source: trunk/packages/invirt-dev/invirt-build-conf @ 2709

Last change on this file since 2709 was 2638, checked in by broder, 15 years ago

scripts installed by setuptools always get installed in /usr/bin.

  • Property svn:executable set to *
File size: 1.8 KB
Line 
1#!/usr/bin/python
2
3"""Re-generate the remctl configuration for build submissions.
4
5This script generates the remctl ACL and configuration for each build
6pocket defined in the configuration. It also updates the .k5login for
7the git user that developers can push through.
8"""
9
10
11import os
12import tempfile
13
14from invirt.authz import mech as authz
15from invirt import builder
16from invirt.config import structs as config
17
18
19def userToPrinc(user):
20    """Convert an AFS principal to a Kerberos v5 principal."""
21    if '@' in user:
22        (princ, realm) = user.split('@')
23    else:
24        princ = user
25        realm = config.kerberos.realm
26
27    return princ.replace('.', '/') + '@' + realm
28
29
30def main():
31    all_devs = set()
32
33    # Python could really use a file-like object that gets written to
34    # a temporary path and moved to its final resting place on
35    # .close(). Oh well.
36    conf_fd, conf_name = tempfile.mkstemp()
37    conf = os.fdopen(conf_fd, 'r+')
38    build_handler = '/usr/bin/invirt-submit-build'
39
40    for pocket in config.build.pockets:
41        acl = authz.expandAdmin(getattr(config.build.pockets, pocket).acl, None)
42
43        acl_fd, acl_name = tempfile.mkstemp()
44        acl_fd = os.fdopen(acl_fd, 'r+')
45        print >>acl_fd, '\n'.join(userToPrinc(a) for a in acl)
46
47        all_devs.update(set(userToPrinc(a) for a in acl))
48
49        acl_path = os.path.join('/etc/remctl/acl/build-%s' % pocket)
50
51        os.rename(acl_name, acl_path)
52        print >>conf, 'build %s %s %s' % (pocket, build_handler, acl_path)
53
54    os.rename(conf_name, '/etc/remctl/conf.d/build')
55
56    k5login_fd, k5login_name = tempfile.mkstemp()
57    k5login = os.fdopen(k5login_fd, 'r+')
58    print >>k5login, '\n'.join(all_devs)
59
60    os.rename(k5login_name, os.path.join(builder._REPO_DIR, '.k5login'))
61
62
63if __name__ == '__main__':
64    main()
Note: See TracBrowser for help on using the repository browser.