summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorKatolaZ <katolaz@freaknet.org>2017-07-19 11:45:02 +0100
committerKatolaZ <katolaz@freaknet.org>2017-07-19 11:45:02 +0100
commit95955f17a38e7f517d4613c004e66d8232073f79 (patch)
tree0a1b5ce81e3d449475ff70149033f8d2450434ce
parent40c8aae58491b07adb05d348d1ddf86ce5ec2be8 (diff)
tag checking and validation complete.
-rw-r--r--commits.go63
-rw-r--r--examples/worker1/allowed_users.asc86
-rw-r--r--examples/worker1/allowed_users.pgpbin3073 -> 1402 bytes
-rw-r--r--examples/worker1/worker1.cfg10
-rw-r--r--types.go1
-rw-r--r--workers.go14
6 files changed, 101 insertions, 73 deletions
diff --git a/commits.go b/commits.go
index 45003d5..b015fab 100644
--- a/commits.go
+++ b/commits.go
@@ -71,9 +71,38 @@ func get_valid_keys(commit *git.Commit, keys *map[string]openpgp.KeyRing) []stri
return ret
}
-func exec_tag(tag SCORSHtag, valid_keys []string) error {
+func intersect_keys(ref map[string]bool, keys []string) []string {
- return nil
+ var ret []string
+
+ for _, k := range keys {
+
+ if _, ok := ref[k]; ok {
+ ret = append(ret, k)
+ }
+ }
+ return ret
+}
+
+func find_tag_config(tag_name string, w *SCORSHworker) (*SCORSHtag_cfg, bool) {
+
+ for _, c := range w.Tags {
+ if c.Name == tag_name {
+ return &c, true
+ }
+ }
+ return nil, false
+}
+
+func exec_tag(tag *SCORSHtag_cfg) []error {
+
+ var ret []error
+
+ for _, c := range tag.Commands {
+ debug.log("[tag: %s] attempting command: %s\n", tag.Name, c.URL)
+ ret = append(ret, nil)
+ }
+ return ret
}
// traverse all the commits between two references, looking for scorsh
@@ -143,18 +172,32 @@ func walk_commits(msg SCORSHmsg, w *SCORSHworker) error {
// 1) get the list of all the keys which verify the message
valid_keys := get_valid_keys(commit, &(w.Keys))
- debug.log("validated keyrings on commit: %s\n", valid_keys)
- // 2) Try to execute each of the tag included in the message
+ debug.log("[worker: %s] validated keyrings on commit: %s\n", w.Name, valid_keys)
+ // 2) then for each tag in the message
for _, t := range tags.Tags {
- err = exec_tag(t, valid_keys)
- if err != nil {
- log.Printf("[worker: %s] unable to execute tag: %s : %s", w.Name, t.Tag, err)
