def configure_reprepro(mirror_uri,
mirror_archs,
mirror_key_fingerprint,
sign_key_fingerprint,
sign_key_passphrase,
get_paths=get_paths):
"""Create reprepro configuration files."""
paths = get_paths()
context = split_repository_uri(mirror_uri)
context.update({
'archs': mirror_archs,
'mirror_key': mirror_key_fingerprint,
'sign_key': sign_key_fingerprint,
'sign_script': paths['bin'] / 'reprepro-sign-helper'
})
# explicitly pass owner and group for tests, otherwise root would be used
owner = group = getpass.getuser()
render('reprepro-distributions.j2',
str(paths['reprepro-conf'] / 'distributions'),
context,
owner=owner,
group=group)
render('reprepro-updates.j2',
str(paths['reprepro-conf'] / 'updates'),
context,
owner=owner,
group=group)
update_config(config_path=paths['config'],
suite=context['suite'],
sign_key_id=context['sign_key'])
# save the sign passphrase for the signing helper script
with paths['sign-passphrase'].open('w') as fh:
fh.write(sign_key_passphrase)
def configure_reprepro(mirrors, sign_key_fingerprint, sign_key_passphrase):
"""Create reprepro configuration files.
The provided mirrors is a sequence of mirror.Mirror named tuples.
"""
paths = get_paths()
# Explicitly pass owner and group for tests, otherwise root would be used.
owner = group = getpass.getuser()
# Render distributions file.
target = str(paths['reprepro-conf'] / 'distributions')
context = {
'mirrors': mirrors,
'sign_script': paths['bin'] / 'reprepro-sign-helper',
}
render(_DISTRIBUTIONS, target, context, owner=owner, group=group)
# Render updates file.
target = str(paths['reprepro-conf'] / 'updates')
context = {'mirrors': mirrors}
render(_UPDATES, target, context, owner=owner, group=group)
# Update configuration.
update_config(config_path=paths['config'],
suites=[mirror.local_suite for mirror in mirrors],
sign_key_id=sign_key_fingerprint)
# Save the sign passphrase for the signing helper script.
with paths['sign-passphrase'].open('w') as fh:
fh.write(sign_key_passphrase)
def test_update_existing(self):
"""update_config updates the config file if it exists."""
update_config(config_path=self.config_path, suite='precise')
update_config(config_path=self.config_path, sign_key_id='AABBCC')
self.assertEqual({
'suite': 'precise',
'sign-key-id': 'AABBCC'
}, get_config(config_path=self.config_path))
def add_authorized_key(ssh_keys):
remote_public_key = ssh_keys.get_remote('public-ssh-key')
hookenv.log("Adding key: " + remote_public_key)
ssh.add_authorized_key(remote_public_key,
utils.get_paths()['authorized-keys'])
ssh_peer = {ssh_keys.get_remote('private-address'): remote_public_key}
utils.update_config(config_path=utils.get_paths()['config'],
new_ssh_peers=ssh_peer)
ssh_keys.remove_state(ssh_keys.states.new_remote_public_key)
def test_update_ssh_peers(self):
"""update_config adds new ssh-peers."""
update_config(config_path=self.config_path,
new_ssh_peers={'1.2.3.4': 'aabb'})
update_config(config_path=self.config_path,
new_ssh_peers={'5.6.7.8': 'ccdd'})
self.assertEqual({'ssh-peers': {
'1.2.3.4': 'aabb',
'5.6.7.8': 'ccdd'
}}, get_config(config_path=self.config_path))
def test_update_existing(self):
"""update_config updates the config file if it exists."""
update_config(config_path=self.config_path,
suites=['xenial', 'bionic'])
update_config(config_path=self.config_path, sign_key_id='AABBCC')
config = get_config(config_path=self.config_path)
self.assertEqual(config, {
'suites': ['xenial', 'bionic'],
'sign-key-id': 'AABBCC',
})
def config_set():
config = hookenv.config()
missing_options = setup.missing_options(config)
if missing_options:
hookenv.status_set(
'blocked',
'Mirroring is disabled as some configuration options are missing: '
'{}'.format(', '.join(missing_options)))
return
# Configure mirroring.
keyring = gpg.KeyRing()
mirrors = mirror.from_config(keyring, config['mirrors'],
config['repository-origin'].strip())
sign_key_fingerprint = keyring.import_key(config['sign-gpg-key'])
sign_key_passphrase = config.get('sign-gpg-passphrase', '').strip()
repository.configure_reprepro(mirrors, sign_key_fingerprint,
sign_key_passphrase)
# Export the public key used to sign the repository.
_export_sign_key(sign_key_fingerprint)
hookenv.status_set('active', 'Mirroring configured')
# Update scripts config.
utils.update_config(config_path=utils.get_paths()['config'],
packages_require_auth=config['packages-require-auth'])
def test_no_config(self):
"""update_config creates the config file if not present."""
update_config(config_path=self.config_path, suite='precise')
self.assertTrue(self.config_path.exists())
self.assertEqual({'suite': 'precise'},
get_config(config_path=self.config_path))
def test_no_config(self):
"""update_config creates the config file if not present."""
update_config(config_path=self.config_path, suites=['bionic'])
self.assertTrue(self.config_path.exists())
config = get_config(config_path=self.config_path)
self.assertEqual(config, {'suites': ['bionic']})