Plugins can easily corrupt cache

Summary

In #749 (closed), we have seen that the script plugin was able to corrupt the cache. This was a bug in scriptelement.py. However, it is not good that the core of BuildStream was not able to catch that before the corruption happened.

It is easy to write a plugin that has the same issue using the API.

Steps to reproduce

Just mark a directory as non artifact. With sandbox.mark_directory, and stage an artifact anyway in that directory.

What is the current bug behavior?

The modified files in that directory will be modified in the cache directly.

What is the expected correct behavior?

Either we combine staging and marking directory together in the API, or we check during staging that we put files in directories marked for artifacts.

Relevant logs and/or screenshots

Possible fixes

Other relevant information

BuildStream version affected: /milestone %BuildStream_v1.4

Edited Nov 12, 2018 by toscalix