infrastructure-svnauthz.git
16 months agoOF: ldap -> python3-ldap
dfoulks [Wed, 31 Mar 2021 15:24:38 +0000 (10:24 -0500)] 
OF: ldap -> python3-ldap

16 months agoOF: fixed working dir mishap and added ldap to requirements
dfoulks [Wed, 31 Mar 2021 14:49:27 +0000 (09:49 -0500)] 
OF: fixed working dir mishap and added ldap to requirements

16 months agoUpdate pipservice-svnauthz.service
dfoulks1 [Wed, 31 Mar 2021 14:39:24 +0000 (09:39 -0500)] 
Update pipservice-svnauthz.service

OF: removed ExecStop, changed ExecStart

16 months agoUpdate pipservice-svnauthz.service
dfoulks1 [Wed, 31 Mar 2021 14:32:03 +0000 (09:32 -0500)] 
Update pipservice-svnauthz.service

fixed start and stop commands

16 months agoRemoved .erb extension from yaml template
dfoulks [Fri, 26 Mar 2021 17:33:39 +0000 (12:33 -0500)] 
Removed .erb extension from yaml template

16 months agoRenamed authz.yaml svnauthz.yaml and updated the script accordingly
dfoulks [Fri, 26 Mar 2021 16:56:18 +0000 (11:56 -0500)] 
Renamed authz.yaml svnauthz.yaml and updated the script accordingly

16 months agoMerge pull request #1 from apache/pipservice
dfoulks1 [Fri, 26 Mar 2021 16:40:54 +0000 (11:40 -0500)] 
Merge pull request #1 from apache/pipservice

Added authz erb template and service file for pipservice

16 months agoadded dummy start / stop commands to test deployment pipservice 1/head
dfoulks [Fri, 26 Mar 2021 16:37:12 +0000 (11:37 -0500)] 
added dummy start / stop commands to test deployment

16 months agoupdated config name
dfoulks [Fri, 26 Mar 2021 16:34:51 +0000 (11:34 -0500)] 
updated config name

16 months agoupdated erb to use the new pipservice encrypted var method
dfoulks [Fri, 26 Mar 2021 16:27:27 +0000 (11:27 -0500)] 
updated erb to use the new pipservice encrypted var method

16 months agoDifferentiated between whimsy credentials and github credentials
dfoulks [Fri, 26 Mar 2021 15:11:23 +0000 (10:11 -0500)] 
Differentiated between whimsy credentials and github credentials

16 months agoAdded authz erb template and service file for pipservice
dfoulks [Fri, 26 Mar 2021 14:13:06 +0000 (09:13 -0500)] 
Added authz erb template and service file for pipservice

16 months agoRename sample to follow code change
Daniel Gruno [Fri, 26 Mar 2021 13:47:58 +0000 (14:47 +0100)] 
Rename sample to follow code change

16 months agoTweak config filename for pipservice' sake
Daniel Gruno [Fri, 26 Mar 2021 13:47:32 +0000 (14:47 +0100)] 
Tweak config filename for pipservice' sake

16 months agoDynamically fetch templates.
Greg Stein [Thu, 25 Mar 2021 10:09:55 +0000 (05:09 -0500)] 
Dynamically fetch templates.

We need to fetch the updated/changed templates, rather than look
on-disk for them. Switch to using "requests.get()" to grab them from a
git server. Switch to URL, USERNAME, PASSWORD to do so.

Pass the template lines to Generator.write_file() instead of a fname.

16 months agoswitch directive to :readonly: for clarity
Greg Stein [Thu, 25 Mar 2021 05:10:05 +0000 (00:10 -0500)] 
switch directive to :readonly: for clarity

16 months agoAdd :block: directive, to make svn paths readonly
Greg Stein [Thu, 25 Mar 2021 04:45:10 +0000 (23:45 -0500)] 
Add :block: directive, to make svn paths readonly

16 months agoMove some output under the DEBUG flag.
Greg Stein [Tue, 23 Mar 2021 19:15:11 +0000 (14:15 -0500)] 
Move some output under the DEBUG flag.

* condition many print() calls on the .debug flag
* add a DURATION output to .write_files()

16 months agoMove auth.cfg into authz.yaml
Greg Stein [Tue, 23 Mar 2021 18:23:26 +0000 (13:23 -0500)] 
Move auth.cfg into authz.yaml

The old auth.cfg had three DNs: AUTH, GROUPS, SERVICES. Create lists
of these in the new yaml config. Load the values from there, to pass
to the Generator. The EXPLICIT config is a simple transfer.

Note: this still produces the same authz files as the old gen.py

16 months agoImplement authz generation.
Greg Stein [Tue, 23 Mar 2021 11:53:54 +0000 (06:53 -0500)] 
Implement authz generation.

* small tweaks for bytes vs strings
* carry generation code over from the old gen.py

Note: produces the same file, minus the CSN lines at the top.

16 months agoAnother turning of the crank, on a draft daemon.
Greg Stein [Tue, 23 Mar 2021 07:56:45 +0000 (02:56 -0500)] 
Another turning of the crank, on a draft daemon.

authz.py:
* move GATHER_DELAY and LDAP_URL into the authz.yaml
* parse auth.conf for now to get SPECIAL and EXPLICIT
* pass the above data to the Generator
* grab some template->output mappings from the .yaml
* change .write_file() to iterate over the new mappings

gen.py:
* rename QUERIES to SPECIAL to follow the config name
* switch to .write_file(t, o)

16 months agoignore the pycache
Greg Stein [Mon, 22 Mar 2021 12:11:32 +0000 (07:11 -0500)] 
ignore the pycache

16 months agoKeep turning the crank. Construct a long-lived Generator to hold an
Greg Stein [Mon, 22 Mar 2021 11:39:40 +0000 (06:39 -0500)] 
Keep turning the crank. Construct a long-lived Generator to hold an
LDAP connection and templates/inputs for generating the authz files.
Defer .write_files() to the generator.

Note that .group_members() is mostly lifted from the other gen.py
script's _group_from_LDAP() method, then cleaned up to better handle
data flow/ownership.

16 months agoBegin crafting a script for generating authz files, to be used by the
Greg Stein [Mon, 22 Mar 2021 10:23:59 +0000 (05:23 -0500)] 
Begin crafting a script for generating authz files, to be used by the
authz daemon.

Lifted the LDAPClient from:
  modules/subversion_server/files/scripts/authorization/gen.py

Ensure this is py3 capable, trim it back, as we won't be
storing/caching/checking CSN tokens. We simply need a persistent
connection to the LDAP server for making requests.

16 months agoInitial draft of a pubsub client for authz management.
Greg Stein [Mon, 15 Mar 2021 11:04:04 +0000 (06:04 -0500)] 
Initial draft of a pubsub client for authz management.

16 months agowe use yaml for commit. make sure it is present.
Greg Stein [Fri, 12 Mar 2021 08:20:56 +0000 (02:20 -0600)] 
we use yaml for commit. make sure it is present.

16 months agosome more basic changes
Greg Stein [Fri, 12 Mar 2021 07:11:41 +0000 (01:11 -0600)] 
some more basic changes

16 months agoadd some basic files
Greg Stein [Fri, 12 Mar 2021 04:40:14 +0000 (22:40 -0600)] 
add some basic files