Add checks for gerrit ACLs
Check the following common problems with gerrit ACL lines: * Wrong path * Non-existence of a referenced file * Redundant setting of acl-config with default value Remove redundant entries that the script found. Add acl-config for freezer-specs since no ACL existed. Add acl-config for vinz-webclient since no ACL existed, this was in original change I1706332f911ad9c8887d1e40613b06cbeb5e1143. Change-Id: I6b9fc6d2ff1cd5a1f871975608947d6fe763b500
This commit is contained in:
parent
c0ee0db357
commit
6ef07db860
|
@ -709,6 +709,7 @@
|
|||
- project: openstack-infra/vinz-webclient
|
||||
use-storyboard: true
|
||||
description: Standalone UI replacment for Gerrit
|
||||
acl-config: /home/gerrit2/acls/openstack-infra/vinz.config
|
||||
- project: openstack-infra/yaml2ical
|
||||
use-storyboard: true
|
||||
description: Generate iCal files from a YAML description of meetings
|
||||
|
@ -777,7 +778,6 @@
|
|||
acl-config: /home/gerrit2/acls/openstack/app-catalog.config
|
||||
- project: openstack/astara
|
||||
description: Astara L3+ Network Virtualization - orchestration service
|
||||
acl-config: /home/gerrit2/acls/openstack/astara.config
|
||||
groups:
|
||||
- astara
|
||||
- project: openstack/astara-appliance
|
||||
|
@ -835,7 +835,6 @@
|
|||
description: Billing service for OpenStack
|
||||
- project: openstack/blazar
|
||||
description: Reservation Service for OpenStack
|
||||
acl-config: /home/gerrit2/acls/openstack/blazar.config
|
||||
- project: openstack/blazar-nova
|
||||
description: Specific Nova part of the Blazar Reservation Service for OpenStack
|
||||
acl-config: /home/gerrit2/acls/openstack/blazar.config
|
||||
|
@ -1305,7 +1304,6 @@
|
|||
description: Image building tools for OpenStack
|
||||
- project: openstack/distil
|
||||
description: Rating Service for OpenStack
|
||||
acl-config: /home/gerrit2/acls/openstack/distil.config
|
||||
- project: openstack/django-openstack-auth-kerberos
|
||||
description: Kerberos support for django-openstack-auth
|
||||
acl-config: /home/gerrit2/acls/openstack/django_openstack_auth.config
|
||||
|
@ -1371,6 +1369,7 @@
|
|||
description: OpenStack Freezer Specifications.
|
||||
groups:
|
||||
- freezer
|
||||
acl-config: /home/gerrit2/acls/openstack/freezer.config
|
||||
- project: openstack/freezer-web-ui
|
||||
description: Horizon Web interface for Freezer backup, restore and disaster recovery
|
||||
platform
|
||||
|
@ -2212,7 +2211,6 @@
|
|||
description: Simple library for parsing OpenStack microversion headers.
|
||||
- project: openstack/mistral
|
||||
description: Workflow Service for OpenStack.
|
||||
acl-config: /home/gerrit2/acls/openstack/mistral.config
|
||||
- project: openstack/mistral-dashboard
|
||||
description: Mistral Horizon plugin.
|
||||
groups:
|
||||
|
@ -2987,7 +2985,6 @@
|
|||
acl-config: /home/gerrit2/acls/openstack/puppet-modules.config
|
||||
- project: openstack/puppet-ceph
|
||||
description: Ceph Puppet Module
|
||||
acl-config: /home/gerrit2/acls/openstack/puppet-ceph.config
|
||||
- project: openstack/puppet-cinder
|
||||
description: OpenStack Cinder Puppet Module
|
||||
acl-config: /home/gerrit2/acls/openstack/puppet-modules.config
|
||||
|
@ -3376,12 +3373,10 @@
|
|||
description: Sahara aims to provide users with simple means to provision a Hadoop
|
||||
cluster by specifying several parameters like Hadoop version, cluster topology,
|
||||
nodes hardware details and a few more.
