Compare commits
11 commits
2020.07.03
...
master
Author | SHA1 | Date | |
---|---|---|---|
Benjamin Renard | 32ced674a4 | ||
Benjamin Renard | f4f87fccd3 | ||
d7d54cb25f | |||
96d2e5c7d4 | |||
07bf62812d | |||
ffb0955fdb | |||
2ed8f8132e | |||
d246980abc | |||
4aaeabba6a | |||
57c93181b1 | |||
e241fc0571 |
89
.forgejo/workflows/release.yaml
Normal file
89
.forgejo/workflows/release.yaml
Normal file
|
@ -0,0 +1,89 @@
|
|||
---
|
||||
name: Build and publish Debian package
|
||||
on: [create]
|
||||
jobs:
|
||||
build:
|
||||
runs-on: docker
|
||||
container:
|
||||
image: docker.io/brenard/debian-python-deb:latest
|
||||
steps:
|
||||
- name: Check out repository code
|
||||
uses: actions/checkout@v4
|
||||
with:
|
||||
fetch-depth: 0
|
||||
- name: Build Debian package
|
||||
env:
|
||||
MAINTAINER_NAME: ${{ vars.MAINTAINER_NAME }}
|
||||
MAINTAINER_EMAIL: ${{ vars.MAINTAINER_EMAIL }}
|
||||
DEBIAN_CODENAME: ${{ vars.DEBIAN_CODENAME }}
|
||||
run: |
|
||||
echo "${{ secrets.GPG_KEY }}"|base64 -d|gpg --import
|
||||
./build.sh
|
||||
mv check_slapdd_crc32 dist/
|
||||
- name: Upload Debian package files
|
||||
uses: actions/upload-artifact@v3
|
||||
with:
|
||||
name: dist
|
||||
path: |
|
||||
dist/*.buildinfo
|
||||
dist/*.changes
|
||||
dist/*.deb
|
||||
dist/*.dsc
|
||||
dist/*.tar.gz
|
||||
dist/release_notes.md
|
||||
dist/check_slapdd_crc32
|
||||
|
||||
publish-forgejo:
|
||||
runs-on: docker
|
||||
container:
|
||||
image: docker.io/brenard/debian-python-deb:latest
|
||||
steps:
|
||||
- name: Download Debian package files
|
||||
uses: actions/download-artifact@v3
|
||||
with:
|
||||
name: dist
|
||||
|
||||
- name: Create the release
|
||||
id: create-release
|
||||
shell: bash
|
||||
run: |
|
||||
mkdir release
|
||||
mv *.deb release/
|
||||
mv check_slapdd_crc32 release/
|
||||
md5sum release/* > md5sum.txt
|
||||
sha512sum release/* > sha512sum.txt
|
||||
mv md5sum.txt sha512sum.txt release/
|
||||
{
|
||||
echo 'release_note<<EOF'
|
||||
cat release_notes.md
|
||||
echo 'EOF'
|
||||
} >> "$GITHUB_OUTPUT"
|
||||
|
||||
- name: Publish release on Forgejo
|
||||
uses: actions/forgejo-release@v1
|
||||
with:
|
||||
direction: upload
|
||||
url: https://gitea.zionetrix.net
|
||||
token: ${{ secrets.forgejo_token }}
|
||||
release-dir: release
|
||||
release-notes: ${{ steps.create-release.outputs.release_note }}
|
||||
|
||||
publish-aptly:
|
||||
runs-on: docker
|
||||
container:
|
||||
image: docker.io/brenard/aptly-publish:latest
|
||||
steps:
|
||||
- name: "Download Debian package files"
|
||||
uses: actions/download-artifact@v3
|
||||
with:
|
||||
name: dist
|
||||
|
||||
- name: "Publish Debian package on Aptly repository"
|
||||
uses: https://gitea.zionetrix.net/bn8/aptly-publish@master
|
||||
with:
|
||||
api_url: ${{ vars.apt_api_url }}
|
||||
api_username: ${{ vars.apt_api_username }}
|
||||
api_password: ${{ secrets.apt_api_password }}
|
||||
repo_name: ${{ vars.apt_repo_name }}
|
||||
path: "./"
|
||||
source_name: ${{ vars.apt_source_name }}
|
15
.forgejo/workflows/tests.yaml
Normal file
15
.forgejo/workflows/tests.yaml
