Add checks for gerrit ACLs
Check the following common problems with gerrit ACL lines: * Wrong path * Non-existence of a referenced file * Redundant setting of acl-config with default value Remove redundant entries that the script found. Add acl-config for freezer-specs since no ACL existed. Add acl-config for vinz-webclient since no ACL existed, this was in original change I1706332f911ad9c8887d1e40613b06cbeb5e1143. Change-Id: I6b9fc6d2ff1cd5a1f871975608947d6fe763b500
This commit is contained in:
parent
c0ee0db357
commit
6ef07db860
|
@ -709,6 +709,7 @@
|
||||||
- project: openstack-infra/vinz-webclient
|
- project: openstack-infra/vinz-webclient
|
||||||
use-storyboard: true
|
use-storyboard: true
|
||||||
description: Standalone UI replacment for Gerrit
|
description: Standalone UI replacment for Gerrit
|
||||||
|
acl-config: /home/gerrit2/acls/openstack-infra/vinz.config
|
||||||
- project: openstack-infra/yaml2ical
|
- project: openstack-infra/yaml2ical
|
||||||
use-storyboard: true
|
use-storyboard: true
|
||||||
description: Generate iCal files from a YAML description of meetings
|
description: Generate iCal files from a YAML description of meetings
|
||||||
|
@ -777,7 +778,6 @@
|
||||||
acl-config: /home/gerrit2/acls/openstack/app-catalog.config
|
acl-config: /home/gerrit2/acls/openstack/app-catalog.config
|
||||||
- project: openstack/astara
|
- project: openstack/astara
|
||||||
description: Astara L3+ Network Virtualization - orchestration service
|
description: Astara L3+ Network Virtualization - orchestration service
|
||||||
acl-config: /home/gerrit2/acls/openstack/astara.config
|
|
||||||
groups:
|
groups:
|
||||||
- astara
|
- astara
|
||||||
- project: openstack/astara-appliance
|
- project: openstack/astara-appliance
|
||||||
|
@ -835,7 +835,6 @@
|
||||||
description: Billing service for OpenStack
|
description: Billing service for OpenStack
|
||||||
- project: openstack/blazar
|
- project: openstack/blazar
|
||||||
description: Reservation Service for OpenStack
|
description: Reservation Service for OpenStack
|
||||||
acl-config: /home/gerrit2/acls/openstack/blazar.config
|
|
||||||
- project: openstack/blazar-nova
|
- project: openstack/blazar-nova
|
||||||
description: Specific Nova part of the Blazar Reservation Service for OpenStack
|
description: Specific Nova part of the Blazar Reservation Service for OpenStack
|
||||||
acl-config: /home/gerrit2/acls/openstack/blazar.config
|
acl-config: /home/gerrit2/acls/openstack/blazar.config
|
||||||
|
@ -1305,7 +1304,6 @@
|
||||||
description: Image building tools for OpenStack
|
description: Image building tools for OpenStack
|
||||||
- project: openstack/distil
|
- project: openstack/distil
|
||||||
description: Rating Service for OpenStack
|
description: Rating Service for OpenStack
|
||||||
acl-config: /home/gerrit2/acls/openstack/distil.config
|
|
||||||
- project: openstack/django-openstack-auth-kerberos
|
- project: openstack/django-openstack-auth-kerberos
|
||||||
description: Kerberos support for django-openstack-auth
|
description: Kerberos support for django-openstack-auth
|
||||||
acl-config: /home/gerrit2/acls/openstack/django_openstack_auth.config
|
acl-config: /home/gerrit2/acls/openstack/django_openstack_auth.config
|
||||||
|
@ -1371,6 +1369,7 @@
|
||||||
description: OpenStack Freezer Specifications.
|
description: OpenStack Freezer Specifications.
