Compare commits

..

No commits in common. "32ced674a49e4cd79f4c6fb6dac368373698bf43" and "d7d54cb25f0cfb8ea1a9aa858c4dc5db44c0b284" have entirely different histories.

7 changed files with 151 additions and 216 deletions

View file

@ -1,89 +0,0 @@
---
name: Build and publish Debian package
on: [create]
jobs:
build:
runs-on: docker
container:
image: docker.io/brenard/debian-python-deb:latest
steps:
- name: Check out repository code
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Build Debian package
env:
MAINTAINER_NAME: ${{ vars.MAINTAINER_NAME }}
MAINTAINER_EMAIL: ${{ vars.MAINTAINER_EMAIL }}
DEBIAN_CODENAME: ${{ vars.DEBIAN_CODENAME }}
run: |
echo "${{ secrets.GPG_KEY }}"|base64 -d|gpg --import
./build.sh
mv check_slapdd_crc32 dist/
- name: Upload Debian package files
uses: actions/upload-artifact@v3
with:
name: dist
path: |
dist/*.buildinfo
dist/*.changes
dist/*.deb
dist/*.dsc
dist/*.tar.gz
dist/release_notes.md
dist/check_slapdd_crc32
publish-forgejo:
runs-on: docker
container:
image: docker.io/brenard/debian-python-deb:latest
steps:
- name: Download Debian package files
uses: actions/download-artifact@v3
with:
name: dist
- name: Create the release
id: create-release
shell: bash
run: |
mkdir release
mv *.deb release/
mv check_slapdd_crc32 release/
md5sum release/* > md5sum.txt
sha512sum release/* > sha512sum.txt
mv md5sum.txt sha512sum.txt release/
{
echo 'release_note<<EOF'
cat release_notes.md
echo 'EOF'
} >> "$GITHUB_OUTPUT"
- name: Publish release on Forgejo
uses: actions/forgejo-release@v1
with:
direction: upload
url: https://gitea.zionetrix.net
token: ${{ secrets.forgejo_token }}
release-dir: release
release-notes: ${{ steps.create-release.outputs.release_note }}
publish-aptly:
runs-on: docker
container:
image: docker.io/brenard/aptly-publish:latest
steps:
- name: "Download Debian package files"
uses: actions/download-artifact@v3
with:
name: dist
- name: "Publish Debian package on Aptly repository"
uses: https://gitea.zionetrix.net/bn8/aptly-publish@master
with:
api_url: ${{ vars.apt_api_url }}
api_username: ${{ vars.apt_api_username }}
api_password: ${{ secrets.apt_api_password }}
repo_name: ${{ vars.apt_repo_name }}
path: "./"
source_name: ${{ vars.apt_source_name }}

View file

@ -1,15 +0,0 @@
---
name: Run tests
on: [push]
jobs:
test-precommit:
runs-on: docker
container:
image: docker.io/brenard/python-pre-commit:latest
steps:
- name: Check out repository code
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Run pre-commit
run: pre-commit run --all-files

View file

@ -1,64 +0,0 @@
# Pre-commit hooks to run tests and ensure code is cleaned.
# See https://pre-commit.com for more information
---
repos:
- repo: https://github.com/astral-sh/ruff-pre-commit
rev: v0.1.6
hooks:
- id: ruff
args: ["--fix"]
- repo: https://github.com/asottile/pyupgrade
rev: v3.15.0
hooks:
- id: pyupgrade
args: ["--keep-percent-format", "--py37-plus"]
- repo: https://github.com/psf/black
rev: 23.11.0
hooks:
- id: black
args: ["--target-version", "py37", "--line-length", "100"]
- repo: https://github.com/PyCQA/isort
rev: 5.12.0
hooks:
- id: isort
args: ["--profile", "black", "--line-length", "100"]
- repo: https://github.com/PyCQA/flake8
rev: 6.1.0
hooks:
- id: flake8
args: ["--max-line-length=100"]
- repo: https://github.com/codespell-project/codespell
rev: v2.2.2
hooks:
- id: codespell
args:
- --ignore-words-list=exten
- --skip="./.*,*.csv,*.json,*.ini,*.subject,*.txt,*.html,*.log,*.conf"
- --quiet-level=2
- --ignore-regex=.*codespell-ignore$
# - --write-changes # Uncomment to write changes
exclude_types: [csv, json]
- repo: https://github.com/adrienverge/yamllint
rev: v1.32.0
hooks:
- id: yamllint
ignore: .github/
- repo: https://github.com/pre-commit/mirrors-prettier
rev: v2.7.1
hooks:
- id: prettier
args: ["--print-width", "100"]
- repo: local
hooks:
- id: pylint
name: pylint
entry: pylint
language: system
types: [python]
require_serial: true
- repo: https://github.com/PyCQA/bandit
rev: 1.7.5
hooks:
- id: bandit
args: [--skip, "B101", --recursive]
minimum_pre_commit_version: 3.2.0