Normal file
|
@ -0,0 +1,15 @@
|
|||
---
|
||||
name: Run tests
|
||||
on: [push]
|
||||
jobs:
|
||||
test-precommit:
|
||||
runs-on: docker
|
||||
container:
|
||||
image: docker.io/brenard/python-pre-commit:latest
|
||||
steps:
|
||||
- name: Check out repository code
|
||||
uses: actions/checkout@v4
|
||||
with:
|
||||
fetch-depth: 0
|
||||
- name: Run pre-commit
|
||||
run: pre-commit run --all-files
|
1
.gitignore
vendored
1
.gitignore
vendored
|
@ -1,2 +1,3 @@
|
|||
*~
|
||||
.*.swp
|
||||
dist/
|
||||
|
|
64
.pre-commit-config.yaml
Normal file
64
.pre-commit-config.yaml
Normal file
|
@ -0,0 +1,64 @@
|
|||
# Pre-commit hooks to run tests and ensure code is cleaned.
|
||||
# See https://pre-commit.com for more information
|
||||
---
|
||||
repos:
|
||||
- repo: https://github.com/astral-sh/ruff-pre-commit
|
||||
rev: v0.1.6
|
||||
hooks:
|
||||
- id: ruff
|
||||
args: ["--fix"]
|
||||
- repo: https://github.com/asottile/pyupgrade
|
||||
rev: v3.15.0
|
||||
hooks:
|
||||
- id: pyupgrade
|
||||
args: ["--keep-percent-format", "--py37-plus"]
|
||||
- repo: https://github.com/psf/black
|
||||
rev: 23.11.0
|
||||
hooks:
|
||||
- id: black
|
||||
args: ["--target-version", "py37", "--line-length", "100"]
|
||||
- repo: https://github.com/PyCQA/isort
|
||||
rev: 5.12.0
|
||||
hooks:
|
||||
- id: isort
|
||||
args: ["--profile", "black", "--line-length", "100"]
|
||||
- repo: https://github.com/PyCQA/flake8
|
||||
rev: 6.1.0
|
||||
hooks:
|
||||
- id: flake8
|
||||
args: ["--max-line-length=100"]
|
||||
- repo: https://github.com/codespell-project/codespell
|
||||
rev: v2.2.2
|
||||
hooks:
|
||||
- id: codespell
|
||||
args:
|
||||
- --ignore-words-list=exten
|
||||
- --skip="./.*,*.csv,*.json,*.ini,*.subject,*.txt,*.html,*.log,*.conf"
|
||||
- --quiet-level=2
|
||||
- --ignore-regex=.*codespell-ignore$
|
||||
# - --write-changes # Uncomment to write changes
|
||||
exclude_types: [csv, json]
|
||||
- repo: https://github.com/adrienverge/yamllint
|
||||
rev: v1.32.0
|
||||
hooks:
|
||||
- id: yamllint
|
||||
ignore: .github/
|
||||
- repo: https://github.com/pre-commit/mirrors-prettier
|
||||
rev: v2.7.1
|
||||
hooks:
|
||||
- id: prettier
|
||||
args: ["--print-width", "100"]
|
||||
- repo: local
|
||||
hooks:
|
||||
- id: pylint
|
||||
name: pylint
|
||||
entry: pylint
|
||||
language: system
|
||||
types: [python]
|
||||
require_serial: true
|
||||
- repo: https://github.com/PyCQA/bandit
|
||||
rev: 1.7.5
|
||||
hooks:
|
||||
- id: bandit
|
||||
args: [--skip, "B101", --recursive]
|
||||
minimum_pre_commit_version: 3.2.0
|
8
.pylintrc
Normal file
8
.pylintrc
Normal file
|
@ -0,0 +1,8 @@
|
|||
[MESSAGES CONTROL]
|
||||
disable=line-too-long,
|
||||
missing-docstring,
|
||||
invalid-name,
|
||||
locally-disabled,
|
||||
too-many-arguments,
|
||||
too-many-branches,
|
||||
redefined-outer-name,
|
12
README.md
12
README.md
|
@ -1,10 +1,17 @@
|
|||
# OpenLDAP tool to check CRC32 of LDIF files of slapd.d directory
|
||||
|
||||
|
||||
This script permit to check (and eventually fix) CRC32 value of the LDIF files of OpenLDAP slapd.d configuration directory.