|
||||
acl-config: /home/gerrit2/acls/openstack/sahara.config
|
||||
options:
|
||||
- translate
|
||||
- project: openstack/sahara-ci-config
|
||||
description: Sahara-ci 3rd party testing configs (jjb, zuul, etc.)
|
||||
acl-config: /home/gerrit2/acls/openstack/sahara-ci-config.config
|
||||
- project: openstack/sahara-dashboard
|
||||
groups:
|
||||
- sahara
|
||||
|
@ -3514,7 +3509,6 @@
|
|||
- project: openstack/solum
|
||||
description: 'An OpenStack project designed to make cloud services easier to consume
|
||||
and integrate into your application development process. See: https://wiki.openstack.org/wiki/Solum'
|
||||
acl-config: /home/gerrit2/acls/openstack/solum.config
|
||||
- project: openstack/solum-dashboard
|
||||
description: 'Horizon plugin for Solum. See: https://wiki.openstack.org/wiki/Solum'
|
||||
acl-config: /home/gerrit2/acls/openstack/solum.config
|
||||
|
|
|
@ -17,6 +17,7 @@
|
|||
import argparse
|
||||
import contextlib
|
||||
import git
|
||||
import os
|
||||
import re
|
||||
import shutil
|
||||
import sys
|
||||
|
@ -72,6 +73,10 @@ def main():
|
|||
'infile',
|
||||
help='Path to gerrit/projects.yaml',
|
||||
)
|
||||
parser.add_argument(
|
||||
'acldir',
|
||||
help='Path to gerrit/acl',
|
||||
)
|
||||
args = parser.parse_args()
|
||||
|
||||
projects = yaml.load(open(args.infile, 'r'))
|
||||
|
@ -150,6 +155,30 @@ def main():
|
|||
found_errors += 1
|
||||
print("Error: Unknown option '%s' in project %s" %
|
||||
(option, name))
|
||||
# Check redundant acl-config
|
||||
acl_config = p.get('acl-config')
|
||||
if acl_config:
|
||||
if acl_config.endswith(name + '.config'):
|
||||
found_errors += 1
|
||||
print("Error: Project %s has redundant acl_config line, "
|
||||
"remove it." % name)
|
||||
if not acl_config.startswith('/home/gerrit2/acls/'):
|
||||
found_errors += 1
|
||||
print("Error: Project %s has wrong acl_config line, "
|
||||
"fix the path." % name)
|
||||
acl_file = os.path.join(args.acldir,
|
||||
acl_config[len('/home/gerrit2/acls/'):])
|
||||
if not os.path.isfile(acl_file):
|
||||
found_errors += 1
|
||||
print("Error: Project %s has non existing acl_config line" %
|
||||
name)
|
||||
else:
|
||||
# Check that default file exists
|
||||
acl_file = os.path.join(args.acldir, name + ".config")
|
||||
if not os.path.isfile(acl_file):
|
||||
found_errors += 1
|
||||
print("Error: Project %s has no default acl-config file" %
|
||||
name)
|
||||
|
||||
if found_errors:
|
||||
print("Found %d error(s) in %s" % (found_errors, args.infile))
|
||||
|
|
2
tox.ini
2
tox.ini
|
@ -19,7 +19,7 @@ commands =
|
|||
deps = PyYAML
|
||||
GitPython
|
||||
commands =
|
||||
{toxinidir}/tools/check_valid_gerrit_projects.py gerrit/projects.yaml
|
||||
{toxinidir}/tools/check_valid_gerrit_projects.py gerrit/projects.yaml gerrit/acls
|
||||
{toxinidir}/tools/check_projects_yaml_alphabetized.sh gerrit/projects.yaml
|
||||
|
||||
[testenv:venv]
|
||||
|
|
Loading…
Reference in New Issue