- } else {
- log.Printf("[worker: %s] tag %s executed\n", w.Name, t.Tag)
+ // a) check that the tag is among those accepted by the worker
+ tag_cfg, good_tag := find_tag_config(t.Tag, w)
+ debug.log("[worker: %s] good_tag: %s\n", w.Name, good_tag)
+
+ if !good_tag {
+ continue
+ }
+
+ // b) check that at least one of the accepted tag keys is in valid_keys
+ good_keys := intersect_keys(w.TagKeys[t.Tag], valid_keys) != nil
+ debug.log("[worker: %s] good_keys: %s\n", w.Name, good_keys)
+
+ if !good_keys {
+ continue
}
- }
+ // c) If everything is OK, execute the tag
+ if good_tag && good_keys {
+ errs := exec_tag(tag_cfg)
+ debug.log("[worker: %s] errors in tag %s: %s\n", w.Name, t.Tag, errs)
+ }
+ }
}
//signature, signed, err := check_signature(commit, &w.Keys)
diff --git a/examples/worker1/allowed_users.asc b/examples/worker1/allowed_users.asc
index 38bee5a..956bf1c 100644
--- a/examples/worker1/allowed_users.asc
+++ b/examples/worker1/allowed_users.asc
@@ -1,62 +1,30 @@
-----BEGIN PGP PUBLIC KEY BLOCK-----
-mQGiBEFi1/MRBADTOYQBLugy99OG588zPBaOhDPaCfeeB/XiMbMLdO6RzCCZtuU7
-e1G3I+8yIOLNUhfkmIT5Q7aU7FQA6OEexMvA3hijma7uLWs0GPGBC6U2XWEGVCcM
-NNCVgZXv8JAEGdyWZmYBO+StYzp7tPhoujUMbY3ChPFes2IB1tlpJeYkuwCglKi6
-ENT7n1pp0ZL02HyW7sUeFIED/3X1G6hKpcO12KXhdl70bI1ELBEoXW8S6E5+zN9v
-bj/3SDVMMc99k7vmxd8MVhQviCuwHdX9115fiuUcb6atSdtbXMvCR729rlH+QfCA
-aEdJ5O784zcpaTaplRlSVhqbkqU0O0qs2Uwpzyq2YOmqOWaUoxWjaAEZ3MTinJ05
-FOIrA/4xN/kC0xJmqtAYg+IXnEM91pJaHVn1tlG0Us/ZUcV3qOBVzlxbELiYJY/P
-f0RdSdJpsCglMeHMvKXYWDYeUwCxVnrX9QdY5U+o7jajW3CY+QXyiUOyB6Oxp1ZB
-R9/Kzch8ZDG1efvhPS6Yl6c4VzrOEfmYfq0zA8dD81Q7fKoWKrQ0VmluY2Vuem8g
-Tmljb3NpYSAoS2F0b2xhWikgPG1lQGthdG9sYXouaG9tZXVuaXgubmV0PoheBBMR
-AgAeBQJBhMseAhsDBgsJCAcDAgMVAgMDFgIBAh4BAheAAAoJEF8gs64LXwYv3+EA
-n0DltQTOk4+jUcxj/EsAqlWRCeuwAJ0doTEepP8DZSP5CTdd6NFB1PdmzLQtVmlu
-Y2Vuem8gTmljb3NpYSAoS2F0b2xhWikgPGthdG9sYXpAeWFob28uaXQ+iF4EExEC
-AB4FAkFi1/MCGwMGCwkIBwMCAxUCAwMWAgECHgECF4AACgkQXyCzrgtfBi+8mQCf
-X/yJFPgwIwxh4DKNgaklCqp54sYAn0Y9gGbbx6GXgKq3HuUotw10uf5giEYEEBEC
-AAYFAkFz0mYACgkQodsYiAfnHNnmGACfdDSOopfIhJ6QeoXO70s374CpTGMAn13h
-Fo1L15WsRDGVmltPCyxgIkSWiEYEExECAAYFAkF0QPUACgkQAYe00nZD+a+ZSgCf
