Compare commits
No commits in common. "32ced674a49e4cd79f4c6fb6dac368373698bf43" and "d7d54cb25f0cfb8ea1a9aa858c4dc5db44c0b284" have entirely different histories.
32ced674a4
...
d7d54cb25f
7 changed files with 151 additions and 216 deletions
|
@ -1,89 +0,0 @@
|
||||||
---
|
|
||||||
name: Build and publish Debian package
|
|
||||||
on: [create]
|
|
||||||
jobs:
|
|
||||||
build:
|
|
||||||
runs-on: docker
|
|
||||||
container:
|
|
||||||
image: docker.io/brenard/debian-python-deb:latest
|
|
||||||
steps:
|
|
||||||
- name: Check out repository code
|
|
||||||
uses: actions/checkout@v4
|
|
||||||
with:
|
|
||||||
fetch-depth: 0
|
|
||||||
- name: Build Debian package
|
|
||||||
env:
|
|
||||||
MAINTAINER_NAME: ${{ vars.MAINTAINER_NAME }}
|
|
||||||
MAINTAINER_EMAIL: ${{ vars.MAINTAINER_EMAIL }}
|
|
||||||
DEBIAN_CODENAME: ${{ vars.DEBIAN_CODENAME }}
|
|
||||||
run: |
|
|
||||||
echo "${{ secrets.GPG_KEY }}"|base64 -d|gpg --import
|
|
||||||
./build.sh
|
|
||||||
mv check_slapdd_crc32 dist/
|
|
||||||
- name: Upload Debian package files
|
|
||||||
uses: actions/upload-artifact@v3
|
|
||||||
with:
|
|
||||||
name: dist
|
|
||||||
path: |
|
|
||||||
dist/*.buildinfo
|
|
||||||
dist/*.changes
|
|
||||||
dist/*.deb
|
|
||||||
dist/*.dsc
|
|
||||||
dist/*.tar.gz
|
|
||||||
dist/release_notes.md
|
|
||||||
dist/check_slapdd_crc32
|
|
||||||
|
|
||||||
publish-forgejo:
|
|
||||||
runs-on: docker
|
|
||||||
container:
|
|
||||||
image: docker.io/brenard/debian-python-deb:latest
|
|
||||||
steps:
|
|
||||||
- name: Download Debian package files
|
|
||||||
uses: actions/download-artifact@v3
|
|
||||||
with:
|
|
||||||
name: dist
|
|
||||||
|
|
||||||
- name: Create the release
|
|
||||||
id: create-release
|
|
||||||
shell: bash
|
|
||||||
run: |
|
|
||||||
mkdir release
|
|
||||||
mv *.deb release/
|
|
||||||
mv check_slapdd_crc32 release/
|
|
||||||
md5sum release/* > md5sum.txt
|
|
||||||
sha512sum release/* > sha512sum.txt
|
|
||||||
mv md5sum.txt sha512sum.txt release/
|
|
||||||
{
|
|
||||||
echo 'release_note<<EOF'
|
|
||||||
cat release_notes.md
|
|
||||||
echo 'EOF'
|
|
||||||
} >> "$GITHUB_OUTPUT"
|
|
||||||
|
|
||||||
- name: Publish release on Forgejo
|
|
||||||
uses: actions/forgejo-release@v1
|
|
||||||
with:
|
|
||||||
direction: upload
|
|
||||||
url: https://gitea.zionetrix.net
|
|
||||||
token: ${{ secrets.forgejo_token }}
|
|
||||||
release-dir: release
|
|
||||||
release-notes: ${{ steps.create-release.outputs.release_note }}
|
|
||||||
|
|
||||||
publish-aptly:
|
|
||||||
runs-on: docker
|
|
||||||
container:
|
|
||||||
image: docker.io/brenard/aptly-publish:latest
|
|
||||||
steps:
|
|
||||||
- name: "Download Debian package files"
|
|
||||||
uses: actions/download-artifact@v3