|
||||||
groups:
|
groups:
|
||||||
- freezer
|
- freezer
|
||||||
|
acl-config: /home/gerrit2/acls/openstack/freezer.config
|
||||||
- project: openstack/freezer-web-ui
|
- project: openstack/freezer-web-ui
|
||||||
description: Horizon Web interface for Freezer backup, restore and disaster recovery
|
description: Horizon Web interface for Freezer backup, restore and disaster recovery
|
||||||
platform
|
platform
|
||||||
|
@ -2212,7 +2211,6 @@
|
||||||
description: Simple library for parsing OpenStack microversion headers.
|
description: Simple library for parsing OpenStack microversion headers.
|
||||||
- project: openstack/mistral
|
- project: openstack/mistral
|
||||||
description: Workflow Service for OpenStack.
|
description: Workflow Service for OpenStack.
|
||||||
acl-config: /home/gerrit2/acls/openstack/mistral.config
|
|
||||||
- project: openstack/mistral-dashboard
|
- project: openstack/mistral-dashboard
|
||||||
description: Mistral Horizon plugin.
|
description: Mistral Horizon plugin.
|
||||||
groups:
|
groups:
|
||||||
|
@ -2987,7 +2985,6 @@
|
||||||
acl-config: /home/gerrit2/acls/openstack/puppet-modules.config
|
acl-config: /home/gerrit2/acls/openstack/puppet-modules.config
|
||||||
- project: openstack/puppet-ceph
|
- project: openstack/puppet-ceph
|
||||||
description: Ceph Puppet Module
|
description: Ceph Puppet Module
|
||||||
acl-config: /home/gerrit2/acls/openstack/puppet-ceph.config
|
|
||||||
- project: openstack/puppet-cinder
|
- project: openstack/puppet-cinder
|
||||||
description: OpenStack Cinder Puppet Module
|
description: OpenStack Cinder Puppet Module
|
||||||
acl-config: /home/gerrit2/acls/openstack/puppet-modules.config
|
acl-config: /home/gerrit2/acls/openstack/puppet-modules.config
|
||||||
|
@ -3376,12 +3373,10 @@
|
||||||
description: Sahara aims to provide users with simple means to provision a Hadoop
|
description: Sahara aims to provide users with simple means to provision a Hadoop
|
||||||
cluster by specifying several parameters like Hadoop version, cluster topology,
|
cluster by specifying several parameters like Hadoop version, cluster topology,
|
||||||
nodes hardware details and a few more.
|
nodes hardware details and a few more.
|
||||||
acl-config: /home/gerrit2/acls/openstack/sahara.config
|
|
||||||
options:
|
options:
|
||||||
- translate
|
- translate
|
||||||
- project: openstack/sahara-ci-config
|
- project: openstack/sahara-ci-config
|
||||||
description: Sahara-ci 3rd party testing configs (jjb, zuul, etc.)
|
description: Sahara-ci 3rd party testing configs (jjb, zuul, etc.)