-X/MNObMst8iZqavGJRQjWiHmJOUAn1SlDmC4El2Mv6UJB/MxZxDkoDcPiEYEExEC
-AAYFAkF0CCkACgkQWDOBDtzNIgVcfgCgxIGF1+W/FNAavZ75fWBAgJXxdTcAoJFr
-7rYllKXuaUbgzKRVgdO9JT9diEYEExECAAYFAkFz8ewACgkQnFc9aLrD67HS7wCg
-nOXXrI+nJuMbyYIEejF2IOC0l/EAoKEfdFk5zx90P4qi/N0tyRsOARlmiEYEExEC
-AAYFAkFzkv8ACgkQ6tyjHCMzLlp5DACfQLvi/Ob1x8Fs2YnRqSFlHvj7hh4AnAx2
-plP6AOvDL7VpB54Y7aAVN/55iEYEExECAAYFAkFyyqwACgkQTSZ6jadyvDFJegCf
-UBEzE6Rct4w4wANQhiAbm2RSwYkAnj+mfaUghdVj6LjgqQn8d5+VmzBZiEYEExEC
-AAYFAkFyMxQACgkQ9QhEMx2jMUK/FgCgodHF1MRE0r/MLNwv1IIrxCpncrkAn3vC
-sEmGt3B41mc40kfmj+Pi30zViEYEEBECAAYFAkF4EroACgkQLUrLvHBE1gFRuQCf
-ahlJgXhfpIJ2esi1taT5NtNSlncAoJhYo47lMvkRCIx25RUUoHl5GHH9iEYEEBEC
-AAYFAkIkxE0ACgkQ02jWMQa6YLzHoACeOTBEUZKQjNf4BHLzW3TXizFOBqoAoJ+w
-do4hRB2tJFdI3i1aVGQIju8aiEYEExECAAYFAkLz1FAACgkQG+p9XIlFCSBHjQCe
-OJehivpP+jhioDeBKsPcNfK/7PgAmwTcEAkHzPTEcQcvLAxGMmV4KWnsiEYEEBEC
-AAYFAkLEIWYACgkQeL/ecPnD1vDS+ACgsBa09BSGMVppYWkbsQKs1JpaWYwAn33Z
-Z/Z9FbqVguZwbdjaA13VH08oiF4EExECAB4FAkFi1/MCGwMGCwkIBwMCAxUCAwMW
-AgECHgECF4AACgkQXyCzrgtfBi+8mQCfUk2WzM0p3pM+MVeILWmKVemvwzgAniY+
-pALW1rL2IbIinW+1XtgIBa8NtDFWaW5jZW56byAoS2F0b2xhWikgTmljb3NpYSA8
-a2F0b2xhekBmcmVha25ldC5vcmc+iGIEExECACIFAlhnsMwCGwMGCwkIBwMCBhUI
-AgkKCwQWAgMBAh4BAheAAAoJEF8gs64LXwYvdukAnjKbYH4UvZKVpVRkEpYidnWF
-7ecNAJ4gcHdh+tYoqBlIIyDj/6X+p4CaA7QeS2F0b2xhWiA8a2F0b2xhekBmcmVh
-a25ldC5vcmc+iGAEExECACAFAkT0JDcCGwMGCwkIBwMCBBUCCAMEFgIDAQIeAQIX
-gAAKCRBfILOuC18GL2wlAJ9s3FnaoAgftFyzkpWXHbguXqc+2QCggZKrTK+Z6b30
-3M5bpwkVPFO2tkm0I0Vuem8gTmljb3NpYSA8a2F0b2xhekBmcmVha25ldC5vcmc+
-iGAEExECACAFAkT0Sl4CGwMGCwkIBwMCBBUCCAMEFgIDAQIeAQIXgAAKCRBfILOu
-C18GL9WmAJ9am98TX/t2THTAJlLrLqKC2+IKkgCfQBmOXi9B0rlucPfG5tc1ATop
-Ice0LkVuem8gTmljb3NpYSAtLSBLYXRvbGFaIDxrYXRvbGF6QGZyZWFrbmV0Lm9y
-Zz6IYAQTEQIAIAUCRPQmDAIbAwYLCQgHAwIEFQIIAwQWAgMBAh4BAheAAAoJEF8g
-s64LXwYvJXUAnAm9EXFMUqbKQHpPptu1bevyXGieAJ0QuIFhr4CqcLIBt6eEYDOk
-/Abhb7kCDQRBYtf/EAgAkRtE9UbyNVoZgBmctRNn1rZGOGh0D0pg7f7DhoNZfsel
-CvzYTb6NN+CK4TPFE820nfi86xu6rBxL0NBmXMuhEQImSLZ3J5RbHpc6k+dXu8G7
-qbH8eWiee+vaebrMou4j5zJE5KZBeTa/IV0fGf9U9JxGMQvQfgPMiEEjMf4BpxCd
-xyA4Y7MxfcNlTrsK0D2N9oO54L4OtBMyLQicj9vCGX9idXkstpFnu6XywrlFpzCM
-t0j4DVTOFom4goYneTimoZvkhAmTsU9WUHdQF7bSEdzCLirD+eHwkq/EVk8x84tC