|
|
||||||
with:
|
|
||||||
name: dist
|
|
||||||
|
|
||||||
- name: "Publish Debian package on Aptly repository"
|
|
||||||
uses: https://gitea.zionetrix.net/bn8/aptly-publish@master
|
|
||||||
with:
|
|
||||||
api_url: ${{ vars.apt_api_url }}
|
|
||||||
api_username: ${{ vars.apt_api_username }}
|
|
||||||
api_password: ${{ secrets.apt_api_password }}
|
|
||||||
repo_name: ${{ vars.apt_repo_name }}
|
|
||||||
path: "./"
|
|
||||||
source_name: ${{ vars.apt_source_name }}
|
|
|
@ -1,15 +0,0 @@
|
||||||
---
|
|
||||||
name: Run tests
|
|
||||||
on: [push]
|
|
||||||
jobs:
|
|
||||||
test-precommit:
|
|
||||||
runs-on: docker
|
|
||||||
container:
|
|
||||||
image: docker.io/brenard/python-pre-commit:latest
|
|
||||||
steps:
|
|
||||||
- name: Check out repository code
|
|
||||||
uses: actions/checkout@v4
|
|
||||||
with:
|
|
||||||
fetch-depth: 0
|
|
||||||
- name: Run pre-commit
|
|
||||||
run: pre-commit run --all-files
|
|
|
@ -1,64 +0,0 @@
|
||||||
# Pre-commit hooks to run tests and ensure code is cleaned.
|
|
||||||
# See https://pre-commit.com for more information
|
|
||||||
---
|
|
||||||
repos:
|
|
||||||
- repo: https://github.com/astral-sh/ruff-pre-commit
|
|
||||||
rev: v0.1.6
|
|
||||||
hooks:
|
|
||||||
- id: ruff
|
|
||||||
args: ["--fix"]
|
|
||||||
- repo: https://github.com/asottile/pyupgrade
|
|
||||||
rev: v3.15.0
|
|
||||||
hooks:
|
|
||||||
- id: pyupgrade
|
|
||||||
args: ["--keep-percent-format", "--py37-plus"]
|
|
||||||
- repo: https://github.com/psf/black
|
|
||||||
rev: 23.11.0
|
|
||||||
hooks:
|
|
||||||
- id: black
|
|
||||||
args: ["--target-version", "py37", "--line-length", "100"]
|
|
||||||
- repo: https://github.com/PyCQA/isort
|
|
||||||
rev: 5.12.0
|
|
||||||
hooks:
|
|
||||||
- id: isort
|
|
||||||
args: ["--profile", "black", "--line-length", "100"]
|
|
||||||
- repo: https://github.com/PyCQA/flake8
|
|
||||||
rev: 6.1.0
|
|
||||||
hooks:
|
|
||||||
- id: flake8
|
|
||||||
args: ["--max-line-length=100"]
|
|
||||||
- repo: https://github.com/codespell-project/codespell
|
|
||||||
rev: v2.2.2
|
|
||||||
hooks:
|
|
||||||
- id: codespell
|
|
||||||
args:
|
|
||||||
- --ignore-words-list=exten
|
|
||||||
- --skip="./.*,*.csv,*.json,*.ini,*.subject,*.txt,*.html,*.log,*.conf"
|
|
||||||
- --quiet-level=2
|
|
||||||
- --ignore-regex=.*codespell-ignore$
|
|
||||||
# - --write-changes # Uncomment to write changes
|
|
||||||
exclude_types: [csv, json]
|
|
||||||
- repo: https://github.com/adrienverge/yamllint
|
|
||||||
rev: v1.32.0
|
|
||||||
hooks:
|
|
||||||
- id: yamllint
|
|
||||||
ignore: .github/
|
|
||||||
- repo: https://github.com/pre-commit/mirrors-prettier
|
|
||||||
rev: v2.7.1
|
|
||||||
hooks:
|
|
||||||
- id: prettier
|
|
||||||
