X-Git-Url: http://xvm.mit.edu/gitweb/invirt/packages/invirt-dev.git/blobdiff_plain/4561c47c9c4dcd3fe004ff46f4915de87a64b909..675ed12f6047c8d40475e83a3925bbf84ea107c0:/invirt-build-conf diff --git a/invirt-build-conf b/invirt-build-conf index d43bc7c..1acbc9d 100755 --- a/invirt-build-conf +++ b/invirt-build-conf @@ -6,8 +6,9 @@ This script generates the remctl ACL and configuration for each build pocket defined in the configuration. It also updates the .k5login for the git user that developers can push through. """ +from __future__ import with_statement - +import contextlib import os import tempfile @@ -26,38 +27,41 @@ def userToPrinc(user): return princ.replace('.', '/') + '@' + realm +def acl_path(pocket): + return '/etc/remctl/acl/build-%s' % pocket + +@contextlib.contextmanager +def atomic_write(file): + tmp_fd, tmp_name = tempfile.mkstemp() + tmp = os.fdopen(tmp_fd, 'r+') + yield tmp + tmp.close() + os.rename(tmp_name, file) def main(): all_devs = set() - - # Python could really use a file-like object that gets written to - # a temporary path and moved to its final resting place on - # .close(). Oh well. - conf_fd, conf_name = tempfile.mkstemp() - conf = os.fdopen(conf_fd, 'r+') build_handler = '/usr/bin/invirt-submit-build' for pocket in config.build.pockets: acl = authz.expandAdmin(getattr(config.build.pockets, pocket).acl, None) + with atomic_write(acl_path(pocket)) as f: + princs = [userToPrinc(a) for a in acl] + print >>f, '\n'.join(princs) + all_devs.update(set(princs)) - acl_fd, acl_name = tempfile.mkstemp() - acl_fd = os.fdopen(acl_fd, 'r+') - print >>acl_fd, '\n'.join(userToPrinc(a) for a in acl) - - all_devs.update(set(userToPrinc(a) for a in acl)) - - acl_path = os.path.join('/etc/remctl/acl/build-%s' % pocket) - - os.rename(acl_name, acl_path) - print >>conf, 'build %s %s %s' % (pocket, build_handler, acl_path) + with atomic_write('/etc/remctl/conf.d/build') as f: + for pocket in config.build.pockets: + print >>f, 'build %s %s %s' % (pocket, build_handler, acl_path(pocket)) - os.rename(conf_name, '/etc/remctl/conf.d/build') + with atomic_write('/etc/remctl/acl/repo_admin') as f: + acl = authz.expandAdmin(config.build.repo_admin, None) + print >>f, '\n'.join(userToPrinc(a) for a in acl) - k5login_fd, k5login_name = tempfile.mkstemp() - k5login = os.fdopen(k5login_fd, 'r+') - print >>k5login, '\n'.join(all_devs) + with atomic_write('/etc/remctl/conf.d/repo_admin') as f: + print >>f, 'create repo /usr/bin/invirt-add-repo /etc/remctl/acl/repo_admin' - os.rename(k5login_name, os.path.join(builder._REPO_DIR, '.k5login')) + with atomic_write(os.path.join(builder._REPO_DIR, '.k5login')) as f: + print >>f, '\n'.join(all_devs) if __name__ == '__main__':