68
.woodpecker.yml Normal file
View file

@ -0,0 +1,68 @@
clone:
git:
image: woodpeckerci/plugin-git
tags: true
pipeline:
test-pylint:
group: test
image: pipelinecomponents/pylint
commands:
- pylint check_slapdd_crc32
test-flake8:
group: test
image: pipelinecomponents/flake8
commands:
- flake8 check_slapdd_crc32
build:
image: brenard/debian-python-deb
when:
event: tag
commands:
- echo "$GPG_KEY"|base64 -d|gpg --import
- ./build.sh --quiet
secrets: [ maintainer_name, maintainer_email, gpg_key, debian_codename ]
publish-dryrun:
group: publish
image: alpine
when:
event: tag
commands:
- ls dist/* dist/check-slapdd-crc32-*/check_slapdd_crc32
publish-gitea:
group: publish
image: plugins/gitea-release
when:
event: tag
settings:
api_key:
from_secret: gitea_token
base_url: https://gitea.zionetrix.net
note: dist/release_notes.md
files:
- dist/check-slapdd-crc32-*/check_slapdd_crc32
- dist/*.deb
checksum:
- md5
- sha512
publish-apt:
group: publish
image: brenard/aptly-publish
when:
event: tag
settings:
api_url:
from_secret: apt_api_url
api_username:
from_secret: apt_api_username
api_password:
from_secret: apt_api_password
repo_name:
from_secret: apt_repo_name
path: dist
source_name: check-slapdd-crc32

View file

@ -1,10 +1,10 @@
# OpenLDAP tool to check CRC32 of LDIF files of slapd.d directory
This script permit to check (and eventually fix) CRC32 value of the LDIF files of OpenLDAP slapd.d configuration directory.
## Requirements
This script only used common **python3** modules _(no additional package to install on Debian based systems)_.
This script only used common __python3__ modules _(no additionnal package to install on Debian based systems)_.
## Installation
@ -43,3 +43,4 @@ This program is free software; you can redistribute it and/or modify it under th
This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.

View file

@ -24,7 +24,7 @@ sed -i "s/^version *=.*$/version = '$VERSION'/" $BDIR/check_slapdd_crc32
if [ -z "$DEBIAN_CODENAME" ]
then
echo "Retrieve debian codename using lsb_release..."
echo "Retreive debian codename using lsb_release..."
DEBIAN_CODENAME=$( lsb_release -c -s )
else
echo "Use debian codename from environment ($DEBIAN_CODENAME)"

