ('sign_part', 'sign_chrome', 'verify_part')})
+@mock.patch.multiple('signing.signing',
+                     **{m: mock.DEFAULT for m in ('sign_part', 'verify_part')})
+@mock.patch.multiple('signing.parts', **{'sign_chrome': mock.DEFAULT})
 @mock.patch('signing.commands.tempfile.mkdtemp', _get_work_dir)
 class TestPipelineHelpers(unittest.TestCase):
 
@@ -203,8 +203,7 @@ class TestPipelineHelpers(unittest.TestCase):
                 '$W/App Product Canary.app/Contents/Frameworks/Product Framework.framework',
                 '$W/modified_unsigned_framework',
                 dry_run=False),
-            mock.call.sign_chrome(
-                paths, channel_dist_config, sign_framework=True),
+            mock.call.sign_chrome(paths, channel_dist_config, sign_framework=True),
             mock.call.copy_dir_overwrite_and_count_changes(
                 '$W/App Product Canary.app/Contents/Frameworks/Product Framework.framework',
                 '$W/modified_unsigned_framework',
@@ -716,7 +715,7 @@ class TestSignAll(unittest.TestCase):
                 ]
 
         config = Config()
-        pipeline.sign_all(self.paths, config)
+        pipeline.sign_chrome(self.paths, config)
 
         self.assertEqual(1, kwargs['_package_installer_tools'].call_count)
 
@@ -779,7 +778,7 @@ class TestSignAll(unittest.TestCase):
                 ]
 
         config = Config()
-        pipeline.sign_all(self.paths, config)
+        pipeline.sign_chrome(self.paths, config)
 
         self.assertEqual(1, kwargs['_package_installer_tools'].call_count)
 
@@ -845,7 +844,7 @@ class TestSignAll(unittest.TestCase):
                 ]
 
         config = Config()
-        pipeline.sign_all(self.paths, config)
+        pipeline.sign_chrome(self.paths, config)
 
         self.assertEqual(1, kwargs['_package_installer_tools'].call_count)
 
@@ -900,7 +899,7 @@ class TestSignAll(unittest.TestCase):
         kwargs['wait_for_results'].return_value = iter([app_uuid])
 
         config = test_config.TestConfig()
-        pipeline.sign_all(self.paths, config, disable_packaging=True)
+        pipeline.sign_chrome(self.paths, config, disable_packaging=True)
 
         manager.assert_has_calls([
             # First customize the distribution and sign it.
@@ -936,7 +935,7 @@ class TestSignAll(unittest.TestCase):
             manager.attach_mock(kwargs[attr], attr)
 
         config = test_config.TestConfig()
-        pipeline.sign_all(self.paths, config, do_notarization=False)
+        pipeline.sign_chrome(self.paths, config, do_notarization=False)
 
         self.assertEqual(1, kwargs['_package_installer_tools'].call_count)
 
@@ -960,7 +959,7 @@ class TestSignAll(unittest.TestCase):
             manager.attach_mock(kwargs[attr], attr)
 
         config = test_config.TestConfig()
-        pipeline.sign_all(
+        pipeline.sign_chrome(
             self.paths, config, disable_packaging=True, do_notarization=False)
 
         manager.assert_has_calls([
@@ -1006,7 +1005,7 @@ class TestSignAll(unittest.TestCase):
                 ]
 
         config = Config()
-        pipeline.sign_all(self.paths, config, do_notarization=False)
+        pipeline.sign_chrome(self.paths, config, do_notarization=False)
 
         self.assertEqual(1, kwargs['_package_installer_tools'].call_count)
         self.assertEqual(4, kwargs['_customize_and_sign_chrome'].call_count)