From 899a7d35dfb525453629048ae8491cab27b84720 Mon Sep 17 00:00:00 2001 From: Daniel Berteaud Date: Sun, 19 Nov 2017 13:24:10 +0100 Subject: [PATCH] Import --- bin/buildwatcher | 39 ++++++++++++++++++++ bin/buildwatcher_ssh_setup | 12 ++++++ buildwatcher.spec | 88 ++++++++++++++++++++++++++++++++++++++++++++ conf/watcher.conf | 5 +++ systemd/buildwatcher.service | 11 ++++++ 5 files changed, 155 insertions(+) create mode 100644 bin/buildwatcher create mode 100644 bin/buildwatcher_ssh_setup create mode 100644 buildwatcher.spec create mode 100644 conf/watcher.conf create mode 100644 systemd/buildwatcher.service diff --git a/bin/buildwatcher b/bin/buildwatcher new file mode 100644 index 0000000..2bbb46c --- /dev/null +++ b/bin/buildwatcher @@ -0,0 +1,39 @@ +#!/bin/bash + +[ -e /etc/buildwatcher/watcher.conf ] && . /etc/buildwatcher/watcher.conf + +TOP_DIR=${TOP_DIR:-/var/lib/build/} +WATCHED_DIR=$TOP_DIR/uploads +PLAGUE_SERVER=${PLAGUE_SERVER:-http://localhost:8887} + +inotifywait -e moved_to -r -m --format %w%f $WATCHED_DIR | while read SRPM; do + echo "new file arrived: $SRPM" + NAME=$(rpm -qp $SRPM --qf %{NAME}) + if [ -z $NAME ]; then + echo "Error, $SRPM is not a valid srpm file. Notifying the admin ($ADMIN_EMAIL)" + mv $SRPM $TOP_DIR/errors/ + echo "An error occurred with file $SRPM which wasn't recognized as a valid srpm file. It's been moved to $TOP_DIR/errors/" | \ + mail -s "Build sys error" $ADMIN_EMAIL + else + DIST=$(basename $(dirname $SRPM)) + OWNER=$(stat --format %U $SRPM) + # Lookup in LDAP if we have an email for this user + echo "Looking up email of user $OWNER: ldapsearch -x -LLL -H $LDAP_URI -b $LDAP_USER_BASE uid=$OWNER mail" + EMAIL=$(ldapsearch -x -LLL -H $LDAP_URI -b $LDAP_USER_BASE uid=$OWNER mail | grep mail: | head -1 | awk '{print $2}') + [ -z $EMAIL ] && EMAIL=$ADMIN_EMAIL + PLAGUE_CONF=$(mktemp) + # TODO: make the plague client config file templated + cat <<_EOF > $PLAGUE_CONF +[Server] +use_ssl = no +address = $PLAGUE_SERVER +allow_uploads = yes + +[User] +email = $EMAIL +_EOF + + PLAGUE_CLIENT_CONFIG=$PLAGUE_CONF plague-client build $NAME $SRPM $DIST + rm -f $SRPM $PLAGUE_CONF + fi +done diff --git a/bin/buildwatcher_ssh_setup b/bin/buildwatcher_ssh_setup new file mode 100644 index 0000000..a1cc2c9 --- /dev/null +++ b/bin/buildwatcher_ssh_setup @@ -0,0 +1,12 @@ +#!/bin/bash + +set -e + +if [ ! -d ~/.ssh ]; then + mkdir ~/.ssh + chmod 700 ~/.ssh + ssh-keygen -t rsa -b 4096 -N "" -q -f ~/.ssh/id_rsa + ssh-keyscan localhost >> ~/.ssh/known_hosts + cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys + chmod 600 ~/.ssh/authorized_keys +fi diff --git a/buildwatcher.spec b/buildwatcher.spec new file mode 100644 index 0000000..dc3ece8 --- /dev/null +++ b/buildwatcher.spec @@ -0,0 +1,88 @@ +Summary: Plague buildsystem helper +Name: buildwatcher +Version: 0.0.8 +Release: 1.beta2 +Source0: %{name}-%{version}.tar.gz +BuildArch: noarch +License: MIT +Group: System + +Requires: openldap-clients +Requires: plague-client +Requires: plague +Requires: inotify-tools +%if 0%{?rhel} >= 7 +BuildRequires: systemd +%{?systemd_requires} +%endif + +%description +Provides a daemon which will watch a specified directory, and when an SRPM is moved +into this directory, it'll submit the build automatically to plague server + +%prep +%setup -q + +%build + +%install + +%{__rm} -rf $RPM_BUILD_ROOT +%{__install} -d -m 750 $RPM_BUILD_ROOT%{_bindir} +%{__install} -m 0755 bin/* $RPM_BUILD_ROOT%{_bindir} +%{__install} -d $RPM_BUILD_ROOT%{_sysconfdir}/%{name} +%{__install} -d $RPM_BUILD_ROOT%{_unitdir} +%{__install} -d $RPM_BUILD_ROOT%{_localstatedir}/lib/build/uploads +%{__install} -d $RPM_BUILD_ROOT%{_localstatedir}/lib/build/errors +%{__install} -d $RPM_BUILD_ROOT%{_localstatedir}/lib/build/work/srpm_upload_dir/ +%{__install} -m 0644 conf/* $RPM_BUILD_ROOT%{_sysconfdir}/%{name}/ +%{__install} -m 0644 systemd/buildwatcher.service $RPM_BUILD_ROOT%{_unitdir} + +%clean +%{__rm} -rf $RPM_BUILD_ROOT + +%pre +# Add the "zabbix" user +/usr/sbin/useradd -c "Build watcher user" \ + -s /sbin/nologin -r -d %{_localstatedir}/lib/build/home buildwatcher 2> /dev/null || : + +%preun +%systemd_preun buildwatcher.service + +%post + +%systemd_post buildwatcher.service + +%files +%defattr(-,root,root,-) +%{_bindir}/* +%{_localstatedir}/lib/build/uploads +%{_localstatedir}/lib/build/errors +%attr(0775,root,buildwatcher) %{_localstatedir}/lib/build/work/srpm_upload_dir/ +%config(noreplace) %attr(0644,root,root) %{_sysconfdir}/%{name}/* +%{_unitdir}/*.service + +%changelog +* Sat Nov 11 2017 Daniel Berteaud 0.0.8-1.beta2 +- FIx binary path in service unit (daniel@firewall-services.com) + +* Sat Nov 11 2017 Daniel Berteaud 0.0.7-1.beta2 +- Add systemd BuildRequires + +* Sat Nov 11 2017 Daniel Berteaud 0.0.6-1.beta2 +- Install systemd unit + +* Sat Nov 11 2017 Daniel Berteaud 0.0.5-1.beta2 +- Requires ldap clients not servers + +* Sat Nov 11 2017 Daniel Berteaud 0.0.4-1.beta2 +- Add simple systemd unit (daniel@firewall-services.com) + +* Thu Nov 09 2017 Daniel Berteaud 0.0.3-1.beta2 +- Fix %files + +* Sat Nov 04 2017 Daniel Berteaud 0.0.2-1.beta1 +- new package built with tito + +* Sat Nov 4 2017 Daniel Berteaud - 0.0.1-1 +- Initial release diff --git a/conf/watcher.conf b/conf/watcher.conf new file mode 100644 index 0000000..b28edd4 --- /dev/null +++ b/conf/watcher.conf @@ -0,0 +1,5 @@ +TOP_DIR=/var/lib/build +LDAP_URI=ldap://directory.domain.com/ +LDAP_USER_BASE=ou=Users,dc=domain,dc=com +ADMIN_EMAIL=admin@domain.com +PLAGUE_SERVER=http://localhost:8887 diff --git a/systemd/buildwatcher.service b/systemd/buildwatcher.service new file mode 100644 index 0000000..53e07d8 --- /dev/null +++ b/systemd/buildwatcher.service @@ -0,0 +1,11 @@ +[Unit] +Description=Monitor an upload dir and submit content to plague buildsys + +[Service] +Type=simple +ExecStart=/usr/bin/buildwatcher +ExecStartPre=/usr/bin/buildwatcher_ssh_setup +User=buildwatcher + +[Install] +WantedBy=multi-user.target