-IxfzaRqRnPAD1OcCeoRqRbyJX7f5gEWqDUVGj9howwADBgf/RrEDF75RhVaqLbU0
-99wGe4pY5YpeZ44J0fO6LY44nu/0amDQ6Ijb9Bx2h31+z+/90Fm2b3o/AVoVbkj3
-D5qElFPLPJq3znaLeHVP3nV53qLYZqEgbkUFeyVTauavquy27Wrf7UQGZexGBjLb
-ppJcsm27hswBZwDdkubiHiA5VcxJIhk2SyBgvjSiwLa9nVsPpp8P1PlGH7e8ijTk
-ynF2rI4+P9tGkskagHPbs7gLSbpfHDiex/U3p1V9ry6OsoIKcrZAx5do5PQi7iaz
-JGXmPPu/XM9XR1+Gj9vCoxg56AHgAE9RAX6SH99ECtRLiCVbwGpVj98A0LRy7Nf9
-SMX7gYhJBBgRAgAJBQJBYtf/AhsMAAoJEF8gs64LXwYvwWkAnAnoHai6n3a3WnM1
-zIolhmQMfsj3AJ4i/olraFAACc1BCJESK6dVFiSvoQ==
-=aSn2
+mQENBFltDTcBCAC+ngq5DpxpDMJEnQUsB9m1CNE8Em8Fox24FzFLvcUiC3Gf9w2c
+Pmh6EJSwrEuwzqGIJ+VRPxB+uVBZ2IJvwgCuQ6N4itBVsuCjduhkDZafRvsX1Tuh
+6/DJiWcA/WYMtBJ8EacdxYMM8dwo4rt+8nffq1tZiDNzAfR5ezYnqi/ICmbdjVoA
+oR0BW/gmXbaxSDc/CIotU2Z7omBS+44qVI6W4fi9RnbwRSl8C0dp+FJQcfkYBnP7
+GDNKdIZKARCUFJUz++HLvKneRXi0y+fZeQ/w7uQ8BO1lNoxRep3TpfztqnpMHUmC
+S02InQFdebJRmywR88q32WB747sQ9OXQYM/PABEBAAG0EFNDT1JTSCB0ZXN0IHVz
+ZXKJAVQEEwEIAD4WIQTFTNpoZyy96GDiAmtAyPC1m+DXVAUCWW0NNwIbAwUJA8Jn
+AAULCQgHAgYVCAkKCwIEFgIDAQIeAQIXgAAKCRBAyPC1m+DXVKzBB/953d7i50CC
+WyJwI4lYk0IeO7jFR9ml24Sm+5Cl/Wz8khPwVuT2qgCR6y3G0AUBtVpnVCMifPXX
+CRi4IwKi3rnlhqeKzqXiffkzxD4pZW4fKM9dOT92j+97qvmacNj4eS5qO8gFea0W
+dGuoUzd+/JJxfyVCL8hs14Fan1qzgpVB60OANKLWatljdAHwrAaaWQMGBd7RI0Et
+Z0f6TNIzT2DUVnzoDRvcQpm4svrjJqcLnBbOJyGHrQPOQXBWsVroyPAg3Ho0bkdm
+kZY4QdTlEmvPqtHAfc5bMvUXScOAzW5tbUPmFDHz4gBluoj7sBC93u0K2Y6hAh9+
+4+UPTBmygBoQuQENBFltDTcBCADB9qmGAMeJsDSiNbph/b9K2SYF3X6DXW2FShBo
+mdYVElIQD56zub8wtZ70RZKIYogHjnudX7pMrLRZ/PeI7c2JPYnEUDq/zBoh8MfL
+MFURyAaAmoXt4X1vUMIi8MDHawjPwnDbixoItT+jxO5WmjbSGRZT0fFZYeWwwCjh
+IRSB8ufYffYnl2m01UMJ3M+a+PQY0UQA9znoaN0C9gt66IibgO6C1txppvG6QTAD
+CuFH7UVs8J4RgL45+lCPo38zifhvxn5hhc8tR5L3eCKy4MXQofq2rHNDJc1Kak3u
+SlFGX9LxrBe+53awCwzNPbMDhod0d0HlPdfjMw7X0dMLJdHJABEBAAGJATwEGAEI
+ACYWIQTFTNpoZyy96GDiAmtAyPC1m+DXVAUCWW0NNwIbDAUJA8JnAAAKCRBAyPC1
+m+DXVKD/CACrxoPZ9on/cfNyxXHaNbTAJhEx7p6wQqTe4rnEIMGvn7STDhNKqYnn
+5Fu2fqb5SWT5eN8V5tqHd8u09o+wtgSlVhhV+7LeYS9GwheTOSBBZtGFbKoUEx2y
+6clGN7A/gSKjD/8y309c6eRPx+Jg3wv2lS6eZDurottV5Z2SV6MejsT/+8Mn792X
+ff5zHO1sglFoK0GWb8yNyvv8l1UrhqwIm3LBGQcDDflN4Vgff6H2OxWaGw+gbVhC
+TnHJWLj0HetmU+kTUrdRo1WAHndwZ7VP7IL7ePTq+8MfdOcqF2pGJhnQJsrIQ24D
+thViyvX/Vq1G6UAEV2vP8xPxQ6rkJ40O
+=rzVr