|
||||
|
||||
## Requirements
|
||||
|
||||
This script only used common __python3__ modules _(no additionnal package to install on Debian based systems)_.
|
||||
This script only used common **python3** modules _(no additional package to install on Debian based systems)_.
|
||||
|
||||
## Installation
|
||||
|
||||
```
|
||||
git clone https://gogs.zionetrix.net/bn8/check_slapdd_crc32.git /usr/local/src/check_slapdd_crc32
|
||||
ln -s /usr/local/src/check_slapdd_crc32/check_slapdd_crc32 /usr/local/sbin/check_slapdd_crc32
|
||||
```
|
||||
|
||||
## Usage
|
||||
|
||||
|
@ -36,4 +43,3 @@ This program is free software; you can redistribute it and/or modify it under th
|
|||
This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
|
||||
|
||||
|
|
62
build.sh
Executable file
62
build.sh
Executable file
|
@ -0,0 +1,62 @@
|
|||
#!/bin/bash
|
||||
|
||||
QUIET_ARG=""
|
||||
[ "$1" == "--quiet" ] && QUIET_ARG="--quiet"
|
||||
|
||||
# Enter source directory
|
||||
cd $( dirname $0 )
|
||||
|
||||
echo "Clean previous build..."
|
||||
rm -fr dist
|
||||
|
||||
echo "Detect version using git describe..."
|
||||
VERSION="$( git describe --tags|sed 's/^[^0-9]*//' )"
|
||||
|
||||
echo "Create building environemt..."
|
||||
BDIR=dist/check-slapdd-crc32-$VERSION
|
||||
mkdir -p $BDIR
|
||||
[ -z "$QUIET_ARG" ] && RSYNC_ARG="-v" || RSYNC_ARG=""
|
||||
rsync -a $RSYNC_ARG debian/ $BDIR/debian/
|
||||
cp check_slapdd_crc32 $BDIR/
|
||||
|
||||
echo "Set VERSION=$VERSION in gitdch using sed..."
|
||||
sed -i "s/^version *=.*$/version = '$VERSION'/" $BDIR/check_slapdd_crc32
|
||||
|
||||
if [ -z "$DEBIAN_CODENAME" ]
|
||||
then
|
||||
echo "Retrieve debian codename using lsb_release..."
|
||||
DEBIAN_CODENAME=$( lsb_release -c -s )
|
||||
else
|
||||
echo "Use debian codename from environment ($DEBIAN_CODENAME)"
|
||||
fi
|
||||
|
||||
echo "Generate debian changelog using gitdch..."
|
||||
GITDCH_ARGS=('--verbose')
|
||||
[ -n "$QUIET_ARG" ] && GITDCH_ARGS=('--warning')
|
||||
if [ -n "$MAINTAINER_NAME" ]
|
||||
then
|
||||
echo "Use maintainer name from environment ($MAINTAINER_NAME)"
|
||||
GITDCH_ARGS+=("--maintainer-name" "${MAINTAINER_NAME}")
|
||||
fi
|
||||
if [ -n "$MAINTAINER_EMAIL" ]
|
||||
then
|
||||
echo "Use maintainer email from environment ($MAINTAINER_EMAIL)"
|
||||
GITDCH_ARGS+=("--maintainer-email" "$MAINTAINER_EMAIL")
|
||||
fi
|
||||
gitdch \
|
||||
--package-name check-slapdd-crc32 \
|
||||
--version "${VERSION}" \
|
||||
--code-name $DEBIAN_CODENAME \
|
||||
--output $BDIR/debian/changelog \
|
||||
--release-notes dist/release_notes.md \
|
||||
"${GITDCH_ARGS[@]}"
|
||||
|
||||
if [ -n "$MAINTAINER_NAME" -a -n "$MAINTAINER_EMAIL" ]
|
||||
then
|
||||
echo "Set Maintainer field in debian control file ($MAINTAINER_NAME <$MAINTAINER_EMAIL>)..."
