Skip to content

Fix conan search to not find instance-wide packages on project-level

Moaz Khalifa requested to merge 384455-fix-conan-project-level-search-endpoint-results into master

**This MR is a continuation on !105507 (closed). **

What does this MR do and why?

🔥 Problem

The GitLab conan package registry supports the $ conan search command.

This command will hit the /search endpoint. This endpoint is expected to do a fuzzy search on package names.

The GitLab conan package registry is exposed at two levels:

  1. project-level
  2. instance-level

The issue we noticed is that the search endpoint for the project-level is returning packages from outside the target project.

This doesn't make sense as $ conan search will display packages that can't be pulled using that project-level endpoint (that's because the download endpoints will properly scope to the target project = they can't return packages outside the project).

🚒 Solution (Introduced by this MR)

  • Properly scope the Conan packages search when the project-level endpoint is used. Only packages of that project should be returned.
  • Take this opportunity to better split the services and finders. Currently, it's one class for multiple scenarios (eg. finding a single package vs multiple packages on project-level endpoint vs instance-level endpoint). A new service has been introduced to handle finding a single package.

Caution

Since we're changing the behavior of an endpoint, this is a breaking change.

Screenshots or screen recordings

Screenshots are required for UI changes, and strongly recommended for all other merge requests.

How to set up and validate locally

  1. Publish 2 packages that start with the same name prefix (for ex: Pkg1& Pkg2) to two different projects.
  2. Search for packages using conan search command:

On master:

$ conan search "Pkg*" --remote=<your_remote_name>
Existing package recipes:

Pkg1/0.1@mycompany/beta
Pkg2/1.2@mycompany/beta

On this MR branch (the desired behaviour):

$ conan search "Pkg*" --remote=<your_remote_name>
Existing package recipes:

Pkg2/1.2@mycompany/beta

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

💾 Database Analysis

!118099 (comment 1361221317)

Related to #384455 (closed) & #384114

Edited by Moaz Khalifa

Merge request reports