Compare commits

..

2 commits

Author SHA1 Message Date
Benjamin Renard
d246980abc Add CI for testing and publishing (gitea version & debian package)
All checks were successful
ci/woodpecker/push/woodpecker Pipeline was successful
ci/woodpecker/tag/woodpecker Pipeline was successful
2022-05-01 20:51:15 +02:00
Benjamin Renard
4aaeabba6a Fix pylint & flake8 warnings 2022-05-01 12:59:51 +02:00
12 changed files with 223 additions and 13 deletions

1
.gitignore vendored
View file

@ -1,2 +1,3 @@
*~ *~
.*.swp .*.swp
dist/

8
.pylintrc Normal file
View file

@ -0,0 +1,8 @@
[MESSAGES CONTROL]
disable=line-too-long,
missing-docstring,
invalid-name,
locally-disabled,
too-many-arguments,
too-many-branches,
redefined-outer-name,

69
.woodpecker.yml Normal file
View file

@ -0,0 +1,69 @@
clone:
git:
image: woodpeckerci/plugin-git
tags: true
pipeline:
test-pylint:
group: test
image: pipelinecomponents/pylint
commands:
- pylint check_slapdd_crc32
test-flake8:
group: test
image: pipelinecomponents/flake8
commands:
- flake8 check_slapdd_crc32
build:
image: brenard/debian-python-deb
when:
event: tag
commands:
- echo "$GPG_KEY"|base64 -d|gpg --import
- ./build.sh --quiet
secrets: [ maintainer_name, maintainer_email, gpg_key, debian_codename ]
publish-dryrun:
group: publish
image: alpine
when:
event: tag
commands:
- ls dist/* dist/check-slapdd-crc32-*/check_slapdd_crc32
publish-gitea:
group: publish
image: plugins/gitea-release
when:
event: tag
settings:
api_key:
from_secret: gitea_token
base_url: https://gitea.zionetrix.net
files:
- dist/check-slapdd-crc32-*/check_slapdd_crc32
- dist/*.deb
checksum:
- md5
- sha512
publish-apt:
group: publish
image: brenard/curl
when:
event: tag
commands:
- curl -u $APT_CREDS -X POST -F file=@$( ls dist/check-slapdd-crc32_*_all.deb ) $APT_API_URL/files/check-slapdd-crc32
- curl -u $APT_CREDS -X POST -F file=@$( ls dist/check-slapdd-crc32_*.buildinfo ) $APT_API_URL/files/check-slapdd-crc32
- curl -u $APT_CREDS -X POST -F file=@$( ls dist/check-slapdd-crc32_*.changes ) $APT_API_URL/files/check-slapdd-crc32
- curl -u $APT_CREDS -X POST -F file=@$( ls dist/check-slapdd-crc32_*.dsc ) $APT_API_URL/files/check-slapdd-crc32
- curl -u $APT_CREDS -X POST -F file=@$( ls dist/check-slapdd-crc32_*.tar.gz ) $APT_API_URL/files/check-slapdd-crc32
- curl -u $APT_CREDS -X POST $APT_API_URL/repos/$APT_REPO_NAME/include/check-slapdd-crc32
- APT_SNAP_NAME=$(date +%s)_$APT_REPO_NAME
- >
curl -u $APT_CREDS -X POST -H 'Content-Type: application/json' --data "{\"Name\":\"$APT_SNAP_NAME\"}" $APT_API_URL/repos/$APT_REPO_NAME/snapshots
- >
curl -u $APT_CREDS -X PUT -H 'Content-Type: application/json' --data "{\"Snapshots\": [{\"Component\": \"main\", \"Name\": \"$APT_SNAP_NAME\"}]}" $APT_API_URL/publish/:./$APT_REPO_NAME
secrets: [ apt_api_url, apt_creds, apt_repo_name ]