args: ["--print-width", "100"]
|
|
||||||
- repo: local
|
|
||||||
hooks:
|
|
||||||
- id: pylint
|
|
||||||
name: pylint
|
|
||||||
entry: pylint
|
|
||||||
language: system
|
|
||||||
types: [python]
|
|
||||||
require_serial: true
|
|
||||||
- repo: https://github.com/PyCQA/bandit
|
|
||||||
rev: 1.7.5
|
|
||||||
hooks:
|
|
||||||
- id: bandit
|
|
||||||
args: [--skip, "B101", --recursive]
|
|
||||||
minimum_pre_commit_version: 3.2.0
|
|
68
.woodpecker.yml
Normal file
68
.woodpecker.yml
Normal file
|
@ -0,0 +1,68 @@
|
||||||
|
clone:
|
||||||
|
git:
|
||||||
|
image: woodpeckerci/plugin-git
|
||||||
|
tags: true
|
||||||
|
|
||||||
|
pipeline:
|
||||||
|
test-pylint:
|
||||||
|
group: test
|
||||||
|
image: pipelinecomponents/pylint
|
||||||
|
commands:
|
||||||
|
- pylint check_slapdd_crc32
|
||||||
|
|
||||||
|
test-flake8:
|
||||||
|
group: test
|
||||||
|
image: pipelinecomponents/flake8
|
||||||
|
commands:
|
||||||
|
- flake8 check_slapdd_crc32
|
||||||
|
|
||||||
|
build:
|
||||||
|
image: brenard/debian-python-deb
|
||||||
|
when:
|
||||||
|
event: tag
|
||||||
|
commands:
|
||||||
|
- echo "$GPG_KEY"|base64 -d|gpg --import
|
||||||
|
- ./build.sh --quiet
|
||||||
|
secrets: [ maintainer_name, maintainer_email, gpg_key, debian_codename ]
|
||||||
|
|
||||||
|
publish-dryrun:
|
||||||
|
group: publish
|
||||||
|
image: alpine
|
||||||
|
when:
|
||||||
|
event: tag
|
||||||
|
commands:
|
||||||
|
- ls dist/* dist/check-slapdd-crc32-*/check_slapdd_crc32
|
||||||
|
|
||||||
|
publish-gitea:
|
||||||
|
group: publish
|
||||||
|
image: plugins/gitea-release
|
||||||
|
when:
|
||||||
|
event: tag
|
||||||
|
settings:
|
||||||
|
api_key:
|
||||||
|
from_secret: gitea_token
|
||||||
|
base_url: https://gitea.zionetrix.net
|
||||||
|
note: dist/release_notes.md
|
||||||
|
files:
|
||||||
|
- dist/check-slapdd-crc32-*/check_slapdd_crc32
|
||||||
|
- dist/*.deb
|
||||||
|
checksum:
|
||||||
|
- md5
|
||||||
|
- sha512
|
||||||
|
|
||||||
|
publish-apt:
|
||||||
|
group: publish
|
||||||
|
image: brenard/aptly-publish
|
||||||
|
when:
|
||||||
|
event: tag
|
||||||
|
settings:
|
||||||
|
api_url:
|
||||||
|
from_secret: apt_api_url
|
||||||
|
api_username:
|
||||||
|
from_secret: apt_api_username
|
||||||
|
api_password:
|
||||||
|
from_secret: apt_api_password
|
||||||
|
repo_name:
|
||||||
|
from_secret: apt_repo_name
|
||||||
|
path: dist
|
||||||
|
source_name: check-slapdd-crc32
|
|
@ -1,10 +1,10 @@
|
||||||
# OpenLDAP tool to check CRC32 of LDIF files of slapd.d directory
|
# OpenLDAP tool to check CRC32 of LDIF files of slapd.d directory
|
||||||
|
|
||||||
This script permit to check (and eventually fix) CRC32 value of the LDIF files of OpenLDAP slapd.d configuration directory.