|
||||||
acl-config: /home/gerrit2/acls/openstack/sahara-ci-config.config
|
|
||||||
- project: openstack/sahara-dashboard
|
- project: openstack/sahara-dashboard
|
||||||
groups:
|
groups:
|
||||||
- sahara
|
- sahara
|
||||||
|
@ -3514,7 +3509,6 @@
|
||||||
- project: openstack/solum
|
- project: openstack/solum
|
||||||
description: 'An OpenStack project designed to make cloud services easier to consume
|
description: 'An OpenStack project designed to make cloud services easier to consume
|
||||||
and integrate into your application development process. See: https://wiki.openstack.org/wiki/Solum'
|
and integrate into your application development process. See: https://wiki.openstack.org/wiki/Solum'
|
||||||
acl-config: /home/gerrit2/acls/openstack/solum.config
|
|
||||||
- project: openstack/solum-dashboard
|
- project: openstack/solum-dashboard
|
||||||
description: 'Horizon plugin for Solum. See: https://wiki.openstack.org/wiki/Solum'
|
description: 'Horizon plugin for Solum. See: https://wiki.openstack.org/wiki/Solum'
|
||||||
acl-config: /home/gerrit2/acls/openstack/solum.config
|
acl-config: /home/gerrit2/acls/openstack/solum.config
|
||||||
|
|
|
@ -17,6 +17,7 @@
|
||||||
import argparse
|
import argparse
|
||||||
import contextlib
|
import contextlib
|
||||||
import git
|
import git
|
||||||
|
import os
|
||||||
import re
|
import re
|
||||||
import shutil
|
import shutil
|
||||||
import sys
|
import sys
|
||||||
|
@ -72,6 +73,10 @@ def main():
|
||||||
'infile',
|
'infile',
|
||||||
help='Path to gerrit/projects.yaml',
|
help='Path to gerrit/projects.yaml',
|
||||||
)
|
)
|
||||||
|
parser.add_argument(
|
||||||
|
'acldir',
|
||||||
|
help='Path to gerrit/acl',
|
||||||
|
)
|
||||||
args = parser.parse_args()
|
args = parser.parse_args()
|
||||||
|
|
||||||
projects = yaml.load(open(args.infile, 'r'))
|
projects = yaml.load(open(args.infile, 'r'))
|
||||||
|
@ -150,6 +155,30 @@ def main():
|
||||||
found_errors += 1
|
found_errors += 1
|
||||||
print("Error: Unknown option '%s' in project %s" %
|
print("Error: Unknown option '%s' in project %s" %
|
||||||
(option, name))
|
(option, name))
|
||||||
|
# Check redundant acl-config
|
||||||
|
acl_config = p.get('acl-config')
|
||||||
|
if acl_config:
|
||||||
|
if acl_config.endswith(name + '.config'):
|
||||||
|
found_errors += 1
|
||||||
|
print("Error: Project %s has redundant acl_config line, "
|
||||||
|
"remove it." % name)
|
||||||
|
if not acl_config.startswith('/home/gerrit2/acls/'):
|
||||||
|
found_errors += 1
|
||||||
|
print("Error: Project %s has wrong acl_config line, "
|
||||||
|
"fix the path." % name)
|
||||||
|
acl_file = os.path.join(args.acldir,
|
||||||
|
acl_config[len('/home/gerrit2/acls/'):])
|
||||||
|
if not os.path.isfile(acl_file):
|
||||||
|
found_errors += 1
|
||||||
|
print("Error: Project %s has non existing acl_config line" %
|
||||||
|
name)
|
||||||
|
else:
|
||||||
|
# Check that default file exists
|
||||||
|
acl_file = os.path.join(args.acldir, name + ".config")
|
||||||
|
if not os.path.isfile(acl_file):
|
||||||
|
found_errors += 1
|
||||||
|
print("Error: Project %s has no default acl-config file" %
|
||||||
|
name)
|
||||||
|
|
||||||
if found_errors:
|
if found_errors:
|
||||||
print("Found %d error(s) in %s" % (found_errors, args.infile))
|
print("Found %d error(s) in %s" % (found_errors, args.infile))
|
||||||
|
|
2
tox.ini
2
tox.ini
|
@ -19,7 +19,7 @@ commands =
|
||||||
deps = PyYAML
|
deps = PyYAML
|
||||||
GitPython
|
GitPython
|
||||||
commands =
|
commands =
|
||||||
{toxinidir}/tools/check_valid_gerrit_projects.py gerrit/projects.yaml
|
{toxinidir}/tools/check_valid_gerrit_projects.py gerrit/projects.yaml gerrit/acls
|
||||||
{toxinidir}/tools/check_projects_yaml_alphabetized.sh gerrit/projects.yaml
|
{toxinidir}/tools/check_projects_yaml_alphabetized.sh gerrit/projects.yaml
|
||||||
|
|
||||||
[testenv:venv]
|
[testenv:venv]
|
||||||
|
|
Loading…
Reference in New Issue