61
build.sh Executable file
View file

@ -0,0 +1,61 @@
#!/bin/bash
QUIET_ARG=""
[ "$1" == "--quiet" ] && QUIET_ARG="--quiet"
# Enter source directory
cd $( dirname $0 )
echo "Clean previous build..."
rm -fr dist
echo "Detect version using git describe..."
VERSION="$( git describe --tags|sed 's/^[^0-9]*//' )"
echo "Create building environemt..."
BDIR=dist/check-slapdd-crc32-$VERSION
mkdir -p $BDIR
[ -z "$QUIET_ARG" ] && RSYNC_ARG="-v" || RSYNC_ARG=""
rsync -a $RSYNC_ARG debian/ $BDIR/debian/
cp check_slapdd_crc32 $BDIR/
echo "Set VERSION=$VERSION in gitdch using sed..."
sed -i "s/^version *=.*$/version = '$VERSION'/" $BDIR/check_slapdd_crc32
if [ -z "$DEBIAN_CODENAME" ]
then
echo "Retreive debian codename using lsb_release..."
DEBIAN_CODENAME=$( lsb_release -c -s )
else
echo "Use debian codename from environment ($DEBIAN_CODENAME)"
fi
echo "Generate debian changelog using gitdch..."
GITDCH_ARGS=('--verbose')
[ -n "$QUIET_ARG" ] && GITDCH_ARGS=('--warning')
if [ -n "$MAINTAINER_NAME" ]
then
echo "Use maintainer name from environment ($MAINTAINER_NAME)"
GITDCH_ARGS+=("--maintainer-name" "${MAINTAINER_NAME}")
fi
if [ -n "$MAINTAINER_EMAIL" ]
then
echo "Use maintainer email from environment ($MAINTAINER_EMAIL)"
GITDCH_ARGS+=("--maintainer-email" "$MAINTAINER_EMAIL")
fi
gitdch \
--package-name check-slapdd-crc32 \
--version "${VERSION}" \
--code-name $DEBIAN_CODENAME \
--output $BDIR/debian/changelog \
"${GITDCH_ARGS[@]}"
if [ -n "$MAINTAINER_NAME" -a -n "$MAINTAINER_EMAIL" ]
then
echo "Set Maintainer field in debian control file ($MAINTAINER_NAME <$MAINTAINER_EMAIL>)..."
sed -i "s/^Maintainer: .*$/Maintainer: $MAINTAINER_NAME <$MAINTAINER_EMAIL>/" $BDIR/debian/control
fi
echo "Build debian package..."
cd $BDIR
dpkg-buildpackage

View file

@ -10,10 +10,13 @@ import os
import re import re
import sys import sys
version = '0.0'
default_slapdd_path = '/etc/ldap/slapd.d' default_slapdd_path = '/etc/ldap/slapd.d'
### MAIN #### # Main
parser = argparse.ArgumentParser() parser = argparse.ArgumentParser(
description=f'{__doc__} (version: {version})'
)
parser.add_argument( parser.add_argument(
'-d', '--debug', '-d', '--debug',
@ -53,7 +56,7 @@ parser.add_argument(
action='store', action='store',
type=str, type=str,
dest='slapdd_path', dest='slapdd_path',
help='Default slapd.d directory path (default: %s)' % default_slapdd_path, help=f'Default slapd.d directory path (default: {default_slapdd_path}',
default=default_slapdd_path default=default_slapdd_path
) )
@ -62,7 +65,9 @@ options = parser.parse_args()
# Initialize log # Initialize log
log = logging.getLogger() log = logging.getLogger()
logformat = logging.Formatter("%(asctime)s - " + os.path.basename(sys.argv[0]) + " - %(levelname)s - %(message)s") logformat = logging.Formatter(
f'%(asctime)s - {os.path.basename(sys.argv[0])} - %(levelname)s - '
'%(message)s')
if options.debug: if options.debug:
log.setLevel(logging.DEBUG) log.setLevel(logging.DEBUG)
@ -81,6 +86,7 @@ if not options.logfile or options.console:
logconsole.setFormatter(logformat) logconsole.setFormatter(logformat)
log.addHandler(logconsole) log.addHandler(logconsole)
def check_file(dir_path, file_name): def check_file(dir_path, file_name):
""" """
Check CRC32 of an LDIF file Check CRC32 of an LDIF file
@ -95,31 +101,52 @@ def check_file(dir_path, file_name):
try: try:
with open(path, 'rb') as fd: with open(path, 'rb') as fd:
for line in fd.readlines(): for line in fd.readlines():
if line.startswith(b'# AUTO-GENERATED FILE - DO NOT EDIT!! Use ldapmodify.'): if line.startswith(
logging.debug('%s: AUTO-GENERATED line detected, pass (%s)', path, line) b'# AUTO-GENERATED FILE - DO NOT EDIT!! Use ldapmodify.'
):
logging.debug(
'%s: AUTO-GENERATED line detected, pass (%s)',
path, line)
continue continue
if line.startswith(b'# CRC32 '): if line.startswith(b'# CRC32 '):
logging.debug('%s: CRC32 line detected, retreive current CRC32 value (%s)', path, line) logging.debug(
current_crc32 = re.match('^# CRC32 (.*)$', line.decode()).group(1) '%s: CRC32 line detected, retreive current CRC32 '
logging.debug('%s: current CRC32 found is "%s"', path, current_crc32) 'value (%s)',
path, line)
current_crc32 = re.match(
'^# CRC32 (.*)$', line.decode()
).group(1)
logging.debug(
'%s: current CRC32 found is "%s"',
path, current_crc32)
continue continue
lines.append(line) lines.append(line)
except IOError as err: except IOError as err:
logging.error('%s: fail to read file content (%s)', path, err) logging.error('%s: fail to read file content (%s)', path, err)
return False return False
crc32 = ("%08X" % ((binascii.crc32(b"".join(lines)) & 0xFFFFFFFF) % (1<<32))).lower() # pylint: disable=consider-using-f-string
crc32 = (
"%08X" % (
(binascii.crc32(b"".join(lines)) & 0xFFFFFFFF) % (1 << 32)
)
).lower()
if current_crc32: if current_crc32:
if current_crc32 == crc32: if current_crc32 == crc32:
log.info('%s: current CRC32 value is correct (%s)', path, crc32) log.info('%s: current CRC32 value is correct (%s)', path, crc32)
else: else:
log.warning('%s: invalid CRC32 value found (%s != %s)', path, current_crc32, crc32) log.warning(
'%s: invalid CRC32 value found (%s != %s)',
path, current_crc32, crc32)
fix_crc32(path, crc32, lines) fix_crc32(path, crc32, lines)
else: else:
log.warning('%s: no CRC32 value found. Correct CRC32 value is "%s".', path, crc32) log.warning(
'%s: no CRC32 value found. Correct CRC32 value is "%s".',
path, crc32)
fix_crc32(path, crc32, lines) fix_crc32(path, crc32, lines)
return True return True
def fix_crc32(path, crc32, lines): def fix_crc32(path, crc32, lines):
""" """
Fix CRC32 value of an LDIF file Fix CRC32 value of an LDIF file
@ -143,9 +170,12 @@ def fix_crc32(path, crc32, lines):
return False return False
return True return True
log.info('Checking CRC32 in slapd directory "%s"', options.slapdd_path) log.info('Checking CRC32 in slapd directory "%s"', options.slapdd_path)
for dirpath, dnames, fnames in os.walk(options.slapdd_path): for dirpath, dnames, fnames in os.walk(options.slapdd_path):
log.debug('%s: sub-dirs = "%s", files = "%s"', dirpath, '", "'.join(dnames), '", "'.join(fnames)) log.debug(
'%s: sub-dirs = "%s", files = "%s"',
dirpath, '", "'.join(dnames), '", "'.join(fnames))
for fname in fnames: for fname in fnames:
if fname.endswith('.ldif'): if fname.endswith('.ldif'):
check_file(dirpath, fname) check_file(dirpath, fname)