View file

@ -10,37 +10,54 @@ import os
import re
import sys
version = "0.0"
default_slapdd_path = "/etc/ldap/slapd.d"
version = '0.0'
default_slapdd_path = '/etc/ldap/slapd.d'
# Main
parser = argparse.ArgumentParser(description=f"{__doc__} (version: {version})")
parser.add_argument("-d", "--debug", action="store_true", help="Show debug messages")
parser.add_argument("-v", "--verbose", action="store_true", help="Show verbose messages")
parser.add_argument(
"-l", "--log-file", action="store", type=str, dest="logfile", help="Log file path"
parser = argparse.ArgumentParser(
description=f'{__doc__} (version: {version})'
)
parser.add_argument(
"-C",
"--console",
action="store_true",
help="Also log on console (even if log file is provided)",
'-d', '--debug',
action='store_true',
help='Show debug messages'
)
parser.add_argument("-f", "--fix", action="store_true", help="Fix CRC32 value in LDIF files")
parser.add_argument(
'-v', '--verbose',
action='store_true',
help='Show verbose messages'
)
parser.add_argument(
"-p",
"--path",
'-l',
'--log-file',
action="store",
type=str,
dest="slapdd_path",
help=f"Default slapd.d directory path (default: {default_slapdd_path}",
default=default_slapdd_path,
dest="logfile",
help="Log file path"
)
parser.add_argument(
'-C', '--console',
action='store_true',
help='Also log on console (even if log file is provided)'
)
parser.add_argument(
'-f', '--fix',
action='store_true',
help='Fix CRC32 value in LDIF files'
)
parser.add_argument(
'-p', '--path',
action='store',
type=str,
dest='slapdd_path',
help=f'Default slapd.d directory path (default: {default_slapdd_path}',
default=default_slapdd_path
)
@ -49,8 +66,8 @@ options = parser.parse_args()
# Initialize log
log = logging.getLogger()
logformat = logging.Formatter(
f"%(asctime)s - {os.path.basename(sys.argv[0])} - %(levelname)s - " "%(message)s"
)
f'%(asctime)s - {os.path.basename(sys.argv[0])} - %(levelname)s - '
'%(message)s')
if options.debug:
log.setLevel(logging.DEBUG)
@ -82,33 +99,50 @@ def check_file(dir_path, file_name):
lines = []
current_crc32 = None
try:
with open(path, "rb") as fd:
with open(path, 'rb') as fd:
for line in fd.readlines():
if line.startswith(b"# AUTO-GENERATED FILE - DO NOT EDIT!! Use ldapmodify."):
logging.debug("%s: AUTO-GENERATED line detected, pass (%s)", path, line)
continue
if line.startswith(b"# CRC32 "):
if line.startswith(
b'# AUTO-GENERATED FILE - DO NOT EDIT!! Use ldapmodify.'
):
logging.debug(
"%s: CRC32 line detected, retrieve current CRC32 value (%s)", path, line
)
current_crc32 = re.match("^# CRC32 (.*)$", line.decode()).group(1)
logging.debug('%s: current CRC32 found is "%s"', path, current_crc32)
'%s: AUTO-GENERATED line detected, pass (%s)',
path, line)
continue
if line.startswith(b'# CRC32 '):
logging.debug(
'%s: CRC32 line detected, retreive current CRC32 '
'value (%s)',
path, line)
current_crc32 = re.match(
'^# CRC32 (.*)$', line.decode()
).group(1)
logging.debug(
'%s: current CRC32 found is "%s"',
path, current_crc32)
continue
lines.append(line)
except OSError as err:
logging.error("%s: fail to read file content (%s)", path, err)
except IOError as err:
logging.error('%s: fail to read file content (%s)', path, err)
return False
# pylint: disable=consider-using-f-string
crc32 = ("%08X" % ((binascii.crc32(b"".join(lines)) & 0xFFFFFFFF) % (1 << 32))).lower()
crc32 = (
"%08X" % (
(binascii.crc32(b"".join(lines)) & 0xFFFFFFFF) % (1 << 32)
)
).lower()
if current_crc32:
if current_crc32 == crc32:
log.info("%s: current CRC32 value is correct (%s)", path, crc32)
log.info('%s: current CRC32 value is correct (%s)', path, crc32)
else:
log.warning("%s: invalid CRC32 value found (%s != %s)", path, current_crc32, crc32)
log.warning(
'%s: invalid CRC32 value found (%s != %s)',
path, current_crc32, crc32)
fix_crc32(path, crc32, lines)
else:
log.warning('%s: no CRC32 value found. Correct CRC32 value is "%s".', path, crc32)
log.warning(
'%s: no CRC32 value found. Correct CRC32 value is "%s".',
path, crc32)
fix_crc32(path, crc32, lines)
return True
@ -125,14 +159,14 @@ def fix_crc32(path, crc32, lines):
return True
try:
headers_lines = [
b"# AUTO-GENERATED FILE - DO NOT EDIT!! Use ldapmodify.\n",
b"# CRC32 " + crc32.encode() + b"\n",
b'# AUTO-GENERATED FILE - DO NOT EDIT!! Use ldapmodify.\n',
b'# CRC32 ' + crc32.encode() + b'\n',
]
with open(path, "wb") as fd:
with open(path, 'wb') as fd:
for line in headers_lines + lines:
fd.write(line)
except OSError as err:
logging.error("%s: fail to write new file content (%s)", path, err)
except IOError as err:
logging.error('%s: fail to write new file content (%s)', path, err)
return False
return True
@ -140,8 +174,8 @@ def fix_crc32(path, crc32, lines):
log.info('Checking CRC32 in slapd directory "%s"', options.slapdd_path)
for dirpath, dnames, fnames in os.walk(options.slapdd_path):
log.debug(
'%s: sub-dirs = "%s", files = "%s"', dirpath, '", "'.join(dnames), '", "'.join(fnames)
)
'%s: sub-dirs = "%s", files = "%s"',
dirpath, '", "'.join(dnames), '", "'.join(fnames))
for fname in fnames:
if fname.endswith(".ldif"):
if fname.endswith('.ldif'):
check_file(dirpath, fname)