|
||||
sed -i "s/^Maintainer: .*$/Maintainer: $MAINTAINER_NAME <$MAINTAINER_EMAIL>/" $BDIR/debian/control
|
||||
fi
|
||||
|
||||
echo "Build debian package..."
|
||||
cd $BDIR
|
||||
dpkg-buildpackage
|
|
@ -10,51 +10,37 @@ import os
|
|||
import re
|
||||
import sys
|
||||
|
||||
default_slapdd_path = '/etc/ldap/slapd.d'
|
||||
version = "0.0"
|
||||
default_slapdd_path = "/etc/ldap/slapd.d"
|
||||
|
||||
### MAIN ####
|
||||
parser = argparse.ArgumentParser()
|
||||
# Main
|
||||
parser = argparse.ArgumentParser(description=f"{__doc__} (version: {version})")
|
||||
|
||||
parser.add_argument("-d", "--debug", action="store_true", help="Show debug messages")
|
||||
|
||||
parser.add_argument("-v", "--verbose", action="store_true", help="Show verbose messages")
|
||||
|
||||
parser.add_argument(
|
||||
'-d', '--debug',
|
||||
action='store_true',
|
||||
help='Show debug messages'
|
||||
"-l", "--log-file", action="store", type=str, dest="logfile", help="Log file path"
|
||||
)
|
||||
|
||||
parser.add_argument(
|
||||
'-v', '--verbose',
|
||||
action='store_true',
|
||||
help='Show verbose messages'
|
||||
"-C",
|
||||
"--console",
|
||||
action="store_true",
|
||||
help="Also log on console (even if log file is provided)",
|
||||
)
|
||||
|
||||
parser.add_argument("-f", "--fix", action="store_true", help="Fix CRC32 value in LDIF files")
|
||||
|
||||
parser.add_argument(
|
||||
'-l',
|
||||
'--log-file',
|
||||
"-p",
|
||||
"--path",
|
||||
action="store",
|
||||
type=str,
|
||||
dest="logfile",
|
||||
help="Log file path"
|
||||
)
|
||||
|
||||
parser.add_argument(
|
||||
'-C', '--console',
|
||||
action='store_true',
|
||||
help='Also log on console (even if log file is provided)'
|
||||
)
|
||||
|
||||
parser.add_argument(
|
||||
'-f', '--fix',
|
||||
action='store_true',
|
||||
help='Fix CRC32 value in LDIF files'
|
||||
)
|
||||
|
||||
parser.add_argument(
|
||||
'-p', '--path',
|
||||
action='store',
|
||||
type=str,
|
||||
dest='slapdd_path',
|
||||
help='Default slapd.d directory path (default: %s)' % default_slapdd_path,
|
||||
default=default_slapdd_path
|
||||
dest="slapdd_path",
|
||||
help=f"Default slapd.d directory path (default: {default_slapdd_path}",
|
||||
default=default_slapdd_path,
|
||||
)
|
||||
|
||||
|
||||
|
@ -62,7 +48,9 @@ options = parser.parse_args()
|
|||
|
||||
# Initialize log
|
||||
log = logging.getLogger()
|
||||
logformat = logging.Formatter("%(asctime)s - " + os.path.basename(sys.argv[0]) + " - %(levelname)s - %(message)s")
|
||||
logformat = logging.Formatter(
|
||||
f"%(asctime)s - {os.path.basename(sys.argv[0])} - %(levelname)s - " "%(message)s"
|
||||
)
|
||||
|
||||
if options.debug:
|
||||
log.setLevel(logging.DEBUG)
|
||||
|
@ -81,6 +69,7 @@ if not options.logfile or options.console:
|
|||
logconsole.setFormatter(logformat)
|
||||
log.addHandler(logconsole)
|
||||
|
||||
|
||||
def check_file(dir_path, file_name):
|
||||
"""
|
||||
Check CRC32 of an LDIF file
|
||||
|
@ -93,33 +82,37 @@ def check_file(dir_path, file_name):
|
|||
