def generate_keypair(path):
if not request.user.can_manage:
return abort(403)
repo = get_target_for(path)
if not isinstance(repo, Repository):
return abort(404)
session['errors'] = []
utils.makedirs(utils.get_customs_path(repo))
try:
private_key, public_key = utils.generate_ssh_keypair(repo.name +
'@FluxCI')
private_key_path = utils.get_repo_private_key_path(repo)
public_key_path = utils.get_repo_public_key_path(repo)
try:
file_utils.create_file_path(private_key_path)
file_utils.create_file_path(public_key_path)
file_utils.write_file(private_key_path, private_key)
file_utils.write_file(public_key_path, public_key)
try:
os.chmod(private_key_path, 0o600)
utils.flash('SSH keypair generated.')
except BaseException as exc:
app.logger.info(exc)
session['errors'].append(
'Could not set permissions to newly generated private key.'
)
except BaseException as exc:
app.logger.info(exc)
session['errors'].append('Could not save generated SSH keypair.')
except BaseException as exc:
app.logger.info(exc)
session['errors'].append('Could not generate new SSH keypair.')
return redirect(url_for('edit_repo', repo_id=repo.id))
def remove_keypair(path):
if not request.user.can_manage:
return abort(403)
repo = get_target_for(path)
if not isinstance(repo, Repository):
return abort(404)
session['errors'] = []
private_key_path = utils.get_repo_private_key_path(repo)
public_key_path = utils.get_repo_public_key_path(repo)
try:
file_utils.delete(private_key_path)
file_utils.delete(public_key_path)
utils.flash('SSH keypair removed.')
except BaseException as exc:
app.logger.info(exc)
session['errors'].append('Could not remove SSH keypair.')
return redirect(url_for('edit_repo', repo_id=repo.id))
def do_build_(build, build_path, override_path, logger, logfile,
terminate_event):
logger.info('[Flux]: build {}#{} started'.format(build.repo.name,
build.num))
# Clone the repository.
if build.repo and os.path.isfile(
utils.get_repo_private_key_path(build.repo)):
identity_file = utils.get_repo_private_key_path(build.repo)
else:
identity_file = config.ssh_identity_file
ssh_command = utils.ssh_command(
None, identity_file=identity_file) # Enables batch mode
env = {'GIT_SSH_COMMAND': ' '.join(map(shlex.quote, ssh_command))}
logger.info('[Flux]: GIT_SSH_COMMAND={!r}'.format(env['GIT_SSH_COMMAND']))
clone_cmd = [
'git', 'clone', build.repo.clone_url, build_path, '--recursive'
]
res = utils.run(clone_cmd, logger, env=env)
if res != 0:
logger.error('[Flux]: unable to clone repository')
return False
if terminate_event.is_set():
logger.info('[Flux]: build stopped')
return False
if build.ref and build.commit_sha == ("0" * 32):
build_start_point = build.ref
is_ref_build = True
else:
build_start_point = build.commit_sha
is_ref_build = False
# Checkout the correct build_start_point.
checkout_cmd = ['git', 'checkout', '-q', build_start_point]
res = utils.run(checkout_cmd, logger, cwd=build_path)
if res != 0:
logger.error(
'[Flux]: failed to checkout {!r}'.format(build_start_point))
return False
# If checkout was initiated by Start build, update commit_sha and ref of build
if is_ref_build:
# update commit sha
get_ref_sha_cmd = ['git', 'rev-parse', 'HEAD']
res_ref_sha, res_ref_sha_stdout = utils.run(get_ref_sha_cmd,
logger,
cwd=build_path,
return_stdout=True)
if res_ref_sha == 0 and res_ref_sha_stdout != None:
with models.session():
Build.get(id=build.id).commit_sha = res_ref_sha_stdout.strip()
else:
logger.error('[Flux]: failed to read current sha')
return False
# update ref; user could enter just branch name, e.g 'master'
get_ref_cmd = [
'git', 'rev-parse', '--symbolic-full-name', build_start_point
]
res_ref, res_ref_stdout = utils.run(get_ref_cmd,
logger,
cwd=build_path,
return_stdout=True)
if res_ref == 0 and res_ref_stdout != None and res_ref_stdout.strip(
) != 'HEAD' and res_ref_stdout.strip() != '':
with models.session():
Build.get(id=build.id).ref = res_ref_stdout.strip()
elif res_ref_stdout.strip() == '':
# keep going, used ref was probably commit sha
pass
else:
logger.error('[Flux]: failed to read current ref')
return False
if terminate_event.is_set():
logger.info('[Flux]: build stopped')
return False
# Deletes .git folder before build, if is configured so.
if config.git_folder_handling == GitFolderHandling.DELETE_BEFORE_BUILD or config.git_folder_handling == None:
logger.info('[Flux]: removing .git folder before build')
deleteGitFolder(build_path)
# Copy over overridden files if any
if os.path.exists(override_path):
dir_util.copy_tree(override_path, build_path)
# Find the build script that we need to execute.
script_fn = None
for fname in config.build_scripts:
script_fn = os.path.join(build_path, fname)
if os.path.isfile(script_fn):
break
script_fn = None
if not script_fn:
choices = '{' + ','.join(map(str, config.build_scripts)) + '}'
logger.error('[Flux]: no build script found, choices are ' + choices)
return False
# Make sure the build script is executable.
st = os.stat(script_fn)
os.chmod(script_fn, st.st_mode | stat.S_IEXEC)
# Execute the script.
logger.info('[Flux]: executing {}'.format(os.path.basename(script_fn)))
logger.info('$ ' + shlex.quote(script_fn))
popen = subprocess.Popen([script_fn],
cwd=build_path,
stdout=logfile,
stderr=subprocess.STDOUT,
stdin=None)
# Wait until the process finished or the terminate event is set.
while popen.poll() is None and not terminate_event.is_set():
time.sleep(0.5)
if terminate_event.is_set():
try:
popen.terminate()
except OSError as exc:
logger.exception(exc)
logger.error('[Flux]: build stopped. build script terminated')
return False
# Deletes .git folder after build, if is configured so.
if config.git_folder_handling == GitFolderHandling.DELETE_AFTER_BUILD:
logger.info('[Flux]: removing .git folder after build')
deleteGitFolder(build_path)
logger.info('[Flux]: exit-code {}'.format(popen.returncode))
return popen.returncode == 0