|
This script permit to check (and eventually fix) CRC32 value of the LDIF files of OpenLDAP slapd.d configuration directory.
|
||||||
|
|
||||||
## Requirements
|
## Requirements
|
||||||
|
|
||||||
This script only used common **python3** modules _(no additional package to install on Debian based systems)_.
|
This script only used common __python3__ modules _(no additionnal package to install on Debian based systems)_.
|
||||||
|
|
||||||
## Installation
|
## Installation
|
||||||
|
|
||||||
|
@ -43,3 +43,4 @@ This program is free software; you can redistribute it and/or modify it under th
|
||||||
This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
|
This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
|
||||||
|
|
||||||
You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
|
You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
|
||||||
|
|
||||||
|
|
2
build.sh
2
build.sh
|
@ -24,7 +24,7 @@ sed -i "s/^version *=.*$/version = '$VERSION'/" $BDIR/check_slapdd_crc32
|
||||||
|
|
||||||
if [ -z "$DEBIAN_CODENAME" ]
|
if [ -z "$DEBIAN_CODENAME" ]
|
||||||
then
|
then
|
||||||
echo "Retrieve debian codename using lsb_release..."
|
echo "Retreive debian codename using lsb_release..."
|
||||||
DEBIAN_CODENAME=$( lsb_release -c -s )
|
DEBIAN_CODENAME=$( lsb_release -c -s )
|
||||||
else
|
else
|
||||||
echo "Use debian codename from environment ($DEBIAN_CODENAME)"
|
echo "Use debian codename from environment ($DEBIAN_CODENAME)"
|
||||||
|
|
|
@ -10,37 +10,54 @@ import os
|
||||||
import re
|
import re
|
||||||
import sys
|
import sys
|
||||||
|
|
||||||
version = "0.0"
|
version = '0.0'
|
||||||
default_slapdd_path = "/etc/ldap/slapd.d"
|
default_slapdd_path = '/etc/ldap/slapd.d'
|
||||||
|
|
||||||
# Main
|
# Main
|
||||||
parser = argparse.ArgumentParser(description=f"{__doc__} (version: {version})")
|
parser = argparse.ArgumentParser(
|
||||||
|
description=f'{__doc__} (version: {version})'
|
||||||
parser.add_argument("-d", "--debug", action="store_true", help="Show debug messages")
|
|
||||||
|
|
||||||
parser.add_argument("-v", "--verbose", action="store_true", help="Show verbose messages")
|
|
||||||
|
|
||||||
parser.add_argument(
|
|
||||||
"-l", "--log-file", action="store", type=str, dest="logfile", help="Log file path"
|
|
||||||
)
|
)
|
||||||
|
|
||||||
parser.add_argument(
|
parser.add_argument(
|
||||||
"-C",
|
'-d', '--debug',
|
||||||
"--console",
|
action='store_true',
|
||||||
action="store_true",
|
help='Show debug messages'
|
||||||
help="Also log on console (even if log file is provided)",
|
|
||||||
)
|
)
|
||||||
|
|
||||||
parser.add_argument("-f", "--fix", action="store_true", help="Fix CRC32 value in LDIF files")
|
parser.add_argument(
|
||||||
|
'-v', '--verbose',
|
||||||
|
action='store_true',
|
||||||
|
help='Show verbose messages'
|
||||||
|
)
|
||||||
|
|
||||||
parser.add_argument(
|
parser.add_argument(
|
||||||
"-p",
|
'-l',
|
||||||
"--path",
|
'--log-file',
|
||||||
action="store",
|
action="store",
|
||||||