lines = []
|
||||
current_crc32 = None
|
||||
try:
|
||||
with open(path, 'rb') as fd:
|
||||
with open(path, "rb") as fd:
|
||||
for line in fd.readlines():
|
||||
if line.startswith(b'# AUTO-GENERATED FILE - DO NOT EDIT!! Use ldapmodify.'):
|
||||
logging.debug('%s: AUTO-GENERATED line detected, pass (%s)', path, line)
|
||||
if line.startswith(b"# AUTO-GENERATED FILE - DO NOT EDIT!! Use ldapmodify."):
|
||||
logging.debug("%s: AUTO-GENERATED line detected, pass (%s)", path, line)
|
||||
continue
|
||||
if line.startswith(b'# CRC32 '):
|
||||
logging.debug('%s: CRC32 line detected, retreive current CRC32 value (%s)', path, line)
|
||||
current_crc32 = re.match('^# CRC32 (.*)$', line.decode()).group(1)
|
||||
if line.startswith(b"# CRC32 "):
|
||||
logging.debug(
|
||||
"%s: CRC32 line detected, retrieve current CRC32 value (%s)", path, line
|
||||
)
|
||||
current_crc32 = re.match("^# CRC32 (.*)$", line.decode()).group(1)
|
||||
logging.debug('%s: current CRC32 found is "%s"', path, current_crc32)
|
||||
continue
|
||||
lines.append(line)
|
||||
except IOError as err:
|
||||
logging.error('%s: fail to read file content (%s)', path, err)
|
||||
except OSError as err:
|
||||
logging.error("%s: fail to read file content (%s)", path, err)
|
||||
return False
|
||||
|
||||
crc32 = ("%08X" % ((binascii.crc32(b"".join(lines)) & 0xFFFFFFFF) % (1<<32))).lower()
|
||||
# pylint: disable=consider-using-f-string
|
||||
crc32 = ("%08X" % ((binascii.crc32(b"".join(lines)) & 0xFFFFFFFF) % (1 << 32))).lower()
|
||||
if current_crc32:
|
||||
if current_crc32 == crc32:
|
||||
log.info('%s: current CRC32 value is correct (%s)', path, crc32)
|
||||
log.info("%s: current CRC32 value is correct (%s)", path, crc32)
|
||||
else:
|
||||
log.warning('%s: invalid CRC32 value found (%s != %s)', path, current_crc32, crc32)
|
||||
log.warning("%s: invalid CRC32 value found (%s != %s)", path, current_crc32, crc32)
|
||||
fix_crc32(path, crc32, lines)
|
||||
else:
|
||||
log.warning('%s: no CRC32 value found. Correct CRC32 value is "%s".', path, crc32)
|
||||
fix_crc32(path, crc32, lines)
|
||||
return True
|
||||
|
||||
|
||||
def fix_crc32(path, crc32, lines):
|
||||
"""
|
||||
Fix CRC32 value of an LDIF file
|
||||
|
@ -131,18 +124,24 @@ def fix_crc32(path, crc32, lines):
|
|||
if not options.fix:
|
||||
return True
|
||||
try:
|
||||
with open(path, 'wb') as fd:
|
||||
lines = [b'# AUTO-GENERATED FILE - DO NOT EDIT!! Use ldapmodify.\n', b'# CRC32 %s\n' % crc32.encode()] + lines
|
||||
for line in lines:
|
||||
headers_lines = [
|
||||
b"# AUTO-GENERATED FILE - DO NOT EDIT!! Use ldapmodify.\n",
|
||||
b"# CRC32 " + crc32.encode() + b"\n",
|
||||
]
|
||||
with open(path, "wb") as fd:
|
||||
for line in headers_lines + lines:
|
||||
fd.write(line)
|
||||
except IOError as err:
|
||||
logging.error('%s: fail to write new file content (%s)', path, err)
|
||||
except OSError as err:
|
||||
logging.error("%s: fail to write new file content (%s)", path, err)
|
||||
return False
|
||||
return True
|
||||
|
||||
|
||||
