----
.. program-output:: lftools lfidapi user --help
+
+match-ldap-to-info
+------------------
+
+.. program-output:: lftools lfidapi match-ldap-to-info --help
##############################################################################
"""Use the LFIDAPI to add, remove and list members as well as create groups."""
-import subprocess
-import sys
-
import click
-from lftools.lfidapi import helper_add_remove_committers
from lftools.lfidapi import helper_create_group
from lftools.lfidapi import helper_invite
+from lftools.lfidapi import helper_match_ldap_to_info
from lftools.lfidapi import helper_search_members
from lftools.lfidapi import helper_user
@click.command()
@click.argument('info_file')
-@click.argument('ldap_file')
@click.argument('group')
-@click.argument('user')
-@click.pass_context
-def add_remove_committers(ctx, info_file, ldap_file, group, user):
- """Used in automation."""
- helper_add_remove_committers(info_file, ldap_file, group, user)
-
-
-@click.command()
-@click.argument('git_dir')
-@click.argument('gerrit_fqdn')
-@click.argument('gerrit_project')
+@click.option('--noop', is_flag=True, required=False,
+ help='show what would be changed')
@click.pass_context
-def lfidapi_add_remove_users(ctx, git_dir, gerrit_fqdn, gerrit_project):
- """Create a diff of the changes to the INFO.yaml.
-
- Call the api to add and remove users as appropriate.
- """
- status = subprocess.call(['lfidapi_add_remove_users', git_dir, gerrit_fqdn, gerrit_project])
-
- sys.exit(status)
+def match_ldap_to_info(ctx, info_file, group, noop):
+ """Match an LDAP groups membership to an INFO.yaml file."""
+ helper_match_ldap_to_info(info_file, group, noop)
lfidapi.add_command(search_members)
lfidapi.add_command(user)
lfidapi.add_command(invite)
lfidapi.add_command(create_group)
-lfidapi.add_command(add_remove_committers)
-lfidapi.add_command(lfidapi_add_remove_users)
+lfidapi.add_command(match_ldap_to_info)
result = (response.json())
members = result["members"]
print(json.dumps(members, indent=4, sort_keys=True))
+ return members
def helper_user(user, group, delete):
print(json.dumps(result, indent=4, sort_keys=True))
-def helper_add_remove_committers(info_file, ldap_file, user, group):
+def helper_match_ldap_to_info(info_file, group, noop):
"""Helper only to be used in automation."""
with open(info_file) as file:
try:
except yaml.YAMLError as exc:
print(exc)
- with open(ldap_file, 'r') as file:
- ldap_data = json.load(file)
-
+ ldap_data = helper_search_members(group)
committer_info = info_data['committers']
info_committers = []
committer = ldap_data[count]['username']
ldap_committers.append(committer)
- removed_by_patch = [item for item in ldap_committers if item not in info_committers]
-
- if (user in removed_by_patch):
- print(" {} found in group {} ".format(user, group))
- print(" removing user {} from group {}".format(user, group))
- helper_user(user, group, "--delete")
-
- added_by_patch = [item for item in info_committers if item not in ldap_committers]
-
- if (user in added_by_patch):
- print(" {} not found in group {} ".format(user, group))
- print(" adding user {} to group {}".format(user, group))
- helper_user(user, group, "")
+ all_users = ldap_committers + info_committers
+ all_users.remove("lfservices_releng")
+ all_users = sorted(set(all_users))
+
+ for user in all_users:
+ removed_by_patch = [item for item in ldap_committers if item not in info_committers]
+ if (user in removed_by_patch):
+ print(" {} found in group {} ".format(user, group))
+ if noop is False:
+ print(" removing user {} from group {}".format(user, group))
+ helper_user(user, group, "--delete")
+
+ added_by_patch = [item for item in info_committers if item not in ldap_committers]
+ if (user in added_by_patch):
+ print(" {} not found in group {} ".format(user, group))
+ if noop is False:
+ print(" adding user {} to group {}".format(user, group))
+ helper_user(user, group, "")
shell/deploy
shell/gerrit_create
shell/inactivecommitters
- shell/lfidapi_add_remove_users
shell/sign
shell/version
shell/yaml4info
+++ /dev/null
-#!/bin/bash -l
-# SPDX-License-Identifier: EPL-1.0
-##############################################################################
-# Copyright (c) 2018 The Linux Foundation and others.
-#
-# All rights reserved. This program and the accompanying materials
-# are made available under the terms of the Eclipse Public License v1.0
-# which accompanies this distribution, and is available at
-# http://www.eclipse.org/legal/epl-v10.html
-##############################################################################
-
-git_dir="$1"
-gerrit_fqdn="$2"
-clonebase=https://$gerrit_fqdn/gerrit/
-gerrit_project="$3"
-
-cd "$git_dir" || exit
-pwd
-
-determine_ldap_group(){
- get_group(){
- ldap_group="$(curl -s "$clonebase"access/?project=$gerrit_project \
- | tail -n +2 \
- | jq '.[].local[].permissions.owner.rules' \
- | grep ldap \
- | awk -F"=" '{print $2}' \
- | awk -F"," '{print $1}')"
- }
-
- walkgroup(){
- repo="$(curl -s "$clonebase"access/?project=$gerrit_project | tail -n +2 | jq -r '.[].inherits_from.id')"
- get_group "$gerrit_project"
- }
-
- get_group "$gerrit_project"
-
- #if ldap_group is null, check for a parent, there may be two levels of parent
- #This looks stupid but it works.
- if [ -z "$ldap_group" ]; then
- walkgroup "$gerrit_project"
- if [ -z "$ldap_group" ]; then
- walkgroup "$gerrit_project"
- fi
- fi
- if [ -z "$ldap_group" ]; then
- echo "could not determine ldap group"
- exit 1
- fi
-}
-determine_ldap_group
-
-echo "LDAP GROUP IS $ldap_group for repo $repo"
-echo "Change as we see it"
-git --no-pager show INFO.yaml
-
-#define directions for diff
-added="'%>'"
-removed="'%<'"
-for direction in "$added" "$removed"; do
-unset diff
-
- diff=$(diff --changed-group-format="$direction" --unchanged-group-format='' <(git show HEAD~1:INFO.yaml) <(git show HEAD:INFO.yaml))
- if ! [ -z "$diff" ]; then
- while IFS=$'\n' read -r id; do
- user="$(echo "$id" | niet '.id')"
- rm ldap_file.json
- lftools lfidapi search-members "$ldap_group" > ldap_file.json
- cat ldap_file.json
- lftools lfidapi add-remove-committers INFO.yaml ldap_file.json "$user" "$ldap_group"
-
- done < <(diff --changed-group-format="$direction" --unchanged-group-format='' <(git show HEAD~1:INFO.yaml) <(git show HEAD:INFO.yaml) |grep "id:")
- fi
-
-done
Code Review / releng / lftools.git / commitdiff