Check that Gerrit ACL files are normalized

Enhance Gerrit ACL check to check that the files are properly normalized. Co-Authored-By: Armando Migliaccio <armamig@gmail.com> Change-Id: I9cdee60e77dab9c6943626d5fa1eda0402840277
2014-12-10 20:37:09 +01:00 · 2014-12-10 20:37:09 +01:00 · d8416301e8
commit d8416301e8
parent e6573ea752
2 changed files with 22 additions and 2 deletions
--- a/tools/check_valid_gerrit_config.sh
+++ b/tools/check_valid_gerrit_config.sh
@ -16,9 +16,10 @@ function check_team_acl {
    for config in $configs_list; do
        echo "Checking $config file..."

-        if ! grep -q '\>-core\|\>-admins' $config;
+        $OLDPWD/tools/normalize_acl.py $config all > $TMPDIR/normalized
+        if ! diff -u $config $TMPDIR/normalized;
        then
-            echo "$config does not have a core/admins team defined!" >>config_failures
+            echo "Project $config is not normalized!" >>config_failures
        fi
    done
 }
@ -30,6 +31,8 @@ done

 if [ -f config_failures ]; then
    echo -e; cat config_failures
+    num_errors=$(wc -l config_failures)
+    echo -e "There are $num_errors projects not normalized."
    exit 1
 fi

--- a/tools/normalize_acl.py
+++ b/tools/normalize_acl.py
@ -3,6 +3,7 @@
 # Usage: normalize_acl.py acl.config [transformation [transformation [...]]]
 #
 # Transformations:
+# all Apply all transformations.
 # 0 - dry run (default, print to stdout rather than modifying file in place)
 # 1 - strip/condense whitespace and sort (implied by any other transformation)
 # 2 - get rid of unneeded create on refs/tags
@ -10,6 +11,8 @@
 # 4 - strip default *.owner = group Administrators permissions
 # 5 - sort the exclusiveGroupPermissions group lists
 # 6 - replace openstack-ci-admins and openstack-ci-core with infra-core
+# 7 - add at least one core team, if no team is defined with special suffixes
+#     like core, admins, milestone or Users

 import re
 import sys
@ -18,6 +21,8 @@ aclfile = sys.argv[1]

 try:
    transformations = sys.argv[2:]
+    if transformations and transformations[0] == 'all':
+        transformations = [str(x) for x in range(0, 8)]
 except KeyError:
    transformations = []

@ -105,6 +110,18 @@ if '6' in transformations:
            newsection.append(option)
        acl[section] = newsection

+if '7' in transformations:
+    special_teams = ("core", "milestone", "Users", "admins")
+    for section in acl.keys():
+        newsection = []
+        for option in acl[section]:
+            if ("refs/heads" in section and "group" in option
+                    and "-2..+2" in option
+                    and not any(x in option for x in special_teams)):
+                option = "%s%s" % (option, "-core")
+            newsection.append(option)
+        acl[section] = newsection
+
 for section in sorted(acl.keys()):
    if acl[section]:
        out += '\n[%s]\n' % section