log.info('Checking CRC32 in slapd directory "%s"', options.slapdd_path)
|
||||
for dirpath, dnames, fnames in os.walk(options.slapdd_path):
|
||||
log.debug('%s: sub-dirs = "%s", files = "%s"', dirpath, '", "'.join(dnames), '", "'.join(fnames))
|
||||
log.debug(
|
||||
'%s: sub-dirs = "%s", files = "%s"', dirpath, '", "'.join(dnames), '", "'.join(fnames)
|
||||
)
|
||||
for fname in fnames:
|
||||
if fname.endswith('.ldif'):
|
||||
if fname.endswith(".ldif"):
|
||||
check_file(dirpath, fname)
|
||||
|
|
1
debian/compat
vendored
Normal file
1
debian/compat
vendored
Normal file
|
@ -0,0 +1 @@
|
|||
11
|
13
debian/control
vendored
Normal file
13
debian/control
vendored
Normal file
|
@ -0,0 +1,13 @@
|
|||
Source: check-slapdd-crc32
|
||||
Section: admin
|
||||
Priority: optional
|
||||
Maintainer: Debian Zionetrix - check-slapdd-crc32 <debian+check-slapdd-crc32@zionetrix.net>
|
||||
Build-Depends: debhelper (>> 11.0.0)
|
||||
Standards-Version: 3.9.6
|
||||
|
||||
Package: check-slapdd-crc32
|
||||
Architecture: all
|
||||
Depends: ${misc:Depends}, python3
|
||||
Description: OpenLDAP tool to check CRC32 of LDIF files of slapd.d directory
|
||||
This script permit to check (and eventually fix) CRC32 value of the LDIF
|
||||
files of OpenLDAP slapd.d configuration directory.
|
20
debian/copyright
vendored
Normal file
20
debian/copyright
vendored
Normal file
|
@ -0,0 +1,20 @@
|
|||
This package was written by Benjamin Renard <brenard@zionetrix.net>.
|
||||
|
||||
Copyright (C) 2022 Benjamin Renard <brenard@zionetrix.net>
|
||||
|
||||
check-slapdd-crc32 is licensed under the GNU general public license, version 3.
|
||||
|
||||
check-slapdd-crc32 is free software; you can redistribute it and/or modify it under
|
||||
the terms of the GNU General Public License as published by the Free Software
|
||||
Foundation; either version 2, or (at your option) any later version.
|
||||
|
||||
check-slapdd-crc32 is distributed in the hope that it will be useful, but WITHOUT ANY
|
||||
WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
|
||||
PARTICULAR PURPOSE. See the GNU General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License along with
|
||||
check-slapdd-crc32; see the file COPYING. If not, write to the Free Software
|
||||
Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA.
|
||||
|
||||
On Debian systems, a copy of the GNU General Public License is available in
|
||||
/usr/share/common-licenses/GPL-3 as part of the base-files package.
|
1
debian/dirs
vendored
Normal file
1
debian/dirs
vendored
Normal file
|
@ -0,0 +1 @@
|
|||
usr/bin
|
1
debian/install
vendored
Normal file
1
debian/install
vendored
Normal file
|
@ -0,0 +1 @@
|
|||
check_slapdd_crc32 usr/bin
|
4
debian/rules
vendored
Executable file
4
debian/rules
vendored
Executable file
|
@ -0,0 +1,4 @@
|
|||
#!/usr/bin/make -f
|
||||
#export DH_VERBOSE=1
|
||||
%:
|
||||
dh $@
|
1
debian/source/format
vendored
Normal file
1
debian/source/format
vendored
Normal file
|
@ -0,0 +1 @@
|
|||
1.0
|
Loading…
Reference in a new issue