type=str,
|
type=str,
|
||||||
dest="slapdd_path",
|
dest="logfile",
|
||||||
help=f"Default slapd.d directory path (default: {default_slapdd_path}",
|
help="Log file path"
|
||||||
default=default_slapdd_path,
|
)
|
||||||
|
|
||||||
|
parser.add_argument(
|
||||||
|
'-C', '--console',
|
||||||
|
action='store_true',
|
||||||
|
help='Also log on console (even if log file is provided)'
|
||||||
|
)
|
||||||
|
|
||||||
|
parser.add_argument(
|
||||||
|
'-f', '--fix',
|
||||||
|
action='store_true',
|
||||||
|
help='Fix CRC32 value in LDIF files'
|
||||||
|
)
|
||||||
|
|
||||||
|
parser.add_argument(
|
||||||
|
'-p', '--path',
|
||||||
|
action='store',
|
||||||
|
type=str,
|
||||||
|
dest='slapdd_path',
|
||||||
|
help=f'Default slapd.d directory path (default: {default_slapdd_path}',
|
||||||
|
default=default_slapdd_path
|
||||||
)
|
)
|
||||||
|
|
||||||
|
|
||||||
|
@ -49,8 +66,8 @@ options = parser.parse_args()
|
||||||
# Initialize log
|
# Initialize log
|
||||||
log = logging.getLogger()
|
log = logging.getLogger()
|
||||||
logformat = logging.Formatter(
|
logformat = logging.Formatter(
|
||||||
f"%(asctime)s - {os.path.basename(sys.argv[0])} - %(levelname)s - " "%(message)s"
|
f'%(asctime)s - {os.path.basename(sys.argv[0])} - %(levelname)s - '
|
||||||
)
|
'%(message)s')
|
||||||
|
|
||||||
if options.debug:
|
if options.debug:
|
||||||
log.setLevel(logging.DEBUG)
|
log.setLevel(logging.DEBUG)
|
||||||
|
@ -82,33 +99,50 @@ def check_file(dir_path, file_name):
|
||||||
lines = []
|
lines = []
|
||||||
current_crc32 = None
|
current_crc32 = None
|
||||||
try:
|
try:
|
||||||
with open(path, "rb") as fd:
|
with open(path, 'rb') as fd:
|
||||||
for line in fd.readlines():
|
for line in fd.readlines():
|
||||||
if line.startswith(b"# AUTO-GENERATED FILE - DO NOT EDIT!! Use ldapmodify."):
|
if line.startswith(
|
||||||
logging.debug("%s: AUTO-GENERATED line detected, pass (%s)", path, line)
|
b'# AUTO-GENERATED FILE - DO NOT EDIT!! Use ldapmodify.'
|
||||||
continue
|
):
|
||||||
if line.startswith(b"# CRC32 "):
|
|
||||||
logging.debug(
|
logging.debug(
|
||||||
"%s: CRC32 line detected, retrieve current CRC32 value (%s)", path, line
|
'%s: AUTO-GENERATED line detected, pass (%s)',
|
||||||
)
|
path, line)
|
||||||
current_crc32 = re.match("^# CRC32 (.*)$", line.decode()).group(1)
|
continue
|
||||||
logging.debug('%s: current CRC32 found is "%s"', path, current_crc32)
|
if line.startswith(b'# CRC32 '):
|
||||||
|
logging.debug(
|
||||||
|
'%s: CRC32 line detected, retreive current CRC32 '
|
||||||
|
'value (%s)',
|
||||||
|
path, line)
|
||||||
|
current_crc32 = re.match(
|
||||||
|
'^# CRC32 (.*)$', line.decode()
|
||||||
|
).group(1)
|
||||||
|
logging.debug(
|
||||||
|
'%s: current CRC32 found is "%s"',
|
||||||
|
path, current_crc32)
|
||||||
continue
|
continue
|
||||||
lines.append(line)
|
lines.append(line)
|
||||||
except OSError as err:
|
except IOError as err:
|
||||||
logging.error("%s: fail to read file content (%s)", path, err)
|