-----END PGP PUBLIC KEY BLOCK-----
diff --git a/examples/worker1/allowed_users.pgp b/examples/worker1/allowed_users.pgp
index c083709..bfe95cd 100644
--- a/examples/worker1/allowed_users.pgp
+++ b/examples/worker1/allowed_users.pgp
Binary files differ
diff --git a/examples/worker1/worker1.cfg b/examples/worker1/worker1.cfg
index 233afdd..0eabdf7 100644
--- a/examples/worker1/worker1.cfg
+++ b/examples/worker1/worker1.cfg
@@ -19,6 +19,16 @@ w_tags:
## c_hash: "12da324fb76s924acbce"
}
]
+ },
+ {
+ t_name: "build",
+ t_keyrings: ["allowed_users.asc"],
+ t_commands: [
+ {
+ c_url: "file:///home/katolaz/bin/scorsh_build.sh"
+ }
+ ]
}
+
]
... \ No newline at end of file
diff --git a/types.go b/types.go
index a163640..faf9f6c 100644
--- a/types.go
+++ b/types.go
@@ -45,6 +45,7 @@ type SCORSHworker_cfg struct {
Tagfile string `yaml:"w_tagfile"`
Keyrings []string `yaml:"w_keyrings"`
Tags []SCORSHtag_cfg `yaml:"w_tags"`
+ TagKeys map[string]map[string]bool
}
// State of a worker
diff --git a/workers.go b/workers.go
index c48c65f..b92d3cb 100644
--- a/workers.go
+++ b/workers.go
@@ -9,7 +9,6 @@ import (
"os"
"regexp"
"strings"
- "time"
)
func (worker *SCORSHworker) Matches(repo, branch string) bool {
@@ -96,9 +95,6 @@ func Worker(w *SCORSHworker) {
if err != nil {
log.Printf("[worker: %s] error in walk_commits: %s", err)
}
- debug.log("[worker: %s] Received message: %s", w.Name, msg)
- debug.log("[worker: %s] StatusChan: %s\n", w.Name, w.StatusChan)
- time.Sleep(1000 * time.Millisecond)
w.StatusChan <- msg
debug.log("[worker: %s] Sent message back: %s", w.Name, msg)
}
@@ -133,6 +129,16 @@ func StartWorkers(master *SCORSHmaster) error {
close(worker.MsgChan)
return fmt.Errorf("[Starting worker: %s] Unable to load tags: %s\n", worker.Name, err)
}
+
+ // Create the map of keyring for each tag
+ worker.TagKeys = make(map[string]map[string]bool)
+ for _, t := range worker.Tags {
+ worker.TagKeys[t.Name] = make(map[string]bool)
+ for _, k := range t.Keyrings {
+ worker.TagKeys[t.Name][k] = true
+ }
+ }
+
// Add the repos definitions to the map master.Repos
for _, repo_name := range worker.Repos {
master.Repos[repo_name] = append(master.Repos[repo_name], worker)