5e4b092c53
We have agreed to use term Active Contrubitor rather then Active Technical Contributor, which means it's high time we've aligned naming in our tools and releases documentation to align on term to use. Moreover, it makes even more sense with Extra ACs, since these are designed for ones, who do not contribute in gerrit but with other means, which are usually non-technical. Needed-By: https://review.opendev.org/c/openstack/releases/+/893833 Needed-By: https://review.opendev.org/c/openstack/election/+/893810 Change-Id: Id9f2d182d93a9fbe1357e9ecd4814d49d6eb962f
145 lines
4.4 KiB
Python
Executable File
145 lines
4.4 KiB
Python
Executable File
#!/usr/bin/env python3
|
|
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
|
# not use this file except in compliance with the License. You may obtain
|
|
# a copy of the License at
|
|
#
|
|
# http://www.apache.org/licenses/LICENSE-2.0
|
|
#
|
|
# Unless required by applicable law or agreed to in writing, software
|
|
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
|
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
|
# License for the specific language governing permissions and limitations
|
|
# under the License.
|
|
|
|
import argparse
|
|
from datetime import datetime
|
|
import json
|
|
import logging
|
|
|
|
import requests
|
|
import yaml
|
|
|
|
LOG = logging.getLogger()
|
|
|
|
|
|
# The OpenStack foundation member directory lookup API endpoint
|
|
MEMBER_LOOKUP_URL = 'https://openstackid-resources.openstack.org/'
|
|
|
|
|
|
def lookup_member(email):
|
|
"A requests wrapper to querying the OSF member directory API"
|
|
# URL pattern for querying foundation members by E-mail address
|
|
LOG.debug('looking up %s', email)
|
|
raw = requester(
|
|
MEMBER_LOOKUP_URL + '/api/public/v1/members',
|
|
params={
|
|
'filter[]': [
|
|
'group_slug==foundation-members',
|
|
'email==' + email,
|
|
],
|
|
'expand': 'all_affiliations',
|
|
},
|
|
headers={'Accept': 'application/json'},
|
|
)
|
|
decoded = decode_json(raw)
|
|
try:
|
|
return decoded['data'][0]
|
|
except (KeyError, IndexError):
|
|
return None
|
|
|
|
|
|
def requester(url, params={}, headers={}):
|
|
"""A requests wrapper to consistently retry HTTPS queries
|
|
|
|
:param url: The URL to get.
|
|
:type url: str
|
|
:param params: Additional parameters to provide.
|
|
:type params: dict(str, str)
|
|
:param headers: Additional headers to set.
|
|
:type params: dict(str, str)
|
|
|
|
"""
|
|
# Try up to 3 times
|
|
retry = requests.Session()
|
|
retry.mount("https://", requests.adapters.HTTPAdapter(max_retries=3))
|
|
return retry.get(url=url, params=params, headers=headers)
|
|
|
|
|
|
def decode_json(raw):
|
|
"""Trap JSON decoding failures and provide more detailed errors
|
|
|
|
Remove ')]}' XSS prefix from data if it is present, then decode it
|
|
as JSON and return the results.
|
|
|
|
:param raw: Response text from API
|
|
:type raw: str
|
|
|
|
"""
|
|
|
|
# Gerrit's REST API prepends a JSON-breaker to avoid XSS vulnerabilities
|
|
if raw.text.startswith(")]}'"):
|
|
trimmed = raw.text[4:]
|
|
else:
|
|
trimmed = raw.text
|
|
|
|
# Try to decode and bail with much detail if it fails
|
|
try:
|
|
decoded = json.loads(trimmed)
|
|
except Exception:
|
|
LOG.error(
|
|
'\nrequest returned %s error to query:\n\n %s\n'
|
|
'\nwith detail:\n\n %s\n',
|
|
raw, raw.url, trimmed)
|
|
raise
|
|
return decoded
|
|
|
|
|
|
def main():
|
|
parser = argparse.ArgumentParser()
|
|
parser.add_argument(
|
|
'-p', '--projects',
|
|
default='./reference/projects.yaml',
|
|
help='projects.yaml file path (%(default)s)',
|
|
)
|
|
args = parser.parse_args()
|
|
|
|
# Quiet the urllib3 module output coming out of requests.
|
|
logging.getLogger('urllib3').setLevel(logging.WARNING)
|
|
|
|
logging.basicConfig()
|
|
|
|
with open(args.projects, 'r', encoding='utf-8') as f:
|
|
projects = yaml.safe_load(f.read())
|
|
|
|
exit_code = 0
|
|
|
|
for project_name, project_data in sorted(projects.items()):
|
|
acs = project_data.get('extra-acs', [])
|
|
for ac in acs:
|
|
try:
|
|
member = lookup_member(ac['email'])
|
|
except Exception as e:
|
|
print('ERROR: {}: Could not validate AC {}: {}'.format(
|
|
project_name, ac, e))
|
|
else:
|
|
if not member:
|
|
# NOTE(mnaser): The AC membership checks were not
|
|
# enforced for all ACs expiring before
|
|
# January 2020. This should be removed
|
|
# after January 2020.
|
|
expires = datetime.strptime(ac['expires-in'], "%B %Y")
|
|
if expires <= datetime(2020, 1, 1):
|
|
msg = 'Skipping {} from validation'.format(ac)
|
|
else:
|
|
msg = 'Unable to find membership: {}'.format(ac)
|
|
exit_code = 1
|
|
|
|
print('{}: {}'.format(project_name, msg))
|
|
|
|
return exit_code
|
|
|
|
|
|
if __name__ == '__main__':
|
|
import sys
|
|
sys.exit(main())
|