Add exclude for permissions in kolla config.json file

When using recursive mode to set permissions for a directory as defined in kolla config.json, all the subdirectories and files will receive the same permissions. This change adds the option to exclude specific files or directories - either a name or a regular expression can be used. Closes-Bug: #1931294 Closes-Bug: #1972168 Co-Authored-By: Jakub Darmach <jakub@stackhpc.com> Change-Id: If2f39736e2af34cd91d0976051ff66f06e96ab42
2019-04-25 14:54:42 +08:00 · 2019-04-25 14:54:42 +08:00 · 07d0b12efd
commit 07d0b12efd
parent 5dede104bc
3 changed files with 24 additions and 3 deletions
--- a/doc/source/admin/kolla_api.rst
+++ b/doc/source/admin/kolla_api.rst
@ -65,6 +65,9 @@ The `kolla_set_configs`_ script understands the following attributes:
    Must be passed in the numeric octal form.
  * **recurse**: whether to apply the change recursively over the target
    directory. Boolean, defaults to ``false``.
+  * **exclude**: array of names of the directories or files to be excluded when
+    ``recurse`` is set to ``true``. Supports Python regular expressions.
+    Defaults to empty array.

 Here is an example configuration file:

@ -85,7 +88,8 @@ Here is an example configuration file:
            {
                "path": "/var/log/kolla/trove",
                "owner": "trove:trove",
-                "recurse": true
+                "recurse": true,
+                "exclude": ["/var/log/^snapshot.*"]
            }
        ]
    }
--- a/docker/base/set_configs.py
+++ b/docker/base/set_configs.py
@ -19,6 +19,7 @@ import json
 import logging
 import os
 import pwd
+import re
 import shutil
 import sys

@ -345,6 +346,7 @@ def handle_permissions(config):
        owner = permission.get('owner')
        recurse = permission.get('recurse', False)
        perm = permission.get('perm')
+        exclude = permission.get('exclude', [])

        desired_user, desired_group = user_group(owner)
        uid = pwd.getpwnam(desired_user).pw_uid
@ -375,14 +377,24 @@ def handle_permissions(config):
                    LOG.exception('Failed to set permission of %s to %s',
                                  path, perm)

+        def handle_exclusion(root, path_suffix):
+            full_path = os.path.join(root, path_suffix)
+            LOG.debug("Checking for exclusion: %s" % full_path)
+            if exclude:
+                for exclude_ in exclude:
+                    if not re.search(exclude_, full_path):
+                        set_perms(full_path, uid, gid, perm)
+            else:
+                set_perms(full_path, uid, gid, perm)
+
        for dest in glob.glob(path):
            set_perms(dest, uid, gid, perm)
            if recurse and os.path.isdir(dest):
                for root, dirs, files in os.walk(dest):
                    for dir_ in dirs:
-                        set_perms(os.path.join(root, dir_), uid, gid, perm)
+                        handle_exclusion(root, dir_)
                    for file_ in files:
-                        set_perms(os.path.join(root, file_), uid, gid, perm)
+                        handle_exclusion(root, file_)


 def execute_config_strategy(config):
--- a/releasenotes/notes/permissions-exclude-e1138abb573956a7.yaml
+++ b/releasenotes/notes/permissions-exclude-e1138abb573956a7.yaml
@ -0,0 +1,5 @@
+---
+features:
+  - |
+    Adds option to exclude files and directories when setting permissions
+    defined in kolla config.json using regular expression.