1
debian/compat vendored Normal file
View file

@ -0,0 +1 @@
11

13
debian/control vendored Normal file
View file

@ -0,0 +1,13 @@
Source: check-slapdd-crc32
Section: admin
Priority: optional
Maintainer: Debian Zionetrix - check-slapdd-crc32 <debian+check-slapdd-crc32@zionetrix.net>
Build-Depends: debhelper (>> 11.0.0)
Standards-Version: 3.9.6
Package: check-slapdd-crc32
Architecture: all
Depends: ${misc:Depends}, python3
Description: OpenLDAP tool to check CRC32 of LDIF files of slapd.d directory
This script permit to check (and eventually fix) CRC32 value of the LDIF
files of OpenLDAP slapd.d configuration directory.

20
debian/copyright vendored Normal file
View file

@ -0,0 +1,20 @@
This package was written by Benjamin Renard <brenard@zionetrix.net>.
Copyright (C) 2022 Benjamin Renard <brenard@zionetrix.net>
check-slapdd-crc32 is licensed under the GNU general public license, version 3.
check-slapdd-crc32 is free software; you can redistribute it and/or modify it under
the terms of the GNU General Public License as published by the Free Software
Foundation; either version 2, or (at your option) any later version.
check-slapdd-crc32 is distributed in the hope that it will be useful, but WITHOUT ANY
WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
PARTICULAR PURPOSE. See the GNU General Public License for more details.
You should have received a copy of the GNU General Public License along with
check-slapdd-crc32; see the file COPYING. If not, write to the Free Software
Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA.
On Debian systems, a copy of the GNU General Public License is available in
/usr/share/common-licenses/GPL-3 as part of the base-files package.

1
debian/dirs vendored Normal file
View file

@ -0,0 +1 @@
usr/lib/nagios/plugins

1
debian/install vendored Normal file
View file

@ -0,0 +1 @@
check_slapdd_crc32 usr/lib/nagios/plugins

4
debian/rules vendored Executable file
View file

@ -0,0 +1,4 @@
#!/usr/bin/make -f
#export DH_VERBOSE=1
%:
dh $@

1
debian/source/format vendored Normal file
View file

@ -0,0 +1 @@
1.0