diff options
| -rw-r--r-- | README.md | 16 | ||||
| -rw-r--r-- | parse.go | 2 | ||||
| -rw-r--r-- | sandpit/test_yaml.go | 102 | ||||
| -rw-r--r-- | scorsh.go | 21 | ||||
| -rw-r--r-- | spooler.go | 5 |
5 files changed, 133 insertions, 13 deletions
@@ -17,9 +17,9 @@ signed git commits. different_ on the git repo... ...and you want only authorised users to be able to trigger that -_something__.... +_something_... -..then **scorsh** might be what you have been looking for. +...then **scorsh** might be what you have been looking for. **scorsh** is a simple system to execute commands on a remote host by using GPG-signed commits containing customisable commands @@ -38,22 +38,18 @@ each new file there, walks through the new commits looking for signed ones, checks if the message of a signed commit contains a recognised scorsh-tag, verifies that the user who signed the message is allowed to use that scorsh-tag, and executes the commands associated to the -scorsh-tag. Or, well, this is what `scorsh` will do when it's ready. +scorsh-tag. Or, well, this is what `scorsh` should be able to do when +it's finished ;-) The set of scorsh-tags accepted on a repo/branch is configurable, and each scorsh-tag can be associated to a list of commands. Commands are just URLs, at the moment restricted to two possible types: -* file://path/to/file - in this case `scorsh` tries to execute the +* `file://path/to/file` - in this case `scorsh` tries to execute the corresponding file (useful to execute scripts) -* http://myserver.com/where/you/like - in this case `scorsh` makes an +* `http://myserver.com/where/you/like` - in this case `scorsh` makes an HTTP request to the specified URL (useful to trigger other actions, e.g., Jenkins or Travis builds...) - - - - - @@ -42,6 +42,8 @@ func check_signature(commit *git.Commit, keyring *openpgp.KeyRing) (signature, s return "", "", err } + +// traverse all the commits between two references, looking for func walk_commits(msg SCORSHmsg, keyring openpgp.KeyRing) int { fmt.Printf("Inside parse_commits\n") diff --git a/sandpit/test_yaml.go b/sandpit/test_yaml.go new file mode 100644 index 0000000..ebe8758 --- /dev/null +++ b/sandpit/test_yaml.go @@ -0,0 +1,102 @@ +package main + +import ( + "fmt" + "github.com/go-yaml/yaml" + "log" +) + +type STag struct { + S_tag string + S_args []string +} + +type SCmd struct { + S_cmd string + S_hash string +} + +type STagConfig struct { + S_tag string + S_commands []SCmd +} + +type SCORSHmsg struct { + S_msg []STag +} + +type SCORSHcfg struct { + S_cfg []STagConfig +} + +var msg_str = ` +s_msg: + - s_tag: BUILD + s_args: + - suites/jessie + - suites/ascii + - s_tag: REMOVE + s_args: + - file1 +` + +var cfg_str = ` +s_cfg: + - s_tag: BUILD + s_commands: + - s_cmd: file:///bin/ls + s_hash: 12345 + - s_cmd: file:///home/katolaz/script.sh + s_hash: abc123df + - s_cmd: http://myserver.org/build.php?name=\1 + s_hash: + - s_tag: REMOVE + s_commands: + - s_cmd: file:///bin/rm +` + +func main() { + + var c SCORSHmsg + + var conf SCORSHcfg + + //log.Printf("%s\n", test_str) + + err := yaml.Unmarshal([]byte(msg_str), &c) + if err != nil { + log.Fatal("error: ", err) + } + + for _, item := range c.S_msg { + fmt.Printf("Record: \n") + fmt.Printf(" s_tag: %s\n", item.S_tag) + fmt.Printf(" s_args:\n") + + for _, a := range item.S_args { + fmt.Printf(" %s\n", a) + } + } + + fmt.Println("----------------------------") + + err = yaml.Unmarshal([]byte(cfg_str), &conf) + if err != nil { + log.Fatal("error: ", err) + } + + for _, cfg_item := range conf.S_cfg { + fmt.Printf("Config record:\n") + fmt.Printf(" s_tag: %s\n", cfg_item.S_tag) + fmt.Printf(" s_commands:\n") + + for _, c := range cfg_item.S_commands { + fmt.Printf(" s_cmd: %s\n", c.S_cmd) + fmt.Printf(" s_hash: %s\n", c.S_hash) + fmt.Println(" ---") + } + fmt.Println("-+-+-") + + } + +} @@ -5,6 +5,7 @@ import ( "golang.org/x/crypto/openpgp" "log" "os" + "flag" ) const ( @@ -15,6 +16,12 @@ const ( SCORSH_ERR_SIGNATURE ) +type SCORSHconf struct { + spool string +} + + + type SCORSHmsg struct { repo string branch string @@ -22,6 +29,10 @@ type SCORSHmsg struct { new_rev string } +var conf_file = flag.String("c", "./scorsh.cfg", "Configuration file for SCORSH") + + + func SCORSHErr(err int) error { var err_str string @@ -45,6 +56,7 @@ func SCORSHErr(err int) error { } + func SCORSHWorker(keyring string, c_msg chan SCORSHmsg, c_status chan int) { // read the worker configuration file @@ -79,3 +91,12 @@ func SCORSHWorker(keyring string, c_msg chan SCORSHmsg, c_status chan int) { c_status <- ret } + +func main() { + + flag.Parse() + + + + +} @@ -20,6 +20,7 @@ func parse_request(fname string) (SCORSHmsg, error) { } + func spooler(watcher *fsnotify.Watcher, worker chan SCORSHmsg) { for { @@ -35,10 +36,8 @@ func spooler(watcher *fsnotify.Watcher, worker chan SCORSHmsg) { case err := <-watcher.Errors: log.Println("error:", err) } + } } -func main(){ - -} |