Added script for creating new repositories

[invirt/packages/invirt-dev.git] / invirt-build-conf

diff --git a/invirt-build-conf b/invirt-build-conf
index 6d3430b..1acbc9d 100755 (executable)
--- a/invirt-build-conf
+++ b/invirt-build-conf
@@ -6,12 +6,13 @@ This script generates the remctl ACL and configuration for each build
 pocket defined in the configuration. It also updates the .k5login for
 the git user that developers can push through.
 """
+from __future__ import with_statement
 
-
+import contextlib
 import os
 import tempfile
 
-from invirt.authz import mech as authz
+from invirt import authz
 from invirt import builder
 from invirt.config import structs as config
 
@@ -26,38 +27,41 @@ def userToPrinc(user):
 
     return princ.replace('.', '/') + '@' + realm
 
+def acl_path(pocket):
+    return '/etc/remctl/acl/build-%s' % pocket
+
+@contextlib.contextmanager
+def atomic_write(file):
+    tmp_fd, tmp_name = tempfile.mkstemp()
+    tmp = os.fdopen(tmp_fd, 'r+')
+    yield tmp
+    tmp.close()
+    os.rename(tmp_name, file)
 
 def main():
     all_devs = set()
-
-    # Python could really use a file-like object that gets written to
-    # a temporary path and moved to its final resting place on
-    # .close(). Oh well.
-    conf_fd, conf_name = tempfile.mkstemp()
-    conf = os.fdopen(conf_fd, 'r+')
-    build_handler = '/usr/sbin/invirt-submit-build'
+    build_handler = '/usr/bin/invirt-submit-build'
 
     for pocket in config.build.pockets:
         acl = authz.expandAdmin(getattr(config.build.pockets, pocket).acl, None)
+        with atomic_write(acl_path(pocket)) as f:
+            princs = [userToPrinc(a) for a in acl]
+            print >>f, '\n'.join(princs)
+            all_devs.update(set(princs))
 
-        acl_fd, acl_name = tempfile.mkstemp()
-        acl_fd = os.fdopen(acl_fd, 'r+')
-        print >>acl_fd, '\n'.join(userToPrinc(a) for a in acl)
-
-        all_devs.update(set(userToPrinc(a) for a in acl))
-
-        acl_path = os.path.join('/etc/remctl/acl/build-%s' % pocket)
-
-        os.rename(acl_name, acl_path)
-        print >>conf, 'build %s %s %s' % (pocket, build_handler, acl_path)
+    with atomic_write('/etc/remctl/conf.d/build') as f:
+        for pocket in config.build.pockets:
+            print >>f, 'build %s %s %s' % (pocket, build_handler, acl_path(pocket))
 
-    os.rename(conf_name, '/etc/remctl/conf.d/build')
+    with atomic_write('/etc/remctl/acl/repo_admin') as f:
+        acl = authz.expandAdmin(config.build.repo_admin, None)
+        print >>f, '\n'.join(userToPrinc(a) for a in acl)
 
-    k5login_fd, k5login_name = tempfile.mkstemp()
-    k5login = os.fdopen(k5login_fd, 'r+')
-    print >>k5login, '\n'.join(all_devs)
+    with atomic_write('/etc/remctl/conf.d/repo_admin') as f:
+        print >>f, 'create repo /usr/bin/invirt-add-repo /etc/remctl/acl/repo_admin'
 
-    os.rename(k5login_name, os.path.join(builder._REPO_DIR, '.k5login'))
+    with atomic_write(os.path.join(builder._REPO_DIR, '.k5login')) as f:
+        print >>f, '\n'.join(all_devs)
 
 
 if __name__ == '__main__':