logging.error('%s: fail to read file content (%s)', path, err)
|
||||||
return False
|
return False
|
||||||
|
|
||||||
# pylint: disable=consider-using-f-string
|
# pylint: disable=consider-using-f-string
|
||||||
crc32 = ("%08X" % ((binascii.crc32(b"".join(lines)) & 0xFFFFFFFF) % (1 << 32))).lower()
|
crc32 = (
|
||||||
|
"%08X" % (
|
||||||
|
(binascii.crc32(b"".join(lines)) & 0xFFFFFFFF) % (1 << 32)
|
||||||
|
)
|
||||||
|
).lower()
|
||||||
if current_crc32:
|
if current_crc32:
|
||||||
if current_crc32 == crc32:
|
if current_crc32 == crc32:
|
||||||
log.info("%s: current CRC32 value is correct (%s)", path, crc32)
|
log.info('%s: current CRC32 value is correct (%s)', path, crc32)
|
||||||
else:
|
else:
|
||||||
log.warning("%s: invalid CRC32 value found (%s != %s)", path, current_crc32, crc32)
|
log.warning(
|
||||||
|
'%s: invalid CRC32 value found (%s != %s)',
|
||||||
|
path, current_crc32, crc32)
|
||||||
fix_crc32(path, crc32, lines)
|
fix_crc32(path, crc32, lines)
|
||||||
else:
|
else:
|
||||||
log.warning('%s: no CRC32 value found. Correct CRC32 value is "%s".', path, crc32)
|
log.warning(
|
||||||
|
'%s: no CRC32 value found. Correct CRC32 value is "%s".',
|
||||||
|
path, crc32)
|
||||||
fix_crc32(path, crc32, lines)
|
fix_crc32(path, crc32, lines)
|
||||||
return True
|
return True
|
||||||
|
|
||||||
|
@ -125,14 +159,14 @@ def fix_crc32(path, crc32, lines):
|
||||||
return True
|
return True
|
||||||
try:
|
try:
|
||||||
headers_lines = [
|
headers_lines = [
|
||||||
b"# AUTO-GENERATED FILE - DO NOT EDIT!! Use ldapmodify.\n",
|
b'# AUTO-GENERATED FILE - DO NOT EDIT!! Use ldapmodify.\n',
|
||||||
b"# CRC32 " + crc32.encode() + b"\n",
|
b'# CRC32 ' + crc32.encode() + b'\n',
|
||||||
]
|
]
|
||||||
with open(path, "wb") as fd:
|
with open(path, 'wb') as fd:
|
||||||
for line in headers_lines + lines:
|
for line in headers_lines + lines:
|
||||||
fd.write(line)
|
fd.write(line)
|
||||||
except OSError as err:
|
except IOError as err:
|
||||||
logging.error("%s: fail to write new file content (%s)", path, err)
|
logging.error('%s: fail to write new file content (%s)', path, err)
|
||||||
return False
|
return False
|
||||||
return True
|
return True
|
||||||
|
|
||||||
|
@ -140,8 +174,8 @@ def fix_crc32(path, crc32, lines):
|
||||||
log.info('Checking CRC32 in slapd directory "%s"', options.slapdd_path)
|
log.info('Checking CRC32 in slapd directory "%s"', options.slapdd_path)
|
||||||
for dirpath, dnames, fnames in os.walk(options.slapdd_path):
|
for dirpath, dnames, fnames in os.walk(options.slapdd_path):
|
||||||
log.debug(
|
log.debug(
|
||||||
'%s: sub-dirs = "%s", files = "%s"', dirpath, '", "'.join(dnames), '", "'.join(fnames)
|
'%s: sub-dirs = "%s", files = "%s"',
|
||||||
)
|
dirpath, '", "'.join(dnames), '", "'.join(fnames))
|
||||||
for fname in fnames:
|
for fname in fnames:
|
||||||
if fname.endswith(".ldif"):
|
if fname.endswith('.ldif'):
|
||||||
check_file(dirpath, fname)
|
check_file(dirpath, fname)
|
||||||
|
|
Loading…
Reference in a new issue